DHCP / Cisco IPhelper - Problem to get valid IP-Adresses

Christian Binder binder.christian at gmx.de
Thu Jul 31 13:12:16 UTC 2008 

Hello, 

we are running into troubles by getting the correct IP-Adresses for the Clients.

Here are the boundary conditions (if you need more, please ask):

1. We have a dhcp-failover with ISC-DHCP v. 3.0.1 / RHEL 4. The servers have the following 
adresses:
Hostname					     IP
bam		(master)					192.168.1.4/24
bad		 (slave)	  				  192.168.1.8/24

The failover is configured as described in the docs:

bam:

# GLOBAL-Parameter
#
#
authoritative;
ddns-update-style none;
#
option slp-directory-agent true 192.168.1.10, 192.168.1.201, 192.168.1.202;
option slp-service-scope true POR-SCOPE;
option nds-servers 192.168.1.10, 192.168.1.200, 192.168.1.202, 192.168.1.203,  192.168.1.201;
option nds-tree-name COMPANY;

#
#default-lease-time 86400;
#max-lease-time 86400;
#
# @failover
failover peer "dhcp-failover" {
        primary;
        address 192.168.1.4;
        port 520;
        peer address 192.168.1.8;
        peer port 520;
        max-response-delay 30;
        max-unacked-updates 10;
        load balance max seconds 3;
        mclt 600;
        split 128;
        load balance max seconds 3;
}
#
--
#####
bad:
# GLOBAL-Parameter
#
#
authoritative;
ddns-update-style none;
#
option slp-directory-agent true 192.168.1.10, 192.168.1.201, 192.168.1.202;
option slp-service-scope true POR-SCOPE;
option nds-servers 192.168.1.10, 192.168.1.200, 192.168.1.202, 192.168.1.203,  192.168.1.201;
option nds-tree-name COMPANY;
#
#
#
failover peer "dhcp-failover" {
        secondary;
        address 192.168.1.8;
        port 520;
        peer address 192.168.1.4;
        peer port 520;
        max-response-delay 30;
        max-unacked-updates 10;
        load balance max seconds 3;
#       mclt 600;
#       split 128;
        load balance max seconds 3;
}


2. We need to do both, fixed adresses and pools 192.168.X.10 to 192.168.X.15 in each subnet, serving five different subnets.
3. The failover mechanism  for the pools works very well and has been tested. 
4. Between the subnets, there are cisco routers, configured with the IP-Helper to our dhcp-Servers. Unfortunatley, we have a external company, which does the administration of the ciscos. If you need more information about the ciscos, I try to get this.
5. The client OSes are mainly Windows 2000 SP4 and a few Linuxclients.

Problem Description:
We had to move some PCs from one subnet to another because of reorganization. 
The hosts have the following entries in the /etc/dhcpd.conf:

host client001 {
                hardware ethernet 00:0e:0c:c5:11:86;                
                # fixed-address 192.168.3.140; # adress of the old net
                fixed-address 192.168.4.198; # adress of the new one
                option host-name "client001";
                }



We moved the host entries from the old subnet declariation to the new and changed the IP -Entry (e.g. 192.168.3.140 to 192.168.4.198) . 
The client became on the new subnet a adress from the old subnet, but there was naturally no network connection because the Cisco is configured for the new subnet.
(I hope, I found the right words for this symptom, it is really strange...) 

We tried to do a ipconfig /release and a ipconfig /renew, but the client gets still a adress of the old subnet. 

On the dhcp-Servers, the following is logged in /var/log/messages:

bam (master):

[root at bam ~]# cat /var/log/messages | grep "192.168.3.140"
Jul 28 16:00:48 bam dhcpd: DHCPREQUEST for 192.168.3.140 (192.168.1.8) from 00:0e:0c:c5:11:86 via 192.168.4.2: lease 192.168.3.140 unavailable.
Jul 28 16:00:48 bam dhcpd: DHCPNAK on 192.168.3.140 to 00:0e:0c:c5:11:86 via 192.168.4.2
Jul 28 16:00:48 bam dhcpd: DHCPREQUEST for 192.168.3.140 (192.168.1.8) from 00:0e:0c:c5:11:86 via 192.168.4.2: lease 192.168.3.140 unavailable.
Jul 28 16:00:48 bam dhcpd: DHCPNAK on 192.168.3.140 to 00:0e:0c:c5:11:86 via 192.168.4.2
[root at bam ~]#


bad (slave):

[root at bad ~]# cat /var/log/messages | grep "192.168.3.140"
Jul 28 16:00:37 bad dhcpd: DHCPOFFER on 192.168.3.140 to 00:0e:0c:c5:11:86 via 192.168.4.2
Jul 28 16:00:37 bad dhcpd: DHCPOFFER on 192.168.3.140 to 00:0e:0c:c5:11:86 via 192.168.4.2
Jul 28 16:00:48 bad dhcpd: DHCPREQUEST for 192.168.3.140 (192.168.1.8) from 00:0e:0c:c5:11:86 via 192.168.4.2
Jul 28 16:00:48 bad dhcpd: DHCPACK on 192.168.3.140 to 00:0e:0c:c5:11:86 via 192.168.4.2
Jul 28 16:00:48 bad dhcpd: DHCPREQUEST for 192.168.3.140 (192.168.1.8) from 00:0e:0c:c5:11:86 via 192.168.4.2
Jul 28 16:00:48 bad dhcpd: DHCPACK on 192.168.3.140 to 00:0e:0c:c5:11:86 via 192.168.4.2
[root at bad ~]#

The 192.168.4.2 is the address of the iphelper.
Are we doing something wrong on the dhcp-Severs (misconfiguration) or is this a 
indicate of a IP-Helper / Cisco misconfiguration ? 
What configuration infos about the Ciscos are further required, to adress the problem ? 
I will try to get these, please let me know.... 

Thank you,

Christian
-- 
GMX Kostenlose Spiele: Einfach online spielen und Spaß haben mit Pastry Passion!
http://games.entertainment.gmx.net/de/entertainment/games/free/puzzle/6169196

More information about the dhcp-users mailing list