Could some one PLEASE help me! Statically assigning ip addresses is not an option at this time! I've never seen this before or know anyone who has! We have four schools networked together. Each building has a Zenith Cable Homeworks Universal Modem. We also have a Remodulator and Tranceiver at the cable plant. The cable modems come into the main school and we have a Sonicwall Pro 200 as our DHCP Server and firewall. The router is out side the sonicwall and connects to a T1 line. The router is plugged into the sonicwall, and the sonicwall is plugged into a 3Com switch, the other hubs are on the switch. We are 95+% Imac computers. There is one G4 Server at each school, running appleshare and mac manager.We have static ip addresses on all main equipment. Everything works fine on pcs using DHCP, and static. This problem is effecting the imacs. When I turn the computers on, 4-5 may get an ip address and the others don't. They default to 169.x.x.x and if mac manager is on, they hang before logon for 20 minutes.If mac manager is not on they start up but with out the ip addresses. It isn't the mac manager though, cause I formatted all servers this summer and ran the network with out them or mac manager and still had the same problem. Something is distruping the macs from renewing their ip addresses. If I force it by trashing the tcp/ip preferences, and restart a few times they do get one, but as soon as the lease time expires, its back to the same thing! I can't do this to every machine in four buildings! I've spent all summer trying to figure it out! I have checked apples web site, but nothing seems to apply. All computers have 9.0.4-9.2.2 OS, and all software has been updated, firmware, everything I can think of! I can have two imacs plugged into the same hub, one gets the address and the other does not! The next day they might both get one, or none of them will get one!Its not the same computers every time either. Is there anything on a Cisco 1700 or the SonicWall Pro that would cause this behavior? I have DHCP disabled on our NT server also. Thanks, Fredette
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
PLEASE help! Here is a challange! Cisco/Sonicwall/Zenith nightmare! 2
- Thread starter fredette
- Start date
I think that if the gentleman could verify that
the dst apple stations were receiving(or not)replies from
the fw/dhcp server then he could pursue the problem
without resorting to replacing an expensive appliance.
However, if all that is needed is a fix, then he stated
that he had once had an NT server running dhcp services
and it functioned. The problem with running a service
like dhcp on a "dedicated firewall" appliance is that
,as wybnormal stated, it is is not really designed for
it.
It would be like running dhcp service on a pix, why??
I would guess that the NT server was no longer desired in
this role??
I apologize for my sarcasm about "the tool.." thing.
Having worked as a consultant and LAN admin for k12
for 4+ years I'm speaking from personal experiences
that are not applicable here.
the dst apple stations were receiving(or not)replies from
the fw/dhcp server then he could pursue the problem
without resorting to replacing an expensive appliance.
However, if all that is needed is a fix, then he stated
that he had once had an NT server running dhcp services
and it functioned. The problem with running a service
like dhcp on a "dedicated firewall" appliance is that
,as wybnormal stated, it is is not really designed for
it.
It would be like running dhcp service on a pix, why??
I would guess that the NT server was no longer desired in
this role??
I apologize for my sarcasm about "the tool.." thing.
Having worked as a consultant and LAN admin for k12
for 4+ years I'm speaking from personal experiences
that are not applicable here.
- Thread starter
- #22
Ok, thank you all! And by the way the gentleman is a lady! I have been doing this particular job for about 5-6 years or so now. Give or take a year! Tomarrow I have someone coming from a college to help take a look. Thank you for all of your sugestions, and I'll keep you posted to what the problem was. fredette
- Thread starter
- #23
It appears that the Macs are sending and resending a request for an ip address. That much we did find. The MAcs have 2.7 for open transport. I noticed the Max os X has 2.7.9. We only have 3 Mac Os X computers and they don't appear to have this problem. Maybe it's an issue with 2.7? Anyways, we tested and retested and they all started working again, so its impossible to test. I will check tomarrow to see if they are still working. fredette
Fredette- when the Macs send the request, do they get a response?
It should go something like
Mac - broadcasts for DHCP server
Sonicwall - replies back with DHCP offer
Mac - DHCP request
Sonicwall -DHCP Ack
If there is too much time between any of these steps, the process will fail and the MAc will try again..again..again..
For those that care, interesting reading on DHCP found here:
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
It should go something like
Mac - broadcasts for DHCP server
Sonicwall - replies back with DHCP offer
Mac - DHCP request
Sonicwall -DHCP Ack
If there is too much time between any of these steps, the process will fail and the MAc will try again..again..again..
