[SOLVED] Can DHCP be effected by a network switch

Mar 31, 2021
4
0
10
As the question asks "Can DHCP be effected by a network switch?". Everything in my mind says NO but here is the situation.

Small business/office. Comcast Business internet. Using Comcast gigabit router/switch. 5-Windows 10 Desktops, various cameras, printers, etc. Customer contacts me that one of their desktops suddenly can't connect to certain websites (e.g. main AOL page works but get 404 errors trying to get email). I spent a bit of time troubleshooting and determined it is not getting an IPV4 IP address via DHCP. What is strange is that if IPV6 is active, they can get to some places. Once I deactivated IPV6, nothing works at all. I tried a bunch of things (assigning 8.8.8.8/8.8.4.4 for DNS), but still not really usable. I tried resetting all networking, uninstall/reinstall the NIC numerous times, tried using my own USB NIC device, etc. Everything was still wonky.

So, I assigned a fix IP address using the Comcast 10.1.10.x pre-configured range and now everything works. I manually updated Windows 10 the the latest. Updated Malwarebytes and ran a full scan, which found a Trojan of some kind. Cleaned it off, ran full Defender scan, etc. All seemed good with the fixed IP address so I left it at that until I had more time to figure out why DHCP wasn't working.

Then they called me the next day saying they can't print?. They use an HP 87xx series printer connected to their network. So I check it and it too can't get an IP address via DHCP.? Did I mention everything else in this office is working just fine? So I gave the printer a fixed IP address and suddenly the 20-documents backlogged from this desktop start printing.

Again, this makes no sense until I considered this. Both the printer and the desktop are connect to the Comcast router/switch/network through a small 8-port gigabit switch (i.e. Comcast-->Netgear 8-port switch-->Desktop and Printer having issues). Yes I tried resetting it. All lights say everything is working and when it comes to basic connectivity, everything plugged into this switch work - except for getting a DHCP address?

So before I go back to the client to swap out this switch (I hate problems that, while I have a workaround, don't have a true answer or solution), is it possible for this switch to cause DHCP issues? This setup has been working just fine for many months (they recently moved into this new building).
 
Solution
You could check the pool size in the router. Some set it to lower values. You should be able to get about 250 from a standard subnet. Still it would not be set that low that 40 devices would not work.

It almost has to be some router problem. Very technically a switch can filter dhcp requests. It is actually a fancy feature call DHCP snooping on commercial switches that prevents someone from hooking up a unauthorized dhcp server. Your switch is so stupid it has no idea what dhcp even is.

What I would do is load wireshark on a pc. Then reboot the pc without the ethernet cable plugged in. Start wireshark and plug the cable in. You should see the pc send dhcp request out and you should in theory get a ip from the...
Mar 31, 2021
4
0
10
This is a small office. By my count (3-desktops, 3-networked printers, 4-IP cameras) - plus a wireless router for their phones and such. So I figure <40 max devices if everyone was in the building at the same time. I haven't dug into the Comcast router config but would assume it could handle 40-connections.
 
You could check the pool size in the router. Some set it to lower values. You should be able to get about 250 from a standard subnet. Still it would not be set that low that 40 devices would not work.

It almost has to be some router problem. Very technically a switch can filter dhcp requests. It is actually a fancy feature call DHCP snooping on commercial switches that prevents someone from hooking up a unauthorized dhcp server. Your switch is so stupid it has no idea what dhcp even is.

What I would do is load wireshark on a pc. Then reboot the pc without the ethernet cable plugged in. Start wireshark and plug the cable in. You should see the pc send dhcp request out and you should in theory get a ip from the router.

Now it is not likely but someone could have put in a router you do not know about and it has dhcp enabled. You would see a response from that router in addition to your main router in wireshark. If the devices pick the ip from the other router it will not work.
 
Solution
Mar 31, 2021
4
0
10
>You could check the pool size in the router. Some set it to lower values. You should be able to get about 250 from a standard subnet. Still it would not be set that low that 40 devices would not work.

Agreed but will check it

> It almost has to be some router problem. Very technically a switch can filter dhcp requests. It is actually a fancy feature call DHCP snooping on commercial switches that prevents someone from hooking up a unauthorized dhcp server. Your switch is so stupid it has no idea what dhcp even is.

That was my understanding/guess

> What I would do is load wireshark on a pc. Then reboot the pc without the ethernet cable plugged in. Start wireshark and plug the cable in. You should see the pc send dhcp request out and you should in theory get a ip from the router.

But what about the networked printer having the same problem?

>>Now it is not likely but someone could have put in a router you do not know about and it has dhcp enabled. You would see a response from that router in addition to your main router in wireshark. If the devices pick the ip from the other router it will not work.

Highly unlikely! These folks are electricians - not computer folks by any stretch of the imagination! Of course that doesn't eliminate the possibility of an infected device!

Since everything says the switch can't be the problem, I think my next trip will be to reset the Comcast equipment once I login to it and see if there are any messages/errors!
 
Actually the more technically unskilled the more likely it is they do something really stupid.

All you need to do to kill most networks is take any consumer router out of the box and plug the lan port into a existing network. The dhcp is on by default. This is why large business buy fancy switches to prevent this.

I though you said you restarted the router. The DHCP function on the router could have crashed it is very uncommon but it does happen.
 
Mar 31, 2021
4
0
10
Actually the more technically unskilled the more likely it is they do something really stupid.

All you need to do to kill most networks is take any consumer router out of the box and plug the lan port into a existing network. The dhcp is on by default. This is why large business buy fancy switches to prevent this.

I though you said you restarted the router. The DHCP function on the router could have crashed it is very uncommon but it does happen.

I restarted/power-cycled the 8-port switch that has the printer/desktop plugged into it since both devices plugged into are the only ones that lost DHCP! Will do the Comcast modem/router next.