Why does a DHCP server allow clients to get IP addresses outside of the scope?

IT-Jesse
IT-Jesse used Ask the Experts™
on
Greetings Experts,

We have a Win2K3 server running AD, DNS, DHCP. The DHCP scope was changed from .100-.250 to a smaller scope, .100-.200 and our clients are still ending up stuck with .200+ addresses. Even when I release and renew the addresses, the revert back to the same old IPs. We want to install new equipment and put them on static IPs starting at .201 and up so this is a hindrance.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
DHCP addresses are sticky
reboot the DHCP server
Or you could shorten the lease time down. The clients will try to request a lease at half the lease duration. Anytime I make a change to DHCP I lower this value to help speed up the change process.
You can also select existing leases in the DHCP management console and delete them manually.
Then force a reboot (or at least a dhcp lease release  + renewal) the hosts that have the addresses you want to free up
11/26 Forrester Webinar: Savings for Enterprise

How can your organization benefit from savings just by replacing your legacy backup solutions with Acronis' #CyberProtection? Join Forrester's Joe Branca and Ryan Davis from Acronis live as they explain how you can too.

Author

Commented:
Unfortunately, I have tried all three suggestions without success. I rebooted, shortened the lease time, and ran ipconfig. If I am at client "1.1.1.206" and attempt to release/renew its lease, it returns right back to the same IP address. ".206" isn't even in the DHCP scope anymore, the scope goes from 100-200 now. Is there something I must be missing here?
Check the registry for teh host that still gets 1.1.1.206
Run a "search" in HKLM\CCS\Services" on the string "1.1.1.206"
You should find it.
Then check that the DHCPServer field is actually the IP address of the DHCP server you used.
If not, well, your hosts are getting their IP configuration from another DHCP server (cable/DSL router?)

If that is true, there is something weird to me... I already did such things in teh past and it worked.
Some leads
- You can, temporary, create Static DHCP entries (reservations) for the host still "out of scope"
- You can try to run ipconfig /release and then delete all references in the registries to the IP addresses that are Out Of Scope in the registry and then reboot the corresponding hosts
Senior Solutions Architect
Commented:
You can run IPCONFIG /ALL on your clients to check which DHCP Server is issuing the leases. Maybe you have a rogue/forgotten DHCP server on your LAN.

Additionally, if you want a specific machine to have a certain IP address, then do a reservation for that machine. Reservations are pretty much like giving machines static addresses, since only the machine with the correct MAC address will be issues the reserved IP address.

NOTE: If you change a network card, the MAC address will change and your reservation won't work. Other than that, you will always get the same IP.

Author

Commented:
Still looking in to the problem. It looks like the rogue DHCP server dvt mentioned may be the cause...

I will know soon.
Hey, I mentioned the rogue DHCP server first ;) ! (OK I missed to call it rogue... It was called "another DHCP server")
Having 2 DHCP servers on a single network can be a nightmare, unless they synchronize a way or another (MS DHCP can do that when the DHCP servers are members of a domain. isc dhcpd 3 can do that too).
To be frank, I often implement a primary dhcp server and a backup dhcp server, which are usually independent.
For instance, at home, I have an MS Windows based dhcp server (primary) and my WiFi AP also runs a dhcp service (backup)
When I can, I make sure that the backup dhcp server answers later than the primary one (WRT54G with DD-WRT answers later than my Windows server for instance), so that its answers will be discarded by the clients when the primary dhcp servers answered first.
And I also configure things so that scopes do not overlap (when I can)
And WireShark/NetMon or any network sniffing utility. Filter on UDP 67 and 68 and you'll have all the DHCP traffic...

Author

Commented:
There was indeed a rogue DHCP server. Thanks for the help!
Hey I was the first to mention the rogue server ! You could have split the points...

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial