invalid DISCOVER packet - update
David W. Hankins
David_Hankins at isc.org
Mon Apr 9 16:16:25 UTC 2007
On Fri, Apr 06, 2007 at 02:05:21PM -0500, Duane Cox wrote:
> So what I found out was if I removed the "failover peer" declaration, then
> the server sends out an OFFER.
> If the failover peer exists in the config, then it does not.
'peer holds all free leases' is a bit overloaded. It can mean that
the server has no leases in its free state to allocate to the client.
But it can also mean that the client was not allowed access to any
of the available leases ("allow" or "deny" statements).
In your case, since the same config file minus failover nets an offer,
I think you can focus on the obvious case. But it's still a bit strange
since your clients should be advancing the 'secs' BOOTP header field,
this should disable LBA (load balancing), and so the other server
should be happy to offer.
So you are probably in some new and wonderful corner case.
Primary servers need 'free' leases to allocate to clients. Secondaries
need 'backup' leases. I often use this simple one-line awk script to
litmus test servers (collapse to all on one line):
awk 'BEGIN { curlease = ""; } /^lease / { curlease = $2; }
/^ binding state / { leases[curlease] = $3; }
END { for(lease in leases) { states[leases[lease]]++; }
for(state in states) { print state, states[state]; } }'
/var/db/dhcpd.leases
But it gets a little more hazy where you have multiple pools
protected by the failover relationship - you may need to focus on
the one pool that the clients in question are failing to get OFFERs
from.
> I have never had any problem with DISCOVERS before, and I've been running
> this failover peer setup for a VERY long time.
>
> If I post some configs, could somebody help me out?
What version?
There have been many bugs that could introduce a synchronization
failure in failover peers...all the known ones were repaired as
of 3.0.5, although 3.1.0a1 added at least one new one we still
haven't tracked down (or maybe it's an old one we just never
saw before).
--
ISC Training! http://www.isc.org/training/ training at isc.org
Washington DC area, April 16-20 2007. DNS & BIND, DDNS & DHCP.
--
David W. Hankins "If you don't do it right the first time,
Software Engineer you'll just have to do it again."
Internet Systems Consortium, Inc. -- Jack T. Hankins
More information about the dhcp-users
mailing list