Windows Event ID: 1053 DHCP Service keeps crashing

The error message I'm getting is:

Source: DhcpServer
EventID: 1053

The DHCP/BINL service on this Small Business Server has encountered another
server on this network with IP Address,, belonging to the
domain: .

This gets followed by:

The DHCP/BINL service on this computer is shutting down. See the previous
event log messages for reasons

I manually start DHCP Service.  This process repeats itself every few days.

Have Windows SBS 2003 running DHCP servicing 192.168.2.x only on HyperV, 1 vNIC.   I don't have a 192.168.10.x subnet anywhere.   Any thoughts about what might be causing this appreciated.   thanks, Russell
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Sushil SonawaneCommented:
Make sure other active DHCP servers not available in network. Becuase in SBS environment only one dhcp server can work.

Reconfigure the Routing and Remote Access service. If Routing and Remote Access is set up incorrectly, it can act as a second DHCP server.

As the event mention your dhcp server conflict with the server on this network with IP Address,

Make sure the ip address server not act as dhcp server in network.

For more info please refer below link :
Tim GoddardCommented:
Are there any other devices on your network that could be acting as a DHCP server?  A wireless access point or a router for example.  Have you installed anything new on the network which ties in to when the problem started?

Other than it happening every few days are there any patterns to this behaviour?  Does it coincide with a particular person being in the office?  Could someone be bringing in a laptop or other device with some kind of Internet sharing software installed on it which is somehow acting as a DHCP server on your network?

When this happens it could be worth trying to get an IP address from this "rogue" DHCP server if that's what it is.  You'd need to do this on a client while the real DHCP server is off.  If you can get an IP address then you could try browsing to to see what happens.  If you get a config page or at least an admin login then it might give you some clue as to what's going on.  If not then you could PING from a client and then check your ARP cache (arp -a from a command prompt in Windows) to see if the MAC address ties into to any records you have (for example I use AVG on one network and the management console gives a nice list of MAC addresses for managed clients).  If that doesn't work then you could start systematically unplugging network cables (make notes of what you've done!) until you can't get an IP address any more.  Once this happens at least you have a better idea of where the offending device is plugged in even if you don't know what it is yet.

Although this link does relate to SBS 2008 it is for the same error code and mentions Routing and Remote Access as a possible cause.  This could be worth ruling out too.

Hope this helps.
ClarksvilleAuthor Commented:
Thanks for the fantasticly thoughtful troubleshooting ideas.   Unfortuneately, the problem is not being caused by another dhcp server since network clients receive no ip address when this dhcp service has crashed and in a stopped state.   I confirmed that Routing and Remote Access is not running on any servers too.   Thinking about running WireShark to see if any device on network is really claiming to be from source
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

ClarksvilleAuthor Commented:
Ended up having a network engineer use WireShark to capture network traffic to identify the problem.  It ended up being a VOIP to analog gateway device that was causing the issue.  Interesting thing is that this VOIP device has been on the network in same configuration for > 2 years, so why did it all of a sudden start causing 2003 SBS to crash the DHCP service?   A microsoft update perhaps...?    Who knows, but removing this device from our network resolved the issue.  THANKS for everyones input.  Russell

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ClarksvilleAuthor Commented:
Wireshark packet capture ended up being necessary to isolate the networked device causing the problem.
Tim GoddardCommented:
So was the VOIP gateway acting as a DHCP server or was there some other compatibility issue between the VOIP gateway and your SBS server?  I notice from an early post that you say no other devices were handing out IP addresses, I'm just intrigued as to what you spotted in the Wireshark capture to identify the problem.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.