Why are some of the addresses in the Address Leases for a given scope are marked as BAD_ADDRESS in the DHCP snap-in?

  • Article

Today when I entered my office, the first thing that happened was the admin for our lab was asking me to debug an issue in which the DHCP server which doles out IP Addresses in our lab was out of addresses. This prevents the DHCP clients from joining the network as they do not get IP address from the DHCP server. When we opened the DHCP server console, I went to the scope which was running out off addresses. I looked into the Address leases list of that scope. This list is basically a very user-friendly display of the lease database. Btw, Lease database is a table which records every address assignment by the DHCP server.

What I found was there were a lot of IP addresses were marked as BAD_ADDRESS in the name field. This explains why the scope was running out of the IP addresses. This was what was happening:

1) There were a lot of computers which were statically configured with IP addresses which falls within the address range of the scope.

2) Since the addresses which were statically configured were in the address range of the DHCP server, these addresses were assigned by the DHCP server to the DHCP-enabled client machines.

3) Now, the client machine got an address which was already used as a static address by some other client. One good thing the DHCP client does before it plumbs the address it got from the DHCP server is that it checks whether the address it received from the DHCP server is a valid one by checking its uniqueness. It achieves this by sending a ARP request on that client. BTW, ARP is a protocol which is used to get the mac address from a given IP address. The machine who answers the ARP request is the machine whose IP address corresponds to one in the ARP request itself. So if the DHCP client gets an ARP reply, it means that there is some other machine with the same IP address. This is immediately flagged as an error and a DHCP-DECLINE is sent to the DHCP server.

4) The DHCP server, when it gets the DHCP-DECLINE for a given IP address understands the fact that this address has been assigned outside the DHCP mechanism and marks it as a BAD_ADDRESS so that this address is never given to any more DHCP clients.

The best way to handle this kind of a scenario is to restrict the IP address pool from which you assign your static clients to a contiguous block, (Say 192.168.200.10 to 192.168.200.30) and add this range as an exclusion range. This way these addresses would never be assigned to the clients.

I hope I have shed some more DHCP enlightenment.

Meet you again soon…

Happy networking till then.