Search the Community
Showing results for tags 'dhcp'.
Found 1 result
This post is largely just being moved from another thread into its own topic, BUT I have updated the monitor so that it is much simpler to implement. This is how I test for DHCP Servers: I use the DHCP Test Utility from https://blog.thecybershadow.net/2013/01/10/dhcp-test-client/ along with a VBScript I wrote to manage the EXE. (By default the tool will use a random MAC, and each query will consume another DHCP Lease) This tool is testing DHCP Client operations, so it should NOT be run on the DHCP server. It should be run from agents that are in a position to act like DHCP clients. (Even if they have a static IP, it's OK.) To install: Extract the ZIP files. Put the dhcptest.exe and dhcptest-wrapper.vbs into your LTShare\Transfer\Monitors folder. You can pull your own copy of dhcptest.exe from https://github.com/CyberShadow/dhcptest if desired. I have not had any problems with only using the 32 bit binary on 64 bit OS versions, but YMMV. Edit "EXE - DHCPEnvironmentCheck.sql" and replace the current agent id (1183) with a valid agent ID for the monitor. Save and then import in Control Center -> Tools -> Import -> SQL File. This monitor runs every 15 minutes. The VBS script will be automatically transferred to the agent by Automate. When it runs, it will check for dhcptest.exe and automatically download it from your server. Once the tool is in place, the script will perform a DHCP query on each active network interface and return the number of offers and DHCP Server IP's that responded. The Monitor Result should match ".*;DHCPServersActive=1;.*", which should be set to the number of valid DHCP Servers. I find this effective for the group monitor, and when I need to tailor it I can just check "Override Settings" and change the result expected to match the environment. You could easily add the IP of the DHCP server as part of the match condition, so that not only must the number of servers be correct, but the server IP must match. (Probably not important). So a result with DHCPServersActive=0 is telling you that you failed to get any offers. This is clearly bad (unless there should be NO DHCP servers). Active=1 means you got an offer (Typical State). Active=2 is saying that you got more than 1 offer. This is clearly bad If only 1 server is authorized. There are some DHCP error conditions that will not be caught: All responses are specific to this agent, what you see may not match other agents because of: 1. DHCP Server Out of Leases - If it has an offer for you, it will treat it like a lease even if you don't respond. Additional queries will continue to return the IP the server has reserved for you, but the server would ignore other requests if there are no leases available. 2: DHCP Request Filtering errors - If the switch is configured for DHCP Snooping and is blocking other devices, again success for you only is getting confirmation that YOU can get a lease offer. 3. Malfunctioning DHCP Clusters - An issue I have seen that is a blend of #1 and #2. If there are two DHCP Servers in a cluster, your initial request MIGHT prompt a response from both, but once they reconcile and decide which server should respond to you the other server will ignore you so you won't see two responses. But if YOU are getting an offer from an operating server, if the other DHCP cluster host is broken it may be ignoring other client requests. So this has limited utility for testing that your DHCP server is working. But it is perfect for testing if unauthorized DHCP servers are running, or if your DHCP server is failing to offer any leases (even if the service is running, etc.) DHCPMonitorCheck.zip