An IP configuration issue can cause intermittent or a complete loss of connectivity. In this video, you’ll learn how to troubleshoot limited IP communication, a complete loss of IP connectivity, and duplicate IP addresses.
<< Previous: Troubleshooting Fiber IssuesNext: Troubleshooting DNS and DHCP >>
If there is a local IP address configuration problem, you’ll often see a number of different symptoms. One of them is that you might be able to communicate to local IP addresses but you can’t communicate to anything that’s outside of your subnet, or perhaps you can’t communicate to anything, whether it is local and your subnet or whether it’s outside your IP subnet. You may be able to communicate to some IP addresses and not to others. If you run into any of these problems you may have an IP configuration issue.
The first step should be to confirm that your device is configured with the correct IP address information. So we need to check documentation for IP address, your subnet mask, and make sure your default gateway is set correctly. Then we need to look at what your device is sending. We should look at local broadcasts to see what IP addresses those are sending out because those will generally be limited to a single IP subnet, and we should see if we can determine what the default subnet mask might be based on routing updates or other IP communication on this particular subnet.
We could also check devices that are on our local subnet. We can look at those devices and see what their subnet mask and default gateway might be set to, and then compare that to what’s configured in our device. We could also use some utilities to give us an idea of how widespread this problem happens to be. We can use traceroute to route what the hops are between our device and a secondary device, and see how far were able to talk through this particular network.
We might also want to ping around to devices. It’s very common to ping your local IP address to make sure that your IP stack is working. You would then ping your default gateway, since it’s a well-known device that’s on your local subnet, and you may want to ping on the other side of the gateway, whether it’s the gateway device or perhaps a device that may be located on the internet.
If two devices on our subnet are sharing the same IP address then we’ve got a duplicate IP, and these can be a bit of a challenge to troubleshoot. This is something that often occurs when IP addresses are configured statically on one or more devices. We rely on DHCP to provide us with automatic IP addressing, and it does a good job of making sure that only one device is assigned a particular IP address. But if somebody else happens to statically assign with the same IP address, then we’re going to have a duplicate.
DHCP is not a perfect solution, of course. If somebody is setting up a static IP address or there are multiple DHCP servers handing out the same groups of IP addresses, or perhaps somebody’s turned on a rogue DHCP server, then you could certainly have some duplicate IP addressing. What you’ll find is that one device will begin to work and then a switch MAC address table will get updated, and another device with the same IP address suddenly starts working. There’s always going to be one of these devices that is having an intermittent connectivity issue, and you’ll find these two devices are often the ones that have the duplicate IP addresses.
Many operating systems will block you from using a duplicate IP address on a subnet. Before you’re able to use this machine, it sends an ARP to your local subnet, and if it receives a response, then it knows that IP address is already in use and it puts a message on your screen that says you’re not able to use this IP address due to a duplication on the subnet. There are a number of steps you can take to troubleshoot a duplicate IP address problem.
The first one is to check what you’ve configured for IP addressing, especially if you’re configuring it statically. You may want to go through again what the IP address is, the subnet mask, and the default gateway is for your subnet. Before you assign this static address to this device, maybe you use a second device to try to ping that address to see if it’s already something in use. You’ll receive a response back from the ping and know that that device is something that’s already on the network.
This obviously won’t work if an operating system is running a personal firewall, and that personal firewall prevents a device from responding to a ping. You could also check the MAC address table on your switch. The switch is obviously keeping track of all of the devices on your network by MAC address, and it knows where all of these devices are plugged in. So you can try pinging around and seeing what MAC addresses are changing with the IP address that you’re pinging, and then compare that to the MAC address table on the switch.
It will tell you exactly what interface that particular MAC address is connected to, and then you can find that machine and correct the duplicate IP address issue. If there’s a rogue DHCP server, then you’re going to need to capture packets. It’s very easy to capture on a local device, but you may need a tap or a hub to go in place so that you could see what is happening during this DHCP request and any responses that are coming from any DHCP servers.