Skip to content
Skip to content
Zach Burlingame

Programming, Computers, and Other Notes on Technology

  • About
← Windows 8 Kernel Debugging with KDNET and the Realtek RTL8168
-->

Resolving Event ID 1053 on Windows Server 2012 R2 with DHCP and Multiple NICs

Posted on January 30, 2016 by ZachB

The Problem

The DHCP server on my Windows Server 2012 R2 Essentials domain controller shutdown (Event ID 1054) when I added an additional NIC and plugged it in. The root cause as reported in the event log was an EventID 1053 stating: “The DHCP/BINL service has encountered another server on this network with IP Address, x.x.x.x, belonging to the domain: .”

Background

One of the built-in features to Window’s DHCP server is rogue DHCP server detection. If more than one server on a LAN segment is responding to DHCP requests then all hell breaks loose. By default, when the Windows DHCP server detects a rogue DHCP server, it shuts itself down reporting Event IDs 1053 and 1054.

In my case, I do want the DC’s DHCP server to service requests on one of the LAN segments which is on one of the NICs. However, I have a second NIC that I’m passing through to virtual machines that I do not want the DC to even have an IP address, much less to service DHCP requests. There is a virtual machine running on that LAN segment which is servicing the DHCP requests. The Windows DHCP server however listens for DHCP servicing on all network interfaces. So although the DC’s DHCP has no responsibility to service that scope, for whatever reason, it is still insisting on shutting down in the presence of this other DHCP server. I tried authorizing the other DHCP server, I tried removing the binding to that network, I tried giving it a static IP address on that network and all sorts of other variations. I would expect that there is a proper way to fix this but I was completely unable to determine what that fix is. It may be that the authorization didn’t work because the other DHCP server isn’t a Windows machine or that the Essentials SKU doesn’t support multiple DHCP servers.

Solution

The only solution that I could find that worked was a registry modification to disable rogue DHCP server detection. This is sort of the nuclear option and I would have liked a more elegant solution, but this is what I’ve got.

NOTE: Be sure that this is what you want to do! In most cases, you do not want to do this. You frequently want to adjust your scopes, adjust your bindings, or use DHCP relays/IP helpers and rarely do you ever want to resort to turning off rogue DHCP detection.

  1. Add a new registry value entry to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DHCPServer\Parameters of type REG_DWORD named DisableRogueDetection with a value of 0x1
  2. Restart the Windows DHCP server which as been shutting down with EventIDs 1053,1054

Reference

DHCP network interface card bindings
DHCP Binding only to one interface card
Event ID 1053 — DHCP Authorization and Conflicts
DHCP/BINL Service

This entry was posted in SysAdmin, VMware, Windows. Bookmark the <a href="https://www.zachburlingame.com/2016/01/resolving-event-id-1053-on-windows-server-2012-r2-with-dhcp-and-multiple-nics/" title="Permalink to Resolving Event ID 1053 on Windows Server 2012 R2 with DHCP and Multiple NICs" rel="bookmark">permalink</a>.
← Windows 8 Kernel Debugging with KDNET and the Realtek RTL8168

1 thought

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

CAPTCHA
Refresh

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© 2024 | Blog info WordPress Theme | By Bharat Kambariya