Network dropping out, duplicate SBS 2011 server DHCP

Hi had a few update issues with SBS 2011 server but fixed it then suddenly all users drop off network.

Server connects to wall socket and creates network and router connects to wallsocket and I can get Internet access on the server.

All users slowly dropped out, connected to different switches and wall sockets.

Any ideas? Pushed 46 updates through previously, could they have caused it?
ronnie10165Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Netman66Connect With a Mentor Commented:
While that might be the case, it sounds like there is a wireless router attached to the network that is acting as a bridge and giving out addresses in the same subnet - so effectively, you'll still see an IP in that subnet.  

If the switches are capable, you really should implement BPDU Guard on all access ports so that any switch plugged into the network will disable the port it's connected to and prevent this from happening.
0
 
ronnie10165Author Commented:
I am reading a lot about recent Windows updates and IPv6
We have it disabled
0
 
ronnie10165Author Commented:
See multiple dhcp address
Tagserver is meant to be 192.168.16.2

Anyone?

Client IP Address      Name      Lease Expiration      Type      Unique ID      Description      Network Access Protection      Probation Expiration      Filter Profile
192.168.16.11      LT04.tag.local      2/2/2013 7:42:29 AM      DHCP      0050b64abd86            Full Access      N/A      None
192.168.16.12      LT03.tag.local      2/2/2013 8:25:41 AM      DHCP      00266ca11268            Full Access      N/A      None
192.168.16.13      LT03.tag.local      2/2/2013 8:25:47 AM      DHCP      4ceddee8d552            Full Access      N/A      None
192.168.16.14      TAGSERVER.tag.local      2/6/2013 4:52:05 PM      DHCP      RAS            Full Access      N/A      None
192.168.16.15      TAGSERVER.tag.local      2/6/2013 4:55:45 PM      DHCP      RAS            Full Access      N/A      None
192.168.16.16      TAGSERVER.tag.local      2/6/2013 4:55:45 PM      DHCP      RAS            Full Access      N/A      None
192.168.16.17      TAGSERVER.tag.local      2/6/2013 4:55:45 PM      DHCP      RAS            Full Access      N/A      None
192.168.16.18      TAGSERVER.tag.local      2/6/2013 4:55:45 PM      DHCP      RAS            Full Access      N/A      None
192.168.16.19      GRAPHICS2-PC.tag.local      2/6/2013 5:34:35 PM      DHCP      5404a6191f18            Full Access      N/A      None
192.168.16.20      SamsungOffice      Reservation (inactive)      None      00159983d54e      Samsung CLX 6220 FX      Full Access      N/A      None
192.168.16.21      TAGSERVER.tag.local      2/6/2013 4:55:45 PM      DHCP      RAS            Full Access      N/A      None
192.168.16.22      TRACY-LAPTOP.tag.local      2/2/2013 7:21:46 AM      DHCP      e89d8709ae29            Full Access      N/A      None
192.168.16.23            2/2/2013 7:27:02 AM      DHCP      980c82cf65a7            Full Access      N/A      None
192.168.16.24      amb-server.      2/4/2013 7:12:13 PM      DHCP      90e6ba545b6c            Full Access      N/A      None
192.168.16.25      DESIGN1.tag.local      1/30/2013 8:25:05 AM      DHCP      5404a6191f26            Full Access      N/A      None
192.168.16.26      SALESDESK1.tag.local      2/2/2013 3:55:24 PM      DHCP      c44619a751ad            Full Access      N/A      None
192.168.16.27      Admins-iPad.tag.local      2/2/2013 1:56:14 PM      DHCP      f41ba17eed15            Full Access      N/A      None
192.168.16.28      LT05.tag.local      2/5/2013 12:57:38 PM      DHCP      00266ca98e82            Full Access      N/A      None
192.168.16.29      FLETCHER-LAPTOP.tag.local      2/1/2013 10:49:33 AM      DHCP      ea9d878f3925            Full Access      N/A      None
192.168.16.30      SamsungGraphics      Reservation (inactive)      None      00159983d54b            Full Access      N/A      None
192.168.16.31            2/1/2013 4:02:05 PM      DHCP      5855ca76e714            Full Access      N/A      None
192.168.16.32      iPhone.tag.local      2/2/2013 3:51:02 PM      DHCP      40b3951c948a            Full Access      N/A      None
192.168.16.33      LT08.tag.local      2/4/2013 11:12:32 AM      DHCP      4cedde116c5d            Full Access      N/A      None
192.168.16.34      graphics-pc.      2/2/2013 9:28:36 AM      DHCP      001d6049ab25            Full Access      N/A      None
192.168.16.35            2/6/2013 4:55:38 PM      DHCP      e0f84776dfc6            Full Access      N/A      None
192.168.16.39      LT06.tag.local      2/3/2013 3:12:47 AM      DHCP      00266c8a2011            Full Access      N/A      None
192.168.16.40      SamsungSales      Reservation (inactive)      None      00159983d543            Full Access      N/A      None
192.168.16.43      LT02.tag.local      2/2/2013 7:38:08 AM      DHCP      00266ca992d8            Full Access      N/A      None
192.168.16.59            2/2/2013 5:01:54 PM      DHCP      74e2f54a4386            Full Access      N/A      None
192.168.16.60      SamsungDespatch      Reservation (inactive)      None      0015999e2709            Full Access      N/A      None
192.168.16.68      Life.tag.local      1/30/2013 12:11:26 PM      DHCP      04f7e44fd06f            Full Access      N/A      None
192.168.16.69      WNDR4500.tag.local      2/2/2013 7:35:11 AM      DHCP      74440150665e            Full Access      N/A      None
192.168.16.71      WNDR4500.tag.local      Reservation (active)      DHCP      2cb05d30bf6c            Full Access      N/A      None
192.168.16.72      LT02.tag.local      2/6/2013 4:58:36 PM      DHCP      4ceddef6450f            Full Access      N/A      None
192.168.16.73      iPhone.tag.local      2/2/2013 7:46:14 AM      DHCP      34c059924bbc            Full Access      N/A      None
192.168.16.75      SALESDESK1.tag.local      2/2/2013 9:22:19 AM      DHCP      206a8a102a92            Full Access      N/A      None
192.168.16.145      iPod-touch.tag.local      2/2/2013 5:45:57 PM      DHCP      70568125b0f5            Full Access      N/A      None
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

