We help IT Professionals succeed at work.

Windows 2003 DHCP fills up with BAD_ADDRESS

coolvince asked
Hi experts :)

I have a serious problem with my DHCP Servers.

We just have move from site A to site B, this is the context.
We have 2 DHCP servers :

- The first one serving from to (mask
- The second one serving from to (mask

Since we have moved, the two scopes are filled in of BAD_ADDRESS.
This never appears before. It's very strange because the mac address corresponding to the BAD_ADDRESS are not coherent... eg :     BAD_ADDRESS     28f0c00a     BAD_ADDRESS     29f0c00a     BAD_ADDRESS     2ef0c00a     BAD_ADDRESS     31f0c00a

This is an exemple from the firs DHCP server. The second one experienced the same problem. As a consequence, when the scope is full, workstations can not connect to the network.

When I try to purge manualy the BAD_ADDRESS, they come back several minutes after...

Any idea ?

Thanks in advance for your help.

Watch Question


Another precision : all BAD_ADDRESS are not pingable.

Do you have any Cisco ASA with DHCP Relay enabled?

Are you sure you have the masks right? Should not be both


Hi Frajico,

No. I don't have any Cisco devices on my network. Switches are HP. Routers are Juniper.
Yes I'm sure of the subnets.

All nodes on the network are masked as but we are using 10.192.240.x 10.192.241.x


The explication of the subnet is that before we had 2 physical sites A and B :

- A was /24
- B was /24

When A and B have merged, we only change the subnet mask to /16.

If you right click the scope and look at statistics do you see the number of Nacks increasing? If you do turning on conflict detection may help with that but if you can't ping the address maybe not. If the number of nacks isn't increasing reconciling the scope may help, right click the scope and choose reconcile.


Hi Martin81,

I don't know for the Nacks because I've just made a test : I have turn off conflict detection (value to 0) and restarted the DHCP service. When I do that, there is no problem ! Workstation are able to retrieve Ip address and everything works fine !

It seems that the problem is on the Conflict detection, the value was at 5 before...

Since I've done that, there is no BAD_ADDRESS and no Nacks on the statistics.
In fact, the BAD_ADDRESS on the server when the value is 5 are not real IP address, there is no corresponding physical nodes...

Very strange behavior...


Correction, the problem went back. :(
Resetting the Conflict detection value to 0 does not solve the problem.

Any help ?


An update :

Some (not all) clients running Windows 7 have been unable to attain an IP address.
What actually seems to happen is the client computer gets an address for a few seconds and then goes back to looking for an address and this repeats endlessly. Each time the client gets a new address the DHCP server lists the address that the client had as a "BAD_ADDRESS". This eventually will fill up the entire scope of the DHCP server leaving no addresses...


Check if there is any other DHCP server on the network with DHCPExplorer ....


I can confirm there is not.

Are you completely sure there are no toher DHCP server you don't know? I found on my network a DHCP Server working in a new equipment installed (not configured or misconfigured and connected to the network with a DHCO server enabled)

Have you any router or any equipment with ARP cache enabled? Disable it.

Which Antivirus software do you have on the servers and  on the PCs? Symantec? Symantec Endpoint Protection, specifically the Network Threat Protection component could cause this.

a very silly question (sorry for mention)... on the first DHCP server, did you explicit exclude the IP scope (IP range) served on the second DHCP server, and in the second server, did you explicit exclude the IP scope (IP Range) range served on the first server?


Yes, I'm sure there are no other DHCP server on my LAN. I've turned off both DHCP servers and tried to request an IP from an XP machine that works fine, and no IP was delivered...

I have no exclusion ob any of my 2 DHCP servers as they are not serving the same IP range.
The first one serve 10.192.240.x /16 and the second one serve 10.192.241.x /16

I've read a lot of helpful information about new telephony equipment that have generated this behavior. I'm wondering if mine (a new one freshly installed) is properly configured refered to that problem.

By the way, i've also tried to reset all Wins database and deleted all dynamic A records in my DNS server. Since I've done that, the Windows 7 PC I used for tests can properly have a DHCP assigned IP ! This is not definitive but it seems to be better since that change. I have to wait to definitely be sure...

In fact, it serms that the client PC asked the DHCP for an IP, the Server gived the IP and the client PC finaly decline the IP ! But it seems to be declined because of the DNS registering that has not been successful...

I keep you posted. It's time to go home for me now ! ;)))


Bad news... It goes on.

I had doubt about the HP NIC teaming on both DHCP servers so, I've dissolved the teaming but it goes on... :(((

The probleme is still present.

Any idea ?
Ok, the problem is solved.
A bomb attack had completely destroyed the site ! :)))

No, it's a joke ! ;))) But the problem is solved. It was an unconfigured TOSHIBA photocopier that was plugged on the network !!!!!

You unplug the photocopier, problem is solved !
You plug it again, it goes on....



Because I've found by myself.