Solved

"Conflicting" IP addresses on a server after a reboot; DNS shows no conflicts

Posted on 2013-02-07
5
1,190 Views
Last Modified: 2013-04-29
Hey, Experts!

We have a server running Windows 2008 SP2 that is our front-end to our SharePoint site. No changes have been made to it in nearly a year.

For the past several months, the system will reboot cleanly and be available through the terminal, but after rebooting no one can access the server at the primary IP (10.0.0.24), though the secondary (.23) was accessible.  I changed the primary NIC to .22 for testing purposes, and it came up right away.  When I attempted to re-assign .24 as primary, it failed due to a duplicate IP address being detected.  I'm unable to ping or find any other trace of another device on .24, but the SharePoint server is insisting that there's a conflict when I try to re-assign that address.  

That being as it is, I changed the primary IP of SharePoint to 10.0.0.22 - changes have been made in DNS, and we updated the firewall rules for this change as well. Everything works fine until...

The server is restarted a month later and the same process is followed; except that the server complains that .22 is in use -- so we have to choose another IP... ad nauseum.

Any ideas?
Thanks!
0
Comment
Question by:workforceinsight
5 Comments
 
LVL 7

Expert Comment

by:TheBDP
ID: 38865396
You need to check DHCP, you dont have a reservation in place for that server, so it's getting handed out.
0
 

Author Comment

by:workforceinsight
ID: 38865402
Good thought -- I should have mentioned that in my initial post.  DHCP is set to hand out leases only within the 10.0.0.200-239 range; so that's not a factor here.
0
 
LVL 12

Expert Comment

by:TomRScott
ID: 38865490
In your ping failures for the duplicate, I assume you are performing the ping from another host, correct?

Given the above assumption, I'm curious if the server in question, once the IP is changed to something else, can ping the phantom host?

If so, I would grab the MAC of the phantom host (arp -a) and see if that matches anything. I would check MAC addresses, physical and virtual, of the server itself first to look for a match.

I ran into this once before, though not with Sharepoint. Sorry, I don't recall the issue (several years ago) but if this may yield some information getting you closer to the culprit.  

 - Tom
0
 
LVL 11

Expert Comment

by:hecgomrec
ID: 38868770
I'm not sure if this could help as I don't understand why one will shutdown a server every month.

Shutdown everything, restart your first your DC, then DHCP server, then DNS server(s) and then your SharePoint site.

Note: You reduce server performace and fault tolerance if you reboot them often.
0
 
LVL 2

Accepted Solution

by:
lowridergvg earned 500 total points
ID: 38870531
Isolate the machine.  Patch the primary network interface to an isolated switch or old hub for testing.  No other devices on the switch or hub.  

If you still get the duplicate ip issue, the problem is the server in question.  Not the network.  You are using static IP's for the server.  If it is the ONLY device on the network (Isolated) and indicates duplicates .....

If it is a network duplicate, use an old hub or if you have managed switches, use the features of the switch to run wireshark on the port the problem server is connected to.

A layer2 trace will give you all you need to find the offending machine.

BTW  If this is the case, you may have a security issue.  Imposter server collecting User credentials.   Most likely not, but had to mention it.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now