Getting Peer hold all free leases

Bob Harold rharolde at umich.edu
Tue Aug 17 14:09:21 UTC 2021 

With lots of subnets, all using failover, I see this error fairly often.  I
am using a vendor IPAM solution, so my fix is to remove the failover server
from the subnet config, push out new dhcpd.conf files, then put it back and
push again.  Under the covers, that actually does:
- Remove the subnet completely from the second server, and reload dhcpd.
The server will drop all the leases for that subnet since the subnet is
gone.
- Remove the "failover" line for that subnet on the primary server and
reload dhcp.
- Add the failover line back in and reload the primary.
- Add the subnet to the secondary again.

That is what works for me.

-- 
Bob Harold
DNS and DHCP Hostmaster - UMNet
Information and Technology Services (ITS)
rharolde at umich.edu


On Tue, Aug 17, 2021 at 9:57 AM Abdul Khader <akhader at gmail.com> wrote:

> Hi Kraishak
> Check the communication is happening on port 647 on both the servers using
> tcpdump -i any port 647
> Please also check if there are multiple entries my state and partner
> state. Feel both the servers are not in sync. Can you also check if the
> discovers from client is landing on both the servers ? If you are using
> split 128 then the traffic should land on both the Nodes. Check your ip
> helper (relay) to make sure it's configured to send to both the Nodes.
>
> Regards
>
>
> On Tue, 17 Aug 2021, 17:11 Kraishak Mahtha, <kraishak.edu at gmail.com>
> wrote:
>
>> Hi  Abdul Khader,
>>
>> I have declared as follows:
>>
>> Configuration file from primary
>> =========================
>> failover peer "peer-host" {
>>         primary;
>>         address 192.168.56.156;
>>         port 647;
>>         peer address 192.168.56.178;
>>         peer port 647;
>>         max-response-delay 30;
>>         max-unacked-updates 30;
>>         load balance max seconds 3;
>>         mclt 1800;
>>         split 128;
>> }
>> subnet 192.168.56.0 netmask 255.255.255.0 {
>>         pool {
>>                 failover peer "peer-host";
>>                 range 192.168.56.5 192.168.56.54;
>>         }
>>                 option domain-name "test.com";
>>                 option routers 192.168.56.1;
>>                 option subnet-mask 255.255.255.0;
>>         }
>>
>> Configuration file from failover
>> ======================
>> failover peer "peer-host" {
>>         secondary;
>>         address 192.168.56.178;
>>         port 647;
>>         peer address 192.168.56.156;
>>         peer port 647;
>>         max-response-delay 30;
>>         max-unacked-updates 30;
>>         load balance max seconds 3;
>> }
>> subnet 192.168.56.0 netmask 255.255.255.0 {
>>         pool {
>>                 failover peer "peer-host";
>>                 range 192.168.56.5 192.168.56.54;
>>         }
>>                 option domain-name "test.com";
>>                 option routers 192.168.56.1;
>>                 option subnet-mask 255.255.255.0;
>>         }
>>
>> On the primary log it shows as :* total 50  free 0  backup 0*
>> *Aug 17 17:15:48 dhcp1 dhcpd[12130]: peer peer-host: Got POOLREQ,
>> answering negatively!  Peer may be out of leases or database inconsistent.*
>>
>> but in the failover log it shows as
>> Aug 17 17:14:48 dhcp2 dhcpd[1902]: balancing pool bf05b0 192.168.56.0/24
>>   *total 50  free 50  backup 0  lts -25  max-own (+/-)5 * (requesting
>> peer rebalance!)
>> Aug 17 17:14:48 dhcp2 dhcpd[1902]: balanced pool bf05b0 192.168.56.0/24  total
>> 50  free 50  backup 0  lts -25  max-misbal 8
>>  pool response: 0 leases
>>
>> because of some reason the pool is not getting balanced between the
>> primary and failover
>>
>>
>> Also I have a problem in tracking my thread previously from *http://isc-dhcp-users
>> <http://isc-dhcp-users>* link I used to track and reply but now it is
>> not working, and tried searching the other links I found this *https://lists.isc.org/pipermail/dhcp-users/
>> <https://lists.isc.org/pipermail/dhcp-users/> *to track but I cannot see
>> a reply option in that web page
>>
>>
>>
>> On Tue, Aug 17, 2021 at 5:41 PM Kraishak Mahtha <kraishak.edu at gmail.com>
>> wrote:
>>
>>> Hi,
>>> I am using ISC DHCP in primary and failover mode and I am getting issue
>>> that clients are not getting leases and when I checked for the service logs
>>> I see as
>>> Primary Logs:
>>> ==========
>>> Aug 17 17:15:48 dhcp1 dhcpd[12130]: balancing pool f6f5f0
>>> 192.168.56.0/24  total 50  free 0  backup 0  lts 0  max-own (+/-)0
>>> Aug 17 17:15:48 dhcp1 dhcpd[12130]: balanced pool f6f5f0 192.168.56.0/24
>>>  total 50  free 0  backup 0  lts 0  max-misbal 0
>>> Aug 17 17:15:48 dhcp1 dhcpd[12130]: peer peer-host: Got POOLREQ,
>>> answering negatively!  Peer may be out of leases or database inconsistent.
>>>
>>> Failover Logs
>>> ==========
>>> Aug 17 17:14:48 dhcp2 dhcpd[1902]: balancing pool bf05b0 192.168.56.0/24
>>>  total 50  free 50  backup 0  lts -25  max-own (+/-)5  (requesting peer
>>> rebalance!)
>>> Aug 17 17:14:48 dhcp2 dhcpd[1902]: balanced pool bf05b0 192.168.56.0/24
>>>  total 50  free 50  backup 0  lts -25  max-misbal 8
>>>  pool response: 0 leases
>>>
>>> I tried searching the forums and many of them suggested that there might
>>> be inconsistency between the configuration file and leases database, I
>>> cross verified the configs they are good and regarding the leases file can
>>> we manually do any operation to make them in sync ?
>>>
>>> I tried checking the status of the primary and failover in the lease
>>> file but they are in normal-normal,
>>> cat dhcpd.leases | egrep "my state|partner state" | tail -2
>>>   my state normal at 2 2021/08/17 16:41:09;
>>>   partner state normal at 2 2021/08/17 17:01:17;
>>>
>>> Has anyone faced a similar issue/Any suggestions of how to fix the
>>> issue,
>>> Can we manually send requests for the DHCP service to do the pool
>>> balance and sync the leases for that specific subnet ?
>>>
>>>
>>> Any help/suggestion would be much appreciated
>>> Thanks
>>> Kraishak
>>>
>>>
>>> _______________________________________________
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20210817/381c7a82/attachment-0001.htm>

More information about the dhcp-users mailing list