Solved

"Conflicting" IP addresses on a server after a reboot; DNS shows no conflicts

Posted on 2013-02-07
5
1,184 Views
Last Modified: 2013-04-29
Hey, Experts!

We have a server running Windows 2008 SP2 that is our front-end to our SharePoint site. No changes have been made to it in nearly a year.

For the past several months, the system will reboot cleanly and be available through the terminal, but after rebooting no one can access the server at the primary IP (10.0.0.24), though the secondary (.23) was accessible.  I changed the primary NIC to .22 for testing purposes, and it came up right away.  When I attempted to re-assign .24 as primary, it failed due to a duplicate IP address being detected.  I'm unable to ping or find any other trace of another device on .24, but the SharePoint server is insisting that there's a conflict when I try to re-assign that address.  

That being as it is, I changed the primary IP of SharePoint to 10.0.0.22 - changes have been made in DNS, and we updated the firewall rules for this change as well. Everything works fine until...

The server is restarted a month later and the same process is followed; except that the server complains that .22 is in use -- so we have to choose another IP... ad nauseum.

Any ideas?
Thanks!
0
Comment
Question by:workforceinsight
5 Comments
 
LVL 7

Expert Comment

by:TheBDP
ID: 38865396
You need to check DHCP, you dont have a reservation in place for that server, so it's getting handed out.
0
 

Author Comment

by:workforceinsight
ID: 38865402
Good thought -- I should have mentioned that in my initial post.  DHCP is set to hand out leases only within the 10.0.0.200-239 range; so that's not a factor here.
0
 
LVL 12

Expert Comment

by:TomRScott
ID: 38865490
In your ping failures for the duplicate, I assume you are performing the ping from another host, correct?

Given the above assumption, I'm curious if the server in question, once the IP is changed to something else, can ping the phantom host?

If so, I would grab the MAC of the phantom host (arp -a) and see if that matches anything. I would check MAC addresses, physical and virtual, of the server itself first to look for a match.

I ran into this once before, though not with Sharepoint. Sorry, I don't recall the issue (several years ago) but if this may yield some information getting you closer to the culprit.  

 - Tom
0
 
LVL 11

Expert Comment

by:hecgomrec
ID: 38868770
I'm not sure if this could help as I don't understand why one will shutdown a server every month.

Shutdown everything, restart your first your DC, then DHCP server, then DNS server(s) and then your SharePoint site.

Note: You reduce server performace and fault tolerance if you reboot them often.
0
 
LVL 2

Accepted Solution

by:
lowridergvg earned 500 total points
ID: 38870531
Isolate the machine.  Patch the primary network interface to an isolated switch or old hub for testing.  No other devices on the switch or hub.  

If you still get the duplicate ip issue, the problem is the server in question.  Not the network.  You are using static IP's for the server.  If it is the ONLY device on the network (Isolated) and indicates duplicates .....

If it is a network duplicate, use an old hub or if you have managed switches, use the features of the switch to run wireshark on the port the problem server is connected to.

A layer2 trace will give you all you need to find the offending machine.

BTW  If this is the case, you may have a security issue.  Imposter server collecting User credentials.   Most likely not, but had to mention it.
0

Featured Post

Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now