Losing Static IP Address / Changing to Automatic (expects DHCP)

  • Thread starter Thread starter Fred Marshall
  • Start date Start date
F

Fred Marshall

I'm seeing a couple of XP clients on a network using static IP addresses
(with no DHCP implemented on the network) switch from the static IP address
that's been entered to "get IP address automatically".

Of course this is very disruptive because the clients need to be
reconfigured and the users are mostly unable to do this by themselves. What
ends up is that the machines get the default 169 addresses and that is
completely incompatible with the IP address range that's been set up on the
network.

What might cause this change to occur?

How to prevent it?

Thanks,

Fred
 
Greetings

Check the event logs for IP addressing conflicts. Perhaps that static IP is
already assigned.

Hope this helps
Albatross Singh
 
Thanks for the reply.

Well, what if the static IP address *were* already assigned? I understand
that would create a conflict. However, what does that have to do with the
client setup changing all by itself without intervention? There is no DHCP
service running anywhere.

Fred
 
Actually, I would believe an answer that would say:
"That can't happen. Somebody must have run a configuration program or some
such thing....."

Any takers on this hypothesis? Any reasonable discussion regarding why
"that can't happen"?

Any reasonable discussion regarding how it *could* happen without human
intervention? Now, that would be very interesting!!

The latter is what is being reported.

Fred
 
Thanks for the reply.

Well, what if the static IP address *were* already assigned? I understand
that would create a conflict. However, what does that have to do with the
client setup changing all by itself without intervention? There is no DHCP
service running anywhere.

Fred
Click to expand...

Fred / Albatross,

In Windows XP, you have the ability to have a General and an Alternate
Configuration. Generally, it is used with DHCP set for General (so any DHCP
server can assign an ip address and everything else), and APIPA (automatic self
assignment) set for Alternate (so if no DHCP server is available, the system
issues an APIPA address, which is chosen to not equal one already in use on the
network).

In your case, you assigned a fixed address for General. If that address is in
use, it then self assigns an APIPA address.

You have the option to assign an Alternate Configuration using a second fixed
address of your choice, rather than allow APIPA.

Look at Example 2 in the document for an alternate scenario which may apply in
your case.

<http://support.microsoft.com/default.aspx?scid=kb;en-us;220874>

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
 
Fred / Albatross,

In Windows XP, you have the ability to have a General and an Alternate
Configuration. Generally, it is used with DHCP set for General (so any DHCP
server can assign an ip address and everything else), and APIPA (automatic self
assignment) set for Alternate (so if no DHCP server is available, the system
issues an APIPA address, which is chosen to not equal one already in use on the
network).

In your case, you assigned a fixed address for General. If that address is in
use, it then self assigns an APIPA address.

You have the option to assign an Alternate Configuration using a second fixed
address of your choice, rather than allow APIPA.

Look at Example 2 in the document for an alternate scenario which may apply in
your case.

<http://support.microsoft.com/default.aspx?scid=kb;en-us;220874>
Click to expand...

Ah! Thank you. So if I assign the static address to both General and
Alternate then it will stay fixed?

If the IP address assigned in General is fixed and if it is in use and if
the alternate is then used, does the IP setting selection switch from fixed
to "get it automatically"?

Fred
 
Ah! Thank you. So if I assign the static address to both General and
Alternate then it will stay fixed?

If the IP address assigned in General is fixed and if it is in use and if
the alternate is then used, does the IP setting selection switch from fixed
to "get it automatically"?

Fred
Click to expand...

Fred,

I've never used General / Alternate Configuration, with both assigning a fixed
ip address, to allow for duplicate ip address assignment. I've used it to
switch between DHCP and fixed, and to use alternate default gateways with fixed
ip addresses (the latter under WinNT).

You can only assign a DHCP assignment ("get it automatically") in the General
tab, and only assign an APIPA assignment in the Alternate tab. It would appear
that you can assign a preferred (General) fixed address, or an alternate fixed
address, this way. But what happens if you have a conflict on both the
preferred and alternate addresses?

If you're going to use fixed ip addresses, with no DHCP server, I would advise
you to start assigning addresses responsibly, and avoid duplicates. The best
solution, IMHO, would be for you to setup a DHCP server.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
 
Chuck said:
Fred / Albatross,

In Windows XP, you have the ability to have a General and an Alternate
Configuration. Generally, it is used with DHCP set for General (so any DHCP
server can assign an ip address and everything else), and APIPA (automatic self
assignment) set for Alternate (so if no DHCP server is available, the system
issues an APIPA address, which is chosen to not equal one already in use on the
network).

In your case, you assigned a fixed address for General. If that address is in
use, it then self assigns an APIPA address.

You have the option to assign an Alternate Configuration using a second fixed
address of your choice, rather than allow APIPA.

