DHCP Issues
- a computer that is configured to use dynamic addressing but fails to obtain a lease will:
- Windows host:
- revert to APIPA configuration and select an address in the
169.254.0.0/16range
- revert to APIPA configuration and select an address in the
- Linux might:
- use link local addressing, set the address to unknown (
0.0.0.0) - or leave the interface unconfigured
- use link local addressing, set the address to unknown (
- Windows host:
- Reasons a client might fail to obtain a lease:
- DHCP server is offline
- users will continue to connect to the network until lease expires and try to renew
- no more addresses available (DHCP scope exhaustion)
- create a new scope with enough addresses or reduce the lease period
- shorter lease period can mitigate exhaustion issues in networks with high client turnover
- e.g., guest WiFi
- IP Address Management (IPAM) software suites can be used to track address usage across a complex DHCP infrastructure
- router between the client and DHCP server doesn’t support BOOTP forwarding
- install RFC 1542-compliant routers
- or add another type of DHCP relay agent to each subnet or VLAN
- DHCP server is offline
- if you reconfigure DHCP servers and their scopes,
- not all clients’ IP configurations will be updated when the server scopes are edited
- could be left with expired IP, default gateway, or DNS server address
- mitigate by:
- lowering the lease duration in advance of changes
- forcing all clients to renew
- or running parallel settings for a period
- not all clients’ IP configurations will be updated when the server scopes are edited
Important
Address pool exhaustion could be a symptom of a malicious attack.