Troubleshooting a DHCP server failure



[ad_1]

Dynamic Host Configuration Protocol, or DHCP, eases the task of administering IP addresses for network endpoints by centralizing the configuration of address allocation.

Troubleshooting DHCP can be difficult and requires a basic knowledge of the protocol and how networks work. Below are some common DHCP issues and how to fix them.

DHCP server configurations

There are two basic types of DHCP server configurations:

  1. centralized DHCP servers based on servers in corporate networks; and
  2. DHCP servers running on local network devices.

1. Centralized DHCP server based on a server in a corporate network

When an endpoint needs an IP address, it broadcasts its DHCP packets. Network devices then relay these requests over the network to the company’s DHCP server.

Network devices must have the correct configurations to properly handle requests and responses. If something is misconfigured, terminals will not get a valid address.

2. DHCP server running on a local network device

The second type of DHCP configuration is what small remote branch offices or home networks use frequently. The DHCP server is running on a local network device, such as a wireless router, which connects the site to the Internet.

The advantage of this configuration is that the DHCP server is local to the site and can continue to operate even if connectivity to the corporate network fails. This allows users in those locations to access cloud-based SaaS applications. However, the proliferation of internet-connected devices – such as desktops, laptops, and digital assistants, as well as mobile, home automation, and IoT devices – could easily cause a local server to run out of addresses in its default configuration, which may fail. ‘have only 50 or 100 addresses available.

How do I diagnose and fix DHCP errors?

The first step in diagnosing DHCP is to examine your device’s IP address and network settings. You will need to verify that it is using DHCP and not a manually configured address.

If it is configured to use DHCP and has an IP address, note the address, subnet mask, default router, and DNS servers. The image below shows this information for a MacBook Pro.

DHCP was successful.

If a device fails to obtain an IP address using DHCP, it will use a automatic private IP address from the 169.254.xy address range, as shown in the image below.

Screenshot of DHCP configuration failure
DHCP failed and an automatic private IP address was selected.

The following reasons can cause DHCP errors and force a device to use a self-assigned IP address:

  • the DHCP server failed;
  • all available addresses have been assigned;
  • the network to the server failed;
  • a configuration change affected the relay of DHCP packets;
  • a configuration error occurred during a new installation; Where
  • MAC (media access control) address filtering is enabled and the new device is not included in the server configuration.

The most common reasons for this error include failure of the DHCP server, no available addresses, and network failure.

Error 1. No address assigned

The first DHCP error is the lack of an assigned IP address. The most common reasons for this error include failure of the DHCP server, no available addresses, and network failure. To start the diagnostic, check the following:

  • the DHCP server is functional;
  • the DHCP server did not run out of addresses; and
  • there is no network failure.

If devices in the affected subnet can obtain or renew their addresses, the server and the network are functioning properly. Verify that the DHCP server address pool still has addresses available.

You should also check for a network problem in the part of the network where the failed device is connected. This could be an incorrect switch port configuration, or it could be that your device’s switch has disconnected from the rest of the subnet. If your device is portable, move it to a good network connection and try to get a DHCP address. Failure at this point indicates that something is incorrect in the configuration of the device itself, not in the network or with the DHCP server.

For a new installation where no device is functioning properly, you should check for network configuration errors that are preventing DHCP relay from functioning properly. Also check MAC address filtering, which is not often used, but should be checked.

The most difficult step will probably be checking network connectivity, simply because a variety of causes can cause an outage. You can start the diagnostic process by assigning a manual address to a device. Use this address to verify basic network connectivity to the DHCP server with ping and traceroute. If this works, then you will need to verify that the network device configurations are set to relay DHCP packets and that no blocking firewall rules exist. Look for simple things like typographical errors in addresses.

Be aware that some malware can create a denial of service attack by making DHCP requests until all addresses have been consumed. Each request uses a different MAC address, so you can examine the switch forwarding table to find the port where many MAC addresses were detected. This allows you to identify the infected device.

Error 2. The address is assigned but no connectivity

The next DHCP error occurs when an address is assigned but the device cannot communicate with other devices. In this case, the following reasons can cause a DHCP error:

  • IP address conflict, when another device uses the same address;
  • an unauthorized DHCP server distributes the same addresses; Where
  • a malicious DHCP server distributes addresses outside the address range.

For conflicting IP addresses, you will need to search for both devices by finding the MAC address of both devices. You will then need to find the switch port that each device is connected to. A good network management system can help you in this process. One of the devices can have a manually assigned address from the DHCP address range. It is good practice to reserve separate address ranges for devices with fixed addresses.

In another case, an unauthorized DHCP server may distribute addresses from the same address range or from a different address range. You may need to investigate the network with packet capture tools to identify the location of malicious servers.

The key symptom of an unauthorized DHCP server is that endpoints always obtain their addresses through DHCP. The addresses can be in the same range, or the malicious server can use a different range than the one assigned to the subnet. In either case, you will need to find the malicious server and remove it from the network or disable DHCP on it.

Some network equipment vendors have a function to detect unauthorized DHCP servers, frequently called DHCP snooping. You may be able to use it to identify and suppress the action of unwanted DHCP servers.

Error 3. The address is valid but some DHCP options are missing

The next DHCP error is where an address is valid but the DHCP options are not correctly configured. DHCP options pass additional information to the endpoint to identify a default gateway (option 3), perform DNS queries (option 6), or identify a trivial FTP server from which to download a device configuration (option 66).

The exact troubleshooting steps vary depending on the type of endpoint device and its function. For example, VoIP phones need more than one DHCP option defined. You will need to refer to the vendor’s documentation for configuration advice.

DHCP Troubleshooting Guide

Here’s a quick DHCP troubleshooting guide that covers common errors and their causes.

DHCP Troubleshooting Guide
Use this table to diagnose and correct DHCP errors.

Conclusion

DHCP troubleshooting is difficult because it involves several components: the endpoint device, its network connection, network devices – such as routers, switches, access points, and firewalls – and the DHCP server itself. same.

As with any network troubleshooting, a methodical approach works best. Gather facts and run tests that verify whether a component is working or not. In rare cases, you might need to use packet captures to verify that DHCP exchanges are taking place or to identify unauthorized DHCP servers.

[ad_2]

Previous Gardaí gives HSE hackers a hard blow
Next Configuring and troubleshooting multiple thin client monitors