How to resolve DHCP IP address conflict on S series switch

14

For S series switches (except S1700 switches), if IP addresses in a DHCP address pool have been configured for clients but have not been excluded from the address pool, the IP addresses may be allocated to other clients, resulting in IP address conflicts.
For details about how to locate and rectify the IP address conflict problem, see "The IP Address Obtained by a Client Conflicts with the IP Address of Another Client" in Configuration Guide - IP Service.

Other related questions:
Solution to the problem of conflicting DHCP addresses on S series switches
For S series switches excluding the S1700, the IP address obtained by a client conflicts with that of another client. The possible cause is that the IP address of another host has been manually configured and the DHCP server does not delete the IP address from the address pool.

DHCP clients on S series switch cannot detect IP address conflicts
Before a DHCP client binds an obtained IP address to a VLANIF interface, it proactively sends a gratuitous ARP packet to check for IP address conflict. The VLANIF interface does not have an IP address, so its protocol status cannot go Up. When the physical interface in the corresponding VLAN receives the gratuitous ARP packet with the conflicting IP address, it cannot send the packet to the CPU. As a result, the DHCP client cannot detect IP address conflict. To resolve this problem, configure the dhcp server ping function on the DHCP server to check for IP address conflict. When there is a large number of DHCP clients, this function requires a high cost, so you need to decide whether to use this function after thorough consideration.

Reasons why the DHCP address pool is exhausted on S series switches
If the allocated address pool resources far exceed the number of clients connected to a switch, the following causes may result in address pool exhaustion: - An attacker sends a large number of DHCP Discover messages by continuously changing the CHADDR field. As a result, the address pool resources are exhausted. In this case, DHCP snooping can be deployed. - DHCP server is configured with the DHCP server ping function. With this function, the switch attempts to ping the allocated address before sending the DHCP Offer message. If clients respond to ping packets on the network, the DHCP server may incorrectly determine address conflicts. As a result, the address pool resources are exhausted. There are two solutions: Obtain the packet header through port mirroring on the DHCP server and check whether the determination is correct. If so, the client can be disabled. 2. Disable the DHCP server ping function by using the undo dhcp server ping packet command.

Remove IP address conflict on S series switch
In an ARP entry on an S series switch, except S1700, when one IP address matches multiple MAC addresses: If the switch functions as a DHCP server to assign IP addresses to clients, configure IP address conflict probing on the switch. If the switch functions as a gateway and IP addresses are statically assigned to clients, determine the clients using conflicting IP addresses and change the IP addresses for them manually.

Detect IP address conflicts on S series switch
On an S series switch, except S1700: When the IP addresses of two network devices conflict, the CPU usage on the switch becomes high and route flapping will occur on the switch. User services may be interrupted. To manage IP addresses efficiently and detect IP address conflicts promptly, enable IP address conflict detection. The switch can record logs for IP address conflicts. The configuration procedure is as follows: 1. Run the system-view command to enter the system view. 2. Run the arp ip-conflict-detect enable command to enable IP address conflict detection. By default, IP address conflict detection is disabled. 3. Run the display arp ip-conflict track command in any view to check IP address conflict records.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top