renew versus initial lease acquisition [was Re: who is using multiple failover pairs on the same server]

Wed Sep 3 15:02:22 UTC 2008

I just realized that the MCLT lease time is happening for all pools, but not 
for fixed-address leases.  I now remember that this is the way it is 
supposed to behave (I think).

But I have a problem:

Every time a lease gets renewed, it causes my XP workstation to reassert the 
DHCP-provided default gateway that I manually remove after boot-up in favor 
of my second NIC's default gateway (wireless).

Is there a way to have the renew process do nothing more than update the 
lease time when nothing else is changed?  Or conditionally provide the 
default gateway depending on whether or not it is the first time issuance? 
Any other ideas?

--
Gordon A. Lang

----- Original Message ----- 
From: "Gordon A. Lang" <glang at goalex.com>
To: <dhcp-users at isc.org>
Sent: Wednesday, September 03, 2008 10:33 AM
Subject: Re: who is using multiple failover pairs on the same server

>I am curious about the unique port number requirement.
> It seems to me that as long as it is a tcp connection that having the 
> remote ip addresses be different ought to be sufficient.
> Is there a problem with the code handling this, or is the "requirement" of 
> unique port numbers for some other reason?
> I am using 3.1.1.
>
> I have things working using all the same port number everywhere, and 
> omshell reports normal failover state for all servers.  But I am having 
> some issues. All (or at least most) DHCP requests using my new failover 
> pair are getting MCLT lease times initially, while the original two 
> failover pairs are issuing full least time leases.  The primary DHCP 
> server is the one issuing the lease, so why would it give the short least 
> time?  After half of MCLT the renew is giving the full lease time (at 
> least most of the time).
>
> Here is what I have:
>
> Four servers:
>    A, B, C, and D.
>
> Three failover pairs:
>    A(pri) - B(sec)
>    C(pri) - D(sec)
>    C(pri) - B(sec)
>
> Only the C-B pair is giving the short lease times.
>
> Any help is appreciated.
>
> Thanks.
>
> --
> Gordon A. Lang
>
> ----- Original Message ----- 
> From: "Glenn Satchell" <Glenn.Satchell at uniq.com.au>
> To: <dhcp-users at isc.org>
> Sent: Friday, August 08, 2008 8:04 AM
> Subject: Re: who is using multiple failover pairs on the same server
>
>
>>
>>>X-Authentication-Warning: angus.ind.WPI.EDU: cra set sender to 
>>>cra at WPI.EDU
>> using -f
>>>Date: Thu, 7 Aug 2008 23:49:39 -0400
>>>From: Chuck Anderson <cra at WPI.EDU>
>>>To: dhcp-users at isc.org
>>>Subject: Re: who is using multiple failover pairs on the same server
>>>Mail-Followup-To: dhcp-users at isc.org
>>>Content-Disposition: inline
>>>X-archive-position: 6891
>>>X-ecartis-version: Ecartis v1.0.0
>>>X-original-sender: cra at WPI.EDU
>>>List-software: Ecartis version 1.0.0
>>>X-List-ID: <dhcp-users.isc.org>
>>>X-list: dhcp-users
>>>
>>>On Thu, Aug 07, 2008 at 10:46:20PM -0400, Gordon A. Lang wrote:
>>>> I have it working, and it works just fine so far, but I haven't put it
>>>> under load yet.
>>>
>>>I have been doing this for about 7 years now, first with 5 servers,
>>>now with 3 in a hub-and-spoke arrangement where the hub is the primary
>>>for all failover peer relationships.  No issues, just be sure you use
>>>unique failover peer names for each pair of servers, and unique port
>>>numbers (I use the same port number and peer port number within each
>>>peer relationship, but of course different ports for the different
>>>failover peer relationships).
>>>
>>>> But my concern is whether or not this sort of configuration might
>>>> challenge the code in a way that hasn't been tested and/or in a way 
>>>> that
>>>> will affect performance/capacity of the servers.
>>>>
>>>> The reason for my concern is because a person working for an IPAM
>>>> software vendor has asserted that ISC DHCP should not be trusted to do
>>>> any failover relationships other than single pairing based on their
>>>> testing.
>>>>
>>>> Is there any possible validity to his claim?
>>>
>>>Well, they haven't tested it, therefore they don't trust it.  I've
>>>been using it in a production network for about 7 years, and I trust
>>>it completely.
>>>
>>>> Is the code that mates leases to the correct failover peer tricky or
>>>> something?
>>>
>>>No, I wouldn't think so.
>>>
>> I think there was a change around 3.1.0. In earlier releases the
>> pairing was based on ip address and maybe port. In the later release
>> the failover name is used.
>>
>> I agree, the setup has been running fine for me for about 3-4 years
>> where I set it up, although I don't look after it any more.
>>
>> regards,
>> -glenn
>>
>>
>
>
> 