Look at Example 2 in the document for an alternate scenario which may apply in
your case.

<http://support.microsoft.com/default.aspx?scid=kb;en-us;220874>

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
Click to expand...

Chuck,

I read the article and I looked at an XP Home system. I didn't find an
Alternate entry or section although I did find a way to add an IP address
using Advanced. It's not clear at all what using that latter approach will
do.

So, I'm curious about the Alternate that you mentioned.

I also read 308007 and it appears that the configuration I'm working with is
unconventional:

Peer to peer network with no router or ICS-configured computer or other DHCP
server.
IP addresses are static in 192.168.1.x range with 255.255.255.0 subnet mask.
There is no gateway entered in any of the computers.

Two of the XP systems have switched from static IP addressing to APIPA and
this is accompanied by the setting "Use the following IP address:" being
changed to "Obtain an IP address automatically".

Of course, the APIPA addresses are incompatible with the static addresses
that are set up in the other machines on the network - so connectivity is
lost when this happens.

I have a notion, perhaps one that is unjustified, that using static IP
addresses is better - particularly when setting up a network and assuring
that things are working. It avoids the time it takes for a network to
figure out who is who as would be the case with DHCP or APIPA. Now, I must
admit that I almost never work on peer-to-peer networks such as this one.
However, the occurrence concerns me because:

For internal security, one might turn off DHCP on a router and use static
addresses.
So, what happens with XP clients if:
Somebody comes in with a laptop that has the same IP address set up as is on
one of the other computers (call it #2).
#2 is shut off when the laptop is connected.
Then, #2 is subsequently turned on.
There is, as above, No DHCP.
There is an IP address conflict.

Does #2 lose the setting "Use the following IP address" and automatically
switch to "Obtain an IP address automatically" and, therefore, get an APIPA
address - never to return without human intervention?

Thanks,

Fred
Does the
 
Chuck said:
On Wed, 16 Jun 2004 22:47:33 -0700, "Fred Marshall"
Fred,

I've never used General / Alternate Configuration, with both assigning a fixed
ip address, to allow for duplicate ip address assignment. I've used it to
switch between DHCP and fixed, and to use alternate default gateways with fixed
ip addresses (the latter under WinNT).

You can only assign a DHCP assignment ("get it automatically") in the General
tab, and only assign an APIPA assignment in the Alternate tab. It would appear
that you can assign a preferred (General) fixed address, or an alternate fixed
address, this way. But what happens if you have a conflict on both the
preferred and alternate addresses?

If you're going to use fixed ip addresses, with no DHCP server, I would advise
you to start assigning addresses responsibly, and avoid duplicates. The best
solution, IMHO, would be for you to setup a DHCP server.
Click to expand...

Yep. It could be there was IP address conflict. Since I really want to
stay with static IP addresses, having a DHCP server won't help unless I
change the approach. So responsible assignment is essential.

On occasion I run into browsing problems and find that computers don't show
up on the network until much time has passed. This confuses me and
particularly confuses the users. The network is fine but doesn't look like
it. Any comment?

Anyway, I have a notion that using static IP addresses helps in this regard
when computers are always being turned off and rebooted. I'm not sure this
makes sense but it sure can't hurt!

Thanks,

Fred
 
On Thu, 17 Jun 2004 07:19:33 -0700, "Fred Marshall"

Chuck,

I read the article and I looked at an XP Home system. I didn't find an
Alternate entry or section although I did find a way to add an IP address
using Advanced. It's not clear at all what using that latter approach will
do.

So, I'm curious about the Alternate that you mentioned.

I also read 308007 and it appears that the configuration I'm working with is
unconventional:

Peer to peer network with no router or ICS-configured computer or other DHCP
server.
IP addresses are static in 192.168.1.x range with 255.255.255.0 subnet mask.
There is no gateway entered in any of the computers.

Two of the XP systems have switched from static IP addressing to APIPA and
this is accompanied by the setting "Use the following IP address:" being
changed to "Obtain an IP address automatically".

Of course, the APIPA addresses are incompatible with the static addresses
that are set up in the other machines on the network - so connectivity is
lost when this happens.

I have a notion, perhaps one that is unjustified, that using static IP
addresses is better - particularly when setting up a network and assuring
that things are working. It avoids the time it takes for a network to
figure out who is who as would be the case with DHCP or APIPA. Now, I must
admit that I almost never work on peer-to-peer networks such as this one.
However, the occurrence concerns me because:

For internal security, one might turn off DHCP on a router and use static
addresses.
So, what happens with XP clients if:
Somebody comes in with a laptop that has the same IP address set up as is on
one of the other computers (call it #2).
#2 is shut off when the laptop is connected.
Then, #2 is subsequently turned on.
There is, as above, No DHCP.
There is an IP address conflict.