 
ronnie10165Author Commented:
Seems that from the server I can ping static IPs - printers etc but not dynamic IPs

Is there anyone out there?
0
 
Alan HardistyCo-OwnerCommented:
You don't want to disable IP v6 period.

What are the all the IP Settings for the server NIC?

How many NIC's installed / active on the SBS 2011 server?
0
 
BlueComputeCommented:
Does this "duplicate SBS 2011 server DHCP" refer to an error you're seeing in the event log? It sounds like you might have DHCP enabled both on the router and on the server - if so disabling it on the router's the correct answer.
0
 
BlueComputeCommented:
There entries:
192.168.16.14      TAGSERVER.tag.local      2/6/2013 4:52:05 PM      DHCP      RAS            Full Access      N/A      None
192.168.16.15      TAGSERVER.tag.local      2/6/2013 4:55:45 PM      DHCP      RAS            Full Access      N/A      None
192.168.16.16      TAGSERVER.tag.local      2/6/2013 4:55:45 PM      DHCP      RAS            Full Access      N/A      None
192.168.16.17      TAGSERVER.tag.local      2/6/2013 4:55:45 PM      DHCP      RAS            Full Access      N/A      None
192.168.16.18      TAGSERVER.tag.local      2/6/2013 4:55:45 PM      DHCP      RAS            Full Access      N/A      None
Are just the IP addresses the RRAS service has reserved to give to VPN clients.
0
 
WORKS2011Austin Tech CompanyCommented:
what DHCP errors are reporting?

do you have the scope options setup in DHCP?
0
 
Netman66Commented:
As BlueCompute has stated, those DHCP reservations are for RRAS and your VPN (remote access) pool.

Make sure you have enough IP addresses in your scope to cover all your internal clients and at least 20 more.  RRAS reserves blocks of 10 addresses at a time and if you are running (or have ran) out of leases then people don't renew their current IPs.

