Classes and failover

Leif Arne Neset leifa at alfanett.no
Fri Jun 27 10:56:01 UTC 2008 

Rene Joergensen skrev:
> Hi there,
> 
> We have a problem with dhcpd 3.1.1 running in failover.
> 
> As i understand the implementation, when receiving a request, the two
> servers calculates who should reply to the request (configured via the
> "split" option).
> 
> What we're seeing is that both servers reply on requests which never
> reaches the client, maybe because the relay in the Cisco/Alcatel
> equipment gets confused.
> 
> But why do both of them reply?

Use Wireshark or something similar to have a look at the DHCPDISCOVER 
packets. My guess is that the field "seconds elapsed" in the packets are 
either 0 (zero) or larger than the value in the configuration option 
"max-response-delay". If this is true both servers are supposed to 
answer the discoverpackets.

Leif Arne Neset
leifa at alfanett.no



> 
> We use classes to limit the number of leases:
> 
> class "class3" {
>         match if exists agent.circuit-id;
>         spawn with option agent.circuit-id;
>         lease limit 2;
> }
> 
> And for circuits with fixed ip, there is a class defined:
> 
> class "TN-222827" { 
> 	match if option agent.unknown-6 = "TN-222827"; 
> 	lease limit 1; 
> }
> 
> And we then define a pool with the fixed IP, a pool with only one IP in
> the range, and deny them in the other pools.
> 
> What we see in the logs:
> 
> Jun 26 14:34:31 choke dhcpd: DHCPREQUEST for 194.19.142.187 from 00:07:e9:af:35:45 via 194.19.167.1
> Jun 26 14:34:31 choke dhcpd: DHCPACK on 194.19.142.187 to 00:07:e9:af:35:45 (eeyore) via 194.19.167.1
> 
> Jun 26 14:34:31 serv01 dhcpd: DHCPREQUEST for 194.19.142.187 from 00:07:e9:af:35:45 (eeyore) via 194.19.167.1
> Jun 26 14:34:31 serv01 dhcpd: DHCPACK on 194.19.142.187 to 00:07:e9:af:35:45 (eeyore) via 194.19.167.1
> 
> Normally it logs that is loadbalances, but not here.
> 
> Our configuration:
> 
> On the primary dhcpd:
> 
> failover peer "dhcp-failover" {
>   primary; 
>   address 194.19.194.18;
>   port 647;
>   peer address 194.19.194.29;
>   peer port 647;
>   max-response-delay 30;
>   max-unacked-updates 10; 
>   mclt 600;
>   split 128;
>   load balance max seconds 3;
> }
> 
> On the secondary dhcpd:
> 
> failover peer "dhcp-failover" {
>   secondary;
>   address 194.19.194.29;
>   port 647;
>   peer address 194.19.194.18;
>   peer port 647;
>   max-response-delay 30;
>   max-unacked-updates 10; 
>   load balance max seconds 3;
> }
> 
> Any ideas why? Is it because of the classes?
> 
> 
> 
> ------------------------------------------------------------------------
> 
> 
> No virus found in this incoming message.
> Checked by AVG. 
> Version: 8.0.101 / Virus Database: 270.4.1/1519 - Release Date: 25.06.2008 16:13
-------------- next part --------------

No virus found in this outgoing message.
Checked by AVG. 
Version: 8.0.101 / Virus Database: 270.4.1/1521 - Release Date: 26.06.2008 11:20

More information about the dhcp-users mailing list