This weekend, our church hosted the state Fine Arts competition. From what I heard, the event went off without a hitch. There was one minor issue though: in the middle of the day, I got a call from out soundman extraordinaire that the internet was down campus-wide. After running through a couple troubleshooting steps over the phone, I packed up my laptop and headed up there.
I quickly realized that I could get at least internet access by statically setting an IP address on my machine. However, DHCP was dead. I walked over and physically logged into the local domain controller and discovered the problem – there was an IP address conflict on the network. This would normally not be a huge deal, but in this case, the IP address in question was the IP address of the server – the server that hands out IP addresses to client machines via DHCP. Huge deal. The church network does not have the luxury of a switch with port security. Port security allows you to lock down a specific switch port to certain physical devices by using MAC addresses.
What had happened was that the Fine Arts judges had to have internet connection to do their job. They were provided a room where their PCs were setup and connected to the church network. However, they also plugged in their own wireless router. Its IP address was the same as the church server and it was configured (by default) to hand out IP addresses to any machine looking for one. Awesome… It was the culprit. My options, unforunately, were limited. They had to have internet connectivity, so disconnecting them was not an option. Reconfiguring their router was something they (understandably) would not have appreciated either. It was Saturday, and there would most likely be no one in the church offices, and after confirming this, I shut off the server, effectively killing the church network until after the competition.
The moral of this story? Don’t set critical devices (ie, servers) on common IP addresses that innumerable pieces of $40 hardware use by default.
Unless you’re setup with port security with MAC address filtering, etc, I recommend you keep these IP addresses OFF of your critical components:
192.168.0.1
192.168.1.1
192.168.2.1
192.168.100.1
That’s what I plan on doing at the church this week…better late than never, I suppose.
Tags: access, DHCP, ip address, router, wireless
This is classic, Zack. It always comes down to having to please some group with misconfigured equipment. Of course, I would have figured that you would have set the church on on your normal 10.X.X.X scheme. This dissapoints me.
Philip
February 27th, 2007
Well, the IP scheme was already in place when I started “managing” it, and it was not worth the trouble to change it.
Sorry to disappoint.
Zack
February 27th, 2007