Solved

DHCP reservation problems

Posted on 2008-10-21
11
1,689 Views
Last Modified: 2013-11-10
My DHCP server reservations sometimes fail out of the blue. I had one Vista machine that didn't get its reserved IP. The MAC was right, there was only one DHCP server running in the entire network and plus, a brand new machine, just plugged into the network, got the reservation IP, despite the MAC address being completely different.

I don't have a clue about what's going on. Need professional help with the issue.

Thanks.
0
Comment
Question by:cafasdon
  • 7
  • 4
11 Comments
 
LVL 11

Expert Comment

by:miqrogroove
ID: 22770580
Call me a pessimist, but if you've done all the math and arrived at a single point of failure, then it's time to overhaul.  Get a newer/alternative DHCP server.
0
 

Author Comment

by:cafasdon
ID: 22772040
I'm working on that already. Just wanted to give my manager a proper answer to what happened to the reservation. I've checked the MAC on the computer that stole the reserved IP, and it's by far different from the proper one. I just want to be 100% that without a secondary DHCP server, this won't happen again. Are there any known flaws in linux DHCPD related with Red Hat EL5 servers? Sorry to be repetitive, just want to cover every minimal gap.
0
 
LVL 11

Expert Comment

by:miqrogroove
ID: 22772090
If you're 100% sure the address was available when you reserved it, then I'd say you just found one (a flaw).  The only other thing to check is the DHCP address reported by the client.
0
 

Author Comment

by:cafasdon
ID: 22774693
I found out one more variable to add to the equation:
Using a neat program called DHCP-Find, I found the following DHCP offer:

8.255.0.0

So far, seems it was offering the reserved addresses on the network.

Example:

Packet from 8.255.0.0
 Offered IP 172.16.5.234
 Lease Length 86400 Seconds
 Subnet Mask 255.255.252.0

where .5.234 is a reserved address to a specific MAC.

Strangest thing is, when I try to see if it is alive, it translates to 4.68.16.8.

Just adding up to possible causes. I wanna solve this mystery no matter what.
0
 

Author Comment

by:cafasdon
ID: 22774951
Let me add a doubt:

Is it possible to make a reservation like: 10.10.10.10 on a dhcpd configured for 172.16.4.0/22 for an example?

I've been digging through the net and found out that my issue could be 'cause I'm assigning a reservation inside the offer range. Doesn't make much sense to me, so I'm looking for a second opinion.

I'm experimenting a little with the DHCP server right now, and will keep so during the day. If anyone have any ideas for possible test solutions, I'm all ears.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:cafasdon
ID: 22778123
BTW:

DHCP reported by client matches the main server. No problems with that.
0
 
LVL 11

Expert Comment

by:miqrogroove
ID: 22779026
Packet from 8.255.0.0
 Offered IP 172.16.5.234

That's a little bizarre.  Is 8.255.0.0 the normal address for your DHCP server?
0
 

Author Comment

by:cafasdon
ID: 22784623
Nope. The network is 172.16.4.0/22.

That IP seems to have something to do with reservations, since the reservations that I have in dhcpd.conf appear with this IP as the dhcpoffer sometimes.

I've recently read about some problems with Microsoft clients not working properly with MAC reservations. Something called "DHCP RELEASE while SELETCINTG" bug. Seems to be the closest I got to my case, but not sure if it is the exact same problem.

Another thing to consider is: Every computer that lost its address, were laptops. Although the ones who stole it were usually desktops. Read about something related to that as well, about lease times needing to be shorter for mobile devices (with Windows, as usual).

So far, this hasn't happened to any Linux machines.
0
 
LVL 11

Accepted Solution

by:
miqrogroove earned 250 total points
ID: 22788341
It's sounding more and more like you have a rogue DHCP server.  Can you run ipconfig /renew on one of the computers that has an invalid lease and find out what happens from there?  This forces the client to contact its DHCP server using IP unicast, and if your server is behaving it should respond with DHCPNACK.

Any chance you have a wireless router with DHCP enabled?
0
 

Author Comment

by:cafasdon
ID: 22794269
Checked wireless routers. All in access point mode, not serving DHCP.

I had the rogue DHCP issue once, but solved it with Cisco's DHCP Snooping, setting only the port for the main server as trusted for DHCPOFFER packets.

I don't know how to replicate the problem so far, but I'll keep in mind to get as many info from a computer as I can when it happens. My company is huge, so I'll have to really quick to find out whoever is having the problem (physically I mean). So far, the problem was solved by changing the reservation IP to a range outside the preset pool, but inside main mask. But it's quite a pain to have to be editting the dhcpd.conf every time this happens, since there's a LOT of reservations.

Oh, and one more thing: whenever this happened, the original reservation machine would just not get any IP, EVER, until the new reservation is set. However it would still show on the rogue computer that there is an IP conflict.
0
 

Author Comment

by:cafasdon
ID: 22826976
Found some errors in dhcpd.conf, like duplicated MACs, so it was pretty much stress + tons of work. But thanks for trying to help anyway, the DHCP server is now in a Windows 2k server, so it's not my problem anymore :P
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

A Wildcard Certificate means all of your sub-domains will resolve to the same location, regardless of the non-SSL Document-Root specification. A user will need to purchase a wildcard SSL from a vendor or a reseller that supplies them. Similar to ha…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now