DHCP Failover cluster uses MCLT value as lease time
Glenn Satchell
glenn.satchell at uniq.com.au
Mon Feb 16 10:58:53 UTC 2015
It's exactly as designed. The server hands out that initial lease without
contacting the partner for performance reasons. This is from the
dhcpd.conf man page:
The mclt statement
mclt seconds;
The mclt statement defines the Maximum Client Lead Time.
It must be specified on the primary, and may not be speci-
fied on the secondary. This is the length of time for
which a lease may be renewed by either failover peer
without contacting the other.
The draft-ietf-dhc-failover document goes into great detail describing how
failover works, how lease times are managed, and why this is done. It's
not included with the current ISC distribution, but can be easily
downloaded separately from sites such as
https://tools.ietf.org/html/draft-ietf-dhc-failover-12
The dhcpd man page also has information on failover.
regards,
-glenn
--
Glenn Satchell | Today is the past
Uniq Advances Pty Ltd http://www.uniq.com.au | that people in
Mobile 0409 458 580 | the future will
Member System Admin Guild http://www.sage-au.org.au | dream about.
On Mon, February 16, 2015 8:19 pm, Gordon Grubert wrote:
> Hello,
>
> we are using a common dhcp failover cluster like described on
>
> https://kb.isc.org/article/AA-00502/0/A-Basic-Guide-to-Configuring-DHCP-Failover.html
>
> on debian 7 and an ldap-based storage backend (dhcp server version
> 4.2.2).
>
> We have configured a global lease time of 24h but our clients will got
> a lease time of 30 minutes. Then, we traced the connection on the
> client and the server side. We found, that both the servers send DHCP
> OFFER packages where the lease time value is set with the MCLT value of
> the failover cluster. We could reproduces this by setting arbitrary
> MCLT values.
>
> Sending DHCP RENEW requests one after another, the server beginns to
> send the correct lease time of 24h. But every time, when the client
> send the initial DISCOVER, he gets a lease time which is the MCLT value
> of the cluster.
>
> Is this is bug or a feature?
>
>
> Here, the basic part of our configuration
> =========================================
>
> Primary
> *******
>
> authoritative;
> max-lease-time 86400;
> default-lease-time 86400;
> failover peer "dhcp-failover" {
> primary;
> address IP-PRI;
> port 519;
> peer address IP-SEC;
> peer port 520;
> max-response-delay 30;
> max-unacked-updates 10;
> load balance max seconds 3;
> mclt 1800;
> split 128;
> }
> subnet x.y.z.0 netmask 255.255.255.0 {
> option subnet-mask 255.255.255.0;
> option domain-name "DOMAINNAME";
> option routers x.y.z.1;
> option broadcast-address x.y.z.255;
> pool {
> range x.y.z.50 x.y.z.109;
> deny dynamic bootp clients;
> failover peer "dhcp-failover";
> }
> }
>
>
> Secondary
> *********
>
> authoritative;
> max-lease-time 86400;
> default-lease-time 86400;
> failover peer "dhcp-failover" {
> secondary;
> address IP-SEC;
> port 520;
> peer address IP-PRI;
> peer port 519;
> max-response-delay 30;
> max-unacked-updates 10;
> load balance max seconds 3;
> }
> subnet x.y.z.0 netmask 255.255.255.0 {
> option subnet-mask 255.255.255.0;
> option domain-name "DOMAINNAME";
> option routers x.y.z.1;
> option broadcast-address x.y.z.255;
> pool {
> range x.y.z.50 x.y.z.109;
> deny dynamic bootp clients;
> failover peer "dhcp-failover";
> }
> }
>
> Best regards,
> Gordon
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
More information about the dhcp-users
mailing list