A failure of one dhcp server causes that the second one also is going to fail
Mikhail Morfikov
mmorfikov at gmail.com
Fri Nov 7 19:08:32 UTC 2014
I'm trying to set up two servers in order to use the dhcp failover protocol.
I've configured both of them in a similar way, and they work. One of the server
has IP address 192.168.1.1 (primary), the other 192.168.1.2 (secondary).
Here's the startup log from the main server:
Nov 7 18:52:04 the-mountain dhcpd: Wrote 0 deleted host decls to leases file.
Nov 7 18:52:04 the-mountain dhcpd: Wrote 0 new dynamic host decls to leases file.
Nov 7 18:52:04 the-mountain dhcpd: Wrote 0 leases to leases file.
Nov 7 18:52:04 the-mountain dhcpd:
Nov 7 18:52:04 the-mountain dhcpd: No subnet declaration for eth0 (10.1.20.140).
Nov 7 18:52:04 the-mountain dhcpd: ** Ignoring requests on eth0. If this is not what
Nov 7 18:52:04 the-mountain dhcpd: you want, please write a subnet declaration
Nov 7 18:52:04 the-mountain dhcpd: in your dhcpd.conf file for the network segment
Nov 7 18:52:04 the-mountain dhcpd: to which interface eth0 is attached. **
Nov 7 18:52:04 the-mountain dhcpd:
Nov 7 18:52:04 the-mountain dhcpd: failover peer dhcp-failover: I move from recover to startup
Here I started the second server (logs still come from main server):
Nov 7 18:52:06 the-mountain dhcpd: failover peer dhcp-failover: peer moves from unknown-state to recover
Nov 7 18:52:06 the-mountain dhcpd: failover peer dhcp-failover: requesting full update from peer
Nov 7 18:52:06 the-mountain dhcpd: failover peer dhcp-failover: I move from startup to recover
Nov 7 18:52:06 the-mountain dhcpd: Sent update request all message to dhcp-failover
Nov 7 18:52:06 the-mountain dhcpd: failover peer dhcp-failover: peer moves from recover to recover
Nov 7 18:52:06 the-mountain dhcpd: failover peer dhcp-failover: requesting full update from peer
Nov 7 18:52:06 the-mountain dhcpd: Update request all from dhcp-failover: sending update
Nov 7 18:52:06 the-mountain dhcpd: failover peer dhcp-failover: peer update completed.
Nov 7 18:52:06 the-mountain dhcpd: failover peer dhcp-failover: I move from recover to recover-done
Nov 7 18:52:06 the-mountain dhcpd: Sent update done message to dhcp-failover
Nov 7 18:52:06 the-mountain dhcpd: failover peer dhcp-failover: peer moves from recover to recover-done
Nov 7 18:52:06 the-mountain dhcpd: Both servers have entered recover-done!
Nov 7 18:52:06 the-mountain dhcpd: failover peer dhcp-failover: I move from recover-done to normal
Nov 7 18:52:06 the-mountain dhcpd: balancing pool 9e45f0 192.168.1.0/24 total 91 free 91 backup 0 lts 45 max-own (+/-)9
Nov 7 18:52:06 the-mountain dhcpd: balanced pool 9e45f0 192.168.1.0/24 total 91 free 46 backup 45 lts 0 max-misbal 14
Nov 7 18:52:06 the-mountain dhcpd: Sending updates to dhcp-failover.
Nov 7 18:52:06 the-mountain dhcpd: failover peer dhcp-failover: peer moves from recover-done to normal
So, it looks like that everything went according to plan -- both servers are up and working.
The following log is from the client machine:
Nov 7 19:01:52 red-viper dhclient: DHCPDISCOVER on wlan1 to 255.255.255.255 port 67 interval 14
Nov 7 19:01:53 red-viper dhclient: DHCPREQUEST on wlan1 to 255.255.255.255 port 67
Nov 7 19:01:53 red-viper dhclient: DHCPOFFER from 192.168.1.1
Nov 7 19:01:53 red-viper dhclient: DHCPACK from 192.168.1.1
Nov 7 19:01:53 red-viper dhclient: bound to 192.168.1.205 -- renewal in 27 seconds.
Nov 7 19:02:20 red-viper dhclient: DHCPREQUEST on wlan1 to 192.168.1.1 port 67
Nov 7 19:02:20 red-viper dhclient: DHCPACK from 192.168.1.1
Nov 7 19:02:20 red-viper dhclient: bound to 192.168.1.205 -- renewal in 27 seconds.
Nov 7 19:02:47 red-viper dhclient: DHCPREQUEST on wlan1 to 192.168.1.1 port 67
Nov 7 19:02:47 red-viper dhclient: DHCPACK from 192.168.1.1
Nov 7 19:02:47 red-viper dhclient: bound to 192.168.1.205 -- renewal in 25 seconds.
It looks like that leases also work as expected.
Now I simulated a failure of the secondary server -- I just turned it off:
Nov 7 19:05:07 red-viper dhclient: DHCPACK from 192.168.1.1
Nov 7 19:05:07 red-viper dhclient: bound to 192.168.1.205 -- renewal in 30 seconds.
