I have set up a Mikrotik CRS125-24G with RouterOS 6.41.2 in a small business environment with a single Active Directory domain. Originally the domain was on a single Windows 2003 DC (DC1), and I converted it (P2V) to a VM on an ESXi 6.0 platform. I noticed it occupied multiple IPs from my (new at the time) Mikrotik DHCP server. This seemed odd, but wasn’t appearing to hurt anything except eating my IP pool, and I had other things to fix. We eventually moved the FSMO roles to a Server 2016 OS (DC2), demoted the 2003 DC (DC1), and upgraded the domain from 2003 to 2016 compatibility. Everything was fine, although I was starting to feel the pinch on IP addresses, so I set the unused IPs to an unused subnet using static assigned IPs in the Mikrotik DHCP leases. A few weeks ago I added another Server 2016 DC (cleverly named DC1), and everything seemed fine until I ran into some issues with GPO replication. TLDR: I deleted those static assignments and the Burflags registry tweak got GPO to replicate just fine. But now I look in the Mikrotik at my DHCP leases, and I’ve got 11 IPs handed out to DC2. The “Expires After” timer is ticking, and the active host name is DC2, so it looks convincingly like my secondary domain controller is requesting lots of addresses from DHCP, despite it having only a single NIC. The NIC returns only the static-assigned-via-DHCP IP when I do an IPCONFIG from the OS, and none of the additional IPs appear to be pingable.
So, DC1 now exists as a VM on an ESXi 6.5 vhost. DC2 is a VM on an ESXi 6.0 vhost. We are in the process of moving all VMs from the 6.0 to the 6.5 vhost, but don’t have VMotion licensed (yet) so that’s an ongoing manual process. No other machine on my network appears to be asking DHCP for additional IPs, including the DC with the PDC role (handing FSMO roles back and forth between DC1 and DC2 never causes DC1 to request multiple IPs). I understand that the first question may be “why not just set a static IP on your domain controllers and be done with it”, which is fair, but I would prefer to manage all of my IPs using static assignments in the Mikrotik, because it appears to work well and is a single place to manage, view and document all the active IPs on the network.
With all that background info, can anyone tell me why one computer might be asking for all these unused IPs? Is this a Mikrotik issue someone has seen before, or a Server 2003/2016 issue, or maybe an issue with ESXi 6.0, or did I just discover a perfect storm? It’s more of a nuisance issue, and for the most part hasn’t seemed to have any negative effect on the network.
Thanks for reading my story, and thanks in advance for any suggestions. 