Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, December 2, 2014 7:00 PM
Hi,
Please note, I've found lots of other people with this issue, when doing an internet search for "dhcp unique id 31302e"
But nobody seems to have a solution for me, so I've spent 2 days on this now, and after capturing some traces on the DHCP server, I've found that the odd leases are coming from machines on our network, but the MAC address is there wireless LAN card. What's very odd though, is that the wireless lan cards on the machines I've personally checked are not connected to any networks, and more to the point, we have no wireless access points inside of our network (note, I assume nobody has plugged in a rouge AP, unlikely anyway TBH).
These leases only appear when you do a reconcile on the scope. These leases also consume IP addresses that cannot be reached by ping. They appear to grab the address for no good reason.
I'm still actively spending my working day on this issue, but we have very little resource in the department and this is becoming a nightmare as we constantly run out of IP's to dish out to valid clients. I've cut the lease to 1 day but still we run out.
I cannot guarantee this is a brand new problem, I wish I could. What I can say is that this has only been noticed since building a new DC, as we are migrating from 2003 R2 to 2012 R2. So I've moved all FSMO roles (not GC) to a new 2012 R2 DC, got DNS on it, then I've installed DHCP and activated this server and removed DHCP from the old Win2003 DC.
I can give you more information on the situation, please just add anything you can to this thread as it is really stopping me moving on with our migration project.
Many thanks in advance, Alan
All replies (5)
Wednesday, December 3, 2014 9:27 AM
Hi,
Since display as unique ID 31302e, this may be caused by device of same type. Since you have find the MAC address, try to add these MAC address to DHCP Filters ->Deny(remember to enable deny filters). And watch for a period of time.
If the problem still exits, review the DHCP audit log files (which are located by default at %windir%\System32\Dhcp), or use Network Monitor(down load link: http://www.microsoft.com/en-us/download/details.aspx?id=4865) to capture packets, according to MAC address, try to find the device which obtain the lease.
Besides, reconciling is the process of verifying DHCP database values against DHCP registry values, uses both the summary information in the registry and the detailed information in the DHCP database to reconstruct the most current view of the DHCP service. In order to fix inconsistencies problem. If the problem occurred after reconciling, I am wondering how many or what percentage of the “unique ID 31302e”.
Best Regards,
Eve Wang
Wednesday, December 3, 2014 9:45 AM
Thanks for your reply Eve.
Perhaps I wasn't clear as I posted rather hastily last night. I've run wireshark on the DHCP server, and the odd leases are being issued to machines that are already on our network. They are laptops, and the LAN card is connected to our network, and has an IP, as you'd expect. The name, unique ID, and type represents what I'd expect to see. But these additional leases, when looking at the wireshark trace, show leases going to specific MAC addresses. This MAC address matches the WLAN card of the same laptop. But we don't have wireless access points on our LAN. It's as if the machine (windows 7 btw) is trying to grab an IP for the WLAN card too, but over the LAN connection. It's like nothing I've ever seen before.
As of right now, 41% of the leases are these odd ones, as shown in the picture attached. The Unique ID appears to be the hex value for the client IP address.
Tuesday, December 9, 2014 8:25 AM
Hi,
According to your description, my understanding is that the laptop obtains an IP for its LAN card. And at the same time, it obtains another IP for its WLAN card, although there is no wireless access point.
If you can trace the IP and find the laptop which obtains 2 IPs. Type “ipconfig /all‘” on the laptop, check the TCP/IP configuration and make sure if there are 2 IPs obtained. Besides, each network card has its own MAC address. Create a reservation for LAN card, and deny WLAN card. Refresh the DHCP scope, wait and check to see if it works.
Best Regards,
Eve Wang
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected].
Wednesday, April 3, 2019 1:46 PM
I know this is an old topic, but I am having the same issues and seeking a solution.
I can add some additional information for you, the Unique ID you are seeing, for example 31302e31372e31 2e31300a is actually a Hexadecimal string, when converted to ASCII it give you an IP address: 10.17.1.10
I still need to work out what device is requesting/getting the address.
Thursday, April 4, 2019 2:21 PM
I wish I could help here, but the problem for us went away. Lot's have things have changed since the post date though - switch firmware, OS (was Win7 Pro, now vast majority 10 Pro), scope lease time changed to 2 days... Not sure what sorted it to be honest.