Nov 7 19:05:37 red-viper dhclient: DHCPREQUEST on wlan1 to 192.168.1.1 port 67
Nov 7 19:05:38 red-viper dhclient: DHCPACK from 192.168.1.1
Nov 7 19:05:38 red-viper dhclient: bound to 192.168.1.205 -- renewal in 32 seconds.
As you can see, for a while the primary server works as it should, but about a minute after
the failure, it sees that the other server is missing (log from the server):
Nov 7 19:06:10 the-mountain dhcpd: timeout waiting for failover peer dhcp-failover
Nov 7 19:06:10 the-mountain dhcpd: peer dhcp-failover: disconnected
Nov 7 19:06:10 the-mountain dhcpd: failover peer dhcp-failover: I move from normal to communications-interrupted
And after this, the client can't get a lease anymore:
Nov 7 19:06:10 red-viper dhclient: DHCPREQUEST on wlan1 to 192.168.1.1 port 67
Nov 7 19:06:15 red-viper dhclient: DHCPREQUEST on wlan1 to 192.168.1.1 port 67
Nov 7 19:06:27 red-viper dhclient: DHCPREQUEST on wlan1 to 192.168.1.1 port 67
Nov 7 19:06:39 red-viper dhclient: DHCPDISCOVER on wlan1 to 255.255.255.255 port 67 interval 8
Nov 7 19:06:47 red-viper dhclient: DHCPDISCOVER on wlan1 to 255.255.255.255 port 67 interval 13
Nov 7 19:07:00 red-viper dhclient: DHCPDISCOVER on wlan1 to 255.255.255.255 port 67 interval 10
Nov 7 19:07:10 red-viper dhclient: DHCPDISCOVER on wlan1 to 255.255.255.255 port 67 interval 12
Nov 7 19:07:22 red-viper dhclient: DHCPDISCOVER on wlan1 to 255.255.255.255 port 67 interval 18
Nov 7 19:07:40 red-viper dhclient: No DHCPOFFERS received.
Nov 7 19:07:40 red-viper dhclient: No working leases in persistent database - sleeping.
It's because the dhcpd process on the first server died. So there's no dhcp server in the network in this moment.
I don't get it -- there were two dhcp servers, they were working in failover mode, and when one of them went
offline, the second one also refused to work and committed suicide, and died. :)
I think it's not the way this should work, so what did I do wrong?
Both servers have version 4.2.4.
Below are two config files, one for each server:
------------------------------------------------------------------------
#
# /etc/dhcpd.conf for primary DHCP server
#
authoritative;
ddns-update-style none;
failover peer "dhcp-failover" {
primary;
address 192.168.1.1;
port 520;
peer address 192.168.1.2;
peer port 519;
max-response-delay 60;
max-unacked-updates 10;
mclt 3600;
split 128;
load balance max seconds 3;
}
default-lease-time 60;
min-lease-time 60;
max-lease-time 60;
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option domain-name "mhouse.lh";
option domain-name-servers 192.168.1.1;
# option ntp-servers 192.168.1.1;
always-broadcast true;
pool {
failover peer "dhcp-failover";
default-lease-time 60;
min-lease-time 60;
max-lease-time 60;
range 192.168.1.160 192.168.1.250;
}
}
subnet 10.1.0.0 netmask 255.255.0.0 {
}
group {
use-host-decl-names on;
host the-hound {
# option host-name "the-hound";
hardware ethernet 3c:4a:92:00:4c:5b;
fixed-address 192.168.1.150;
}
host samknows {
# option host-name "samknows";
hardware ethernet e8:94:f6:c4:00:2a;
fixed-address 192.168.1.20;
}
}
------------------------------------------------------------------------
------------------------------------------------------------------------
#
# /etc/dhcpd.conf for secondary DHCP server
#
authoritative;
ddns-update-style none;
failover peer "dhcp-failover" {
secondary;
address 192.168.1.2;
port 519;
peer address 192.168.1.1;
peer port 520;
max-response-delay 60;
max-unacked-updates 10;
load balance max seconds 3;
}
default-lease-time 60;
min-lease-time 60;
max-lease-time 60;
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option domain-name "mhouse.lh";
option domain-name-servers 192.168.1.1;
# option ntp-servers 192.168.1.1;
always-broadcast true;
pool {
failover peer "dhcp-failover";
default-lease-time 60;
min-lease-time 60;
max-lease-time 60;
range 192.168.1.160 192.168.1.250;
}
}
subnet 10.1.0.0 netmask 255.255.0.0 {
}
group {
use-host-decl-names on;
host the-hound {
# option host-name "the-hound";
hardware ethernet 3c:4a:92:00:4c:5b;
fixed-address 192.168.1.150;
}
host samknows {
# option host-name "samknows";
hardware ethernet e8:94:f6:c4:00:2a;
fixed-address 192.168.1.20;
}
}
------------------------------------------------------------------------
More information about the dhcp-users
mailing list