Hi All,

As I’ve explained in my previous the series is taking a bit of a turn here and we’re going to start some blogs about remediation instead of just monitoring. I’ll link back to a previous blog and will explain how we automatically react to these issues within our RMM, if you do not have an RMM – Don’t worry! We’ll include the monitoring + remediation script so you can combine the scripts any way you’d like.

The second monitoring and remediation we’re getting on is a full DHCP-scope and auto-remediate when the scope is completely full. We’ll monitoring several aspects such as the amount of free IP’s, the scope status and lease-time, we’ll also try to clean the scope if it reaches a full state for very old leases or BAD_ADDR’s. Remember that if you bump into this issue a lot it’s better to increase scope size or manage your devices and network 🙂

To start we’re quickly building a monitoring set to check how full the DHCP scope currently is:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

$ExpectedFree = "10"
$Stats = Get-DhcpServerv4ScopeStatistics

foreach($pool in $stats){
if($pool.Free -lt $ExpectedFree){
$ScopeStatus += "$($Pool.ScopeId) has $($Pool.free) left"
}
}

if(!$ScopeStatus ){ $ScopeStatus  = "Healthy"}

if we check $ScopeStatus we’ll see that it has a health state of “healthy” if there are enough addresses, if it only has a couple we will see exactly how much addresses are left and we can respond on that.

Next to checking the scope Free Addresses status we’ll also want to see exactly what the status is of these leases – Every non-active lease could be an issue as it might be a BAD_ADDR or a reservation that is no longer required:

1
2
3
4
5
6

$Leases = Get-DhcpServerv4Scope | Get-DhcpServerv4Lease
foreach($lease in $leases | where-object { $_.AddressState -ne "Active" }){
$LeaseStatus += "$($lease.IPAddress) has a state of $($lease.AddressState)"
}
if(!$LeaseStatus ){ $LeaseStatus  = "Healthy"}

Now that we have the list of addresses, lets try to resolve the issue of a full scope. To do this we’re going to compare the age of old addresses, try to ping them and clear the lease if they do not respond.
DISCLAIMER:
Remember that a device does not lose its connection when you clear the scope of old addresses, but you could get duplicate IP’s if the device is still online. The check’s we do are not very extensive, and you need to evaluate if you want to use this in your network, or look at a better solution such as increasing scope size. Do NOT use this if you have devices that do not reply to ping, we will only kick off addresses that are older than your own set thresholds, Customize these to your environment.

1
2
3
4
5
6
7

$Time = (get-date).addhours(+6)
$Leases = Get-DhcpServerv4Scope | Get-DhcpServerv4Lease
Get-DhcpServerv4Scope | Remove-DhcpServerv4Lease -BadLeases
foreach($lease in $leases | where-object { $_.LeaseExpiryTime -gt $days }){
Remove-DhcpServerv4Lease -ScopeID $lease.ScopeId -ClientId $lease.ClientId
}

So that’s it – We’re deleting all leases that have a expire of right now, +6 hours, and the addresses that the DHCP server has registered as “bad”. You can change these to your own preference of course.

Happy scripting!