Actual combat case: After the enterprise network reused old computers and upgraded them,
The case shared in this issue is related to wired network issues.
1. Background
In order to improve office efficiency, a company plans to upgrade the old office area network to ensure that at least 80 office devices can be stably connected to the network. There are 100 office computers in the office area, which have been in use for more than eight years. Some computers are running slowly. The main work this time is to upgrade the computer hardware and check for network hazards.
The topology is also very simple:
Optical modem-router-switch-all office computers
Network segment: 192.168.1.0/24
2. Fault phenomenon
After upgrading the hardware of 5 computers, we tested the network connection and found that these 5 computers were connected to the company network, but could not access the company's internal server and external network. After basic investigation, these computers all obtained the IP address of the correct network segment (192.168.1.x), but a timeout occurred when pinging the gateway (192.168.1.1).
Use a cable tester to check the quality of the network cable, and all eight cores are connected.
3. Troubleshooting and analysis
Step 1: Basic comparative analysis
Network technicians conducted in-depth investigations and found the key points:
The new and old computers in the intranet can communicate with each other;
The new computer cannot access the router or the Internet
But the old computer can access the router and the Internet normally.
Basic conclusion: This means that the new computer is connected to the Internet normally, and the switch forwards normally. It is speculated that the router has imposed relevant restrictions on the new computer.
So what is the difference between the new and old computers?
Putting aside the hardware, the difference at the network level is the IP and MAC addresses, which reminds us of IP-MAC binding.
Step 2: Check the router ARP binding settings
Log in to the router's web page and find that in the "white list" of the MAC address binding list, the IP-MAC addresses of some faulty computers are bound to obsolete old devices.
Therefore, the IP-MAC address of the ARP white list does not match the new computer, so the new device cannot access the Internet normally.
Step 3: Trace the source of the problem
After investigation, it was found that the router was moved from another abandoned office area three years ago. At that time, the old configuration was directly used, resulting in the MAC address binding information of the previously obsolete equipment still existing. When the new equipment obtained the IP, it conflicted with these residual bindings.
4. Principle and solution
(1) Principle of the failure
In the binding settings of the old router, the same MAC address was incorrectly associated with multiple different IPs; when the new computer obtained an IP through DHCP, the router gave priority to assigning "zombie IPs"; the MAC addresses corresponding to these "zombie IPs" were old erroneous parameters, which made it impossible to transmit network data normally, resulting in network connection failure.
(2) Solution
Create an IP-MAC binding whitelist for all new and old computers to ensure normal office Internet access needs.
(3) Lessons Learned
Network equipment maintenance should be performed regularly. It is recommended to check the MAC binding status once a quarter.
When equipment is retired, its binding information in the network equipment must be deleted in a timely manner.
When encountering similar network connection problems, first check whether the gateway configuration is correct, whether the MAC address matches the actual device, and whether there are conflicting binding settings in the network equipment.