DHCP failover won't start

[Glenn Satchell]

>From: "Arno _" <r_no at hotmail.com>
>To: dhcp-users at isc.org
>Subject: Re: DHCP failover won't start
>Date: Tue, 04 Sep 2007 15:20:46 +0200
>
>I got that:
>primary:
>Sep  4 15:17:01 ns1 dhcpd: [ID 702911 daemon.info] Listening on
>DLPI/nge0/00:e0:81:5e:47:c4/172.24.1/24
>Sep  4 15:17:01 ns1 dhcpd: [ID 702911 daemon.info] Sending on
>DLPI/nge0/00:e0:81:5e:47:c4/172.24.1/24
>Sep  4 15:17:01 ns1 dhcpd: [ID 702911 daemon.info] Sending on
>Socket/fallback/fallback-net
>Sep  4 15:17:01 ns1 dhcpd: [ID 702911 daemon.info] failover peer
>dhcp-failover: I move from recover to startup
>Sep  4 15:17:16 ns1 dhcpd: [ID 702911 daemon.info] failover peer
>dhcp-failover: I move from startup to recover
>Sep  4 15:17:16 ns1 dhcpd: [ID 702911 daemon.info] failover: link startup
>timeout
>
>
>Failover:
>Sep  4 15:15:33 ns2 dhcpd: [ID 702911 daemon.info] failover peer
>dhcp-failover: I move from recover to startup
>Sep  4 15:15:33 ns2 dhcpd: [ID 702911 daemon.error] FAILOVER: option size
>(2:1), option TLS-request
>Sep  4 15:15:33 ns2 dhcpd: [ID 702911 daemon.info] message length wait:
>protocol error
>Sep  4 15:15:48 ns2 dhcpd: [ID 702911 daemon.info] failover peer
>dhcp-failover: I move from startup to recover
>Sep  4 15:15:48 ns2 dhcpd: [ID 702911 daemon.info] failover: link startup
>timeout
>Sep  4 15:17:01 ns2 dhcpd: [ID 702911 daemon.error] FAILOVER: option size
>(2:1), option TLS-request
>Sep  4 15:17:01 ns2 dhcpd: [ID 702911 daemon.info] message length wait:
>protocol error
>Sep  4 15:17:16 ns2 dhcpd: [ID 702911 daemon.info] failover: link startup
>timeout
>

Do the ports match on the primary and secondary now?

on primary port = 519 and peer port = 520
on secondary port = 520 and peer port = 519

or vice versa...

or both set to 520. They don't have to be different.

There is something wrong with ns2, in that it is not connecting on the
failover channel. Can you snoop port 520 (or 519) on both hosts while
starting dhcpd?

snoop -v tcp port 520 or port 519

regards,
-glenn