The forums periodically raise the issue ofThe work of networks containing the same IP addresses in the same physical segment. It turns out the so-called IP address conflict in the network. After reading many of these forums, it becomes clear that not everyone correctly understands this process, so many people start to give out for the facts various fictions and guesses that are far from the truth. Not long ago, on one excellent resource of system administrators, this issue was vigorously discussed. In this regard, there was a need to somehow clarify the situation that has arisen. The format of forums is the exchange of chains consisting of questions and answers to them, and in the article you can talk about everything consistently.

Conflicting IP addresses on the network and network protocols

The only thing responsible for controlduplication of network addresses, is the protocol for converting ARP addresses. It is possible to present in a certain form all this interaction. When a new IP address is received, the Node A sends a special brokadast to the voluntary request in the ARP format. It is important to understand that the whole process is not affected by the IP address of the DNS server. The request is a special form of information transfer, in which the SPA and TRA fields contain their own addresses. If this query was answered, then this is the conflict of the IP address in the network. If there is no answer, then there are no duplicates for the address, and it is unique on the network. The situation is much more interesting when an answer comes, what happens in the network in this case?

A node sending a request to the network acquiresthe status of the so-called attacking node, and the one that responded to the request gets the status of the attacked node. What happens to each of them in the process of detecting this conflict?

Consider the attacking node. If it did not have a dynamic IP address, and the configuration is done manually, then after receiving the response, the address initialization is reset, that is, the node can not assign a conflicting address to the interface. A record of this will be recorded in the system log and an error will be displayed on the screen. If the address is configured via DHCP, the client will check for conflict the address that it received from the DHCP server in the special DHCPOFFER package. In the event that it appears that the address from DHCPOFFER is duplicate, after the client receives the response to the request, a special DHCPDECLINE package will be sent to the DHCP server. Depending on the implementation of the service, this address will be marked as faulty, after which it must be removed from the list of free addresses. After that, the client will make new attempts to get the ip address from the server by sending DHCPDISCOVER packages.

Now you can consider the IP address conflictnetwork from the attacked node. They conflict is very simple, if the field is a SPA, then a conflict is established by the node. This fact is also registered in a special event log, and the user receives an error notification. At the same time, the ip address, which caused the conflict, is not removed from the attacked node. After the conflict is established, a mechanism for resolving the conflict that has taken shape is beginning to work. The essence of the problem in this case is the following: after sending one voluntary request, all the clients of the segment are sent by a certain scheme. The result is the receipt of a picture from the sequential exchange of the three frames.

It is important to understand that the exchange of data by requests andanswers are made only at initialization of the address. If, for example, a node has been configured to a conflicting address before it connects to the network, then after it is turned on, there will be no exchange of data by voluntary requests. In this regard, both nodes of the network will use this conflicted address, but with each new ARP request, both nodes will generate an error about conflicting addresses.

</ p>