Weird IP/DHCP Issue
In order to make things that extra little bit harder for people to connect their own kit to our network, I have set exclusion ranges on any IPs which aren't being used for school kit, I simply delete one of these exclusions each time I want to add a new device (not foolproof, I know, but it is a good start - anyway, not the topic for this thread...) All this is fine and works a treat except for one IP address which doesn't get allocated out to clients, nor does the number of available IPs in the scope change when I remove the exclusion.
I was thinking that maybe something was hooked up to the network using this address as a statically-assigned one, therefore DHCP wasn't issuing it due to conflict, but I've tried pinging it and nothing comes back from it.
So, I guess my questions are why isn't this number being issued by DHCP (or even registered as being available), if it is being blocked by another device, how can I trace what and where that device is, and - possibly most important - does any of this matter?
Firstly, doing things this way doesn't buy you much. Anyone who cares can just spoof the mac address of an existing machine and get on your LAN. I suggest you look at some sort of NAC solution (802.1X, PacketFence, etc) instead.
As for your mystery device, can you ping it? portscan it? Whats the mac address as well?
Yes, all true - anyone who cares could do that, but it would have to be a conscious attempt to hack our network, not just a teacher/visitor/contractor/financial auditor hooking up to our network simply by chucking a cable in (as has happened before with irritating consequences). The MAC address would almost certainly be in use, though, since all our PCs are turned on all day. Packetfence, Radius, etc would be lovely but cost more than I can devote to the task. Anyway, back to my question...
I have tried pinging the device, but never get a response back from it; not all our switches are managed, so port-scanning is out, similarly I don't think I have any way of finding its MAC.
I find that explaining things simply in detail usually finds the problem :)
Give us your DHCP settings
Scope, ranges, gateways,subnet mask lease information if available etc etc and the IP in question.
might help :)
Try typing the IP into a browser and see what pops up. I had a similar odd IP allocated by DHCP. Turned out to be a network switch, which I didn't know could be managed until I did this and its management webpage login appeared.
Nothing, the page times out. It doesn't respond to pings either, which switches and such like do.
Originally Posted by timzim
Might sound simple, but do you have that address reserved for anything?
No, it isn't reserved, although it may well have been once - is it possible that a reservation might not have been deleted properly, so is still in effect even though it isn't listed?
Originally Posted by FN-Greatermanchester
This seems to be raising its head again.
Our DHCP scope reports that it is full, yet nothing has 192.168.0.126, .127 or .129 allocated, nor are they reserved. (I think that .126 is the number which I was posting about originally).
Any offers as to what is going on with these numbers? FWIW, they don't respond to pings nor does anything happen if I type them into a web browser.