You can also check Event Logs on the client and server to see what is logged and try to get an idea for us.
0
 
ronnie10165Author Commented:
I checked all workstations and somehow, during the updates maybe, all DNS and DHCP IPs were changed to the IP of the gateway. Flushed the DNS. Nothing happened. Reboot machine and , hey presto, back to normal.
0
 
Netman66Commented:
That tells me that your router has DHCP enabled.  You need to disable that so that the clients only get addresses from the SBS server.
0
 
ronnie10165Author Commented:
No I checked, it's disabled on the router
0
 
WORKS2011Austin Tech CompanyCommented:
the scope options if setup wrong can point to the wrong DG.
0
 
ronnie10165Author Commented:
Exactly the same time today, everything drops out again. I looked at DHCP and there are lots of duplicate IPs - see attachment. I checked modem again and DHCP is not enabled.
Thanks
bad-address.jpg
0
 
BlueComputeConnect With a Mentor Commented:
Apologies for the rather generic advice, but I would recommend running the Fix My Network wizard and also the SBS 2011 Best Practices Analyzer (available here: http://support.microsoft.com/kb/2673284).  Any errors there would be a good place to start.
0
 
WORKS2011Austin Tech CompanyCommented:
what type of router, check how the interface is configured and look for the entry "ip address dhcp (in bold below). There is plenty on the internet how this type of config can cause the DHCP server to create bad ip addresses.

interface GigabitEthernet0/1
description
ip address dhcp
ip inspect SDM_LOW out
ip virtual-reassembly
ip tcp adjust-mss 1452
no ip mroute-cache
duplex auto
speed auto
0
 
ronnie10165Author Commented:
Hi

I bought a new router and got internet working inside the building, turned off dynamic dhcp and tested the network. Bombarded with duplicate IP messages. I can see machines being given an IP outside of the scope of the server.

Virus?
0
 
Netman66Commented:
You have a rouge dhcp server on your network - either a router or wireless router.

I suggest you start a physical survey to see what the deal is.
0
 
BlueComputeConnect With a Mentor Commented:
If you run ipconfig /all on the client machines then you will see where they are getting their DHCP addresses from.
0
 
ronnie10165Author Commented:
Thanks Netman66 and BlueCompute, I will turn everything off then bring clients on one at a time. Very good !

Two other strange issues is that with just the server and the router turned on, I cannot ping the router from the server? Also if I ping from the server (192.168.16.2) it returns results as 127.0.0.1 which is IIS right?

Thanks for your continuing help.
0
 
Netman66Commented:
Make sure (if the server has more than one NIC connected) - that the primary one is at the top of the binding order and that you have configured them correctly.  Multi-homing a DC is not impossible, but it needs to be done properly.

You also want to make sure that only your DNS server is listed on any NIC inside your network.  You configure Forwarders within your own DNS server to send queries to your ISP or another internet DNS server for anything it isn't Authoritative for.  If you have the root zone (.) in your DNS then it defaults to using the Root Hints servers - which is prone to problems.  You can safely delete this (.) zone and setup your Forwarders to get internet resolution.
0
 
ronnie10165Author Commented:
Hi

Thanks to everyone. I fixed it eventually.

I had 2 wireless routers that got fried in our storms and reset to factory settings, giving out IP addresses. The server stopped giving out IPs because it saw IPs being allocated elsewhere.
Apparantly this crazy logic is default in SBS 2011.
So I turned off the wireless routers and the network came back. It was a good feeling!

Anyway so that was it.

Cheers
Ian
0
 
ronnie10165Author Commented:
The key issue was knowing that SBS would stop giving out IPs
0
 
BlueComputeCommented:
That'll always happen Ronnie - 2 DHCP servers on the same network causes ambiguity at best, as when PCs connect there's no way of determining which DHCP server they'll get their lease from. SBS (and Windows in general) is smart enough to detect other DHCP servers on the network and disables it's own DHCP server to prevent issues - the routers aren't smart enough to do it themselves, and Windows can only disable it's own, rather than the remote one. Just thought I'd explain why Windows uses the logic that it does, glad you got this working :)
0
 
ronnie10165Author Commented:
Thanks Bluecompute,  I appreciate what you say.

Given that you can change router setting from SBS control panel, you'd think it would be able to tell you that your router's giving out IPs !!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.