A few computers refused to get an ip address.

[computertechguy]

In an office where there are about 50 -60 pc's I got a call a handful (3 pcs) couldn't get to websites. Went onsite and sure enough those three machines no matter what would get connected. Their IP's were correct, but under further investigation I discovered I couldn't ping the network either.

I rebooted the pc's flushed the dns, reset netsh, it behaved this way either wired or wireless.

So I thought it was a full DHCP list (on my Sophos router) I reset the DHCP server and the computers came back on, so I left.

I discovered that another new computer and the previous ones were not connected to the network again, so I decided to reboot their Servers (which is only doing DNS and file sharing and that seems to be the issue.

However one laptop I was working on would NOT get on the wiifi didn't have a yellow exclamation point on the wifi it just showed the globe instead. However, the lan works and this is fine for this user as they are out of reach of wifi, and yes I moved this pc to within wifi range.

Any thoughts??
Windows 10 pro's, unifi wifi AP's (controller rebooted with reboot), win server 2012 using Hyper V only doing DNS and file share, and a sophose XG210 router doing the DHCP.

 

[Mike McCall]

Any chance of a rogue DHCP server?

 

[AlohaTech]

I agree, look into what @Mike McCall said.

We just ran into that at one of our buildings. We discovered a new 3D Printer had a built in DHCP server on it that was enabled by default.

 

[nlinecomputers]

Wait what? a PRINTER with a DHCP server?

 

[Diggs]

Uninstall the adapter(s) and let Windows reinstall on reboot. If it works and then fails after Windows updates then lock the drivers.

 

[phaZed]

Wait what? a PRINTER with a DHCP server?

Prob for Ad-Hoc direct WIFI access.

 

[Sky-Knight]

Unifi switches with DHCP protection sound really good right about now... because my money is on a rogue DHCP server too.

Find a working machine, and a busted machine... ipconfig /all to find IP of the DHCP server, arp-a and find the mac address associated with the above IP on both working and nonworking platforms. I'll bet you find the two systems don't match, and then you'll know... some idiot has done something stupid. Probably "extending" the wifi somewhere.

But just as much as a rogue DHCP server can do this, so can something trying to use the gateway or DHCP server's IP address... same test if it's all on the gateway.

 

[ohio_grad_06]

Once I dealt with a network where they had 5-6 pcs, but they were just using the ATT router from their ISP. Their antivirus kept flagging everything they went to nearly. Tracked it down that if you set your settings manually and dns to google, things worked fine. So in their case someone must have gotten into their router. Never did find the end result as I got them up and running enough that they could work that way, and recommended we replace the router. They never did call back.

 

[nlinecomputers]

I'd double check the server. It's odd that a server is running DNS but NOT DHCP. The best setups have the server running DHCP and the router running as a secondary DHCP server.

 

[AlohaTech]

Wait what? a PRINTER with a DHCP server?

Yes, I think it was a Monoprice MP Voxel. I never saw it in person but one of the other techs discovered it. If I recall @phaZed is right and it had to do with Ad-Hoc.

 

[NETWizz]

What switch do you have?

What you want to enable is generally called DHCP snooping within the VLAN to authorize only the proper location to allow DHCP

 

[HCHTech]

The best setups have the server running DHCP and the router running as a secondary DHCP server.

How does that work, exactly? I've setup DHCP failover between two servers (which presumably talk to each other or mirror each other so address conflicts don't happen after a failover), but how would you configure a router to be a secondary DHCP server?

 

[nlinecomputers]

How does that work, exactly? I've setup DHCP failover between two servers (which presumably talk to each other or mirror each other so address conflicts don't happen after a failover), but how would you configure a router to be a secondary DHCP server?

The same way the server does. It has to have that ability. If it doesn't you need to turn it off.

 

[nlinecomputers]

You can also set up multiple DHCP servers so that they all issue IPs from Different scopes. So long as your scopes do not overlap then there is no risk of double assigning IPs.

 

[YeOldeStonecat]

A whole lot of "step back and look closely as the big picture...and lean over and examine lots of little things"
Could be rogue DHCP
Could be bad network cables, broadcast storms, loop back happening somewhere, improperly configured spanning tree, improperly configure VLANs...
...a network of 50-60 PCs...I'm sure there's more than 1x switch in the mix...quite possibly the old nightmare of many SOHO grade switches daisy chained...who knows.

re: the servers doing just DNS and file sharing...don't need to reboot a whole server if you suspect DNS is acting up..just go to services.msc and restart the DNS Server service. This way the server stays up and running doing it's thing on the network and nobody notices.

 

[computertechguy]

I remember on SBS if it saw another DHCP server it shut itself off. Places where they got ip's the dhcp server was correct,

 

[HCHTech]

The same way the server does. It has to have that ability. If it doesn't you need to turn it off.

Ok, got it. I've never run into that, but the end of the pool I swim in is pretty shallow, I'll admit. You don't know what you don't know, you know?