For those that care, interesting reading on DHCP found here:
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
For those using the isc dhclient for linux
we get a tutorial every time we look at the logs
Fredette,
Based on your observations and the fact that the apple machines are able to obtain
a lease ;that the MacOS X machines always
obtain a lease, you can pretty much safely
discount the sonicwall as the problem IMO
and go ahead with tshooting the problem client side.
Good Luck.
we get a tutorial every time we look at the logs
Fredette,
Based on your observations and the fact that the apple machines are able to obtain
a lease ;that the MacOS X machines always
obtain a lease, you can pretty much safely
discount the sonicwall as the problem IMO
and go ahead with tshooting the problem client side.
Good Luck.
Marsd- I would almost agree except for the fact that I have two clients with Mac Imacs on older code which works fine with Wintel DHCP servers. When a device works with a new OS load but breaks on an earlier code that everyone else seems to work with in my mind is defective. Strictly my personal opinion of course ;-) I added the cavet at the very beginning that I did not care for Sonicwalls after the last 5 I worked with so take what I say with the proverbial grain of salt.
I for one am VERY interested in the final outcome of this one.
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
I for one am VERY interested in the final outcome of this one.
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
- Thread starter
- #28
What a pain this is! I left with them all working yesterday. Everyone of them worked! Today, none of them worked. (Imacs, ofcourse) I was wrong, the 9.2.2 macs have open transport 2.7.9, just like the Mac Os X. I turned them all on, they hang right before logon. After 20 minutes the go to the logon screen. They have the default 169.x.x.x #'s. I log into two computers say # 21 and # 24. (I just picked two machines at random on the same hub, leaving two in between.)I shut down almost every extension that I could and restarted. They optained there IP address. Now I rebooted everything, then #21, #22, #23 and #24 worked but nothing else. I made absolutely no changes to #22 + #23, but they just decided to work and got their ip address. Half the room started getting thier addresses, while the other half just hangs. Now I know if I robooted another 15 times or so, they would eventually get their address. But that took an hour to get half. So I left! I will list the only changes that were made last year. Keeping in mind this system use to work! #1) We had failure of our Zenith Tranciever, that was replaced. We had buildings dropping off the network because of the frequency in the cable lines. That was measured and padded for best performance. We have never had such good reply times as we do now. Our NT servers video card blew out and that was replaced. We changed internet providers and we are using a new router. (This router was used before at the same location.) Our network was getting periodic disconnects from the G4 server when using mac manager. It was losing its ip address. I think this was about the time the imacs started to hang also. I thought it was a result of the Nt 4.0 being old, and after it blowing the video card I decided to shut the DHCP server off (And it is off) and install the sonic wall. We don't get the disconnections like we did, but we still get the computers hanging and not getting an address. No packets appear to be getting lost from any of the equipment, and it all apears to be up and running fine through intermapper.I don't know if I need an engineer to come out here (again) or what! Could a miss signal in the frequency cause this? fredette
Guest_imported
New member
- Jan 1, 1970
- 0
- 0
- 0
Ok maybe this is a dumb question.
If the computers(imacs) are turned on at the same time
then they wuold all ask for IPs
with just a few ok fine but if all your computers are asking at the sametime then wouln't you have a "storm" at the (for lack of a better term and from what i read) crapy little firewall
and if the sonic wall is not top notc wouln't something like this be and easy problem for it
Sorry if I wased your time i'm lerning
If the computers(imacs) are turned on at the same time
then they wuold all ask for IPs
with just a few ok fine but if all your computers are asking at the sametime then wouln't you have a "storm" at the (for lack of a better term and from what i read) crapy little firewall
and if the sonic wall is not top notc wouln't something like this be and easy problem for it
Sorry if I wased your time i'm lerning
- Thread starter
- #30
I would hardly call sonicwall a low-end product! Our primary reason for buying this was the DHCP server option and content filtering (which we already had anyways)The thought behine this was to combine services into one functional unit. At $2,500.00, it should be able to handle what I need it to. I could have bought software for 50.00 that would have acted better than this! I'm already out the 2,500, I need this to work. Also, it doesn't matter if you turn on one machine, two or 30. It acts the same.fredette
It's definitely time to get a packet sniffer and record the traffic that
some of these end-stations are seeing.
Even if you can't take a look at the whole network for one reason or another, you can
still verify the difference between those stations that obtain an address and those that do not.
Also, the stations that are eventually
getting a lease: is the access different than those that do obtain an address(another switch, hub, etc..)?
some of these end-stations are seeing.
Even if you can't take a look at the whole network for one reason or another, you can
still verify the difference between those stations that obtain an address and those that do not.
