Solved

DHCP reservation problems

Posted on 2008-10-21
11
1,697 Views
Last Modified: 2013-11-10
My DHCP server reservations sometimes fail out of the blue. I had one Vista machine that didn't get its reserved IP. The MAC was right, there was only one DHCP server running in the entire network and plus, a brand new machine, just plugged into the network, got the reservation IP, despite the MAC address being completely different.

I don't have a clue about what's going on. Need professional help with the issue.

Thanks.
0
Comment
Question by:cafasdon
  • 7
  • 4
11 Comments
 
LVL 11

Expert Comment

by:miqrogroove
ID: 22770580
Call me a pessimist, but if you've done all the math and arrived at a single point of failure, then it's time to overhaul.  Get a newer/alternative DHCP server.
0
 

Author Comment

by:cafasdon
ID: 22772040
I'm working on that already. Just wanted to give my manager a proper answer to what happened to the reservation. I've checked the MAC on the computer that stole the reserved IP, and it's by far different from the proper one. I just want to be 100% that without a secondary DHCP server, this won't happen again. Are there any known flaws in linux DHCPD related with Red Hat EL5 servers? Sorry to be repetitive, just want to cover every minimal gap.
0
 
LVL 11

Expert Comment

by:miqrogroove
ID: 22772090
If you're 100% sure the address was available when you reserved it, then I'd say you just found one (a flaw).  The only other thing to check is the DHCP address reported by the client.
0
 

Author Comment

by:cafasdon
ID: 22774693
I found out one more variable to add to the equation:
Using a neat program called DHCP-Find, I found the following DHCP offer:

8.255.0.0

So far, seems it was offering the reserved addresses on the network.

Example:

Packet from 8.255.0.0
 Offered IP 172.16.5.234
 Lease Length 86400 Seconds
 Subnet Mask 255.255.252.0

where .5.234 is a reserved address to a specific MAC.

Strangest thing is, when I try to see if it is alive, it translates to 4.68.16.8.

Just adding up to possible causes. I wanna solve this mystery no matter what.
0
 

Author Comment

by:cafasdon
ID: 22774951
Let me add a doubt:

Is it possible to make a reservation like: 10.10.10.10 on a dhcpd configured for 172.16.4.0/22 for an example?

I've been digging through the net and found out that my issue could be 'cause I'm assigning a reservation inside the offer range. Doesn't make much sense to me, so I'm looking for a second opinion.

I'm experimenting a little with the DHCP server right now, and will keep so during the day. If anyone have any ideas for possible test solutions, I'm all ears.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:cafasdon
ID: 22778123
BTW:

DHCP reported by client matches the main server. No problems with that.
0
 
LVL 11

Expert Comment

by:miqrogroove
ID: 22779026
Packet from 8.255.0.0
 Offered IP 172.16.5.234

That's a little bizarre.  Is 8.255.0.0 the normal address for your DHCP server?
0
 

Author Comment

by:cafasdon
ID: 22784623
Nope. The network is 172.16.4.0/22.

That IP seems to have something to do with reservations, since the reservations that I have in dhcpd.conf appear with this IP as the dhcpoffer sometimes.

I've recently read about some problems with Microsoft clients not working properly with MAC reservations. Something called "DHCP RELEASE while SELETCINTG" bug. Seems to be the closest I got to my case, but not sure if it is the exact same problem.

Another thing to consider is: Every computer that lost its address, were laptops. Although the ones who stole it were usually desktops. Read about something related to that as well, about lease times needing to be shorter for mobile devices (with Windows, as usual).

So far, this hasn't happened to any Linux machines.
0
 
LVL 11

Accepted Solution

by:
miqrogroove earned 250 total points
ID: 22788341
It's sounding more and more like you have a rogue DHCP server.  Can you run ipconfig /renew on one of the computers that has an invalid lease and find out what happens from there?  This forces the client to contact its DHCP server using IP unicast, and if your server is behaving it should respond with DHCPNACK.

Any chance you have a wireless router with DHCP enabled?
0
 

Author Comment

by:cafasdon
ID: 22794269
Checked wireless routers. All in access point mode, not serving DHCP.

I had the rogue DHCP issue once, but solved it with Cisco's DHCP Snooping, setting only the port for the main server as trusted for DHCPOFFER packets.

I don't know how to replicate the problem so far, but I'll keep in mind to get as many info from a computer as I can when it happens. My company is huge, so I'll have to really quick to find out whoever is having the problem (physically I mean). So far, the problem was solved by changing the reservation IP to a range outside the preset pool, but inside main mask. But it's quite a pain to have to be editting the dhcpd.conf every time this happens, since there's a LOT of reservations.

Oh, and one more thing: whenever this happened, the original reservation machine would just not get any IP, EVER, until the new reservation is set. However it would still show on the rogue computer that there is an IP conflict.
0
 

Author Comment

by:cafasdon
ID: 22826976
Found some errors in dhcpd.conf, like duplicated MACs, so it was pretty much stress + tons of work. But thanks for trying to help anyway, the DHCP server is now in a Windows 2k server, so it's not my problem anymore :P
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up SSH Cisco We are all told that you should not use Telent for connecting to devices because it is unsecure and all clear text. Much better is to use SSH, but it can seem a bit of a challenge setting it all up and especially in a small n…
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now