Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

some DHCP problems

Status
Not open for further replies.
jasboy

jasboy

IS-IT--Management
Jan 9, 2003
28
US
I have a very similar problem to that of attrofy and I didn't want to post in his thread.

We recently installed a new win2k server with Active Directory, DNS and DHCP all enabled and configured. We have about 90 users and all seems to be working well (internet, roaming profiles, etc...) except on our sonicwall log every 7 mnutes our server (with static ip) is sending out DHCP broadcast (Destination:255.255.255.255, 67) DHCP INFORM on port 67 and DHCP ACK on port 68.

We have 2 NICs but the second is diasabled. The DHCP server has been authorized in active directory, and our DHCP ip address range is x.x.x.20 thru x.x.x.120 and our server is x.x.x.5.

DHCP realy agent is not installed since we only have one subnet (I double checked to make sure it wasn't installed).

I've also sniffed the broadcast but dont see any glaring problems in the packets. Any ideas?

Thanks
 
Sort by date Sort by votes
The traffic is harmless.

It might be possible to reduce it by configuring the clients:

1. Extend their lease
2. Make certain their DNS entries point to the local DNS server and nowhere else.

In my experience the traffic is likely from printers, or other always one devices with full IP addressing.

Harmless, but check the configuration of the devices as mentioned above to see if you can reduce the traffic.

Best.

 
Upvote 0 Downvote
Well, I didn't really state that it's our new server broadcasting these packets. I realize they are harmless but it is annoying having 3 pages of our sonicwall log to go thru every day. I was just trying to figure out why this was happening.

Thanks
 
Upvote 0 Downvote
The server is trying to renew with your ISP.
Again, extend the lease time.
 
Upvote 0 Downvote
I'm sorry bcastner, I'm not quite understanding. If my server (has dhcp enabled and has a static ip) is sending out dhcp inform and ack every 7 minutes, why would extending the lease going to help? The lease is set at 8 days.

Thanks for your help.
 
Upvote 0 Downvote
I thought you stated your new server was sending the DHCP requests. I am confused how you could enable DHCP on a static IP. "If my server (has dhcp enabled and has a static ip) is sending out dhcp inform and ack every 7 minutes,"

In any case, you might check:

. That if RAS is enabled, it is given a static IP. If it is not given a static IP, it will make a DHCP request as often as every two minutes:
. That you hae specified a Time Server, if used. Otherwise the time service will make a DHCP request as often as every 5 minutes.
 
Upvote 0 Downvote
Our server (x.x.x.5) has a static ip because it serves as a dhcp server a dns server and a wins server for about 90 computers. After setting up our dhcp server (x.x.x.5) I'm flooded with 3 pages a day from our sonicwall with this:

07/06/2003 08:33:17.240 - Denied UDP packet from LAN - Source:x.x.x.5, 68, LAN - Destination:255.255.255.255, 67, LAN

this happens every 7 minutes. 24/7. I sniffed the packets and found that one is a dhcp inform and the other is a dhcp ack, both packets are from our server. I'm just trying to figure out why our server is doing this? Is it looking for a backup dhcp server? DHCP client is not enabled on this server.

Thanks for your help

Jasboy
 
Upvote 0 Downvote
Just wondering.... how long is the address lease on your DHCP server? It wouldn't happen to be seven minutes, would it? I ask because someone tried to put seven days as our lease time, but somehow set seven minutes. Thus, lots of broadcasting. Just a thought.
 
Upvote 0 Downvote
Well, the lease is set for 8 days, and I'm noticing now that it's not always 7 minutes. Sometimes it's 8min, 4min, 1min, 7min. Vary odd.

Thanks for thought

jasboy
 
Upvote 0 Downvote
I am almost certain what you are seeing is your DHCP server looking for rogue DHCP servers on your network. It is my understanding that this is new in Windows 2000 (not in NT4) that if another DHCP server shows up on your network and it is not authorized in Active Directory - it is suposed to kill its self off..

I am not sure if this can be stopped but I am going to look because I am curious.

Best regards,

Paul
 
Upvote 0 Downvote
I was just reading about that in Mark Minasi's 2k server book. If that is the case, it's fine with me but I need to figure out how to stop our sonicwall from logging those. No, fun trying to go thru 3 or 4 pages of logs.

Thanks

jasboy
 
Upvote 0 Downvote
In the Sonicwall, allow all traffic, TCP and UDP on your local LAN as a secure zone.

This is a self-inflicted wound. You are denying local broadcast traffic, and it is getting recorded.

Permit your local traffic.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Kevinillingw
  • Locked
  • Question
DHCP Router or Server
Replies
0
Views
87
Kevinillingw
Kevinillingw
matab
  • Locked
  • Question
dhcp in win7 x64
Replies
0
Views
56
matab
matab
stduc
  • Locked
  • Question
Can't find DHCP server
Replies
3
Views
102
stduc
stduc
jsteph
  • Locked
  • Question
My MAC address shows up twice in DHCP list--why?
Replies
9
Views
131
jsteph
jsteph
MarcLodge
  • Locked
  • Question
DHCP problem - ip address 169.254.xx.xx being assigned
Replies
3
Views
176
gr8tWeslEy
gr8tWeslEy

Part and Inventory Search

Sponsor

Back
Top