I encountered an interesting case with a customer recently where expired leases were not getting deleted from the database. The customer had recently migrated from Windows Server 2008 R2 to a Windows Server 2012 R2 DHCP HA cluster configured for Failover. The symptoms were that some of the scopes were full, however exporting leases that were visible in the GUI showed that plenty of IP addresses should have been available.
A quick search revealed that there are practically no tools to troubleshoot the DHCP database and most articles that were available said DHCP scavenging "just works" and that DNS scavenging was where problems typically occur vs. DHCP scavenging. Fortunately this was Windows Server 2012 R2 and as with almost anything Windows Server 2012 R2, PowerShell came to the rescue.
Identifying The Problem
The easiest way to identify the problem is to dump the full DHCP scope and all of its leases, to include the ones that are not visible through the GUI. The following command will dump the entire database. Replace x.x.x.x with the IP address of the target scope:
get-dhcpv4serverlease -scopeid x.x.x.x -allleases | out-file leases.txt | notepad leases.txt
As shown in the following screen shot, the resulting file will show all leases, including expired leases. The telltale lease is the one circled in red. The lease expired months ago yet it is still in the database.
Additional research and filtering showed that over 300 such records were in the 192.168.0.0/22 scope alone, which is a significant number of IP addresses that were unavailable for DHCP clients.
The following steps will fix the problem while minimizing downtime and preventing IP conflicts from occurring.
Remove All Scopes From The Standby DHCP Server
Fix The Database On The Active Server
Recreate the DHCP HA Failover Cluster
Possible Root Cause
I am not completely certain as to why the problem occurred. However, the dates on all of the expired records were from the day the database was migrated from Windows Server 2008 R2 to Windows Server 2012 R2. All reservations created since the migration date were being properly scavenged. What I believe happened is that the Windows Server 2012 R2 HA failover partnership was created right after the database was migrated and any expired DHCP reservation entries were then unable to be scavenged during the DHCP service's normal scavenging process. After seeing this issue, if I am ever asked to migrate a DHCP database to a Windows Server 2012 R2 HA cluster, I will recommend dumping the database and verifying there are no expired DHCP leases prior to enabling the failover partnership.
This may have been a one off completely odd scenario that is unlikely to occur again, or it could be something more common that is due to a bug in Windows Server 2012 R2. If this post resolves anyone else's Windows Server 2012 R2 DHCP issues let me know via feedback and I will file a bug report if it appears to be more common than currently thought.
Im having this issue as well, having just migrated from server 2008 and setting up dhcp failover
Easier to just break the failovers and delete/replace the scopes...
Thanks a lot, seems to be helping. We had imported scopes from 2003 servers and migrated to 2012 R2...over time the leases were not showing in the console and were running out of IP addresses.
It seems actually, that a lot of leases from 2003 were set as "Active" but the lease date had long since expired (and the IP's were physically not in use by any device)...following your guide now I can see things being properly cleaned up. I will leave it cleaning
up for a few days and see the real situation, then set up the failover again.
We're seeing the same thing on a 2012 DHCP server that didn't have the databases imported from 2008 at all. We have a situation where the failover DHCP server is down and has been for a while (vm resource issues). More, we have it setup in active-active
mode with a 50/50 split - and the first DHCP server won't give out leases past half way unless you make a reservation.
I am having this issue, the first time the NIC/DHCP server was going crazy (randomly resetting the NIC). Tried changing the IP incase there was an ip conflict somewhere, that did not work. Demoted/retired that DHCP server/retired it and migrated the DHCP
to my secondary server, then spun up a new DHCP server to be the new hot standby. That was in Nov. The problem has returned again.