Tuesday, February 21, 2012

Windows DHCP running out of IPs and can't change scope?

Took a call tonight from a client regarding them being unable to get DHCP IP address throughout the day and learned something incredible about Windows DHCP in the process that was I didn’t learn when studying for the 640 exam.

Obviously increasing the DHCP scope would resolve this problem, but I didn’t have a good way of telling why their scope was set the way it was and what was using the excluded IPs nor did I want to add another subnet because I didn’t know what implications it would have.
My “Story”/Resolution notes:

Looked into the DHCP issue they were seeing. DHCP server was reporting only ~50 leases active. Checked the DHCP lease period and it was set to 6 hours, which seemed accurate as they would expire overnight and then free them up right? But they were still running out of IPs for some reason... I checked DHCP statistics and the DHCP scope was reporting only 14 leases open for leasing!?

Researched why this was occurring and found 2 registry values that explained it.

The DHCP Cleanup Interval (how often the DHCP server cleans up stale leases):
HKLM\System\CurrentControlSet\Services\
DHCPServer\Parameters\DatabaseCleanupInterval

The DHCP Grace period (how long after a lease expires that it is reserved to be renewed before being subject to DHCP cleanup):
HKLM\System\CurrentControlSet\Services\DHCPServer\ Parameters\LeaseExtension

The DatabaseCleanupInterval was/is set to 60 minutes by default will renew during that period if they are active on the network. (They become active within 60 minutes of inactivity, they can still renew their lease)

However, the LeaseExtension registry key was not present and I finally found out the default is 4 hours! This means that a client would get a lease that is good for 6 hours and if they don't renew it during that time they would get an additional 4 hours "grace" period before it would be deleted during clean up. Since clean up only occurs once an hour, if the client got the lease 1 minutes before that mark, it would actually give it another 59 minutes before it was cleaned up (essentially 5 hour grace period and 11 hours to renew their lease!).

After figuring this out I decreased the lease period to an 1 hour 30 minutes and set the grace period to 60 minutes. After restarting the DHCP service I instantly saw the DHCP scope go from 92% full to 35% full!

This does increase DHCP traffic on the network, however its resolves the issue of running out of IPs if you can’t increase DHCP scope.

TL DR:
DHCP lease = amount before the lease on your IP expires.
DHCP Clean up = interval at which DHCP removes stale leases.
Can be changed with HKLM\System\CurrentControlSet\Services\DHCPServer\Parameters\DatabaseCleanupInterval reg key (in minutes)

DHCP Grace Period = Amount of time AFTER DHCP lease expires before it is subject to DHCP clean up (default = 4 hours!)
Can be set by adding HKLM\System\CurrentControlSet\Services\DHCPServer\ Parameters\LeaseExtension DWORD reg key (in minutes)

Not sure if this was common knowledge or not, but thought it might be able to save at least one of us from going through the trouble I did tonight!

2 comments:

Mike said...

Gotta pay respect where respect is due. Sorry I forgot sources:
http://lordoftheping.blogspot.com/2007/08/dhcp-lease-longer-than-expected.html

http://technet.microsoft.com/en-us/library/cc783573(WS.10).aspx

http://www.windowsnetworking.com/kbase/WindowsTips/Windows2003/AdminTips/Network/ConfiguringtheDHCPCleanupCycle.html

http://www.tech-faq.com/monitoring-and-troubleshooting-the-dhcp-server.html

http://social.technet.microsoft.com/wiki/contents/articles/event-id-1020-microsoft-windows-dhcp-server.aspx

Unknown said...

Yeah This is great post thats i am exactly searching.
Software Crack Full
Bitdefender Mobile

Security Premium Key