This afternoon I noticed that one of my virtual PCs could not connect to Internet. At first I though it could be the buggy Microsoft Virtual PC software/WinXP so I restarted the whole thing include the host OS as I have not restart it for a long while. It didn't work! As I have access to all firewalls/switches for security admin purpose, I decided to give it a shot.
Soon I found out from one of the firewall arp table the mac for the ip of my virtual pc was not the one it should be. Checked DHCP server but didn't find anything wrong and my virtual pc was getting that ip perfectly fine. Someone was using static ip in the DHCP range, Again! It didn't take too much time to find out Tony who realized the issue right away but here is his explanation. He started workstation in the morning but found he could not get anywhere. Restarted couple of times and changed his ip eventually to the ip next to the one assigned by DHCP. Another static ip in DHCP range! So I asked him to release and wait for my furthur instruction. Then I worked with my network engineer to find out who used this ip. Soon another workstation was found out and disconnected. I asked Tony to renew his ip and made sure he was happy to do his work. Then I got my virtual pc connected.
Now problem resolved. I sent out a email to my team to remind DHCP discipline. It's lucky that not too many users get affected today but it may end up a big chaos if more people get affected, setup static ip, then affected even more people.
So policy come in as a vital player, user education etc etc.
This can be restricted in varieties of ways if in a environment require higher security.
Post new comment