DHCP Server Sanity Check Passed/Failed

11/02/2021 11 People found this article helpful 466,173 Views

Description

The SonicWall security appliance includes a DHCP (Dynamic Host Configuration Protocol) server to distribute IP addresses, subnet masks, gateway addresses, and DNS server addresses to your network clients.

DHCP Server Sanity Check periodically checks the status of the DHCP resources to make sure all tables are correctly populated. The alert mainly verifies that the DHCP Server-specific internal tables (new, bound, renew, conflict) are populated correctly.

When the sanity test is run (by default runs every 30 minutes or when one of the ports runs out of resources), DHCP Server will log Sanity Pass or Failed messages.

Resolution

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

When the sanity test is run (by default runs every 30 minutes or when one of the ports runs out of resources), DHCP Server will log messages as below :

DHCP Server Sanity Check Passed.
DHCP Server Sanity Check Failed.

If the DHCP Server Sanity Check Passed is seen, it means that the specific internal tables (new, bound, renew, conflict) are populated correctly.

If the DHCP Server Sanity Check Failed is seen, it means that the specific internal tables (new, bound, renew, conflict) are not populated correctly. Hence, make the following changes :

Navigate to NETWORK | System| DHCP Server.
Click on ADVANCED > Others.
Enable option - Aggressively and fully recycle expired DHCP leases in advance.
Go to firewall Internal settings - How to access internal settings of firewall
Enable DHCP Server Network Pre-Discovery : Disable it
Time interval of DHCP lease database to be refreshed : Change this to 60 seconds.
Number of DHCP leases in database to be refreshed : Change this to 30.

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

When the sanity test is run (by default runs every 30 minutes or when one of the ports runs out of resources), DHCP Server will log messages as below :

DHCP Server Sanity Check Passed.
DHCP Server Sanity Check Failed.

If the DHCP Server Sanity Check Passed is seen, it means that the specific internal tables (new, bound, renew, conflict) are populated correctly.

If the DHCP Server Sanity Check Failed is seen, it means that the specific internal tables (new, bound, renew, conflict) are not populated correctly. Hence, make the following changes :

Navigate to MANAGE | Network | DHCP Server.
Click on ADVANCED > Others.
Enable option - Aggressively and fully recycle expired DHCP leases in advance.
Go to firewall Internal settings - How to access internal settings of firewall
Enable DHCP Server Network Pre-Discovery : Disable it
Time interval of DHCP lease database to be refreshed : Change this to 60 seconds.
Number of DHCP leases in database to be refreshed : Change this to 30.