DHCP Failover cluster uses MCLT value as lease time
Gordon Grubert
gordon.grubert+lists at uni-greifswald.de
Mon Feb 16 11:02:49 UTC 2015
Hi,
thx a lot to all for detailed explanations.
Best regards,
Gordon
On 16.02.2015 11:58, Glenn Satchell wrote:
> It's exactly as designed. The server hands out that initial lease without
> contacting the partner for performance reasons. This is from the
> dhcpd.conf man page:
>
> The mclt statement
>
> mclt seconds;
>
> The mclt statement defines the Maximum Client Lead Time.
> It must be specified on the primary, and may not be speci-
> fied on the secondary. This is the length of time for
> which a lease may be renewed by either failover peer
> without contacting the other.
>
> The draft-ietf-dhc-failover document goes into great detail describing how
> failover works, how lease times are managed, and why this is done. It's
> not included with the current ISC distribution, but can be easily
> downloaded separately from sites such as
> https://tools.ietf.org/html/draft-ietf-dhc-failover-12
>
> The dhcpd man page also has information on failover.
>
> regards,
> -glenn
> --
> Glenn Satchell | Today is the past
> Uniq Advances Pty Ltd http://www.uniq.com.au | that people in
> Mobile 0409 458 580 | the future will
> Member System Admin Guild http://www.sage-au.org.au | dream about.
>
>
> On Mon, February 16, 2015 8:19 pm, Gordon Grubert wrote:
>> Hello,
>>
>> we are using a common dhcp failover cluster like described on
>>
>> https://kb.isc.org/article/AA-00502/0/A-Basic-Guide-to-Configuring-DHCP-Failover.html
>>
>> on debian 7 and an ldap-based storage backend (dhcp server version
>> 4.2.2).
>>
>> We have configured a global lease time of 24h but our clients will got
>> a lease time of 30 minutes. Then, we traced the connection on the
>> client and the server side. We found, that both the servers send DHCP
>> OFFER packages where the lease time value is set with the MCLT value of
>> the failover cluster. We could reproduces this by setting arbitrary
>> MCLT values.
>>
>> Sending DHCP RENEW requests one after another, the server beginns to
>> send the correct lease time of 24h. But every time, when the client
>> send the initial DISCOVER, he gets a lease time which is the MCLT value
>> of the cluster.
>>
>> Is this is bug or a feature?
>>
>>
>> Here, the basic part of our configuration
>> =========================================
>>
>> Primary
>> *******
>>
>> authoritative;
>> max-lease-time 86400;
>> default-lease-time 86400;
>> failover peer "dhcp-failover" {
>> primary;
>> address IP-PRI;
>> port 519;
>> peer address IP-SEC;
>> peer port 520;
>> max-response-delay 30;
>> max-unacked-updates 10;
>> load balance max seconds 3;
>> mclt 1800;
>> split 128;
>> }
>> subnet x.y.z.0 netmask 255.255.255.0 {
>> option subnet-mask 255.255.255.0;
>> option domain-name "DOMAINNAME";
>> option routers x.y.z.1;
>> option broadcast-address x.y.z.255;
>> pool {
>> range x.y.z.50 x.y.z.109;
>> deny dynamic bootp clients;
>> failover peer "dhcp-failover";
>> }
>> }
>>
>>
>> Secondary
>> *********
>>
>> authoritative;
>> max-lease-time 86400;
>> default-lease-time 86400;
>> failover peer "dhcp-failover" {
>> secondary;
>> address IP-SEC;
>> port 520;
>> peer address IP-PRI;
>> peer port 519;
>> max-response-delay 30;
>> max-unacked-updates 10;
>> load balance max seconds 3;
>> }
>> subnet x.y.z.0 netmask 255.255.255.0 {
>> option subnet-mask 255.255.255.0;
>> option domain-name "DOMAINNAME";
>> option routers x.y.z.1;
>> option broadcast-address x.y.z.255;
>> pool {
>> range x.y.z.50 x.y.z.109;
>> deny dynamic bootp clients;
>> failover peer "dhcp-failover";
>> }
>> }
>>
>> Best regards,
>> Gordon
>> _______________________________________________
>> dhcp-users mailing list
>> dhcp-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/dhcp-users
>>
>
>
>
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
More information about the dhcp-users
mailing list