DHCP question (urgent) 3

[shannanl]

I have two Win 2k servers and a NT server. One of the 2k servers is the domain controller. We have DHCP disabled on all servers. We load static i.p.s into the clients. I have a new laptop that I never loaded an i.p. into and something is assigning me an i.p. (private within our lan). I run ipconfig and it lists an i.p. even though I never loaded one in, its still left as assign automatically. I tried it with another laptop and it also gets assigned an i.p. (different #). How can this be?

Thanks,

Shannan

 

[Davetoo]

What is the IP that is getting assigned? Does it match the scope that you use? or is it a public IP (192.168.x)?

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.

 

[shannanl]

It is within our range that we use behind the firewall. 192.168.0.XXX

 

[Davetoo]

What's going on is since the NIC can't find a DHCP host and it's set to auto find one, it's assigning it's own IP from the public set of 192.168.x that you happen to be using statically.

Nothing abnormal occuring, no rogue DHCP server or anything like that, just an unlucky occurence that you're using the same IP range that a system will try to default to.

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.

 

[shannanl]

I did not know a nic would do that automatically. Will it ever try to assign an i.p. that is already used?

Thanks,

Shannan

 

[Davetoo]

Yep, that's why you should use a DHCP server. Any reason why you aren't doing that? Statically assigning user IP's is a pain.

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.

 

[minxca]

Hi,

AFAIK, if you setup your NIC to get IP from DHCP and there is no DHCP you should get APIPA (169.254.x.x) except if someone configure to use another ip.
If you have windows XP, Go to IP properties, click alternate configuration tab (beside general tab), you won't see this tab if you give static IP. Check if there is 192.168.0.x.

 

[Davetoo]

Hmm...well then, perhaps you're router is running DHCP?

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.

 

[Davetoo]

winoto is correct, it dows pull a 169.254.x ip, so there is a DHCP server somewhere on your network assigning IP's.

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.

 

[shannanl]

In the laptop without a static i.p. I do have the Alternate Configuration tab and it is set to Automatic private IP address not User configured. They set up the static I.P. addresses before I got here but I was under the impression that static i.p.s were more secure than assigned ones. If the computer will assign an i.p. if you dont provide a static one then what is the point of using static ones?

Thanks,

Shannan

 

[Davetoo]

Why would a static ip be more secure than a dynamically assigned one? Use static ip's for your servers and printers, but run DHCP to handle your clients, that's what it's for.

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.

 

[shannanl]

I looked on the router and its set to disable DHCP. This is strange. The only other thing on our network is a UNIX server.

Shannan

 

[minxca]

you should use static IP for your servers and printers. Use
DHCP for your client, imagine if you have to change your DNS/gateway IP address and you have 200 PCs. I won't go to each workstation and change it manually except if they pay me per hour

 

[Davetoo]

Drop to a command prompt on one of the systems that is getting an IP without being assigned one by you and run an ipconfig/renew command. If it works, then you know you have a DHCP server somewhere on your network. Check all your servers.

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.

 

[shannanl]

We tried the release/nenew before and it gives me the same i.p. back that it had prior to release. Am I going into the correct place to disable DHCP? I am going under administrative tools/services on windows 2k server and on the NT server, start/settings/control panel/network. DHCP is not listed as a service that is installed.

Am I missing something?

Thanks for all your help.

Shannan

 

[shannanl]

In addition I ran net stop dhcpserver from a command prompt on each of the 3 windows machines. One said the service was stopped already, the other two said the service was not an installed service. Unix can't affect DHCP can it?

Shannan

 

[kmcferrin]

Do an IPCONFIG /ALL from the command prompt. Among the information returned is a line that says "DHCP Server." This will be the IP address of the server that is passing out IP addresses.

From there you can do a PING -a xxx.xxx.xxx.xxx (where ther x's are the IP address of the DHCP server) and try to resolve the name of the server that is assigning addresses. Sometimes you will not be able to resolve the name, which is usually because the system in question is a non-windows system or a router or some such.

At any rate, with the IP address of the rogue DHCP server you shouldn't have any problems tracking it down (sounds like you have a small network).

 

[kmcferrin]

A clarification...when you run the IPCONFIG /ALL you should be doing this from the laptop that is obtaining a DHCP address.

It's possible that the Unix system is configured to pass out IP addresses.

On the whole DHCP versus static addresses issue, DHCP does a great job of taking the work out of assigning addresses. But you also have a problem in that any system that physically plugs into your network can grab an IP address, even if the system shouldn't be there.

Some companies that I've worked for have been very meticulous about IP address management, assigning or reserving IP addresses for only machines on our network. This way vendors or other visitors couldn't just plug into our network and expose us to whatever sort of virii/worms are on their system (or use our network to surf the web for porn, launch DDOS addtacks, etc). Of course, if the person plugging in is remotely tech savvy then they'll probably be clever enough to manually assign an IP address to their system inside the scope that you are using, and thereby still cause problems for you. But since most visitors/vendors to my company tend to be about as technically sharp as a turnip, it seems to work OK.

 

[shannanl]

kmcferrin, that did it. We found the rougue dhcp server. It is an Apple <crapple> airport base station. A doctor (we are a hospital) wanted to use his Mac and we gave him a static i.p. but I guess he has figured out how to use DHCP. I can take care of that from the switch

Thanks for all your help today guys. I have learned a lot.

Shannan

 

[shannanl]

We only have about 60 computers so assigning i.p. statically is not a big deal. I can imagine that 10x that would get crazy. I believe when they set this up their intention was to stop anyone from just plugging into the network without an i.p.

Thanks,

Shannan