[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 332
  • Last Modified:

DHCP Problem

I have come across a problem at one of our sites.
The Server is running 2K3 SP2, it is the DC and is also running DHCP and DNS on the server. There is a Single NIC in the server.
The problem we are having is that the pc's on the domain are picking up addresses but we are unable to ping anything from these pc's, this is not on all pc's all the time but seems completely random. The ip address' that they are getting are all correct, in the DHCP range, right subnet mask, gateway and DNS servers etc.
I found in the DNS host records a reference to the server with a different address which has been deleted.
Hope you can help with some suggestions
0
latheal
Asked:
latheal
  • 4
  • 3
  • 2
  • +4
1 Solution
 
dfxdeimosCommented:
Have you attempted to delete and re-create the DHCP scope? I would go through and quadruple check all the settings involved. When you notice that a PC has gotten one of these "bad addresses", have you tried to set the PC statically to the same address?
Also, have you tried to reset your switch to factory defaults?
0
 
loftywormCommented:
Need to find the bad address.  My bet is on an IP conflict.

I would find a bad system, find its IP, turn bad system off, on antoher system do a nbtstat -A x.x.x.x.  This should give you the machine name of the offending IP, and see if it is set statically.  If NOT then ther eis an issue with DHCP.

Interesting problem, I am curious to see what you find.
0
 
TrumpeteerCommented:
1) when a rogue DHCP server is detected on the network, W2K3 DHCP servers will stop providing addresses
2) You can set the ping verification to avoid IP conflicts in the DHCP server properties on the advanced TAB
3) Check on the machines which cannot ping whether the IP address is actually coming from your DHCP server. The IP address of the DHCP server is listed when executing "ipconfig /all" on the DHCP client

b.t.w. running DHCP on a DC with DNS updates enabled can be a security issue, unless you put an "ordinary user" in the DNS dynamic update credentials in the same Tab as 2.

Hope this helps...
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
Zuhir ElgmatiCommented:
did you restart the DHCP service from the DHCP console ?
0
 
dfxdeimosCommented:
Loftyworm raises a very valid point, I would move in that direction.
You are sure there are no other DHCP servers on the network?
0
 
ChiefITCommented:
I am going out on a limb and guess that you have Windows Firewall enabled, (or some other firewall like ISA), that is blocking ICMP traffic on some of these computers.

How to enable ICMP in windows firewall:
http://nic.phys.ethz.ch/readme/164

ICMP for ISAserver:
http://www.isaserver.org/tutorials/Configuring_ISA_Server_for_Incoming_Ping_Responses__By_Dieter_Rauscher.html


0
 
TrumpeteerCommented:
And a new brainwave: is your DHCP server multihomed or configured with multiple IPaddresses on one NIC? If you have multiple subnets connected you might run into clients getting the wrong IP for the "fysical" subnet... Everything seems fine, but actually your gateway is not on your subnet causing network unavailability.

two tests:
1) ping DHCP server
2) ping gateway

if both work, you must have a good connection. If only the DHCP server replies and the gateway doesn't, you have a "physical network" error. If the gateway responds and the DHCP server doesn't, the DHCP server is down or a local firewall on the DHCP server prohibits ICMP replies.

good luck!
0
 
lathealAuthor Commented:
Right the DHCP seems to be ok, we have had a look around and DNS seems to have multiple Host (A) records where an IP address  is assigned to multiple systems which means they cannot connect.
Any ideas?
0
 
TrumpeteerCommented:
When the lease time is larger than the DNS scavenging times, you will end up with multiple reverse entries. Multiple forward entries in DNS with the same IP addresses still point into the direction there is a rouge DHCP server...

Please take notice of the registration time apposed to the lease time. When you have a very short DHCP lease time and workstations move around quickly, there might be DNS entries with what seem to be conflicting IP addresses. In fact these clients had these addresses sequentially.
0
 
lathealAuthor Commented:
I'll have a look and see, just getting the details of the wireless AP's as the only other server on site is not running DHCP. Maybe one of the AP's has dhcp running. I'll let you know.
0
 
ChiefITCommented:
You might be running into the same problem I was running into a while back:
http://www.experts-exchange.com/Networking/Protocols/DHCP/Q_22847336.html
0
 
lathealAuthor Commented:
Right then the problem of pc's not connecting to the Domain persist, the DHCP and DNS duplicates seem to have disppeared.
What is happening now is on 2 fronts, randomly a pc will not connect to the DC, you can log on locally, the pc has all the correct ip address etc needed and can get out onto the internet, but will not connect/ping the DC which is where the data/shared drives are, the only way I have found so far to fix this is to give the pc a static IP and restart, then remove the Static IP and get a new IP.

The second problem is wireless, there are Dell D620's and Tosh A100's that will not see any of the many (and newly installed netgear wireless AP's), this is a real problem and we have tried many things to sort this, including, uninstall and reinstall the wireless cards on the laptops, disable, reenable, a seperate usb wireless adaptor. The problem is totally random and will affect a laptop one day and then the next it will be fine.

Hope someone has some ideas, the next step being discussed is to reimage the DC, hiwch I really don't want to do
0
 
lathealAuthor Commented:
OK then sorry for the Huge delay in getting back here, bit too busy at the moment.

Right the DHCP and DNS problem seems to have been resolved, we removed and re-set up both and we haven't seen that problem again.

The problems with the wireless were driver related, the D620's we got updated drivers and that was easy. the blasted Toshiba's came with a recover cd that had a very new driver and when  had a look on their site it didn't seem to exist, so downloaded the "older" driver and installed that, hey presto!!

Thanks to all for your help
0
 
ee_autoCommented:
Question PAQ'd, 500 points refunded, and stored in the solution database.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 3
  • 2
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now