Getting this error message on popup on your Windows 7 PC?
Windows has detected an IP address conflict
Duplicate IP Address 0.0.0.0
The system has detected an address conflict for IP address 0.0.0.0 with the system having network hardware address EE-AA-EE-EE-AA-EE. Network operations on this system may be disrupted as a result.
It might not be a real IP address conflict problem!
If you happen to be running in a Cisco switch environment ie. running on 2960s, there’s a feature that maybe enabled by default globally called “IP device tracking” which is causing Windows 7 PCs (Windows Vista and above) to report a false positive.
Cisco’s IP device tracking feature sends out a Layer 2 ARP (Address resolution protocol) probe sourced from 0.0.0.0 address to a connected PC in order to maintain it’s internal IP device cache. When this packet is received during Window’s “Duplicate Address detection” phase, Windows detects this as an IP address conflict.
RFC 5227 – IPv4 Address Conflict Detection
Windows 7 utilizes IP address conflict detection described by RFC 5227 during the DHCP process to detect if there are any hosts on the network using the same IP. The Window system wishing to obtain an IP from the DHCP server does that by sending a gratuitous ARP (layer 2 broadcast) with a source IP address of 0.0.0.0 with a source physical address containing the hosts mac address and a target IP address of the IP received during the DHCPOFFER. If there is a system that already owns this IP, the defending node will send an ARP reply with a sender IP address and MAC address of the defending node and the target IP address that is being requested. Once the offender sees a packet with a target IP address that it is requesting for it knows that there is another host with the IP already configured. It then notifies the DHCP server to reject this offer using a DHCPDECLINE message. This detection process can take up to 10 seconds.
DHCP Server – Received DHCPDECLINE from requesting system, and oftens marks this IP as being used and distributes another IP
Offending host – Displays an IP address conflict error message, and attempts to obtain another IP via DHCP
Defending host – Displays an IP address conflict error message but can continue to use the assigned IP
IP Device tracking Probe and Windows IP Address Conflict Detection
Since Cisco IOS switches with IP device tracking sends out ARP probes periodically, approximately every 30s. There is a likelihood that when this packet arrives during Window’s IP address conflict detection phase the system will report the IP address conflict error.
DHCP client – Stays in a loop and keeps requesting for an IP address but stuck as it receives a Cisco probe. Can lose static DHCP assignments. Worse case loses network connectivity
DHCP Server – Keeps receiving DHCPDECLINE message