DHCP Stack issue: 2024-10B Windows 11 update
Posted by demolishedBurrito@reddit | sysadmin | View on Reddit | 4 comments
Long time lurker, first time poster. After doing some troubleshooting I finally found an issue with some Dell PCs (may impact more) and the new Windows updates, 24H2 x64 2024-10B and 24H2 x64 2024-09B. After working with a brand new laptop, it would not connect to either our wired corporate network or our internal wireless due to DHCP issues. After diving into the logs, it appeared that the internal DHCP server was not providing any information to the problematic computer. It would, however, work when a static IP address was assigned or when the WiFi system was acting as DHCP. As soon as these updates were removed the problem was resolved.
Megatomic@reddit
We've been seeing similar problems on our network recently with regard to DHCP, but it isn't constrained to Windows devices. Same behavior though - you can see the client sending DHCP SYN's but the DHCP server does not reply. But only on some subnets, and only to some clients on the affected subnets. Problem does not affect only wireless clients or only wired clients. Behavior and packet inspection does not suggest a rogue server. DHCP helpers and routing tables on networking gear looks right.
I've pretty much ruled out network infrastructure as a problem but have been scratching my head at this and beginning to wonder if the issue is with the Windows DHCP servers (there are multiple, including two in a cluster and one standalone servicing another network segment). Did you find Microsoft KBs about this, or did you just remove the listed updates and find your DHCP problems disappeared?
demolishedBurrito@reddit (OP)
There wasn't anything in microsfts KB about it. I had the issue with a brand new laptop out of box. Had to reimage it to get the sucker to work. I was approving updates in WSUS and applied that particular update to a test group and all the same issues and symptoms came back. Rolled the test laptop back and bam, problem resolved. The 10B update was the only one applied to that group.
Megatomic@reddit
Ah, so you removed the update client-side, not server-side?
demolishedBurrito@reddit (OP)
Ah, looks like I missed that in the initial post. It was a client side windows 11 update pushed via WSUS. So yep, removed it client side and cleaned them out of wsus.