IPAM may detect IP conflicts between two DHCP servers if they are utilizing split scopes in shared subnets. The following notifications appear in the IPAM events:
The IP address 10.38.XX.XXX is in conflict.
The following devices were detected on network with same IP address:
- Dhcp Leases MAC: 00-25-64-XX-XX-XX, MAC: 00-00-FF-XX-XX-XX
The message indicates that the IP address of 10.38.XX.XXX is in conflict because one DHCP server found a lease existing on that IP with the MAC of 00-25-64-XX-XX-XX and the other DHCP server found a lease existing on that IP with the MAC of 00-00-FF-XX-XX-XX.
There should only be two reasons why two separate DHCP servers in IPAM should be managing the same IP:
The IP conflict is caused by both DHCP servers managing the same IP and issuing lease information to them. In a correctly configured split scope, two DHCP servers setup scopes within the same subnet. Once that scope is setup however, each DHCP server must set an exclusion range that is the opposite of the other DHCP server within that range.
The IP conflict occurs because the exclusion ranges were not setup correctly and there are gaps in the managed subnet. For example:
Both servers are controlling that small range, each of them will assign leases to the IPs. Because IPAM does not have the ability to sync, chain or schedule scans, DHCP 1 and DHCP 2 can be scanned at completely different times. If the lease expires from the IP and each server assigns a new lease, IPAM will only be made aware of it when the first DHCP server is scanned.
The lease information for the second DHCP will still remain as it was before until such time it is scanned. As such, the IP will have two different leases in the database and the IP conflict queries will see that the same IP has a different MAC from a lease and flag it as an IP conflict between two DHCP servers.