Wired Intelligent Edge

Seems I am running out of free leases because my conflict logging is consuming all of my addresses. 
I recently migrated from an old cisco 3750 to a new 5406 and setup DCHP Server on the 5406.  All was fine until I ran out of free leases on one Pool.   I increased the size of the pool and it was fine for a couple of weeks.  Then it happened again.  I cleared the conflict database and have been good for the last week, but the available addresses are diminishing and the conflicts increasing.   How can I solve this?  I would think that these conflicts would fall off the database after a period of time.  Can I turn off conflict logging?  There shouldn't be any static addresses within my specified network ranges.

See the timeline below.  The free addresses are for the subject pool, total is for all pools.
958 Free @ 2:15 8/23
948 Free @ 4:19
930 Free @ 7:15 8/24 1744 total 13 Conflicts
920 Free @ 8:26 1734 total 13 Conflicts
925 Free @ 9:57 1736 total 13 Conflicts
923 Free @ 2:10 1739 total 17 Conflicts
903 Free @ 7:33 8/25 1719 total 45 Conflicts
895 Free @ 3:38 1707 total 53 Conflicts
883 Free @ 7:17 8/26 1697 total 68 Conflicts
875 Free @ 12:13 1689 total 70 Conflicts
847 Free @ 8:29 8/27 1660 total 101 Conflicts
852 Free @ 10:51 1668 total 102 Conflicts
753 Free @ 7:14 8/30 1530 total 207 Conflicts
732 Free @ 1:50 1551 total 220 Conflicts
729 Free @ 4:03 1548 total
709 Free @ 7:05 8/31 1526 total 245 Conflicts
669 Free @ 9:35 9/1 1468 total 301 Conflicts
526 Free @ 7:50 9/7 1330 total 462 Conflicts

------------------------------
Chris Bailey
------------------------------

Hi Chris, to disable conflicts logging on DHCPv4 server simply try no dhcp-server conflict-logging but I doubt conflicts will stop since conflict logging shouldn't be their cause (with that option enabled you're just telling the switch to log conflicts it recognizes). Worth to mention that conflict logging should be disabled by default.

You wrote "All was fine until I ran out of free leases on one Pool. I increased the size of the pool and it was fine for a couple of weeks. Then it happened again." so I think the cause of such issue (free leases depletion?) should be troubleshooted looking at DHCP Server configuration.

------------------------------
Davide Poletto
------------------------------

Original Message:
Sent: Sep 07, 2021 09:16 AM
From: Chris Bailey
Subject: DHCP Server Conflict Database Persistence

Seems I am running out of free leases because my conflict logging is consuming all of my addresses. 
I recently migrated from an old cisco 3750 to a new 5406 and setup DCHP Server on the 5406.  All was fine until I ran out of free leases on one Pool.   I increased the size of the pool and it was fine for a couple of weeks.  Then it happened again.  I cleared the conflict database and have been good for the last week, but the available addresses are diminishing and the conflicts increasing.   How can I solve this?  I would think that these conflicts would fall off the database after a period of time.  Can I turn off conflict logging?  There shouldn't be any static addresses within my specified network ranges.

See the timeline below.  The free addresses are for the subject pool, total is for all pools.
958 Free @ 2:15 8/23
948 Free @ 4:19
930 Free @ 7:15 8/24 1744 total 13 Conflicts
920 Free @ 8:26 1734 total 13 Conflicts
925 Free @ 9:57 1736 total 13 Conflicts
923 Free @ 2:10 1739 total 17 Conflicts
903 Free @ 7:33 8/25 1719 total 45 Conflicts
895 Free @ 3:38 1707 total 53 Conflicts
883 Free @ 7:17 8/26 1697 total 68 Conflicts
875 Free @ 12:13 1689 total 70 Conflicts
847 Free @ 8:29 8/27 1660 total 101 Conflicts
852 Free @ 10:51 1668 total 102 Conflicts
753 Free @ 7:14 8/30 1530 total 207 Conflicts
732 Free @ 1:50 1551 total 220 Conflicts
729 Free @ 4:03 1548 total
709 Free @ 7:05 8/31 1526 total 245 Conflicts
669 Free @ 9:35 9/1 1468 total 301 Conflicts
526 Free @ 7:50 9/7 1330 total 462 Conflicts

------------------------------
Chris Bailey
------------------------------

Could it be that there are multiple DHCP servers on the network, sharing the same IP-pool?
Or clients that use static IP addresses that are also inside the DHCP scopes?

