After a hardware failure of a Linux computer I took the chance to set up a Debian installation from scratch. So I saved the data that was important to a server, burned the Debian DVD and installed it on the computer.
When it came to networking it got a little more complicated: as the server is using the corporate network, it had to send a specific host name to obtain the IP configuration via DHCP. So that was what I did: I entered the host name and let dhcpclient do its magic. It took some time, but finally it was set up. All DNS entries for this host name and its corresponding IP were correct.
My next thought was: now update the packages, get the SSH server up and running and the go back to the office and install the rest via SSH. Unfortunately the updating was difficult, the HTTP connection had to be send through a proxy server but somehow the downloads could not be finished. It was strange however, that sometimes it worked just fine. I tried to reach the server via SSH but it refused connection. The SSH server was running which was checked by logging into SSH via localhost. A firewall was not yet installed, so what went wrong? The suddenly it worked, EUREKA! But then the SSH session got reset by peer. Next thing I tried was pinging the host, which worked great, even over longer times: no packet loss, no double answers, everything fine.
I cannot remember why but just for curiosity I tried to telnet into the machine, which should not work, because there was just the encrypted terminal server available. To my surprise I got a log in screen of a UNIX dialect, clearly not what I expected. I checked the IP address and it was the Linux server’s address.
It seemed to me that two computers are trying to use the same IP adress. To get a proof for this there is one thing one can look at if the computers are all in the same LAN: use the arp command to obtain the MAC adress of the corresponding IP and compare that with the network interface’s. The result was obvious: the MAC adress was an unknown one, but after some time it was the one of the Linux box I tried to set up.
The Result
So the situation was that two computers were stealing each other’s IP. This “IP sharing” lead to the effect that for a certain amount of time the Linux box got the IP, until the second computer requested a new IP from the DHCP server because it’s lease expired. Then the IP switched, until the Linux computer’s requested its IP and with this it switched back.
The pinging worked because both computer answered the pings, which was indistinguishable from the ping output, because it all came from the same IP. This “DHCP Samba” that the two computers danced took me some time to figure it out, but I am glad that I found it.
