Very slow DHCP on Server 2003

[imported_Phil]

Here's the setup:

ADSL Router on 192.168.0.1, DHCP disabled.
HP ProCurve 1600 switch on 0.2, no DHCP obviously.
Server 2003 box on 0.3, DHCP scope that works perfectly once it leases.

Machines that are connected to the network are taking forever to acquire an address. It seems to be always on the "last dying gasp" of the DHCP request by the machine, and can take up to 30 seconds.
The server's not overloaded, and was recently formatted and rebuild. Dual P3-800 Dell box.

Any ideas folks? This one's driving me mad.

 

[spidey07]

is portfast enabled on the switch ports? 30 seconds is how long it takes spanning-tree to turn up the port.

I don't know what HP calls the feature, but spanning-tree will go directly to forwarding instead of the 15 seconds listening and 15 second learning stages.

It's standard practice to use this feature on all ports that hosts are connected to. DO NOT USE IT ON PORTS THAT ARE CONNECTED TO OTHER SWITCHES.

 

[imported_Phil]

Originally posted by: spidey07
is portfast enabled on the switch ports? 30 seconds is how long it takes spanning-tree to turn up the port.

I don't know what HP calls the feature, but spanning-tree will go directly to forwarding instead of the 15 seconds listening and 15 second learning stages.

It's standard practice to use this feature on all ports that hosts are connected to. DO NOT USE IT ON PORTS THAT ARE CONNECTED TO OTHER SWITCHES.

Ooh okay, I didn't know about that. I'll just check.
There's actually only three ports in use. One line runs to the ADSL router, one to a 24-port 10/100 Netgear switch that's mounted under the workbench, and the other goes to the server.

 

[imported_Phil]

Okay, I don't seem to have anything called portfast. I have the ability to turn Spanning Tree on and off, but it's global, not for each port. The individual ports seem to have Flow Control on/off and some other stuff that isn't applicable.

Anyone know where I can find this option? It's a 1600M, if that helps.

[Edit] If I dump the configuration, I can see "Forward Delay [15] : 15" under Spanning Tree, but this is connected to another switch so I'm not sure I want to turn this on.

 

[imported_Phil]

I changed the ProCurve to a spare SMC router, and that seems MUCH faster. However, I'd like to make use of the ProCurve because the SMC is not just a router, it's our spare ADSL wireless router and we need it for diagnosis on-site.

 

[Smilin]

Are you using conflict detection on the 2003 server? If so, how many attempts is it set to?

 

[imported_Phil]

Originally posted by: Smilin
Are you using conflict detection on the 2003 server? If so, how many attempts is it set to?

Eep, no idea. Where's that found?

 

[Smilin]

Originally posted by: Phil

Originally posted by: Smilin
Are you using conflict detection on the 2003 server? If so, how many attempts is it set to?

Eep, no idea. Where's that found?

DNS MMC, properties of the server, advanced tab.

There is an exponentially increasing delay between each attempt and the delay can get out of hand real quick. Keep it at two or less when needed, zero when not.

Get a simultaneous network trace collected at the client and server. Use Ethereal or netmon (built into 2003...see windows components) to collect the trace.

DHCP issues are often used as examples when teaching beginners to analyze network traces. It's the easiest thing in the world to analyze. Your machines are all on the same subnet so you should see only the usual: Discover->, <-Offer , Request-> , <-Ack.

Things to look for in the traces:
1. Is the client sending a discover and request?
2. Are the above arriving in the server side trace?
3. What is the response time of the server to these?
4. Are the responses arriving back in the client side trace?
5. Are there any refusals going on?


Having just typed all this I just read that you found a switch possibly causing the problem so I guess nevermind hehe

 

[imported_Phil]

Originally posted by: Smilin

Originally posted by: Phil

Originally posted by: Smilin
Are you using conflict detection on the 2003 server? If so, how many attempts is it set to?

Eep, no idea. Where's that found?

DNS MMC, properties of the server, advanced tab.

There is an exponentially increasing delay between each attempt and the delay can get out of hand real quick. Keep it at two or less when needed, zero when not.

Get a simultaneous network trace collected at the client and server. Use Ethereal or netmon (built into 2003...see windows components) to collect the trace.

