More DHCP woes

3 11 2011

DHCP is the simplest of technologies, but my most recent issue with it showed up what’s either an out and out bug or just some strange nuance.

Server was running 2003, with DNS, AD and DHCP roles. It had 3 scopes, one for our staff network, one for phones and one for our office tenants – the scopes correlated with the three VLANs on the network.

During our domain migration earlier this year, I deactivated the staff scope (the server was on our old domain), and activated it on a newly built server running just the DHCP role. I’d also created the other scopes on the new server, but this took extra configuration, and as the hosts on the other two scopes weren’t domain hosts, I left them using the old DHCP server.

We had been using the scope for quite a while but an issue came to light whereby an extraneous DNS server (previously, but no longer valid) was being assigned to hosts upon boot. Do an ipconfig /release then ipconfig /renew, though, and you’d only get the correct DNS server assigned. The whole time, the DHCP server reported by the clients was the new one. I went over the config of the new DHCP server with a fine toothed comb (well, as much as you can – like I said, DHCP is incredibly simple, and there’s not too much to configure for a basic setup), and there was definitely no trace of the extraneous IP address.

As this was all happening in a branch office, I had built a virtual Windows 7 machine there for troubleshooting remotely.. this was where I was testing and seeing this issue occurring. I even went to the lengths of removing the network card and re-adding, just in case it was myseteriously “remembering” the previous config. No joy.

I whipped out Wireshark and captured all packets during the release / renew and could see the fact that only the correct DNS was being served up by the new DHCP server.

I also installed Wireshark on the new DHCP server, and carried out a capture for the entire boot process of the host machine. Filtering results by “bootp”, rather than a specific host, I then saw a packet from the IP address of the old DHCP server.. checking the packet confirmed that it was dishing out the two DNS servers, including the extra one.

I removed the extra DNS server IP address from the scope on the old server, which I’d checked and double checked was disabled, and bish bash bosh, the extra IP was no longer dished out.

So somehow, although the clients were reporting the correct DHCP server was being allocating IP data, rather than the old one, and the scope was disabled on the old server, it was still dishing out the extra DNS server.

I’ve now moved the phone VLAN over to the new DHCP server, but have to add a new network card to the DNS server (also an AD server) before I can turn the old server off completely. Really strange stuff.

Anyone else had any instances of this or similar?



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: