DHCP Conflict Detection Blocking IP Assignment
Presenting Symptom
Clients are unable to obtain an IP address via DHCP; the DHCP server logs show 'DHCP conflict detected' messages.
Network Context
A small branch office with a Cisco 4321 ISR acting as the DHCP server for the 192.168.1.0/24 subnet. The router runs IOS XE 16.9. The network has about 50 clients and a few statically assigned devices (printers, servers). The problem occurs after a new switch was added to the network.
Diagnostic Steps
Check DHCP server statistics and conflicts
show ip dhcp conflictIP address Detection method Detection time 192.168.1.10 Ping Mar 01 2025 10:30 AM 192.168.1.20 Gratuitous ARP Mar 01 2025 10:32 AM
If conflicts are listed, the DHCP server detected that an IP address it tried to assign is already in use. The detection method (Ping or Gratuitous ARP) indicates how the conflict was found.
Verify DHCP binding and ping the conflicting IP
show ip dhcp binding | include 192.168.1.10192.168.1.10 xxxx.xxxx.xxxx Mar 01 2025 10:30 AM Automatic
Check if the IP is in the DHCP binding table. If it is, the server assigned it. Then ping the IP from the router to see if it responds, indicating another device is using it.
Check ARP table for the conflicting IP
show ip arp | include 192.168.1.10Internet 192.168.1.10 - xxxx.xxxx.xxxx ARPA GigabitEthernet0/0/0
If the ARP table shows a MAC address for the IP, that MAC belongs to the device currently using the IP. Compare this MAC with the DHCP binding MAC to see if they differ.
Identify the device with the conflicting IP
show mac address-table | include xxxx.xxxx.xxxx10 xxxx.xxxx.xxxx DYNAMIC Gi1/0/1
Find which switch port the conflicting MAC is connected to. This helps locate the device (e.g., a statically configured printer or a rogue DHCP server).
Root Cause
A statically configured device (e.g., a printer) was assigned an IP address that falls within the DHCP pool range. When the DHCP server attempted to assign that IP to a client, it detected the conflict via ping or gratuitous ARP and blocked the assignment.
Resolution
Verification
Run 'show ip dhcp conflict' again to confirm no conflicts remain. Then have a client request an IP and verify it receives an address: 'show ip dhcp binding' should show the new assignment without conflict.
Prevention
1. Always use a consistent IP address management plan: reserve a static IP range outside the DHCP pool. 2. Configure DHCP excluded addresses for all statically assigned devices before deploying the DHCP server. 3. Use DHCP snooping to prevent rogue DHCP servers.
CCNA Exam Relevance
On the CCNA 200-301 exam, DHCP conflict detection appears in troubleshooting scenarios. You may be asked to identify why a client fails to get an IP address, with 'show ip dhcp conflict' as a key command. The exam tests understanding of how DHCP uses ping and gratuitous ARP to detect conflicts, and the steps to resolve them.
Exam Tips
Remember that 'show ip dhcp conflict' is the first command to run when clients cannot get an IP.
Know that DHCP conflict detection can be disabled with 'no ip dhcp conflict resolution', but this is not recommended.
Be able to differentiate between a conflict and an exhausted pool: conflicts show specific IPs, while exhausted pool shows 'address pool exhausted' in logs.
Commands Used in This Scenario
show ip dhcp binding
Displays the current DHCP binding table, showing which IP addresses have been leased to clients, along with their MAC addresses, lease expiration, and type of binding.
show ip dhcp conflict
Displays IP address conflicts detected by the DHCP server, helping administrators identify and resolve duplicate IP assignments on the network.
Test Your CCNA Knowledge
Practice with scenario-based questions to prepare for the CCNA 200-301 exam.
Practice CCNA Questions