none
DHCP Request and Offer working, but all network computers ignoring Offer RRS feed

  • Question

  • Hello,

    We have a SBS 2011 server, and since a week, all network computers, even the laptop we brought from outside the domain to do some tests, do not take the DHCP offered by the server!

    We ran WireShark to see if we could detect anything suspicious, but all packets are fine, meaning that a DHCP Request is sent by the network computer, server sends back a DHCP Offer, that the computer receives, but it totally ignores it and sends out a new DHCP Request!

    We restarted the server, installed patches shown in Windows update, and did the same thing on many computers.  We even replaced the network cable on the server.

    What could make any Windows (network computers are Windows 7 and the laptop is on Windows 10) ignore the DHCP offered by a DHCP server?


    Thanks, Dominic



    • Edited by GTA_doum Friday, December 14, 2018 9:57 PM
    Friday, December 14, 2018 9:55 PM

Answers

  • Ok, by digging and digging, I found that DHCP creates daily logs, in which I saw the line with "33 Packet dropped due to NAP policy".  I then went to check the status of the Network Access Protection on IPv4 and the scope, within the scope the NAP was at enable!  I put it back at disabled and voilà!  DHCP is working properly again!

    I have no idea how this option got enabled, and I guess that by default, the NAP policies are not configured and therefore it blocks all traffic.


    Thanks, Dominic

    • Marked as answer by GTA_doum Thursday, December 20, 2018 5:28 AM
    Wednesday, December 19, 2018 2:35 PM

All replies

  • Hi,

    It seems like the unicast message is blocked.

    Did the DHCP server work fine before, or is it newly set up?

    Would you please check your Firewall settings in Group Policy Editor (or Local security settings if the computer isn’t in a domain) to make sure that you’ve set Allow unicast response to Not Configured.

    Regards,

    Zoe


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Monday, December 17, 2018 6:34 AM
  • It is an existing server that was working properly a week ago.  Even a non-domain computer does not get an IP (the laptop we brought for testing for example), it ignores the DHCP offer, so it is not a firewall or domain configuration issue.

    Thanks, Dominic


    • Edited by GTA_doum Monday, December 17, 2018 2:58 PM
    Monday, December 17, 2018 2:50 PM
  • Hi,

    Before the issue happened, did you do any modifications? Or install any updates?

    I’ve found a case which is much similar to your situation and let’s see if this could give you any idea.

    For your reference:

    https://social.technet.microsoft.com/Forums/windowsserver/en-US/7127b4ea-9ea2-467f-af4e-f61de3bf7bf8/devices-do-not-reply-to-dhcp-offer?forum=ws16essentials

    Regards,

    Zoe


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, December 18, 2018 3:03 AM
  • The second physical network card is disabled.  The third card is the Virtual USB for iDRAC, which was enabled before.  I tried with this card disabled or enabled but it did not affect the DHCP issue.  The two cards are not teamed since this is a SBS 2011 server (which runs 2008R2).

    Thanks, Dominic

    Tuesday, December 18, 2018 6:31 AM
  • Hi,

    Based on your description I suppose that your DHCP server is sending an offer with invalid parameters. As a result, the client ignores the offer and sends another DHCP discover message.

    Would you please look into the DHCP offer traffic for details and see if we can find an answer?

    For your reference:

    DHCP (Dynamic Host Configuration Protocol) Basics

    https://support.microsoft.com/en-us/help/169289/dhcp-dynamic-host-configuration-protocol-basics

    Wireshark/DHCP

    https://en.wikiversity.org/wiki/Wireshark/DHCP

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Regards,

    Zoe


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, December 19, 2018 2:57 AM
  • The DHCP document is really interesting :).  As per this document, the server is not sending the last DHCPACK needed for the station to process!

    Any idea how to troubleshoot this step?  Why would the DHCP server omit to send the DHCPACK?  So to resume, the server sees the Discover, sends back the offer and marks the IP in the DHCP and DNS list, the computer returns the Request but never receives the ACK...


    Thanks, Dominic

    Wednesday, December 19, 2018 4:57 AM
  • Ok, by digging and digging, I found that DHCP creates daily logs, in which I saw the line with "33 Packet dropped due to NAP policy".  I then went to check the status of the Network Access Protection on IPv4 and the scope, within the scope the NAP was at enable!  I put it back at disabled and voilà!  DHCP is working properly again!

    I have no idea how this option got enabled, and I guess that by default, the NAP policies are not configured and therefore it blocks all traffic.


    Thanks, Dominic

    • Marked as answer by GTA_doum Thursday, December 20, 2018 5:28 AM
    Wednesday, December 19, 2018 2:35 PM
  • Hi,

    I’m glad to hear that your issue is resolved.

    Did you install the Network Policy Server role on the system before things happened? It’s possible that it was then you get NAP with DHCP enforcement configured.  As a result, if the client trying to receive an IP address does not pass the health validation check, it is not allowed to receive an IP address.

    For your reference:

    DHCP Enforcement Design

    https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd125376%28v%3dws.10%29

    Regards,


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, December 20, 2018 3:06 AM
  • NPS was already there, nothing got installed lately on that server.  My guess is that someone on my team activated it without "noticing" it and did not know the impact it would have, a lost day of work for many employees, and few nights for me and my partner :)

    Thanks, Dominic



    • Edited by GTA_doum Thursday, December 20, 2018 5:18 AM
    Thursday, December 20, 2018 5:18 AM
  • Hi,

    Anyway thanks for your effort and sharing the resolution.

    You may mark yourself as answer and this would be helpful to anyone who encounters similar issues.

    Have a nice day.

    Zoe


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, December 20, 2018 5:24 AM
  • Ok, will do.

    Thanks for your time!  I really liked the link that explains DHCP, I did learn a lot, I taught DHCP was much simpler than that!

    Have a nide day too :)


    Thanks, Dominic

    Thursday, December 20, 2018 5:28 AM