Deal with DHCP Server IP Exhausted
Recently, I have a problem with DHCP Server service run on Windows Server 2003 that use full ip address ranges, alot of IP used by strange mac address (3139…, longer than 12 charater) with type DHCP/BOOTP, even my DHCP server have mac address filter add-in and assign IP option is DHCP only. No special info in event log, Google return no clear root cause and solution.
- https://community.spiceworks.com/topic/533408-dhcp-server-leases-100-used-showing-ip-in-cient-ip-and-name-fields
- https://social.technet.microsoft.com/Forums/windowsserver/en-US/53a1e987-5d44-415e-8510-62cb1e58716a/weird-mac-on-dhcp-31202e3235332e302e?forum=winserverNIS
- https://www.experts-exchange.com/questions/23081730/DHCP-database-inconsistent-Lots-of-Unique-ID-3133322e3138362e3235342e373000.html
Some strange address
this happen not just with Windows S2K3 also with S2K8 or 2012 too.
Until Microsoft fix the problem, I think I must live with it, here is my solution:
-
Create a program (with python or php), schedule run every 30 minutes to delete bad IP from DHCP server address leases, with help of netsh command from cmd.
- First, fix and show all address leases in DHCP server database:
netsh dhcp server scope 192.168.2.0 initiate reconcile fix
(example our scope is 192.168.2.0)
- The bad IP address with have type DHCP/BOOTP and not correct UniqueID/Mac Address
- Second step, delete bad ip address:
netsh dhcp server scope 192.168.2.0 delete lease 192.168.2.78
- First, fix and show all address leases in DHCP server database:
PHP code:
<?php
/**
* Clean bad ip address leases
* https://social.technet.microsoft.com/Forums/windowsserver/en-US/53a1e987-5d44-415e-8510-62cb1e58716a/weird-mac-on-dhcp-31202e3235332e302e?forum=winserverNIS
* @param string $server_name, dhcp server name, ex: srv.domain.local
* @param array $dhcp_scope, scopes by dhcp, ex: ['192.168.1.0']
*/
function cleanBadIpAdress($server_name, $dhcp_scope)
{
if (!empty($dhcp_scope)) {
foreach ($dhcp_scope as $scope) {
$export_file_name = "{$server_name}.{$scope}.txt";
// refresh address leases list
exec("netsh dhcp server scope {$scope} initiate reconcile fix");
echo "Refresh DHCP leases IP done" . PHP_EOL;
// export address leases to file, in the same folder of php file
exec("netsh dhcp server \\\\{$server_name} scope {$scope} show clients 1 > {$export_file_name}");
echo "Export DHCP leases IP to file done" . PHP_EOL;
// read file and find bad ip
if (file_exists($export_file_name)) {
$content = explode(PHP_EOL, file_get_contents($export_file_name));
if (!empty($content)) {
foreach ($content as $line) {
$line = explode(" ", $line);
// $line[0] is IP address, $line[1] have subnet, $line[2] have mac address
// sometime $line[1] is emplty and $line[2] have subnet and $line[3] have mac address
$bad_ip = null;
if (isset($line[1]) && isset($line[2]) && strpos($line[1], '255.') !== false) {
if (strlen($line[2]) > 20) {
// found bad mac address
$bad_ip = $line[0];
echo "Found bad ip {$bad_ip}, mac address {$line[2]}" . PHP_EOL;
}
} elseif (isset($line[2]) && isset($line[3]) && strpos($line[2], '255.') !== false) {
if (strlen($line[3]) > 20) {
// found bad mac address
$bad_ip = $line[0];
echo "Found bad ip {$bad_ip}, mac address {$line[3]}" . PHP_EOL;
}
}
if ($bad_ip) {
// delete bad address
exec("netsh dhcp server scope {$scope} delete lease {$bad_ip}");
echo "Bad IP {$bad_ip} deleted" . PHP_EOL;
}
}
}
// delete exported file
unlink($export_file_name);
}
}
}
}
?>
You can see example code on Github here: https://github.com/NothingCtrl/DHCP-Clean-Bad-Leases-IP
Hope this help.
Origin post at https://archive.camratus.com/2017/07/26/deal-with-dhcp-server-ip-exhausted/