DHCP Conflict Detection- Realtime Scenario

Issue: VMs are placed in Maintenance mode automatically.

A quick investigation revealed most of the desktop VMs had been placed in maintenance mode by the Desktop Delivery Controller.  It will do this automatically if the VMs do not register after several reboots, see CTX126704 for the registry entries that control this behaviour.

After much investigation looking at the PXE and TFTP services on the Provisioning Servers, checking DHCP scopes weren’t full, confirming switch ACLs and VLANs were correct and more, It was found that the setting on the DHCP server for Conflict Detection had been recently enabled.  It was set to 2 attempts, but it seems this setting caused enough of a delay that the VMs would time out trying to PXE boot.  Once the setting was reverted to zero everything was back to normal.

Maximum time allowed for registration sequence of a single VDA to complete is 600 secs. If the registration fails to complete within this time the VDA’s partial registration is discarded by the DDC.

Real World Example: A unicast IPv4 address is a standard IP address for class A, B, and C networks. When a DHCP client requests a lease, a DHCP server checks its pool of available addresses and assigns the client a lease on an available IPv4 address. By default, the server checks only the list of current leases to determine whether an address is available. It doesn’t actually query the network to see whether an address is in use.

Unfortunately, in a busy network environment, an administrator might have assigned this IPv4 address to another computer or an offline computer might have been brought online with a lease that it believes hasn’t expired, even though the DHCP server believes the lease has expired. Either way, you have an address conflict that will cause problems on the network. To reduce these types of conflicts, set the conflict detection to a value greater than 0.

What is DHCP Conflict Detection?

IPv4 address conflicts are a common cause of problems with DHCP. No two computers on the network can have the same unicast IP address. If a computer is assigned the same unicast IPv4 address as another, one or both of the computers might become disconnected from the network.

To better detect and avoid potential conflicts, you can enable IPv4 address conflict detection by following these steps:

1. Open DHCP.

2. In the console tree, click the applicable DHCP server.

   Where?

   • DHCP/applicable DHCP server

3. On the Action menu, click Properties.

4. Click the Advanced tab.

5. For Conflict detection attempts, type a number greater than 0 (zero) and less than six, and then click OK.

   The number you type determines how many times the DHCP server tests an IP address before leasing it to a client.

Notes

• To open DHCP, click Start, click Settings, click Control Panel, double-click Administrative Tools, and then double-click DHCP.
• When conflict detection attempts are set, the DHCP server uses the Packet Internet Groper (ping) process to test available scope IP addresses before including these addresses in DHCP lease offers to clients.
• A successful ping means the IP address is in use on the network. Therefore, the DHCP server does not offer to lease the address to a client. If the ping request fails and times out, the IP address is not in use on the network. In this case, the DHCP server offers to lease the address to a client.
• Each additional conflict detection attempt delays the DHCP server response by a second while waiting for the ping request to time out. This increases the load on the server. A value of no greater than two (2) for ping attempts is recommended.