Same IP address is leased to multiple clients if you deploy two or more DHCP relay agents for a Windows Server 2012-based DHCP failover cluster

Applies to: Windows Server 2012 DatacenterWindows Server 2012 DatacenterWindows Server 2012 Essentials More

Symptoms


Consider the following scenario:
  • You configure Dynamic Host Configuration Protocol (DHCP) failover on two computers that are running Windows Server 2012.
  • DHCP clients are located on subnet 1, and DHCP servers are located on subnet 2.
  • Two relay agents are configured to forward client requests from subnet 1 to subnet 2, one for each DHCP server.
  • Virtual Router Redundancy Protocol (VRRP) or Hot Standby Router Protocol (HSRP) is configured on the gateway device between subnet 1 and subnet 2.
  • You configure the scope lifetime on the DHCP server. For example, you set the scope lifetime to 24 hours.
  • You start several DHCP clients on subnet 1, and the clients obtain IP addresses from the DHCP failover-enabled servers.
In this scenario, the DHCP failover-enabled servers lease the same IP address to multiple DHCP clients. Therefore, DHCP clients on subnet 1 encounter an IP conflict issue.

More Information


This issue occurs when a DHCP client issues duplicate requests for an IP address lease to the same DHCP failover-enabled server. Client requests are duplicated due to the router VRRP/HSRP configuration. The DHCP server grants a lease for the first request with a Time to Live (TTL) duration of the Maximum Client Lead Time (MCLT) lease time. For example, the MCLT lease duration is 1 hour. A second request is also granted for a lease with a TTL of the scope lifetime (24 hours). However, the DHCP server registers only the first lease. This causes the TTL for the IP address on the DHCP server and the TTL for the IP address on the DHCP client to not be synchronized. In the DHCP server management console, an active lease time shows that the TTL of the IP address is set to the MCLT (1 hour). Meanwhile, the TTL for the IP address is set as the scope lifetime (24 hours) on the DHCP client. When the MCLT lease time on the DHCP server expires, the server will issue this IP address to another DHCP client, which causes an IP conflict issue.

Note You can run the following command to check the TTL of the IP address on DHCP clients:
ipconfig /all 

Resolution


If you are using Cisco’s HSRP protocol, this issue can be resolved by configuring IP Redundancy Virtual Router Groups. Refer to your vendor documentation for more information.

Update information

This issue can also be resolved by installing the Windows RT, Windows 8, and Windows Server 2012 update rollup 2845533. For more information about how to obtain this update rollup package, click the following article number to go to the article in the Microsoft Knowledge Base:
2845533 Windows RT, Windows 8, and Windows Server 2012 update rollup: June 2013

Workaround


To work around this issue, prevent the DHCP relay agents from forwarding multiple DHCP requests to the DHCP server at the same time. To do this, specify the time interval in which DHCP relay agents should wait before forwarding DHCP requests.

Status


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References


For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates