Trouble setting up a failover dhcp-server

Sun Jul 25 15:22:42 UTC 2010

Hello All,

I'm trying to migrating a running dhcp server to failover dhcp server.

But I'm running into trouble. Some of clients can't get ip address from
the servers. On the logs, I see the clients mac-address is ACK-ed to an IP
Address, but it keeps requesting new ip address, and so on. (See the logs
in http://dhcplog.pastebin.com/n1PCb3yD).

The OS of client that can't get ip address is Windows XP service pack 2.
But when I tried to boot that client with Ubuntu Linux, they can get an ip
address and start to browse the internet.

But when I shutdown the failover dhcp server and switching back to old
dhcp server, The WinXP Client get their leases of IP Address from those
servers.

Is there anyone that having situation like I do? Is there any connection
between the experimental-status of the failover peer feature?

Btw, after I scan with antivirus the WinXP Clients, I get one files
infected with Conficker.HB. Is there any connection with this? IF this has
connection, then why when I switched back to my old dhcp server without
failover, my client get the ip address?

Thank you in advance for any advice.

--budiwijaya

Here's my config:

[dhcpd.conf]
ddns-update-style none;
ignore client-updates;

option domain-name "rootbox.or.id";
option domain-name-servers a.ns1.rootbox.or.id, a.ns2.rootbox.or.id;

default-lease-time 600;
max-lease-time 7200;

authoritative;

log-facility local7;

deny unknown-clients;

include "/etc/dhcp3/dhcpd-primary.conf";
include "/etc/dhcp3/dhcpd-pools.conf";
include "/etc/dhcp3/dhcpd-clients.conf";

[dhcpd-primary.conf]
failover peer "dhcp-area-a" {
	primary;
	address 192.168.20.86;
	port 647;
	peer address 192.168.20.87;
	peer port 647;
	max-response-delay 30;
	max-unacked-updates 10;
	load balance max seconds 3;
	mclt 1800;
	split 128;
}

[dhcpd-pools.conf]
subnet 10.10.6.0 netmask 255.255.255.0 {
 option domain-name-servers 203.114.226.34, 203.114.226.30;
 option domain-name "rootbox.or.id";
 option routers 10.10.6.1;
 pool {
  failover peer "dhcp-area-a";
  deny unknown-clients;
  max-lease-time 7200;
  range 10.10.6.50 10.10.6.250;
 }
}

subnet 10.31.1.0 netmask 255.255.255.0 {
 option domain-name-servers 203.114.226.34, 203.114.226.30;
 option domain-name "rootbox.or.id";
 option routers 10.31.1.1;
 pool {
  failover peer "dhcp-area-a";
  deny unknown-clients;
  max-lease-time 7200;
  range 10.31.1.50 10.31.1.250;
 }
}

shared-network bb-network {

        #DEKLARASI SUBNET 20
	subnet 192.168.20.0 netmask 255.255.255.0 {
	}

        #DEKLARASI SUBNET 25
	subnet 192.168.25.0 netmask 255.255.255.0 {
	 option domain-name-servers 203.114.226.34, 203.114.226.30;
	 option domain-name "rootbox.or.id";
	 option routers 192.168.25.1;
	 pool {
	  failover peer "dhcp-area-a";
          deny unknown-clients;
	  max-lease-time 7200;
	  range 192.168.25.6 192.168.25.231;
	 }
	}
}

[dhcpd-clients.conf]
 host budiwijaya-virtual-winxp { hardware ethernet 08:00:27:xx:xx:xx; }

And on the secondary-dhcp-server is slightly diferent on the
dhcpd-primary.conf
[dhcpd-primary.conf]
failover peer "dhcp-area-a" {
        secondary;
        address 192.168.20.87;
        port 647;
        peer address 192.168.20.86;
        peer port 647;
        max-response-delay 30;
        max-unacked-updates 10;
        load balance max seconds 3;
}