Expiring leases

[Stulic,Damjan]

My problem stems from the use of virtual ip.
While dhcpd listens on that ip, it sends out packets from physical ip.
Clients use that ip as their dhcp server. Then we swap servers, virtual
ip moves, but clients still use the old ip to communicate on t1 and t2.
so on lease expire they broadcast hit a new server and get a new lease.

As far as I know there is no know solution for "multiple ips per
interface" problem. Right?


Thanks,
Damjan Stulic
IS Security Identity Management
Edward Jones

-----Original Message-----
From: dhcp-users-bounce at isc.org [mailto:dhcp-users-bounce at isc.org] On
Behalf Of Glenn Satchell
Sent: Tuesday, March 25, 2008 6:27 AM
To: dhcp-users at isc.org
Subject: RE: Expiring leases

If you're using a class like this to match PXE clients, then turn off
dynamic dns updates for the pxe addresses:

class "pxe-clients" {
 match if substring (option vendor-class-identifier, 0, 9)="PXEClient";
 next-server tftpserver;
 # turn off dynamic dns updates for PXE addresses
 ddns-updates off;
}

If you do need DNS entries for PXE hosts, then put them in a different
domain by setting option server.ddns-domainname to a different
domainname (maybe pxe.yourdomain.com) in the class.

regards,
-glenn

>Subject: RE: Expiring leases
>Date: Tue, 25 Mar 2008 10:37:34 +1100
>From: "Lowrie, Paul" <paul.lowrie at nz.unisys.com>
>To: <dhcp-users at isc.org>
>
>Hi Damian,
> 
>Yes - Ive had this problem (and still working on a solution). it goes
>like this.
> 
>Two servers in failover pair and a  PC with PXEboot still enabled.
> 
>   PXEboot request from PC is given address "ABCD" by "Server-1"
>   Server-1 puts PC=ABCD and ABCD=PC into DNS
> 
>   PC keeps booting....
> 
>   OS Boot request from PC is given "EFGH"  by "Server-2"
> 
>   DHCP has "one_lease_per_client on;"...
>   Server 2 tells  Server-1 that  PC now= EFGH,   so
>   Server-1 removes the entries given for "PC=ABCD" and :"ABCD=PC" from
>the DNS.
>    
>    End result - PC has a valid lease and there is nothing in the DNS -
>aaagh!
>   
>Crux is that this isnt considered a fault as according to "the
>specficiations" and other dialogue in this mail list this is a design
>feature.
>    The OS-boot boot packet is sent with a client-identifier
>    The PXEboot packet is sent without this identifier,
>Therefore "according to the specification" these are different NIC's so
>should be given different leases
> 
>Cheers  & Good Luck
>Paul:)
> 
>
> All,
>
>Setup: two peered servers.
>
>Problem: occasional lost of dns data due to lease expiration.
>Looks like workstation omits T1 and T2 communication, and renews its
>lease at T3. Well, one peer adds dns data. The other find the lease
>expired and removes dns data a split second after the lease was
granted.
>
>Anybody with similar problem? Any help would be appreciated!
>
>
>Log snips:
>Mar  3 08:28:57 s_sys at tlpgbrdns-2.edj.ad.edwardjones.com dhcpd: Added
>new forward map from USU41602D1.b22838.branches.edwardjones.com to
>10.145.101.200
>
>Mar  3 08:28:57 s_sys at nlpgbrdns-1.edj.ad.edwardjones.com dhcpd: if
>USU41602D1.b22838.branches.edwardjones.com IN TXT
>"312e461c3d4bf095111c87d30e4f30e7f2" rrset exists and
>USU41602D1.b22838.branches.edwardjones.com IN A 10.145.101.200 rrset
>exists delete USU41602D1.b22838.branches.edwardjones.com IN A
>10.145.101.200: success.
>
>
>
>
>Damjan Stulic
>IS Security Identity Management
>Edward Jones
>
>If you are not the intended recipient of this message (including
>attachments), or if \
>you have received this message in error, immediately notify us and
>delete it and any \
>attachments.  If you no longer wish to receive e-mail from Edward
Jones,
>please send \
>this request to messages at edwardjones.com.  You must include the e-mail
>address that \
>you wish not to receive e-mail communications.  For important
additional
>information \
>related to this e-mail, visit www.edwardjones.com/US_email_disclosure
>
>
>