IP conflicts...over and over again
Results 1 to 8 of 8

Thread: IP conflicts...over and over again

  1. #1
    Senior Member Blunted One's Avatar
    Join Date
    Dec 2005
    Posts
    183

    Question IP conflicts...over and over again

    Here is my situation and questions.

    I work at a video game company. That means each person has around 4 ip addresses at each desk. One for the computer, phone, XBOX360, PS3 and some have even more.

    We are getting random duplicate IPs popping up every so often. I am finding that a lot of the time it is a device that no longer exists on the network. This sometimes affects a phone or xbox or even a computer. How can I fix these problems. I have enabled scavenging of records on the servers (which wasn't on in the beginning) and I hope this helps, but is that the way to do it or is there a better way?

    Am I correct in assuming our IP addressing scheme for employees only has 254 IPs unless I put some of their devices on different subnets which I have done for the PS3s.

    Here is a little breakdown of our network addresses...

    Servers are on ***.***.2.***

    PS3s are on ***.***.4.***

    Everything else (phones, computers, xbox 360s, printers) ***.***.5.***

    Sometimes I find a random device takes the IP of ***.***.10.***

    Just to reiterate what I said before...I am getting lots of duplicate IP issues which cause problems with the said device unless I remove the PTR and the entry from DHCP of the device that is supposedly taking that IP. Even then it seems to take a few minutes before it takes affect on the network. Will there be any communication problems if I put some devices on different parts of the network? Like IPs such as ***.***.5.25 and ***.***.10.30?
    It's not a war on drugs it's a war against personal freedoms!

  2. #2
    Disgruntled Postal Worker fourdc's Avatar
    Join Date
    Jul 2002
    Location
    Vermont, USA
    Posts
    797

    just a suggestion

    Put your whole shop on a subnet.

    have your pcs on 10.10.1*.***

    have the xboxes on 10.10.2*.***

    have the phones on 10.10.3*.***

    * = wildcard

    Set up a computer with 2 NICs as proxy server as a gateway to the 'net

    On a smaller scale this is what I did with my house, I got away with using the 192.168.*.* domain.
    ddddc

    "Somehow saying I told you so just doesn't cover it" Will Smith in I, Robot

  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    You haven't given us all the info needed.

    1) Are you using a single DHCP server with defined scopes? Is it setup correctly?
    2) You can use any of the RFC1918 private address ranges. It makes no difference which you use. 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16
    3) If you have a mixed scheme (DHCP and static) reserve the first 50 addresses within each class C for static hosts and then configure 51-254 in the DHCP pool in the scope for that subnet.

    If you have this setup correctly, you will not see IP squatting issues. My guess is that you:
    1) Haven't kept track of assigned IPs
    2) Allow users to manually configure addresses
    3) Don't have DHCP setup correctly
    4) Routing may be busted up
    5) Multiple DHCP servers are running

    PS
    Class C subnets have 254 addresses available for use. 255 is the broadcast IP.

    Set up a computer with 2 NICs as proxy server as a gateway to the 'net
    I can't imagine that this advice means what it literally says so let me clarify what I believe it to mean. Place a firewall between you and the internet and make this device your internet gateway. Placing a dual-homed host with IP forwarding on between you and the net would produce horrific results.

    Enjoy.

    --TH13
    Last edited by thehorse13; November 29th, 2006 at 07:04 PM.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  4. #4
    Senior Member Blunted One's Avatar
    Join Date
    Dec 2005
    Posts
    183
    Yes it is a single DHCP server with a defined scope of ***.**.5.1 to 10.255, but this server also does a lot of other tasks and services. DHCP is setup correctly, but not optimally which is why all our network devices (aside from servers, firewall, etc) are sharing this range of IPs without much seperation (the phones are on their own switch, but use the same pool of IPs).

    Our two servers both are DNS and DC servers. Could this be an issue as well? Since I enabled the scavenging feature the DNS has been cleaned up and I hope this will alleviate a number of problems with devices that require an IP.

    I know this isn't the best setup for servers, but it is what I inherited when I started working here. I would love to start this over from the beginning, but we are very busy with our project and it just can't be done at the moment.

    Thanks for the info as always I am greatly appreciated.
    It's not a war on drugs it's a war against personal freedoms!

  5. #5
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Our two servers both are DNS and DC servers. Could this be an issue as well?
    Nope. Very common MS AD setup. I have the same here without issue.

    From what I'm hearing, you have a bubble gum and scotch tape network topology. I bet if you re-architect it and segment properly you will see all of this go away.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  6. #6
    Senior Member Blunted One's Avatar
    Join Date
    Dec 2005
    Posts
    183
    I should have guessed that the root problem is that all devices share the same pool of IPs. As you said if I segment everything to it own range of IPs for PCs, phones, consoles, etc the issues would vanish.

    Another small question is that one of the DNS, DC servers, is also a file server, application server and runs Exchange...now that can't be good can it?
    It's not a war on drugs it's a war against personal freedoms!

  7. #7
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    It depends.

    1) Can the box handle the load?
    2) Can you absorb the risk of a single point of failure of most of your core services?
    3) Are you in the position to resolve the problem?


    Functional requirements are the name of the game in this case. I'd start there.

    --Th13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  8. #8
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    If all these devices are logically on the same ethernet segment, they should probably be in the same IP range.

    If you're running out of IPs, consider using a LAN IP range bigger than class C. The RFC1918 private addresses are usable by every network*

    Specifically, if you want a class B, either pick 192.168 or a 10.something, and have your netmask as 255.255.0.0

    Then you can assign the different types of device its own non-overlapping range allowing loads of room for expansion.

    Duplicate IPs should not happen with most sane DHCP servers (Dunno about MS's one though ), as they will check if an IP is in use by a rogue device before allocating it- The only way should be if two devices both independently got the same IP, were powered off, then came back on, unable to contact the DHCP server and assumed that having that IP was still ok.

    If you can get the MAC addresses of the device you could give them static IPs assigned by DHCP. This should not be too difficult as the different vendors' kit will probably have distinctive MACs (e.g. Sony for PS3s, the phone maker etc)

    Mark

    * Except of course, for RFC1918 addresses in use by other networks in your organisation that you want to route to without NAT.
    Last edited by slarty; November 30th, 2006 at 10:27 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •