Re: DHCP Strangest Problem I ever Seen in my life

From: Emiliano G. Estevez (eestevez_at_sistran.com.ar)
Date: 03/25/04 

Date: Thu, 25 Mar 2004 15:33:36 -0300

All my switches are Cisco Systems and one of them wich is the core is a
Catalyst 3550 all the ports in all the switches are set to full duplex and
100 MB port fast (wich means that doesn't check for spanning tree states)
spanning tree is setup only on the trunk ports. I debuged the switches and I
don't find anything unnusual, i used ethereal and etherpeek to snif the
network and the clients don't send a single packet to the dhcp, one of the
test I made is to isolate one of my DC in a hub and put two of the
workstation with the problem on it, and the problem persist. I really don't
know what else to do.

Best regards.

"Herb Martin" <news@LearnQuick.com> wrote in message
news:OLHdMXpEEHA.624@TK2MSFTNGP10.phx.gbl...
> > I have three domain controllers two are in a site and the other is in
> > another site, on the three domain controllers I have setup DHCP, wins
and
> > DNS, they all have the latest hot fixes, services packs, and the three
> DHCP
> > servers are authorized in AD, the problem I have is that suddenly the
> > computers in my network that have to renew his IP address don't get one,
> and
> > the worst thing is that when the computer is restarted with the patch
cord
> > plugged the system gets a lot of time to logon and once the system is on
> > line and we check for the IP address the IP address is 0.0.0.0 this is
> weird
> > because the system in the case that a DHCP server is not found and can
> > contact the default gateway will renew his IP address and if the default
> > gateway is no found the system will get an APIPA well that doesn't work,
> if
>
> Yes, that should happen -- unless the machines have disabled APIPA
> through the registry or a policy setting.
>
> General method when you have a problem "this weird" -- put a network
> monitor (NetMon, Ethereal, WinDump, Sniffer) on the line and watch
> the exchange.
>
> DHCP traffic is easy to filter and isolate.
>
> > we set the IP address of the workstation to a fixed IP address the
problem
> > is gone, but this is no viable because I have almost 300 workstations,
> other
> > weird thing is that if I unplugged the patch cord the computers boots up
> > normally, I logon to the workstation with cached credentials and then I
> > plugged the patch cord, go to the cmd and type ipconfig /renew and I get
> an
> > IP address.
>
> My guess would be that you have some sort of "hub/switch" hardware
> problem where the port is being shutdown, thus convincing the machines
> that they are not plugged into a cable (link detect enabled.)
>
> > I put a sniffer on my switchs and the network cards when they are set
for
> > DHCP when they are restarting doesn't send any dhcpinform packets in
fact
>
> That would probably be DHCPDiscover (inform is mostly used between
> DHCP servers for things like "authorization" info.)
>
> Expect this:
> DHCPDiscover (from client)
> DHCPOffer (from server)
> DHCPRequest (from client)
> DHCPAck or NACK (from client)
>
> > the doesn't send any packets at all, If I disable the dhcp service on my
> DC
> > and setup my catalyst 3550 as a dhcp server the problem is exactly the
> same
> > so I figured out that the dhcp service from MS is not involved but maybe
I
> > am missing something, I am very frustrated about this and there is a
week
> > now that I can't solve this problem, please I need a hand on this.
>
> You have pretty much isolated it to the CLIENTS or net hardware.
> Either the clients are not making the request, or it isn't getting
through.
>
> What happens if you monitor FROM the client (to see if they think they
> are sending requests.)?
>
> IF the clients are not sending, then the question arises as to whether
> the switch is confusing them or turning of their port so they think they
> are disconnected OR if they are just in error on their own.
>
> I would tend to suspect the former, since most people in the world
> are not having such problems with Windows clients.
>
> Are you familiar with "link detect" and how a switch might interact
> with that setting to confuse the client or to just block the request even
> if the client made it?
>
>
>
>
>
> --
> Herb Martin
> "Emiliano G. Estevez" <eestevez@sistran.com.ar> wrote in message
> news:e$L8G6oEEHA.1600@tk2msftngp13.phx.gbl...
> > Hi,
> >
> >
> >
> >
> >
> >
> > Best Regards.
> >
> >
>
>

Relevant Pages

  • Re: DHCP Strangest Problem I ever Seen in my life
    ... I debuged the switches and ... transmitting the DHCP discover etc? ... > 100 MB port fast ... DHCPDiscover (from client) ...
    (microsoft.public.win2000.networking)
  • RE: MAC Authentication device
    ... The best would be a switch which is looking onto DHCP packets on each port ... and therefore it should verify if the port is permitted to send any packet ... > managed switches can be used for this issue, but you have to keep in mind ...
    (Security-Basics)
  • Re: Q: Controlling access at the Ethernet level
    ... A> We have thought about using static MAC entries per port on managed ... A> switches installed at the client endpoints, ... We are also thinking about L2TP and PPPoE, ... So upgrading all switches in your LAN is required. ...
    (freebsd-isp)
  • Re: Routers, VPNs and DHCP for remotes
    ... > To make my Linksys router work with VPN, I must first assign a static IP ... > the client then forward the ports to that address. ... > to know specifically where to forward the port. ... > instructions on VPN's and DHCP. ...
    (microsoft.public.windows.server.sbs)
  • RE: Restricting DHCP addresses to known MACs via Win2K DHCP server
    ... Port security isn't just available on cisco...it's available on many ... For example on 3COM SuperStack switches you can set security ... Restricting DHCP addresses to known MAC's via Win2K DHCP ...
    (Security-Basics)