A core network device on the network begins flopping out of nowhere. Your network team determines the cause of the issue. They identify that a mobile phone used by Sally in Accounting has created an IP conflict. You ask yourself how could this happen?
Most of the time this happens when you don’t have an up-to-date IP allocation or when many groups are adding new devices but no one is fully responsible for the network. I often hear that “I pinged it, I received a request timed out so I assigned it”. Let me explain why ping is not enough.
Although ping is a great tool, it is not given priority on a network and there are a number of reasons why it won’t work on specific devices or networks.
ICMP is dropped on many networks by network administrators. When ICMP is enabled, it is easy to determine the network layout. Although there are still other ways of doing that, with the ping tool you can ping devices on the network to obtain device information (such as manufacturer and type of device when using “arp”). One would consider this a threat. So if you ping an IP address and receive a request timed out, this could be because a policy has been added to block it on an active network device.
In the image below, I pinged 192.168.1.1 and received a request timed out. Should I assign the IP address? I hope you said NO. 192.168.1.1 is my gateway so it is active but our network administrator has added an access list to block the ICMP request/reply. Adding a new device that same IP address would wreak havoc on our network.
You may also try to ping an IP address that is temporarily offline due to maintenance. If you assign a device that same IP address you will create a conflict when the device is brought back online.
I recommend the following before assigning an IP address to a new device.
- Ping the IP address.
- Review the output of the ping request.
- If there is a ping reply, confirm the output is replying from the IP address you are pinging.
- If there is no reply, enter the command “arp -a” on Windows or “show arp” on many network devices and check to see if you see the IP address and mac address.
- If you see the IP address and mac address, the IP is in use by the device that has the mac address listed. Do not use that IP address.
- If you don’t see the IP address in the list, check with the team who is responsible for IP address assignment.
- If no one is responsible, check the DHCP scope to determine if the IP address is part of the DHCP scope. If it is, add a reservation or exclusion.
- If you don’t have anything documented and still are not sure, cross your fingers and assign the IP.
I highly recommend you keep an IP allocation for your IP scheme. Create a simple spreadsheet with the following columns and update is regularly. IP Address, Device Name, Description.
You may not want to document everything in your DHCP scope but the ranges that can be manually assigned should be. Use DHCP when possible to centralize the administration of your IP’s. It will save you a lot of grief and time troubleshooting when problems surface.