Also, the stations that are eventually
getting a lease: is the access different than those that do obtain an address(another switch, hub, etc..)?
I just read an interesting *small print* in one of my catalogs.. THis is for a brand of switch called *Planet Networking* (Milestek)
For both the cheap hubs and 10/100 switches
"not compatible with all Mac devices"
This really means that on the cheap hardware from these people, they did not implement the true IEEE ethernet standard for some reason (cost?) but it pays to read the fine print. I remember this sort of crap from years ago but I had not seen a caveat like this in many years. Even my dinky Bayhub (15$ US) I use for my sniffer supports all the macs I've put on it.
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
For both the cheap hubs and 10/100 switches
"not compatible with all Mac devices"
This really means that on the cheap hardware from these people, they did not implement the true IEEE ethernet standard for some reason (cost?) but it pays to read the fine print. I remember this sort of crap from years ago but I had not seen a caveat like this in many years. Even my dinky Bayhub (15$ US) I use for my sniffer supports all the macs I've put on it.
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
- Thread starter
- #33
Okay, here is an update! When into day, shut the DHCP service OFF on the sonicwall, turned it back on for the NT Server, and its all working. I'll have to watch it, I think we were getting disconnections when we used the nt before. Who knows! I am going in tomarrow and check it again. The real test will be on Monday! It never works on Monday! There must be some thing between our equipment, the imac, and the sonicwall that causes this. Thanks, I'll keep you posted. fredette
Fredette- We will all keep our collective fingers crossed for good luck on monday
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
Fredette, I have seen a similar problem with mac's and DHCP, although I was using an Arescom EZrider router not a Sonicwall as the DHCP server. When you expierence the problem take a look at the DHCP allocation table in the sonicwall, are there any addresses left to give out?
I found that one of the macs had been allocated all free ip addresses from the pool. Unfortunately I didn't have the luxury to investigate why as it was a high visibility network that had to stay up. I temporarily used a static ip on the rouge mac and rebooted the router to get things back on the air. Swapping out the rouge mac (a wallstreet powerbook) for a new one and the Arescom router for a Linksys caused the problem to vanish.
-robert
I found that one of the macs had been allocated all free ip addresses from the pool. Unfortunately I didn't have the luxury to investigate why as it was a high visibility network that had to stay up. I temporarily used a static ip on the rouge mac and rebooted the router to get things back on the air. Swapping out the rouge mac (a wallstreet powerbook) for a new one and the Arescom router for a Linksys caused the problem to vanish.
-robert
- Thread starter
- #36
ok, one more try! I wrote this long thing for you all, and entered the wrong password, so it took it away from me! Now I have to do it all over again! GGRRR! I did look at the table, it only had a handful of addresses given out. (school is closed and machines are off.) So that was ok. I went in today, and so far so good. On thing I noticed yesterday, we had a very hard time setting up the DHCP server back on the NT! After we shut it off, on the sonicwall, we went into the services box on the NT server to enable it again. It wasn't there! The only way we could get it to work was to reinstall it. It was disabled. I know that for a fact, cause I did it. Could it have gotten corrupted? I wasn't getting any errors coming from the NT server. When you disable it, it just says disabled, right, it doesn't remove it from the services does it? Corruption that only effected the imacs? I almost want to disable it and then enable the sonicwall to see if it works correctly now. NOT! If it ain't broken, don't fix it! If it all stays up, maybe I'll check that next summer! I have tons of catch up to do now! Monday will be the real test! It never works on Monday! I would have thought I would have had more problems and not just the macs, if that was the cause. What are your thoughts? I hope we don't experience anymore disconnections like we did before. That might not show up until the kids are back on it all day. Maybe it was already corrupted before it was shut off, and that cause the disconnections? Wow, what a mess! Well it hasn't been a total loss this summer. Everything on the network has been tested, retested and hopefully will work better than ever! Last summer they had someone come in, (why they can't remember of course) but they did some work on the NT server. I was out, and when I returned our Nt server no longer showed up in the chooser on the macs, and the server no longer could print across the network. It took me FOREVER and a day to realize that they checked a box, that shouldn't have been checked! It was about appletalk routing or something. I wonder if that could have corrupted the DHCP for the macs? Well let me know your thoughts on this! They promised me NO ONE will come in and do any work if I'm not there! (dad died, couldn't be there) This has been some summer! Four buildings is a lot to take care of! If it all works, next year should be a dream! fredette
Wizardof999
IS-IT--Management
Good luck man I keep you in my prays
- Status
