Resolve lan ip conflicts

We all know that in the Internet and Intranet, when using the TCP/IP protocol, each host must have an independent IP address. NetworkOther hosts on the server need to communicate with each other. But I think you must have met an IP address conflict. At least I have encountered it.
On that day, I found that my network customers could not work normally, as long Power SupplyIf you enable this function, you will be prompted for frequent address conflicts. But the previous day was still good, and no new settings were made! After thinking carefully, the only difference is that the personnel in the IDC have been adjusted. It may be that the IP address set by the new employee conflicts with me. If it weren't for him or me to open the machine, I couldn't find it. ProblemWhat about it!

It can be seen that even if conflicting machines exist on the network, problems cannot be detected in time. It can only be exposed when conflicting network customers are both in the starting state. It seems that the network is concealed, I will reveal the secrets to you.

There are several main causes of IP conflict. Some people may not know about TCP/IP, but do not know how to set/"IP Address/",/"subnet mask/",/"Default Gateway/" (do not laugh at them, after all, we also come one step by one.) Sometimes the parameter information they get may not beManagementThe setup may be correct, but the information was accidentally modified. Even if the administrator gives the correct parameter data, we will always make mistakes, because when the tiger gets a nap, it is inevitable to make a parameter error. In addition, maintenance personnel may use some temporary IP addresses when repairing and debugging machines. If you forget to change the IP addresses, conflicts may occur. There is also a situation in which someone steals others' IP addresses.

After receiving the conflict report, you must first determine the VLAN where the conflict occurs. You can find the CIDR Block of the IP address through VLAN definition and conflicting IP address. This is critical to the successful identification of the nic mac address, because some network commands cannot be accessed across network segments.

The following describes how to isolate the client from the network. For a computer with an illegal IP address, let it run. In this way, we have the opportunity to find it. Perform some simple tests on the network. The main Commands include the ping command and the ARP command. Run the ping command. Assume that the IP address is 146.127.35.3. In the msdos window, the command format is as follows:

C: // widows //> Ping 146.127.35.3

Request timed out
Reply from 146.127.35.3: bytes = 32 time <1 ms TTL = 128> 〉
Reply from 146.127.35.3: bytes = 32 time <1 ms TTL = 128> 〉
Reply from 146.127.35.3: bytes = 32 time <1 ms TTL = 128> 〉

In fact, I initially planned to use/"Start/"-/"Run/" to execute the ping command (in actual operations, I prefer to use thisMethod), But it went too fast, so I had to turn to msdos for help.

The reason why we need to ping this machine has two purposes: first, I must be sure that the machine we are looking for is indeed on the network. Second, I want to know the MAC address of the NIC of this machine, so how can we know its MAC address? This requiresUseThe second command ARP: The ARP command can only be used in a VLAN. It is a low-layer protocol and cannot be used acrossRouting.

C: // widows //> ARP-
Interface:... on inerface ......
Internet address/physical address/Type
146.127.35.3/00-00-22-35-62-53/dynamic

This indicates that the MAC address of the network adapter at the IP address 146.127.35.3 is 00-00-22-35-62-53. Next we will look for the physical location of the NIC whose MAC address is 00-00-22-35-62-53.

The NIC of each client is directly connected to Level 2ExchangeNext, we will look for a large number of Ethernet switches that are in conflict with the switch ports corresponding to Mac. Because the device connected to the customer in my network is Bay 303/304, I will take 303 as an example to see how to find the Port location of a MAC address. There are many methods for bay303 network management. The following describes how to find an illegal Mac using a web browser.

Before searching, you must first find out the switch location in the VLAN, find out the IP addresses of these switches, and use the switch address to access the network management information of the switch. We need to do the following: First start the browser on the network manager's machine, knock in the IP address of the switch, and enter the user name and password after seeing the prompt logon information, enter the/"MAC Address Table/" option to obtain the following information:

Index/MAC address/learned on port/learning method/filter packets to this address
1 00: 00: 21: 34: 63: 56 13 dynamic No
2 00: 00: 81: 65: C3: A0 n/a static No
3 00: 00: A2: F7: C3: e4 25 dynamic No
4 00: 00: 22: 35: 62: 53 2 dynamic No

Haha, we can see 4th items of the index. It is the MAC address we are looking for, and its port number is 2. AccordingIntegrated WiringData, we can accurately find the physical location of the corresponding information point, and then we can locate the location of the connected microcomputer. Of course, you areSolutionThis problem may not be so convenient, And you often need to find many switches. When finding the MAC address, you may feel relieved. When there are a large number of switches in the VLAN, we need to find them one by one in these switches.

If a vswitch has a downstream switch in the port, because the switch supports multiple MAC addresses, it will save the lower-level Mac record in the upper-level Mac table, therefore, you need to first find the Mac table of the upper-level switch, determine the specific location, and then find the next-level switch, so that the search range can be greatly reduced.

In the LAN, we often encounter such IP address conflicts, especially when the user size is very large, it will make the search more difficult, soNetwork ManagementPersonnel must act carefully to solve the problem. There are currently two typesSolutionOne is to use dynamic IP Address Allocation (DHCP), and the other is to use static address allocation, but the management of MAC addresses must be enhanced.

The biggest advantage of using dynamic IP Address Allocation (DHCP) is that the client network configuration is very simple. In this way, we can set the network connection even without the help and intervention of the Administrator. However, because the IP address is dynamically allocated, the network administrator cannot identify the customer from the IP address, and the corresponding IP layer management will not function. In addition, it also has a drawback. To use dynamic IP Address Allocation, you also need to set up an additional DHCP server.

If static IP Address Allocation is adopted, we can first make reasonable IP address planning for each department, so that we can easily track and manage the MAC address on the third layer, this problem can be effectively solved.

Some moreTechnologyIn fact, it is essential for the Network to run properly and manage other topics. Keep in mind that when we connect to the Internet, it is best to set up an information file for IP addresses and MAC addresses, so that we can implement a strict management and registration system for LAN customers from beginning to end, record the IP address, MAC address, uplink port, physical location, and user identity of each user in the database of the network administrator. You can think about it. After knowing the MAC address of an invalid user, if you can search from the administrator database, we can immediately find/"culprit /", how much time can we save!