I seem to be facing a very weird problem on my local network. I have a linux machine (RHEL4) with the IP 192.168.1.190. In the morning, a windows user decided that he didn't like his IP anymore and changed it to 190.

This immediately caused the linux machine to go off the network. I changed the IP of the windows user and then deactivated and reactived the interface but to no avail. I still get the error message, "ip address is in use". Despite repeated reboots the interface refuses to come up with the same address but will work with a different address. Is there some sort of caching here? How do I force it to see that 190 is no longer in use by anyone else?

Well here the only caching would be the arp cache, which would never persist a reboot. can you try pinging that IP from another machine incase it actually is still available?

Yep already tried it. The IP is on constant ping from my own machine and starts to time out if I shutdown the linux machine (I was able to bring it up with the 190 IP).

I shutdown the machine for about 30 minutes and then restarted it. I was able to bring up the interface with the 190 IP again ... Either my machine is haunted or something somewhere is caching its IP address.

ehm...please explain this . who's ip is changed the one of the windows machine or of your linux box. and how the hell did the windows user change your ip ? i am aware that you wrote "his ip" but we are talking about the ip of your linux box, aren't we?

and why did the change of the windows ip cause your system to go offline *very puzzled*. if YOUR ip was 192.168.1.190 why is it now 190.168.1.190 when the windows user changed HIS ip to 190.168.1.190??? please explain this. i'm very curious.

thx, vadkutya

Perhaps your immediate reaction ought to be that you don't like him breathing anymore.

These IPs are 'hard coded' rather than handed out by DHCP, aren't they?

Well, I can see that it wouldn't be happy, but I'm surprised it didn't put up more of a fight...

The only thing I can think of is PPP (and presumably, PPPoE & PPPoA) which has a peculiar behaviour that it stacks the previous condition and pushes and pops set-ups. You aren't using some PPP variant, are you?
Have you checked resolv.conf, hosts and host.conf to see if there is anything surprising in one of those?

IMHO the OP was completely unambiguous and correct. So

No.

Because it is ethernet. Because two machines have colliding IPs in a collision domain, which can't be allowed (CSMA/CD is what 'drives' the operation of ethernet and if you haven't understood how this works, you haven't understood ethernet). Well, at least, that is clearly enough to stop it working, although why the Linux machine gives up more easily than the windows one is a bit mysterious.

The only other thing that comes to mind is that between the two you have a switch (not a hub) and that is, effectively, caching 'per branch' IPs. You'd expect that to time out quite quickly, though, wouldn't you?

Switches remember IP addresses. Slightly off-topic, but why on earth is a Windows user allowed to change his/her IP address?

right. mea culpa it's mysterious it's not puzzling...ehm forgive me the very, very, very wrong words. damn, i should have thought of it...man, it's mysterious. that's the correct word. well i'm still a noob. i always make the same mistake, sry again (no need to feel puzzled when you can feel mystified, hehe).

since we do not need to understand why the linux box went offline although it occupied the ip in first place, we still might--dare i say it--wonder, better would be; we still are mystified by the fact why the windows user was allowed to change his ip to an already exisiting one since this is not allowed as everybody knows who understands ethernet . especially if the ip's are "hard coded" (normal people would call them static ip but on occaison this doesn't sound...well...hard enough) well it seems the windows machine didn't understand it as well nor the user...

seriously, tough guy , there's a lot of puzzling things in this story and clearifing them would be a wee bit helpful, wouldn't it? could it be that i was poaching on foreign stomping grounds ?

mea maxima culpa,
vadkutya

p.s. i leave this now to your precious help

IMO giving up in case there is IP conflict makes sense, two Linux boxes would both give up I suspect. Haven't tried though. I know two Windows boxes on the same address continue fighting heroically, now, how much sense makes that?

Maybe that Windows user changed the IP number again. If he/she has done it once, then it can happen again. Or one of the other windows users are playing games with you.

How comes everyone is setting IP numbers on any PC's so freely?

Linux Archive

The windows machine IP is changed. The windows user was able to change his IP because we do not enforce a policy that stop them from doing so. I understand that it is good practice to enforce such a policy but we have a good reason for not doing it. When he changed his IP (or logged onto the network), my linux machine dropped off the network.

Just for you, i'll explain this once again.
1. Linux machine has IP 192.168.1.190
2. Windows user puts his machine on the network with the IP 192.168.1.190.
3. Linux machine drops from network but windows machine stays on.
4. Windows machine IP is changed to 192.168.1.200.
5. Linux machine interface is reactivated. No luck, says IP address already in use.
6. Linux machine is rebooted. Still no luck, says IP adress already in use.
7. Linux machine is switched off for some 20-30 minutes and brought back up. Works perfectly with no conflicts.
8. Profit?!?

I hope that makes it clear.

Yes, that was my reaction but seeing the management tag, I changed my mind pretty fast. And yes, the IPs are hard coded. I wish I could change that but i'm not a network tech, i'm actually a developer who's working with that machine.

resolv.conf says :
and host.conf says :
Sorry, I wish I could tell you if something was wrong there but I have very limited linux knowledge.

I found it extremely surprising as well. I was under the impression that in case of a conflict the first machine which already had a particular address would keep it and the intruding machine would not be allowed to join the network. But in this case the linux machine gave up to the windows machine (and still does) almost as soon as it sees a conflict. The windows machine did not so much as care if there was a conflict and just continued to ... work. Like a monster truck running over a cat ... :P

Yes we do have a switch and yes, I would expect it 'loose' the IP information fairly quickly. I have passed on this message to network tech but they say that it isn't possible. I'll be honest, all of us here have very limited knowledge when it comes to linux here so "impossible" is used mainly in terms of windows machines. Which is why, i'll run a test by conflicting the IP (on purpose) and restarting the switch to see if it's caching anything.

Thanks for the input guys, appreciate it.

Nah, don't think he can be arsed to play with a low-level monkey like me.

In certain cases we need to be able to change our IP's to be able to test our software. However this is a requirement of only a few machines and not all of them. I guess network tech cba to give and take access on a requirement basis ... can't think of any other reason really.

Nub, I also encountered same problem before, I just clear the arp cache on the switch. And maybe next time, you can secure all your users not to have administrative access on their machines. Sometimes, we need to go back to basic security

How do I go about clearing this cache? Is there an automated setting to disable this cache entirely or is it an inbuilt feature?

I am definitely going to make a push for a reduction in admin privileges of users, seems like I could have saved a few hours had those restrictions already been in place.

depends what switch you have. if it's not a manged switch, then it'll generally be a finger up it.