DHCP issues are often used as examples when teaching beginners to analyze network traces. It's the easiest thing in the world to analyze. Your machines are all on the same subnet so you should see only the usual: Discover->, <-Offer , Request-> , <-Ack.

Things to look for in the traces:
1. Is the client sending a discover and request?
2. Are the above arriving in the server side trace?
3. What is the response time of the server to these?
4. Are the responses arriving back in the client side trace?
5. Are there any refusals going on?


Having just typed all this I just read that you found a switch possibly causing the problem so I guess nevermind hehe

Don't worry, that's all good stuff that I could do with learning about anyway.
Watching the XP LAN status window, the machines send four packets out (DHCP request) before getting to the "limited connectivity" stage, and as soon as they hit that, the DHCP offer comes in and it gets an IP address. As I said, it seems to be the "last dying gasp" of the DHCP handshaking that gets it.

It's weird. I'm still at a loss as to how to set that poxy ProCurve up though. If it were up to me, I'd leave the Barricade router in place because it's doing a fine job as it is.

 

[Smilin]

Ok, so you are seeing four Discover packets go out and responses do not come back until the last one.

On the server side, are you seeing four Discover packets arriving or just one?


It sounds like it is your network gear dropping some packets, but if you would like I'll take a look at a pair of network traces for you. Collect some with ethereal or (preferably) netmon then send them over. I'll PM you my address.

For your server use netmon included as a windows component. For your client, download netmon2.zip from ftp://ftp.microsoft.com/pss/tools/NetMon

I'll pm you the password to extract.

 

[spidey07]

this is normal for switches (the spanning-tree delay). You might want to read the manual of the switches involved and how to configure ports to be used by hosts.

 

[imported_Phil]

Originally posted by: Smilin
Ok, so you are seeing four Discover packets go out and responses do not come back until the last one.

On the server side, are you seeing four Discover packets arriving or just one?


It sounds like it is your network gear dropping some packets, but if you would like I'll take a look at a pair of network traces for you. Collect some with ethereal or (preferably) netmon then send them over. I'll PM you my address.

For your server use netmon included as a windows component. For your client, download netmon2.zip from <a target=_blank class=ftalternatingbarlinklarge href="ftp://ftp.microsoft.com/pss/tools/NetMon">ftp://ftp.microsoft.com/pss/tools/NetMon</a>

I'll pm you the password to extract.

Well, I should say that I'm not seeing the actual packets themselves, just that the client machines LAN Status windows are showing four packets sent somewhere before the lease kicks in.
I don't know if the server's seeing the packets because there's usually quite a bit of traffic on it, so it's difficult to tell. I think it's down to that ProCurve switch delaying things somewhat, as the SMC router seems to work much better.

Thanks for the tool, I'll see if I can have a look at it today

 

[imported_Phil]

Originally posted by: spidey07
this is normal for switches (the spanning-tree delay). You might want to read the manual of the switches involved and how to configure ports to be used by hosts.

Crikey. I'll have a long read through the 1600M manual if I get a chance today

Thanks!

 

[RebateMonger]

I'm curious why this behavior is causing a problem. On my Domains, at least, DHCP leases are set for 8 days and PCs are usually left on 24/7 (since most updates, scans, and remote management take place at night). So every four days or so there would be a 30 second delay when trying to renew their IP address.

 

[nweaver]

it's portfast for sure. Watch the link lights. Not sure on HP's, but on cisco's it orange for the 30 seconds, then green.

 

[spidey07]

Originally posted by: Phil

Originally posted by: spidey07
this is normal for switches (the spanning-tree delay). You might want to read the manual of the switches involved and how to configure ports to be used by hosts.

Crikey. I'll have a long read through the 1600M manual if I get a chance today

Thanks!

I already read the manual for you.

page 6-43. STP fast mode is what HP calls it.

But you really should read the entire section on spanning-tree - it's crucial to the operation of a LAN. Anybody that works with switches really needs to thoroughly understand spanning-tree and it's operation.

/rant
I can't tell you how many times I've worked with people and they yell and scream about how "this switch sucks, I'm returing it or getting an RMA" when it was really just a configuration issue.