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: Sep 07, 2021 09:16 AM
From: Chris Bailey
Subject: DHCP Server Conflict Database Persistence

Seems I am running out of free leases because my conflict logging is consuming all of my addresses. 
I recently migrated from an old cisco 3750 to a new 5406 and setup DCHP Server on the 5406.  All was fine until I ran out of free leases on one Pool.   I increased the size of the pool and it was fine for a couple of weeks.  Then it happened again.  I cleared the conflict database and have been good for the last week, but the available addresses are diminishing and the conflicts increasing.   How can I solve this?  I would think that these conflicts would fall off the database after a period of time.  Can I turn off conflict logging?  There shouldn't be any static addresses within my specified network ranges.

See the timeline below.  The free addresses are for the subject pool, total is for all pools.
958 Free @ 2:15 8/23
948 Free @ 4:19
930 Free @ 7:15 8/24 1744 total 13 Conflicts
920 Free @ 8:26 1734 total 13 Conflicts
925 Free @ 9:57 1736 total 13 Conflicts
923 Free @ 2:10 1739 total 17 Conflicts
903 Free @ 7:33 8/25 1719 total 45 Conflicts
895 Free @ 3:38 1707 total 53 Conflicts
883 Free @ 7:17 8/26 1697 total 68 Conflicts
875 Free @ 12:13 1689 total 70 Conflicts
847 Free @ 8:29 8/27 1660 total 101 Conflicts
852 Free @ 10:51 1668 total 102 Conflicts
753 Free @ 7:14 8/30 1530 total 207 Conflicts
732 Free @ 1:50 1551 total 220 Conflicts
729 Free @ 4:03 1548 total
709 Free @ 7:05 8/31 1526 total 245 Conflicts
669 Free @ 9:35 9/1 1468 total 301 Conflicts
526 Free @ 7:50 9/7 1330 total 462 Conflicts

------------------------------
Chris Bailey
------------------------------

No other DHCP servers in the range.
No Static addresses in the network range.
only 63 active bindings in on the "WIRELESS" Pool
This is only an issue on the "WIRELESS" pool this pool started as 10.2.42.0/24 and expanded to 10.2.40.0/22
I have Solarwinds IP address management scanning this subnet and over the last 2 weeks it's only returned a ping on 144 addresses.
Switch model J9850A Firmware Version KB.16.10.0015
Even if there are legitimate conflicts, shouldn't the database update when they are no longer conflicts?

I have copied the server configuration and the server stats:
dhcp-server pool "MGMT"
default-router "10.2.20.1"
dns-server "10.2.1.5"
network 10.2.20.0 255.255.255.0
range 10.2.20.20 10.2.20.69
exit
dhcp-server pool "LWAPP"
default-router "10.2.4.1"
dns-server "10.2.1.2"
network 10.2.4.0 255.255.255.0
option 43 ascii "0a02.040a"
range 10.2.4.20 10.2.4.199
exit
dhcp-server pool "MICROCELL"
default-router "10.2.28.1"
dns-server "10.2.1.6"
network 10.2.28.0 255.255.255.0
range 10.2.28.2 10.2.28.98
exit
dhcp-server pool "SCRAPTEST"
default-router "10.2.45.1"
dns-server "10.2.1.6"
lease 00:04:00
network 10.2.45.0 255.255.255.0
range 10.2.45.21 10.2.45.199
exit
dhcp-server pool "SCRAPYARD"
default-router "10.2.44.1"
dns-server "10.2.1.6"
network 10.2.44.0 255.255.255.0
range 10.2.44.21 10.2.44.219
range 10.2.44.241 10.2.44.254
exit
dhcp-server pool "WIRELESS"
default-router "10.2.40.1"
dns-server "10.2.1.5"
lease 00:04:00
network 10.2.40.0 255.255.252.0
range 10.2.40.21 10.2.43.254
exit
dhcp-server pool "SHIPPROD"
default-router "10.2.144.1"
dns-server "10.2.1.6"
lease 00:12:00
network 10.2.144.0 255.255.255.0
range 10.2.144.21 10.2.144.254
exit
dhcp-server conflict-logging
dhcp-server enable

Status and Counters - DHCP Server Pools

Pool : MGMT
Lease Period : 1:00:00
Low Threshold : 10
High Threshold : 40
Free Leases : 49

Pool : LWAPP
Lease Period : 1:00:00
Low Threshold : 36
High Threshold : 144
Free Leases : 141

Pool : MICROCELL
Lease Period : 1:00:00
Low Threshold : 20
High Threshold : 78
Free Leases : 95

