DHCP service dying on Multi-Homed SBS2003 killed by another DHCP s

Just recently started having a very odd issue with our DHCP server.

Background:
SBS2003 running everything (exchange, DNS, DHCP, etc)
2 NIC: one on our local network and one on a public IP for Exchange

our IP scheme locally is 192.168.44.x

I had trouble with a laptop getting a DHCP assigned address last week and
low and behold, the DHCP service was not running on the server. i tried to
start it, but got an error about it can't start (nothing too descript).

after trying a variety of things, I diabled the NIC on the building's
network (the one with our public IP not our local internal network) and was
finally able to start the DHCP service. I then reenabled the NIC

A few hours later, happened again. Diabled the NIC, start service, reenabled
the NIC

I found the following error in the logs:

Event Type: Error
Event Source: DhcpServer
Event Category: None
Event ID: 1053
Date: 6/9/2006
Time: 11:41:08 AM
User: N/A
Computer: SERVER5
Description:
The DHCP/BINL service on this computer running Windows Server 2003 for Small
Business Server has encountered another server on this network with IP
Address, 192.1.2.1, belonging to the domain: .

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 ....


The IP in the error (192.1.2.1) is NOT assigned to this server (either NIC).
It's the IP address of another DHCP server the building uses. It's not even
on the same segement or subnet, yet it seems to be killing my server! The
building manager has even tried changing IP addresses of that server (it used
to be .2.1 and that was showing in the error log the same way)


I'm lost with some questions on where to go next.

The NIC on the building network has a static IP and none of the other stuff
checked (client for MS networks, load balancing, or file/print sharing).

In the advanced tab, DNS is set with our public .com domain name as the
suffix, and the boxes for register this connection in DNS and use the DNS
suffix in registration are both checked.

DHCP client service is running on this server, but I don't know why or if it
needs to be. Both NICs have static IP's. I've tried to diable the DHCP
client, but it seems to restart itself. Do I need it running and if not, how
can i KEEP it from restarting (setting it to disabled doesn't seem to do it).

Also, other log errors that may be of interest:

Event Type: Error
Event Source: NetDDE
Event Category: None
Event ID: 213
Date: 6/9/2006
Time: 11:58:22 AM
User: N/A
Computer: SERVER5
Description:
Unknown Error Code returned by Lana number 1 while adding node name to
network: 0x23

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.



Event Type: Error
Event Source: NetDDE
Event Category: None
Event ID: 206
Date: 6/9/2006
Time: 8:53:16 AM
User: N/A
Computer: SERVER5
Description:
Listen failed: 15:

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


Thanks to anyone with some advice! I tired of babysitting the services!

"It's the IP address of another DHCP server the building uses. It's not even
on the same segement or subnet,"

Might not be on the same subnet but it is on the same segment or your server
wouldn't even know it [the other dhcp server] existed. Your server can be
hacked by someone on this network.

You should be on your own equipment or if required to use the buildings
setup they should have a managed switch vlan capable. You would be on your
own vlan. Then you would be on your own private segment.

Next best thing would be to engage the server firewall and block that ip
address of 192.1.2.1. You should find out who else has ip addresses on the
network and block them also. Same would be true for your workstations.
Only subnet they should "trust" is yours.

Beware that anyone knowing your ip scheme could connect to your network with
this physical network setup. This is why you should give consideration fo
the vlan.

Thanks for the reply. The only address on that NIC is 65.171.x.x (public IP).
I misspoke, It is on the same subnet, but how can the 192.x.x.x address see
that NIC?

Do i need DHCP Client running on the server? Why can't I disable it (keeps
restarting itself)?

I thought the problem was with your dhcp server not with the dhcp client?

Your network is bridged somewhere to this other network which was the point
I made above. Not a good thing. Might want to review with the building
manager how your building lan wiring/connection is done. Are you sharing a
internet router with other building tenents? if so this would explain the
connection.

See her
http://www.microsoft.com/technet/sup...rver&LCID=1033

This explains SBS dhcp server won't operate if it sees another dhcp server.

YOUR ONLY SOLUTION IS TO FIGURE OUT WHY PHYSICALLY THIS OTHER DHCP SERVER IS
GETTING ON YOUR NETWORK. If you can't physically isolate it you will need to
block it via software/hardware firewall. This is assuming you don't have
misconfigured RAS.