Windows 2003 DHCP fills up with BAD_ADDRESS

Hi experts :)

I have a serious problem with my DHCP Servers.

We just have move from site A to site B, this is the context.
We have 2 DHCP servers :

- The first one serving from 10.192.240.10 to 10.192.240.199 (mask 255.255.0.0)
- The second one serving from 10.192.241.10 to 10.192.241.199 (mask 255.255.0.0)

Since we have moved, the two scopes are filled in of BAD_ADDRESS.
This never appears before. It's very strange because the mac address corresponding to the BAD_ADDRESS are not coherent... eg :

10.192.240.40     BAD_ADDRESS     28f0c00a
10.192.240.41     BAD_ADDRESS     29f0c00a
10.192.240.46     BAD_ADDRESS     2ef0c00a
10.192.240.49     BAD_ADDRESS     31f0c00a

This is an exemple from the firs DHCP server. The second one experienced the same problem. As a consequence, when the scope is full, workstations can not connect to the network.

When I try to purge manualy the BAD_ADDRESS, they come back several minutes after...

Any idea ?

Thanks in advance for your help.

Vincent.
coolvinceAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

coolvinceAuthor Commented:
Another precision : all BAD_ADDRESS are not pingable.
0
frajicoCommented:
Do you have any Cisco ASA with DHCP Relay enabled?

Are you sure you have the masks right? Should not be both 255.255.255.0?
0
coolvinceAuthor Commented:
Hi Frajico,

No. I don't have any Cisco devices on my network. Switches are HP. Routers are Juniper.
Yes I'm sure of the subnets.

All nodes on the network are masked as 255.255.0.0 but we are using 10.192.240.x 10.192.241.x
0
Build an E-Commerce Site with Angular 5

Learn how to build an E-Commerce site with Angular 5, a JavaScript framework used by developers to build web, desktop, and mobile applications.

coolvinceAuthor Commented:
The explication of the subnet is that before we had 2 physical sites A and B :

- A was 10.192.240.0 /24
- B was 10.192.241.0 /24

When A and B have merged, we only change the subnet mask to /16.
0
Martin81Commented:
If you right click the scope and look at statistics do you see the number of Nacks increasing? If you do turning on conflict detection may help with that but if you can't ping the address maybe not. If the number of nacks isn't increasing reconciling the scope may help, right click the scope and choose reconcile.
0
coolvinceAuthor Commented:
Hi Martin81,

I don't know for the Nacks because I've just made a test : I have turn off conflict detection (value to 0) and restarted the DHCP service. When I do that, there is no problem ! Workstation are able to retrieve Ip address and everything works fine !

It seems that the problem is on the Conflict detection, the value was at 5 before...

Since I've done that, there is no BAD_ADDRESS and no Nacks on the statistics.
In fact, the BAD_ADDRESS on the server when the value is 5 are not real IP address, there is no corresponding physical nodes...

Very strange behavior...
0
coolvinceAuthor Commented:
Correction, the problem went back. :(
Resetting the Conflict detection value to 0 does not solve the problem.

Any help ?
0
coolvinceAuthor Commented:
An update :

Some (not all) clients running Windows 7 have been unable to attain an IP address.
What actually seems to happen is the client computer gets an address for a few seconds and then goes back to looking for an address and this repeats endlessly. Each time the client gets a new address the DHCP server lists the address that the client had as a "BAD_ADDRESS". This eventually will fill up the entire scope of the DHCP server leaving no addresses...

???
0
frajicoCommented:
Check if there is any other DHCP server on the network with DHCPExplorer ....
0
coolvinceAuthor Commented:
I can confirm there is not.
0
frajicoCommented:
Are you completely sure there are no toher DHCP server you don't know? I found on my network a DHCP Server working in a new equipment installed (not configured or misconfigured and connected to the network with a DHCO server enabled)

Have you any router or any equipment with ARP cache enabled? Disable it.
0
frajicoCommented:
Which Antivirus software do you have on the servers and  on the PCs? Symantec? Symantec Endpoint Protection, specifically the Network Threat Protection component could cause this.
0
frajicoCommented:
a very silly question (sorry for mention)... on the first DHCP server, did you explicit exclude the IP scope (IP range) served on the second DHCP server, and in the second server, did you explicit exclude the IP scope (IP Range) range served on the first server?
0
coolvinceAuthor Commented:
Yes, I'm sure there are no other DHCP server on my LAN. I've turned off both DHCP servers and tried to request an IP from an XP machine that works fine, and no IP was delivered...

I have no exclusion ob any of my 2 DHCP servers as they are not serving the same IP range.
The first one serve 10.192.240.x /16 and the second one serve 10.192.241.x /16

I've read a lot of helpful information about new telephony equipment that have generated this behavior. I'm wondering if mine (a new one freshly installed) is properly configured refered to that problem.

By the way, i've also tried to reset all Wins database and deleted all dynamic A records in my DNS server. Since I've done that, the Windows 7 PC I used for tests can properly have a DHCP assigned IP ! This is not definitive but it seems to be better since that change. I have to wait to definitely be sure...

In fact, it serms that the client PC asked the DHCP for an IP, the Server gived the IP and the client PC finaly decline the IP ! But it seems to be declined because of the DNS registering that has not been successful...

I keep you posted. It's time to go home for me now ! ;)))
0
coolvinceAuthor Commented:
Bad news... It goes on.

I had doubt about the HP NIC teaming on both DHCP servers so, I've dissolved the teaming but it goes on... :(((

The probleme is still present.

Any idea ?
0
coolvinceAuthor Commented:
Ok, the problem is solved.
A bomb attack had completely destroyed the site ! :)))

No, it's a joke ! ;))) But the problem is solved. It was an unconfigured TOSHIBA photocopier that was plugged on the network !!!!!

You unplug the photocopier, problem is solved !
You plug it again, it goes on....

Cheers.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
coolvinceAuthor Commented:
Because I've found by myself.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.