Pool : SCRAPTEST
Lease Period : 0:04:00
Low Threshold : 36
High Threshold : 144
Free Leases : 174

Pool : SCRAPYARD
Lease Period : 1:00:00
Low Threshold : 43
High Threshold : 171
Free Leases : 128

Pool : WIRELESS
Lease Period : 0:04:00
Low Threshold : 201
High Threshold : 802
Free Leases : 499

Pool : SHIPPROD
Lease Period : 0:12:00
Low Threshold : 47
High Threshold : 188
Free Leases : 202

------------------------------
Chris Bailey
------------------------------

Original Message:
Sent: Sep 08, 2021 04:16 AM
From: Herman Robers
Subject: DHCP Server Conflict Database Persistence

Could it be that there are multiple DHCP servers on the network, sharing the same IP-pool?
Or clients that use static IP addresses that are also inside the DHCP scopes?

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

Original Message:
Sent: Sep 07, 2021 09:16 AM
From: Chris Bailey
Subject: DHCP Server Conflict Database Persistence

Seems I am running out of free leases because my conflict logging is consuming all of my addresses. 
I recently migrated from an old cisco 3750 to a new 5406 and setup DCHP Server on the 5406.  All was fine until I ran out of free leases on one Pool.   I increased the size of the pool and it was fine for a couple of weeks.  Then it happened again.  I cleared the conflict database and have been good for the last week, but the available addresses are diminishing and the conflicts increasing.   How can I solve this?  I would think that these conflicts would fall off the database after a period of time.  Can I turn off conflict logging?  There shouldn't be any static addresses within my specified network ranges.

See the timeline below.  The free addresses are for the subject pool, total is for all pools.
958 Free @ 2:15 8/23
948 Free @ 4:19
930 Free @ 7:15 8/24 1744 total 13 Conflicts
920 Free @ 8:26 1734 total 13 Conflicts
925 Free @ 9:57 1736 total 13 Conflicts
923 Free @ 2:10 1739 total 17 Conflicts
903 Free @ 7:33 8/25 1719 total 45 Conflicts
895 Free @ 3:38 1707 total 53 Conflicts
883 Free @ 7:17 8/26 1697 total 68 Conflicts
875 Free @ 12:13 1689 total 70 Conflicts
847 Free @ 8:29 8/27 1660 total 101 Conflicts
852 Free @ 10:51 1668 total 102 Conflicts
753 Free @ 7:14 8/30 1530 total 207 Conflicts
732 Free @ 1:50 1551 total 220 Conflicts
729 Free @ 4:03 1548 total
709 Free @ 7:05 8/31 1526 total 245 Conflicts
669 Free @ 9:35 9/1 1468 total 301 Conflicts
526 Free @ 7:50 9/7 1330 total 462 Conflicts

------------------------------
Chris Bailey
------------------------------

"Even if there are legitimate conflicts, shouldn't the database update when they are no longer conflicts?"
That is a good question, to which I don't know the answer.

For me, it would be more important to see where those conflicts are coming from, and another / rogue DHCP server is a good candidate. I would run packet captures for some time to see what happens just before you see an increase in the number of conflicts. Further, to be open, I think most people run ip helpers to a centralized DHCP server versus local scopes on the switch. DHCP servers on devices typically come with limitations in scale, monitoring and flexibility. Understood there are use cases, but even in my lab I set up a dhcp server and use ip helpers. Aruba support may be able to assist in answering the specific question, but I doubt if that solves your issue and the answer may be that it is what you see, that conflicts are not removed.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: Sep 08, 2021 09:21 AM
From: Chris Bailey
Subject: DHCP Server Conflict Database Persistence

No other DHCP servers in the range.
No Static addresses in the network range.
only 63 active bindings in on the "WIRELESS" Pool
This is only an issue on the "WIRELESS" pool this pool started as 10.2.42.0/24 and expanded to 10.2.40.0/22
I have Solarwinds IP address management scanning this subnet and over the last 2 weeks it's only returned a ping on 144 addresses.
Switch model J9850A Firmware Version KB.16.10.0015
Even if there are legitimate conflicts, shouldn't the database update when they are no longer conflicts?

