two hosts with the same IP

Cuttler, Brian R (HEALTH) brian.cuttler at health.ny.gov
Thu Jul 11 13:17:59 UTC 2024 

Sten,

Okay, pretty much what I’d thought, just never actually saw it before.

Reservations don’t protect the IP, the right answer here is to change to limits on the dynamic pool and make sure my reservations are outside of the pool
I’m actually wondering why I have a reservation for this at all, that would also have resolve the issue, and would have not caused the users an issue as that subnet creates DDNS entries for us.

An entry like this?
boot.log.2:May  5 08:42:28 cedar dhcpd[863]: Remove host declaration suraj or remove 10.50.148.212

I don’t routinely scan the dhcp logs, will maybe have to create a job to find such messages and notify me.

Our static entries by and large are non-global, they are within the stanza but that hasn’t been a problem, will look to make updates as time allows.

Joe, Nilesh, without CC’d the list, can you see any reason why we need a reserved IP for Suraj?

Thanks,
Brian


From: dhcp-users <dhcp-users-bounces at lists.isc.org> On Behalf Of Sten Carlsen
Sent: Thursday, July 11, 2024 6:12 AM
To: Users of ISC DHCP <dhcp-users at lists.isc.org>
Subject: Re: two hosts with the same IP


ATTENTION: This email came from an external source. Do not open attachments or click on links from unknown senders or unexpected emails.

I believe there should be a specific warning in the log during startup.

-- Best regards

Sten Carlsen

No improvements come from shouting:

"MALE BOVINE MANURE!!!"


On 11 Jul 2024, at 02.23, Glenn Satchell <Glenn.Satchell at uniq.com.au<mailto:Glenn.Satchell at uniq.com.au>> wrote:

hi Brian,

fixed-address assignments must be outside the pool of dynamic addresses to prevent this situation.

If the fixed-address device is down, then the dynamic pool will see that as free when it does a ping check and happily assign it. then when the fixed-address device requests the ip it will always be assigned.

This is mentioned in the docs, dhcpd.conf man page i think.

regards,
Glenn

On 11 July 2024 6:12 am, "Cuttler, Brian R (HEALTH)" <brian.cuttler at health.ny.gov<mailto:brian.cuttler at health.ny.gov>> wrote:

Running DHCP on Ubuntu 22.04.4 LTS



brian at cedar:/var/log$ DHCP -V

Internet Systems Consortium DHCP Server 4.4.1

Copyright 2004-2018 Internet Systems Consortium.



Noted one system in particular was having  network issues, ping to the IP was good, ping from the IP was problematic, lots of dropping pings in about 25 second groups/blocks.



Also having trouble maintaining SSH connection into the host, and host keys needed to be removed and reaccepted.



On a hunch I checked the dhcp log and found two different MAC addresses receiving the same IP.



Jul  9 11:49:38 cedar DHCP[1019]: DHCPREQUEST for 10.50.148.212 from d4:5d:64:08:91:7c via 10.50.148.1

Jul  9 11:49:38 cedar DHCP[1019]: DHCPACK on 10.50.148.212 to d4:5d:64:08:91:7c via 10.50.148.1

Jul 10 15:04:17 cedar DHCP[1019]: DHCPREQUEST for 10.50.148.212 from b0:7b:25:de:57:84 (berkeley) via 10.50.148.1

Jul 10 15:04:17 cedar DHCP[1019]: DHCPACK on 10.50.148.212 to b0:7b:25:de:57:84 (berkeley) via 10.50.148.1

Jul 10 15:05:16 cedar DHCP[1019]: DHCPDISCOVER from b0:7b:25:de:57:84 (berkeley) via 10.50.148.1

Jul 10 15:05:16 cedar DHCP[1019]: DHCPOFFER on 10.50.148.212 to b0:7b:25:de:57:84 (berkeley) via 10.50.148.1

Jul 10 15:05:16 cedar DHCP[1019]: DHCPREQUEST for 10.50.148.212 (10.50.156.21) from b0:7b:25:de:57:84 (berkeley) via 10.50.148.1

Jul 10 15:05:16 cedar DHCP[1019]: DHCPACK on 10.50.148.212 to b0:7b:25:de:57:84 (berkeley) via 10.50.148.1



I also note that one of the two hosts has a reservation.



        host Suraj {

                hardware ethernet d4:5d:64:08:91:7c;

                fixed-address 10.50.148.212;

                }



While I realize that a host with a reservation might be down, and another machine could get the IP if its in the available pool I’m very surprised by the behavior we were seeing.
If the non-received MAC received the IP wouldn’t the MAC with the reservation still cause a ping test for availability to be performed?
I can’t think of any other way this could have happened.



Can anyone help me to understand what actually happened and how best to prevent similar events in the future?

thanks in advance,

Brian





Brian Cuttler, System and Network Administration

Wadsworth Center, NYS Department of Health

Albany, NY 12201 POB 509

Brian.Cuttler at Health.NY.gov<mailto:Brian.Cuttler at Health.NY.gov>

518 486-1697



--
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

dhcp-users mailing list
dhcp-users at lists.isc.org<mailto:dhcp-users at lists.isc.org>
https://lists.isc.org/mailman/listinfo/dhcp-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20240711/d7de8d45/attachment-0001.htm>

More information about the dhcp-users mailing list