Questions

DHCP not working Server'08

Tags:
+
0 Votes
Locked

DHCP not working Server'08

artanyis
Ok, this is a little odd, I just set up a brand new 2008 server for a customer, because its a new implementation they are not down or anything but here is the problem. I set up the basics first, dcpromo, DNS, DHCP, than put in telnet, file server and app server. When I had finished DHCP and switch it from the old router to the new server it worked fine. literally 24hrs later it failed. DHCP on the server does not work, I currently have it bandaided using the old router as the DHCP server but I would like to figure out what went wrong.

The DHCP service is running and I didnt see any mistakes in the settings, same for DNS. There are no reports in the system logs showing anything is wrong and everything says that everything is working. But not a single user can get an IP from the server. If I set a static IP in range and put the server as DNS it works perfectly.

The only thing that has been installed on the server so far is the DynDNS updater for the VPN and remote connections.

Now here is the odd part, at one point during a restart as the system was starting up the services but before startup had finished 2 pcs received an IP from the server. The only thing I can think may be causing a problem is the DynDNS updater as it starts after all of the services and is the only thing on there so far that is not part of server08. I have not tried removing it yet since I am not on site at the moment but would love some Ideas I can try when I get back on site later today.
  • +
    0 Votes
    TobiF

    Do you have any kind of VLAN configuration on the router/switch that may be playing tricks with you?

    You could try a packet sniffer on the server to see if DHCP requests ever reach the it.

    +
    0 Votes
    artanyis

    No, its not the router, I tried a different one to make sure though. The router is a slightly outdated very basic Linksys router. i also tried disabling the forwarding rules in it to no avail. There is a Netgear ProSafe Switch that might be causing problems but its not one of the manageable modals and there is no wire diagram so I have no idea where the cables from it go... Makes me a little leery about pulling it out while there are still people trying to work. Aside from that I have never heard of a switch causing problems like that anyway.

    +
    0 Votes
    artanyis

    There is currently no AV installed on the server. (I know its dangerous but there is no information there yet either) And the closest thing to a firewall on this little network is the old Linksys router. And no, I already tried disabling the forwarding rules and there is nothing else in there to cause a problem.

    +
    0 Votes
    Churdoo

    ... so that's not what I meant. I meant did you check the Windows firewall on the 08 server? Turn off the Windows firewall then test. If that's the culprit then turn it back on and check the exceptions.

    +
    0 Votes
    artanyis

    So, I have tried pretty much everything but sticking it on a private network with just my laptop, a router, and the server, which I will be trying tomorrow morning to make sure its not a network issue.
    Because it will hand out a couple IPs when the server first starts up I think its a conflict with another windows service, but I have no idea what service could be causing it, possibly the DNS server role? Anyone have an idea along this path?

    +
    0 Votes
    CG IT

    you might delay it's startup, but then the delay might effect workstations getting an address and risk workstations assigning an APIPA address.

    Sounds more like a firewall problem where the windows firewall is delayed starting up because of other services, thus a few workstations will get through the discover, ackowledge, offer, stages and get an address.

    I'd check your windows firewall on the 2008 server and make sure DHCP is allowed in and out.

    I'd also check the windows 2008 server NAP settings. NAP threw me for a loop there once or twice with it's settings.

    +
    0 Votes

    NAP

    artanyis

    I hadn't given much thought to NAP Right now it is unconfigured and everything is in its default settings. I'll mess around in there and let you know.

    And defiantly not the firewall, I tried completely disabling it and even setting up a mini-network with one pc a router and the server and still nothing. NAP is my next location.

    +
    0 Votes
    artanyis

    Alright, I called in an old friend and he remoted in and confirmed that everything was set up right, running right and just plain not working...

    Turned out my hunch about conflicting services was partially right the RRAS role was causing the problem. Removed the role and it works fine, now all I have to do is figure out why so that when I set up the VPN it doesn't stop working again.

    Thanks for all of your help.

    +
    0 Votes
    CG IT

    the only time RRAS would "interfer" with DHCP is if you are using only 1 network card rather than the recommended 2 network card setup.

    If you used 1 network card, then all hosts on the lan would be seen as remote access clients and therefore would not get any addresses if they don't meet RRAS requirements and your DHCP relay agent pool didn't have enough addresses.

    +
    0 Votes

    Yes

    artanyis

    That's right, we are using just one network card because of hardware limitations at the moment, hopefully I can get some of the old equipment changed out and free up a hardline connection.