I have copied the server configuration and the server stats:
dhcp-server pool "MGMT"
default-router "10.2.20.1"
dns-server "10.2.1.5"
network 10.2.20.0 255.255.255.0
range 10.2.20.20 10.2.20.69
exit
dhcp-server pool "LWAPP"
default-router "10.2.4.1"
dns-server "10.2.1.2"
network 10.2.4.0 255.255.255.0
option 43 ascii "0a02.040a"
range 10.2.4.20 10.2.4.199
exit
dhcp-server pool "MICROCELL"
default-router "10.2.28.1"
dns-server "10.2.1.6"
network 10.2.28.0 255.255.255.0
range 10.2.28.2 10.2.28.98
exit
dhcp-server pool "SCRAPTEST"
default-router "10.2.45.1"
dns-server "10.2.1.6"
lease 00:04:00
network 10.2.45.0 255.255.255.0
range 10.2.45.21 10.2.45.199
exit
dhcp-server pool "SCRAPYARD"
default-router "10.2.44.1"
dns-server "10.2.1.6"
network 10.2.44.0 255.255.255.0
range 10.2.44.21 10.2.44.219
range 10.2.44.241 10.2.44.254
exit
dhcp-server pool "WIRELESS"
default-router "10.2.40.1"
dns-server "10.2.1.5"
lease 00:04:00
network 10.2.40.0 255.255.252.0
range 10.2.40.21 10.2.43.254
exit
dhcp-server pool "SHIPPROD"
default-router "10.2.144.1"
dns-server "10.2.1.6"
lease 00:12:00
network 10.2.144.0 255.255.255.0
range 10.2.144.21 10.2.144.254
exit
dhcp-server conflict-logging
dhcp-server enable

Status and Counters - DHCP Server Pools

Pool : MGMT
Lease Period : 1:00:00
Low Threshold : 10
High Threshold : 40
Free Leases : 49

Pool : LWAPP
Lease Period : 1:00:00
Low Threshold : 36
High Threshold : 144
Free Leases : 141

Pool : MICROCELL
Lease Period : 1:00:00
Low Threshold : 20
High Threshold : 78
Free Leases : 95

Pool : SCRAPTEST
Lease Period : 0:04:00
Low Threshold : 36
High Threshold : 144
Free Leases : 174

Pool : SCRAPYARD
Lease Period : 1:00:00
Low Threshold : 43
High Threshold : 171
Free Leases : 128

Pool : WIRELESS
Lease Period : 0:04:00
Low Threshold : 201
High Threshold : 802
Free Leases : 499

Pool : SHIPPROD
Lease Period : 0:12:00
Low Threshold : 47
High Threshold : 188
Free Leases : 202

------------------------------
Chris Bailey

Original Message:
Sent: Sep 08, 2021 04:16 AM
From: Herman Robers
Subject: DHCP Server Conflict Database Persistence

Could it be that there are multiple DHCP servers on the network, sharing the same IP-pool?
Or clients that use static IP addresses that are also inside the DHCP scopes?

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

Original Message:
Sent: Sep 07, 2021 09:16 AM
From: Chris Bailey
Subject: DHCP Server Conflict Database Persistence

Seems I am running out of free leases because my conflict logging is consuming all of my addresses. 
I recently migrated from an old cisco 3750 to a new 5406 and setup DCHP Server on the 5406.  All was fine until I ran out of free leases on one Pool.   I increased the size of the pool and it was fine for a couple of weeks.  Then it happened again.  I cleared the conflict database and have been good for the last week, but the available addresses are diminishing and the conflicts increasing.   How can I solve this?  I would think that these conflicts would fall off the database after a period of time.  Can I turn off conflict logging?  There shouldn't be any static addresses within my specified network ranges.

See the timeline below.  The free addresses are for the subject pool, total is for all pools.
958 Free @ 2:15 8/23
948 Free @ 4:19
930 Free @ 7:15 8/24 1744 total 13 Conflicts
920 Free @ 8:26 1734 total 13 Conflicts
925 Free @ 9:57 1736 total 13 Conflicts
923 Free @ 2:10 1739 total 17 Conflicts
903 Free @ 7:33 8/25 1719 total 45 Conflicts
895 Free @ 3:38 1707 total 53 Conflicts
883 Free @ 7:17 8/26 1697 total 68 Conflicts
875 Free @ 12:13 1689 total 70 Conflicts
847 Free @ 8:29 8/27 1660 total 101 Conflicts
852 Free @ 10:51 1668 total 102 Conflicts
753 Free @ 7:14 8/30 1530 total 207 Conflicts
732 Free @ 1:50 1551 total 220 Conflicts
729 Free @ 4:03 1548 total
709 Free @ 7:05 8/31 1526 total 245 Conflicts
669 Free @ 9:35 9/1 1468 total 301 Conflicts
526 Free @ 7:50 9/7 1330 total 462 Conflicts

------------------------------
Chris Bailey
------------------------------