Guest

Cisco Network Registrar

Unavailable Leases in Cisco Network Registrar

Document ID: 18934

Updated: Oct 26, 2005

   Print

Introduction

When the Dynamic Host Configuration Protocol (DHCP) server runs, some leases show up as unavailable. There are several reasons, almost always noted clearly in the DHCP logs:

  • Ping before offer is enabled.

  • The DHCP server received a DHCPDECLINE message from a DHCP client to which it had leased what it thought was a good IP address.

  • The Cisco Network Registrar (CNR) DHCP server sees a message that is directed to another DHCP server.

The quick fix is to force the leases to become available. This is not recommended, since investigation is required to find why the leases were marked as unavailable. Go to the CNR logs directory and look for the DHCP logs. The server makes it clear why the IP address is marked unavailable.

Prerequisites

Requirements

Readers of this document should have knowledge of these topics:

  • How DHCP works

  • CNR command line interface (nrcmd)

  • CNR GUI user interface

Components Used

The information in this document is based on these software and hardware versions:

  • Cisco Network Registrar 5.0.X

  • Windows 2000 and Solaris 7

  • All CNR versions and platforms

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

For more information on document conventions, refer to the Cisco Technical Tips Conventions.

Why the Leases are Marked Unavailable

Ping Before Offer

Before assigning an IP address to a client, you can choose to have the DHCP server use the Internet Control Message Protocol (ICMP) echo message capability (the ping utility) to determine if there is a response to that address. If the CNR server gets a response to the ping, the DHCP server marks that address as unavailable and offers a different IP address to the client. Using ping can help prevent two clients from using the same IP address. To enable Ping before offer on the CNR server, refer to the "Pinging a Host Before Offering an Address" section of Configuring DHCP Scopes and Leases.

A response to a ping might be because of a statically configured IP on a client or by intermediate devices (routers, switches) inappropriately responding to pings for addresses on the network for which they are responsible.

To make these leases available, refer to Forcing Lease Availability.

A DHCPDECLINE Message Received from a Client

An IP address may be marked unavailable if the DHCP server receives a DHCPDECLINE message from a client to which it had leased what it thought was a good IP address.

This happens because some clients send an Address Resolution Protocol (ARP) request for the IP address on its local lan-segment. If there is a response, the DHCP client returns the IP address to the DHCP server with a DHCPDECLINE and then performs another DHCPDISCOVER operation to get a new IP address. In this case, like the ping before offer case, the client indicates that there is an active client using the IP address, perhaps statically configured. The DHCP server then marks the IP address as unavailable.

This is frequently caused by clients who have configured Non-Unique Client Identifiers. Since the DHCP server uses this field to distinguish clients, duplicate address allocation may occur. The solution is to assign mac-address-only as the client identifier.

CNR is able to configure either of these ways to distinguish the client:

  • By client ID. The client ID is generally provided by the client. However, if a client ID is not provided by the client, the DHCP server creates a unique one using a reformat of the unique MAC address with a prepended Hardware Type = 1. (This is the default configuration as specified per RFC.)

  • By MAC address only. This feature is disabled by default on the server. (Checksum of the MAC address is added to distinguish this object from the actual MAC Address). You can enable it by using the command:

    nrcmd> dhcp enable Mac-address-only
    

    This configuration causes the DHCP server to use the MAC address of the client as the only client identifier and ignore the client ID provided by the client. You can use this argument to have a single, consistent way to identify all clients that use your DHCP server.

    Note: You must configure this feature before any clients are considered configured on the server, since this new client ID with Mac-address-only is different from the default synthesized client ID. If this option is enabled on a production network, no existing clients are considered as themselves during the renew process, they are not acknowledged (NAK), and forced to a New Lease. This ties up the currently considered Leased (In-Use) leases until they expire. Therefore, twice as many addresses are needed on a network during the cycle of enabling this feature.

To make these leases available, follow the instructions in Forcing Lease Availability.

Misconfigured or Rogue DHCP Server

The DHCP server marks an IP address unavailable if it notices another DHCP server distributing this lease.

All DHCPREQUEST messages are broadcast as part of the initial DISCOVER/OFFER/REQUEST/ACK cycle. The DHCP server can see messages directed to other DHCP servers and can identify that a message is directed to it by the contents of the server-id option in the packet.

If the CNR DHCP server sees a message that is directed to another DHCP server, but the IP address to which this message refers is controlled by this DHCP server, then it marks that IP address unavailable. This DHCP server is configured to control the address space but since it notices another DHCP managing the same address space, the other server must be misconfigured.

This behavior is seen if migrating from one controlling DHCP server to another with a different IP Address (and not configured as a DHCP Failover Partner that is known and authorized for these addresses). In CNR 5.0.x and later, you can disable this behavior to allow ease of address space migration to another controlling DHCP server with the command:

nrcmd> dhcp set ignore-requests-for-other-servers=true

To make these leases available, follow the instructions in Forcing Lease Availability.

Force Lease Availability

You can force availability of a lease currently held by a host. Request that the user release the lease or allow you to, before you force its availability. You do not need to reload the DHCP server to make the change take effect.

Use the GUI (CNR 6.0.x and Below):

Follow these steps:

  1. From the Leases tab of the Scope Properties dialog box, select the lease you want to force.

  2. Double-click the address to open the Lease Properties dialog box.

  3. Click Force available.

  4. Click OK.

Use the CLI:

  • Use the lease <ip address> force-available command to force the currently held lease available.

    nrcmd> lease 192.168.1.21 force-available
    
    
  • You can also make all unavailable leases in a scope available by using the scope <scope name> clearUnavailable command.

    nrcmd> scope scope1 clearUnavailable
    
    

    Note: The scope <scope name> clearUnavailable command is only available in CNR versions 5.x and later.

Use the WebUI (CNR 6.0.x and Above):

  1. Go to DHCP > Scopes

  2. For the scope containing the lease, click the leases icon (the glasses).

  3. In the list of leases, click the lease you want to make available.

  4. Once in the window displays the lease properties, click Force Available.

Miscellaneous Lease Information

  • Determine when the lease became unavailable:

    Use this command to determine when the lease was made unavailable:

    nrcmd> lease ip-address get start-time-of-state
    
  • Deactivate a lease:

    To move a client off a lease, you can choose to deactivate the lease. If the lease is available, deactivate it to prevent CNR from giving it to a client. If the lease is active (held by a client), deactivate the lease. This prevents the client from being able to renew the lease and releasing it to another client. You can only deactivate a lease when the server operates. CNR deactivates the lease immediately; you do not need to reload the DHCP server. If the lease is available, when you deactivate the lease it becomes unavailable; if it is active, it becomes unavailable for renewal or any initial lease.

  • Total number of addresses available:

    The total number of addresses within the scope range is equal to the sum of the these: free + dynamically leased + reserved + unavailable + deactivated + other available.

Related Information

Updated: Oct 26, 2005
Document ID: 18934