DHCP Failover and duplicate responses
David W. Hankins
David_Hankins at isc.org
Thu Sep 6 20:59:14 UTC 2007
On Wed, Sep 05, 2007 at 04:27:26PM -0500, Cory Meyer wrote:
> The reason as to why this might be an issue is that in our production
> enviroment our routers are setup with 2 ip helper-address statements. One
> to the primary and one to the secondary server. Option
> dhcp-server-identifier is set to the local GW for that network. This means
> that DHCREQUEST packets will be sent to both servers. Normally with both
The failover software wasn't designed for this scenario.
If you look in server/dhcp.c, you'll find a lengthy comment starting
with "If it's RENEEWING,"...
What it comes down to is that clients RENEWING will unicast, so if
a server gets a RENEWING DHCPREQUEST, then only it *can* answer, so
it must.
Clients only get to the REBINDING state if RENEWING times out. So if
the client is REBINDING, the server also wants to answer on the basis
that the other server has been lame with renewals, failing to answer.
So the design decision is to answer all DHCPREQUESTs so long as it is
legally allowed to.
Since you've made a change to the protocol here - and caused every
RENEWING client to appear as though REBINDING - you may want to
revisit this design decision and make some code changes to the server.
--
Ash bugud-gul durbatuluk agh burzum-ishi krimpatul.
Why settle for the lesser evil? https://secure.isc.org/store/t-shirt/
--
David W. Hankins "If you don't do it right the first time,
Software Engineer you'll just have to do it again."
Internet Systems Consortium, Inc. -- Jack T. Hankins
More information about the dhcp-users
mailing list