Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

How I can delete dhcp leases from the database if csv import does not work?

[ Edited ]
New Member
Posts: 2
10523     0

Hi All,

I do have a distributed setup of infoblox appliances (4 of them).

Unfortunately my capacity report shows 348,000 dhcp leases which do not reflect my current state.

Most of them are abandoned some are locked to mac addresses.

scanvengers are not deleting them.

I tried csv import deletion but it does not work for dhcp leases.

How can I delete them so I empty my databases?.

at the moment all four of them are over 100% utilization.

 

Thanks for the help

 

Andrea

 

Capacity Report

 

A Record/Substitute (A Record) Rule/Substitute (IPv4 Address) Rule 56
Access Control Item 14
Admin 22
CNAME Record/Substitute Domain Name/Block/Passthru Rule 269
DHCP Custom Option 604
DHCP Fingerprints 266
DHCP Lease 348602
DHCP Option Fingerprint 691
DHCP Range 67
DHCP Vendor Id Fingerprint 48
Fixed Address 2259
Host 46891
Host Address 46902
Host Alias 609
NS Record 57
Network 156
PTR Record/Substitute (PTR Record) Rule 45
Role 11
Router 107
Zone 105
Zone Delegated Server 31
Zone SOA 79
Other 4199

 

IB-1410 / IB-820

 

aRe: How I can delete dhcp leases from the database if csv import does not work?

Techie
Posts: 8
10524     0

Hi Andrea,

 

Did you try enabling DHCP lease scavenging which can help you to automatically delete free and backup leases that remain in the database beyond the number of days or weeks that you specify. It can be enabled as below.

 

Annotation 2019-03-26 01273.jpg

 

IP addresses are marked as Abandoned for one of two reasons:

 

1. Before a DHCP server offers a lease to the client, it sends an ICMP echo request to the IP Address. If the DHCP server receives an ICMP echo reply, the DHCP server marks the IP address as Abandoned.

 

2. After a client receives a 'DHCPACK' packet for a requested IP address, the client sends an ARP request to check if the requested IP is being used in the network. If the client gets an ARP response, the client sends a 'DHCPDECLINE' message to the DHCP server and the server marks the IP address as Abandoned.

 

The abandoned IPs will be reclaimed by the DHCP server only when all the free IPs in the network have been leased out. After all the free IPs in the network are leased out, the Infoblox DHCP server will try to reclaim the Abandoned IP's. To reclaim an abandoned IP, the appliance will again send an ICMP echo request to each abandoned IP Address in turn. If it does not get an echo reply, then the DHCP server will mark the IP as free and give it to the client that is requesting an IP Address. If the client receives an ARP response as detailed above, it will send a 'DHCPDECLINE' and the IP will again be marked Abandoned

 

These abandoned leases can be fixed from your end by checking the clients in concern from the network level.

 

 

Thanks,

Alten Alexander

Re: aRe: How I can delete dhcp leases from the database if csv import does not work?

New Member
Posts: 1
10524     0

Thank you 

 

with your help  delete all the olds ips in my infoblox

 

From Mexico

Re: aRe: How I can delete dhcp leases from the database if csv import does not work?

New Member
Posts: 3
10524     0

Hi Alexander,

my name is Paolo and I have the same problem.

I have done an export about the Capacity Report, see below:

A Record/Substitute (A Record) Rule/Substitute (IPv4 Address) Rule11450
Access Control Item121
Admin Group13
CNAME Record/Substitute Domain Name/Block/Passthru Rule231
DHCP Custom Option83
DHCP Fingerprints469
DHCP Lease21915
DHCP Option Fingerprint2448
DHCP Range242
DHCP Vendor Id Fingerprint19
Fixed Address437
Host300
Host Address350
Host Alias28
Member View NAT Record10
NS Record722
Network243
PTR Record/Substitute (PTR Record) Rule4369
Recycle Bin70
Role16
Router289
SRV Record/Substitute (SRV Record) Rule144
TXT Record/Substitute (TXT Record) Rule3917
Threat Protection Rule4523
Threat Protection Rule Category359
Threat Protection Rule Parameter Definitions7366
Threat Protection Rule Parameters6798
Threat Protection Rule Template162
Zone308
Zone AD Server297
Zone Forwarder77
Zone Forwarding Server135
Zone SOA197
Zone Secondary Server341
Other11119

 

At the moment I'm not using dhcp service but only dns.

Could you help me to resolve the problem, ?

Many thanks for your time.

 

Awaiting your news.

 

Regards,

Paolo

Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Businesses are investing heavily into securing company resources from cyber-attacks form cybercrimin