DHCP superscope issue

[amxfan]

I'm having an issue with a DHCP server and I would love to get help from the pro's here on WPW.

The DHCP server is on a win 2003 server box.

Here is the mark up and issue.

We have 2 buildings. Lets say building A and building B.

In building A we have the DHCP server. The ip address of this server is 10.65.0.2 and it sits behind a router that is has an ip of 10.65.0.1. This building also has about 100 work stations. The ip block for this building is 10.65.0.0 - 10.65.3.255

In building B we have about 150 work stations that pull ip addresses from the DHCP server in building A. The block of ip's for this building is 10.65.32.0 - 10.65.35.255 and the router's ip address is set to 10.65.32.1.

We have more buildings but I'm going to keep it simple here. Now I set up the DHCP server in building A and made a superscope that holds the two scopes. One scope is for building A and the other is for building B. Since we do not have access to the routers as they are controlled by AT&T, we had them set all the routers to point the DHCP request to the 10.65.0.2 ip address. I have called and confirmed this setting and ip block ranges for each building.

Under the server setting for the scope for building A I set the DNS ip's to what they are and also set the router setting to 10.65.0.1. All other settings are blank.

Under the server settings for the scope for building B I set the DNS ip's to what they are and also set the router setting to 10.65.32.1. All other settings are blank.

The issue is that for some reason building B sometimes pulls ip addresses from building A's scope and hence any workstation that does this can not hit the internet as it does not have a proper ip for that building. Can anyone please point me in the right direction as to what setting to change so we can correct this?

[wige]

Just for clarification, how are the buildings linked together? Is this a VPN, or do the buildings have separate Internet connections?

[amxfan]

Every building reaches the internet through building A.

Building B is linked to building A by a Metro E

Code:

Internet - Fire wall - Web filter - Router - Switch in building A
                                               |---To B - Metro E - Router - LVL 3 Switch
                                               |---To C - Wireless Ant. - C Building

That design is not %100 correct but I'm sure you can see how it is setup.

[wige]

Ok. I just wanted to be sure, since you have managed routers, that there wasn't a public component or VPN going between the buildings.

Scope is generally determined by looking at the DHCPDISCOVER packet that is sent by the new client to 255.255.255.255. If this request is directly heard by the DHCP server, the SRC header will be blank (0.0.0.0) since the computer does not have an address yet. This tells the server that the client is in the same scope as itself, and the server should respond with a building A address.

Requests that come from building B should be edited by the router to add the router's IP to the SRC field of the DHCPDISCOVER packet. This is what tells the server which scope the request is coming from.

There are two possibilities that I can think of. First, somehow the SRC field may be getting edited incorrectly by the router, being left blank. Another possibility, especially if a computer is being moved from one location to another, is that the computer is requesting, and receiving, an old IP address.

For starters, have you tried flusing the cache on the computers that are being put in the wrong scope? In Windows, this is done by entering "ipconfig /release" then "ipconfig /renew" at the command prompt. The release will get rid of any IP history on the client. If this does not correct the problem, check the log on the server to see what the request looks like. That may give you some additional information.

[amxfan]

Wige
Thank you very much for your reply. Your diverse knowledge has never ceased to impress me. I think I found the issue and have resolved it. We did try to release and renew ips, but this did not seem to affect the issue as the computers that got the invalid ip were random. Your statement "somehow the SRC field may be getting edited incorrectly by the router" is pretty much dead on. We found through accidental means that the firmware for our level 3 switch was buggy when it comes to dhcp. We flashed the switch with the latest hardware revision and have yet to get an improper ip. The true test will be tomorrow when all the computers get turned back on, but we have tested various computers "over 100 reboots / release / renew" and have yet to get an improper ip.

On the one hand I am happy it is nothing I did to cause the issue as I am the one that set up the dhcp and relay agents. On the other hand I could have seen the issue with Wireshark if I would have thought to have even looked for that possibility.

Thanks again.

[wige]

My pleasure. Glad to see you are getting it all sorted.

[stephen186]

It seems to technical for me but glad that senior members here are well experienced and helpful. by the way, i just came here through google while searching for DHCP info.