Does #2 lose the setting "Use the following IP address" and automatically
switch to "Obtain an IP address automatically" and, therefore, get an APIPA
address - never to return without human intervention?
Click to expand...

Fred,

You're right - your network is somewhat unconventional. And maybe a little
insecure too.

Using static ip addresses is a good idea on a small LAN, where you can assign
addresses, and control connections, rigorously. Dynamically assigned networks
are a good idea for larger LANs, or for LANs where connections come and go, and
you don't control them.

Very few LANs of any size aren't connected to the internet these days. Without
a connection of some type to another subnet (thru a router), there is no need
for a default gateway (or any gateway). So all you need is a unique ip address,
with the appropriate subnet mask.

Typically, business LANs don't use XP Home either.

Actually, if you don't have outside connection, there is really no need to use
ip. Except for the laptops. But that's another matter.

What are these laptop owners doing when they connect to the LAN? How do they
magically have the right (fixed) ip address to connect to your resources, even
if they don't cause an address conflict? What resources do you not value, and
leave open to their discretion?

If you are accepting laptops, that you don't control, being connected to your
network without your supervision, you have more problems than duplicate ip
addresses.

Go to the nearest computer store, and get a $50 NAT router with DHCP. That
would be unconventional too, but it would take care of your address problem.

But IMHO, you should review your security policy.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
 
Yep. It could be there was IP address conflict. Since I really want to
stay with static IP addresses, having a DHCP server won't help unless I
change the approach. So responsible assignment is essential.

On occasion I run into browsing problems and find that computers don't show
up on the network until much time has passed. This confuses me and
particularly confuses the users. The network is fine but doesn't look like
it. Any comment?

Anyway, I have a notion that using static IP addresses helps in this regard
when computers are always being turned off and rebooted. I'm not sure this
makes sense but it sure can't hurt!
Click to expand...

Fred,

The browsing issue is a lot of fun.

The Microsoft Browstat program will show us what browsers you have in your
domain / workgroup, at any time.
<http://support.microsoft.com/?kbid=188305>

You can download Browstat from:
<http://www.dynawell.com/reskit/microsoft/win2000/browstat.zip>

Browstat is very small (40K), needs no install, and runs from the command
prompt. Just drop it onto a couple workstations, and run it, "browstat status"
from a command window.

For more help:
<http://www.microsoft.com/technet/prodtechnol/winntas/deploy/prodspecs/ntbrowse.mspx>

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
 
Chuck said:
On Thu, 17 Jun 2004 07:19:33 -0700, "Fred Marshall"


You're right - your network is somewhat unconventional. And maybe a little
insecure too.

Using static ip addresses is a good idea on a small LAN, where you can assign
addresses, and control connections, rigorously. Dynamically assigned networks
are a good idea for larger LANs, or for LANs where connections come and go, and
you don't control them.

Very few LANs of any size aren't connected to the internet these days. Without
a connection of some type to another subnet (thru a router), there is no need
for a default gateway (or any gateway). So all you need is a unique ip address,
with the appropriate subnet mask.

Typically, business LANs don't use XP Home either.

Actually, if you don't have outside connection, there is really no need to use
ip. Except for the laptops. But that's another matter.

What are these laptop owners doing when they connect to the LAN? How do they
magically have the right (fixed) ip address to connect to your resources, even
if they don't cause an address conflict? What resources do you not value, and
leave open to their discretion?

If you are accepting laptops, that you don't control, being connected to your
network without your supervision, you have more problems than duplicate ip
addresses.

Go to the nearest computer store, and get a $50 NAT router with DHCP. That
would be unconventional too, but it would take care of your address problem.

But IMHO, you should review your security policy.
Click to expand...

Interesting... there are a couple of topics here.
Yes, I could inject a NAT router with DHCP or, I guess, set up ICS with
DHCP on one of the computers without an internet connection on the "other"
NIC.

Not that it matters but just for context: I work in a small community with
only small businesses. The larger ones will typically have laptops that are
owned by the company and used by one employee each. The president is often
one of those employees. So, the employees are trusted but their computers
should not be I imagine is your point.

I'm a hired gun who comes in when they think they need help..... So the
security features vary widely and I'm trying to find good ways to improve
their practices.

One thought is to use a double-layered NAT architecture and to put the wild
card computers in the outer zone - something like a DMZ but to keep *them*
off the inner network entirely.

Thanks,

Fred
 
You must log in or register to reply here.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Static IP Address? 5
DHCP Address Assignment Delay 1
Dumb IP address question 5
Configuring IP address 1
Assigning Static IP Address Help 18
Lose Internet Connection when making IP static 8
XP dhcp service stuck starting 1
Static IPs no longer log on...? 24

Back
Top