    But as for RRAS that is basically what was going on. I had RRAS configured to share the single interface with the internal network but for some reason it was still blocking all sorts of random things and allowing some other things through. Either way removing the role, and resetting up RRAS fixed the problem and all is good now.

    I'm chocking this one up to the Network Gods hating me. (or random corruption in the configuration)

    +
    0 Votes
    CG IT

    that is allowing or denying traffic through an interface.

    RRAS and split tunneling with one network card doesn't work in Windows environment.

    Stich another $25.00 USD PCI network card in the machine. Solve your single network card problem

  • +
    0 Votes
    TobiF

    Do you have any kind of VLAN configuration on the router/switch that may be playing tricks with you?

    You could try a packet sniffer on the server to see if DHCP requests ever reach the it.

    +
    0 Votes
    artanyis

    No, its not the router, I tried a different one to make sure though. The router is a slightly outdated very basic Linksys router. i also tried disabling the forwarding rules in it to no avail. There is a Netgear ProSafe Switch that might be causing problems but its not one of the manageable modals and there is no wire diagram so I have no idea where the cables from it go... Makes me a little leery about pulling it out while there are still people trying to work. Aside from that I have never heard of a switch causing problems like that anyway.

    +
    0 Votes
    artanyis

    There is currently no AV installed on the server. (I know its dangerous but there is no information there yet either) And the closest thing to a firewall on this little network is the old Linksys router. And no, I already tried disabling the forwarding rules and there is nothing else in there to cause a problem.

    +
    0 Votes
    Churdoo

    ... so that's not what I meant. I meant did you check the Windows firewall on the 08 server? Turn off the Windows firewall then test. If that's the culprit then turn it back on and check the exceptions.

    +
    0 Votes
    artanyis

    So, I have tried pretty much everything but sticking it on a private network with just my laptop, a router, and the server, which I will be trying tomorrow morning to make sure its not a network issue.
    Because it will hand out a couple IPs when the server first starts up I think its a conflict with another windows service, but I have no idea what service could be causing it, possibly the DNS server role? Anyone have an idea along this path?

    +
    0 Votes
    CG IT

    you might delay it's startup, but then the delay might effect workstations getting an address and risk workstations assigning an APIPA address.

    Sounds more like a firewall problem where the windows firewall is delayed starting up because of other services, thus a few workstations will get through the discover, ackowledge, offer, stages and get an address.

    I'd check your windows firewall on the 2008 server and make sure DHCP is allowed in and out.

    I'd also check the windows 2008 server NAP settings. NAP threw me for a loop there once or twice with it's settings.

    +
    0 Votes

    NAP

    artanyis

    I hadn't given much thought to NAP Right now it is unconfigured and everything is in its default settings. I'll mess around in there and let you know.

    And defiantly not the firewall, I tried completely disabling it and even setting up a mini-network with one pc a router and the server and still nothing. NAP is my next location.

    +
    0 Votes
    artanyis

    Alright, I called in an old friend and he remoted in and confirmed that everything was set up right, running right and just plain not working...

    Turned out my hunch about conflicting services was partially right the RRAS role was causing the problem. Removed the role and it works fine, now all I have to do is figure out why so that when I set up the VPN it doesn't stop working again.

    Thanks for all of your help.

    +
    0 Votes
    CG IT

    the only time RRAS would "interfer" with DHCP is if you are using only 1 network card rather than the recommended 2 network card setup.

    If you used 1 network card, then all hosts on the lan would be seen as remote access clients and therefore would not get any addresses if they don't meet RRAS requirements and your DHCP relay agent pool didn't have enough addresses.

    +
    0 Votes

    Yes

    artanyis

    That's right, we are using just one network card because of hardware limitations at the moment, hopefully I can get some of the old equipment changed out and free up a hardline connection.

    But as for RRAS that is basically what was going on. I had RRAS configured to share the single interface with the internal network but for some reason it was still blocking all sorts of random things and allowing some other things through. Either way removing the role, and resetting up RRAS fixed the problem and all is good now.

    I'm chocking this one up to the Network Gods hating me. (or random corruption in the configuration)

    +
    0 Votes
    CG IT

    that is allowing or denying traffic through an interface.

    RRAS and split tunneling with one network card doesn't work in Windows environment.

    Stich another $25.00 USD PCI network card in the machine. Solve your single network card problem