We have recently migrated to a Windows2003 DHCP server. Our network is a bit of a mess with a melange of static and dynamically assigned clients (unfortunately, some with incorrect subnet masks). This includes desktop machines as well as VOIP phones.
The problem we are having is that the Windows2003 DHCP server is assigning IP addresses that conflict with rogue devices that have statically assigned IP addressed. We obviously need to track these devices down, but I'm wondering why the DHCP server can't detect the presence of these conflicts.
I'd like to see the DHCP server perform an ARP request to identify if the IP address is in use. It should then log the issue, mark the address as in use, and try a new address.
Is there some way to configure Windows2003 to behave this way? Alternatively, is there another DHCP server that will handle this?
You want to turn on conflict detection on the Microsoft DHCP server. Have a look on the "Advanced" tab of the properties of the DHCP server node in DHCP management. Increase the "Conflict detection attempts" from the default of 0 and you'll start to see "BAD_ADDRESS" entries appear in the DHCP scope as the DHCP server "finds" addresses already assigned to other devices.
(source: wellbury.com)
The DHCP server does just what you describe. It uses gratuitous ARP to find addresses already in use and marks them.
Give that a shot-- it'll do what you want.
there is also software to guard against rogue dhcp servers, it will automatically detect them, and exhaust their address pool, so that the real dhcp server can serve real systems
blogs.technet.com/teamdhcp/archive/… that's the free MS detection tool yersinia.net/index.htm this is the DHCP pool exhaustion tool all of this can also be scripted using *nix dhclient :)