Restarting DHCP safely whilst avoiding partner-down state
Terry Burton
tez at terryburton.co.uk
Fri May 13 18:41:11 UTC 2016
On 13 May 2016 at 18:37, Sten Carlsen <stenc at s-carlsen.dk> wrote:
> There has been a number of times a discussion about restarting the DHCP
> server. AFAICT the official method is to kill it and start again.
This is not the case. See the recent article AA-01043 [1] quoted in my
initial post:
"kill is the recommended
option, except where there is a high turnover of leases and the
production environment requires a high degree of reliability from
DHCP. In that case, we'd suggest that administrators consider using
OMAPI to control the daemon instead and to request a graceful
shutdown. The reason for this is that there is the slight possibility
that by using kill, administrators may stop dhcpd in the middle of
appending a lease to the leases file (in which case it may become
corrupted). This risk, while tiny, may be significant enough for some
administrators to prefer to use OMAPI instead."
[1] https://kb.isc.org/article/AA-01043/0/Recommendations-for-restarting-a-DHCP-failover-pair.html
> On 13/05/2016 17:02, Terry Burton wrote:
>
> On 13 May 2016 at 15:57, Chuck Anderson <cra at wpi.edu> wrote:
>
> On Fri, May 13, 2016 at 03:23:25PM +0100, Terry Burton wrote:
>
> On 13 May 2016 at 14:22, Chuck Anderson <cra at wpi.edu> wrote:
>
> I don't know if a corrupted lease file would cause a failure to start
> the dhcp server, or if it would just go unnoticed, perhaps with a log
> message. But like I said, we've never had a failure to start the
> server that was caused by a lease file issue.
>
> In our experience leases files corrupted by other means can cause a
> failure to start. I don't recall whether that was due to mere
> truncation though...
>
> There is also the -T parameter to test the lease file:
>
> The -T flag can be used to test the lease database file in a similar
> way.
>
> It might be a good idea to also use this test before restarting.
> While it won't fix a corrupted lease file, it may prevent you from
> losing all DHCP service due to a failure to restart.
>
> I think this will require the leases file to be closed at the point of
> testing, i.e. the daemon has already exited.
>
> For the more general issue with systemd verifying the configuration
> see:
> https://lists.freedesktop.org/archives/systemd-devel/2016-May/036481.html
More information about the dhcp-users
mailing list