Solved

Windows 2003 DHCP fills up with BAD_ADDRESS

Posted on 2012-03-12
17
625 Views
Last Modified: 2012-04-09
Hi experts :)

I have a serious problem with my DHCP Servers.

We just have move from site A to site B, this is the context.
We have 2 DHCP servers :

- The first one serving from 10.192.240.10 to 10.192.240.199 (mask 255.255.0.0)
- The second one serving from 10.192.241.10 to 10.192.241.199 (mask 255.255.0.0)

Since we have moved, the two scopes are filled in of BAD_ADDRESS.
This never appears before. It's very strange because the mac address corresponding to the BAD_ADDRESS are not coherent... eg :

10.192.240.40     BAD_ADDRESS     28f0c00a
10.192.240.41     BAD_ADDRESS     29f0c00a
10.192.240.46     BAD_ADDRESS     2ef0c00a
10.192.240.49     BAD_ADDRESS     31f0c00a

This is an exemple from the firs DHCP server. The second one experienced the same problem. As a consequence, when the scope is full, workstations can not connect to the network.

When I try to purge manualy the BAD_ADDRESS, they come back several minutes after...

Any idea ?

Thanks in advance for your help.

Vincent.
0
Comment
Question by:coolvince
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 5
17 Comments
 

Author Comment

by:coolvince
ID: 37710687
Another precision : all BAD_ADDRESS are not pingable.
0
 
LVL 7

Expert Comment

by:frajico
ID: 37710702
Do you have any Cisco ASA with DHCP Relay enabled?

Are you sure you have the masks right? Should not be both 255.255.255.0?
0
 

Author Comment

by:coolvince
ID: 37710743
Hi Frajico,

No. I don't have any Cisco devices on my network. Switches are HP. Routers are Juniper.
Yes I'm sure of the subnets.

All nodes on the network are masked as 255.255.0.0 but we are using 10.192.240.x 10.192.241.x
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:coolvince
ID: 37710755
The explication of the subnet is that before we had 2 physical sites A and B :

- A was 10.192.240.0 /24
- B was 10.192.241.0 /24

When A and B have merged, we only change the subnet mask to /16.
0
 
LVL 7

Expert Comment

by:Martin81
ID: 37712532
If you right click the scope and look at statistics do you see the number of Nacks increasing? If you do turning on conflict detection may help with that but if you can't ping the address maybe not. If the number of nacks isn't increasing reconciling the scope may help, right click the scope and choose reconcile.
0
 

Author Comment

by:coolvince
ID: 37713945
Hi Martin81,

I don't know for the Nacks because I've just made a test : I have turn off conflict detection (value to 0) and restarted the DHCP service. When I do that, there is no problem ! Workstation are able to retrieve Ip address and everything works fine !

It seems that the problem is on the Conflict detection, the value was at 5 before...

Since I've done that, there is no BAD_ADDRESS and no Nacks on the statistics.
In fact, the BAD_ADDRESS on the server when the value is 5 are not real IP address, there is no corresponding physical nodes...

Very strange behavior...
0
 

Author Comment

by:coolvince
ID: 37714664
Correction, the problem went back. :(
Resetting the Conflict detection value to 0 does not solve the problem.

Any help ?
0
 

Author Comment

by:coolvince
ID: 37716029
An update :

Some (not all) clients running Windows 7 have been unable to attain an IP address.
What actually seems to happen is the client computer gets an address for a few seconds and then goes back to looking for an address and this repeats endlessly. Each time the client gets a new address the DHCP server lists the address that the client had as a "BAD_ADDRESS". This eventually will fill up the entire scope of the DHCP server leaving no addresses...

???
0
 
LVL 7

Expert Comment

by:frajico
ID: 37716377
Check if there is any other DHCP server on the network with DHCPExplorer ....
0
 

Author Comment

by:coolvince
ID: 37716394
I can confirm there is not.
0
 
LVL 7

Expert Comment

by:frajico
ID: 37716445
Are you completely sure there are no toher DHCP server you don't know? I found on my network a DHCP Server working in a new equipment installed (not configured or misconfigured and connected to the network with a DHCO server enabled)

Have you any router or any equipment with ARP cache enabled? Disable it.
0
 
LVL 7

Expert Comment

by:frajico
ID: 37716453
Which Antivirus software do you have on the servers and  on the PCs? Symantec? Symantec Endpoint Protection, specifically the Network Threat Protection component could cause this.
0
 
LVL 7

Expert Comment

by:frajico
ID: 37716482
a very silly question (sorry for mention)... on the first DHCP server, did you explicit exclude the IP scope (IP range) served on the second DHCP server, and in the second server, did you explicit exclude the IP scope (IP Range) range served on the first server?
0
 

Author Comment

by:coolvince
ID: 37716650
Yes, I'm sure there are no other DHCP server on my LAN. I've turned off both DHCP servers and tried to request an IP from an XP machine that works fine, and no IP was delivered...

I have no exclusion ob any of my 2 DHCP servers as they are not serving the same IP range.
The first one serve 10.192.240.x /16 and the second one serve 10.192.241.x /16

I've read a lot of helpful information about new telephony equipment that have generated this behavior. I'm wondering if mine (a new one freshly installed) is properly configured refered to that problem.

By the way, i've also tried to reset all Wins database and deleted all dynamic A records in my DNS server. Since I've done that, the Windows 7 PC I used for tests can properly have a DHCP assigned IP ! This is not definitive but it seems to be better since that change. I have to wait to definitely be sure...

In fact, it serms that the client PC asked the DHCP for an IP, the Server gived the IP and the client PC finaly decline the IP ! But it seems to be declined because of the DNS registering that has not been successful...

I keep you posted. It's time to go home for me now ! ;)))
0
 

Author Comment

by:coolvince
ID: 37724134
Bad news... It goes on.

I had doubt about the HP NIC teaming on both DHCP servers so, I've dissolved the teaming but it goes on... :(((

The probleme is still present.

Any idea ?
0
 

Accepted Solution

by:
coolvince earned 0 total points
ID: 37806659
Ok, the problem is solved.
A bomb attack had completely destroyed the site ! :)))

No, it's a joke ! ;))) But the problem is solved. It was an unconfigured TOSHIBA photocopier that was plugged on the network !!!!!

You unplug the photocopier, problem is solved !
You plug it again, it goes on....

Cheers.
0
 

Author Closing Comment

by:coolvince
ID: 37822718
Because I've found by myself.
0

Featured Post

SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question