Link to home
Create AccountLog in
Avatar of BeerTime
BeerTimeFlag for Canada

asked on

DHCP scope issue

Hi everyone,

We have a Server running Server 2003, SP2 with DHCP.  The scope is currently defined from 192.168.10.100 to 192.168.10.250.  We only have about 60 client computers that are using the DHCP ip addresses.

The problem that I am having right now is that the DHCP scope ip addres are not being used properly. DHCP ip leases as follows:

192.168.10.100 to 192.168.10.118
192.168.10.120 to 192.168.10.124
192.168.10.132 to 192.168.10.140
192.168.10.141 to 192.168.10.248

As you can see there are many ip addresses skipped in the DHCP ip leases.  As a result, I am getting warning messages on the server that it is running out of available ip addresses.  Please note that I am not able to ping any missing ip addresses (I assume they are not in use).

1. How can I make sure the DHCP utilizes the ip addresses properly without skipping?

Thanks for all your help in advance.
Have happy holidays!
Avatar of Fingo11
Fingo11

I have seen DHCP servers hand out IP addresses in random order before.  What you should be looking at is the lease duration and making sure that the clients are actually releasing their IP addres when they are not on the network.  If, for instance, the clients are laptops which get a lease and then are removed from the network abruptly the lease will be active until the duration has expired thereby holding up an IP address for a computer that is not around.  If your clients are stable (not disconnecting from your network) and you are still running out of leases check your statistics on the server and look for irregularities such as an inordinate number of DHCPRequests.  Also make sure your DHCP server binding is set to the proper nic if it is multi-homed.

Hope this helps!
I would not have though you would be running out of IPs as the lease is normally only 8 days then renews and that IP releases..

Do you have any reservations to MAC addresses?

Is your lease 8 days .... ?

This should not be a problem for you unless many other devices were connecting and using IP's

R
Avatar of BeerTime

ASKER

Thanks, the lease duration for DHCP client is: 8 days and we have over 95% desktops that are always on the network.  The DHCP binding is pointing to the correct nic card.  please see the DHCP statistics below:


DHCP-stat.JPG
No reserved MAC address for this scope.
Avatar of Krzysztof Pytko
Hi,

what about excluded IP addresses, do you have them configured in scope?

Regards,
Krzysztof
No, there is no exclusion.
OK then. Try to reconcile DHCP database first. Open DHCP console, select scope and click on it right mouse button, choose "Reconcile" and then "Verify" button

Check what happens.

Krzysztof
Hi,

What is the subnet mask assigned?
Thanks, I've tried to reconcile and getting "the database is consistent"
The subnet mask assigned is 255.255.255.0

I think the main problem to the DHCP scope is caused by RAS server we have for VPN connection.

The RAS - DHCP scope is defined as follows:
192.168.10.80 to 192.168.10.99 /24

What I've noticed is that some of the RAS clients that are using the DHCP scope defined on another server for internal clients 192.168.10.100 to 192.168.10.250 /24  Also, some of the internal clients are using the DHCP scope defined for RAS on another server.

Q: How can I keep RAS clients separate from internal DHCP scope and vice versa?

Q: Does it cause any issues if I just deactive the existing internal DHCP scope, and re-create another similar scope so the IP addresses can be properly used in an incremental order (without skipping any IP addresses as I mentioned in my original post)?

Thanks!
SOLUTION
Avatar of Krzysztof Pytko
Krzysztof Pytko
Flag of Poland image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account

Define other Scope of private IP's for RRAS server (2nic required) and use the route add eg: 10.0.0.0
Thanks Krzysztof! can you give me more info on AD1..?
currently the RRAS is defined with 192.168.10.1 to 192.168.10.99 with an exclusion of 192.168.10.1 to 192.168.10.80 so it should only use 19 ip addresses.  How can I assign static ip to the RAS clients without knowing who will connect via VPN?

The internal DHCP server is defined with 192.168.10.100 to 192.168.10.250
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Thanks for the quick response! I will try your suggestion and let you know if I run into any issues.  Thanks!
Yup, this is the correct way described by Fingo :) But you have to ensure that given static IP pool is out of your DHCP pool or you have to set up on DHCP server exclusion range for those VPN IPs

Krzysztof
Thanks Krzysztof. Just to be clear, if the DHCP scope is 192.168.10.100 to 192.168.10.250 and I want RRAS to use from 192.168.10.100 to 192.168.10.120;

Do I need to exclude 192.168.10.100 to 192.168.10.120 from the DHCP range because it is used by RRAS? or am I missing something? (All servers static ip address are not included in the DHCP scope)

Thanks for your help.
Hi, yes you should exclude this pool. Because DHCP server doesn't know that it should not issue these addresses. When someone connects over VPN then you want to be sure that DHCP doesn't issue the same IP address to other PC in your network to prevent IP address conflict. So, exclude range 192.168.10.100 to 192.168.10.120 on DHCP and everything will work fine :)

Krzysztof
That's good! Thanks again for your help.
ASKER CERTIFIED SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Thanks for all your help.