Frustrated DHCP failover not working.. :(

Rob Morin rmorin at datavalet.com
Wed Feb 10 16:36:20 UTC 2016


Hey Simon, sorry if most post was confusing a bit...

dhcp-2 server is new and has all the new hardware and is running version 
4.3.3-p1 as well as dhcp-1

Currently dhcp-1 daemon is not running, dhcp-2 is running and giving out 
leases just fine, but in "stand alone" mode, meaning failover is not 
configured.

What i need to do is re-config dhcp-2 to be the secondary in a failover 
mode, which would be just commentating the line in the dhcpd.conf file 
that tells it that ir is the secondary, and then add dhcp-1 to the mix.

But when i tried this last night, after restarting dhcp-2, i saw many 
lines in the log saying...
Feb 10 05:46:44 dhcp-2 dhcpd: DHCPDISCOVER from b8:44:d9:b8:1b:f4 via 
10.51.168.1: peer holds all free leases
Feb 10 05:46:44 dhcp-2 dhcpd: DHCPDISCOVER from cc:78:5f:6d:8a:73 via 
10.33.169.1: peer holds all free leases
Feb 10 05:46:44 dhcp-2 dhcpd: DHCPDISCOVER from c0:ce:cd:14:3f:d8 via 
10.35.167.1: peer holds all free leases
Feb 10 05:46:44 dhcp-2 dhcpd: DHCPDISCOVER from 90:8d:6c:96:a4:57 via 
10.48.5.1: peer holds all free leases
Feb 10 05:46:44 dhcp-2 dhcpd: DHCPDISCOVER from 10:1c:0c:40:5f:3a via 
10.41.158.1: peer holds all free leases
Feb 10 05:46:44 dhcp-2 dhcpd: DHCPDISCOVER from 34:12:98:76:5c:66 via 
10.42.148.1: peer holds all free leases
Feb 10 05:46:44 dhcp-2 dhcpd: DHCPDISCOVER from bc:4c:c4:ad:22:57 via 
10.32.73.1: peer holds all free leases
Feb 10 05:46:44 dhcp-2 dhcpd: DHCPDISCOVER from 00:08:ca:70:76:81 via 
10.51.22.1: peer holds all free leases

While this was going on dhcp-1 was not started yet...
So i started to panic a bit.... :)
I went over to dhcp-1 and started it and its log showed this...


Feb 10 05:46:56 dhcp-1 dhcpd: failover peer dhcp-failover: peer update 
completed.
Feb 10 05:46:56 dhcp-1 dhcpd: failover peer dhcp-failover: I move from 
recover to recover-wait

So i panicked once again, shut down dhcp-1 and went over to dhcp-2 and 
told it that partner was down via omshell
and then it started to give out leases again.

To be safe i then stopped dhcp-2 and made it stand alone again restarted 
and leases were being given out ok..

But now i was thinking , maybe i should have waited for mclt time to 
expire??

Argg!! Maybe all was well and i jumped the gun to early???


Rob Morin
Gestionnaire des systèmes | Senior Systems Administrator
Tel: 514 385-4448 #174
DATAVALET.COM
5275, chemin Queen-Mary, Montréal (Québec) H3W 1Y3 Canada
  
CE COURRIEL AINSI QUE CES DOCUMENTS JOINTS peuvent contenir des renseignements confidentiels et privilégiés. Si vous n’êtes pas le destinataire désigné, veuillez nous en informer immédiatement et effacer toute copie. Merci.
THIS EMAIL AND THE DOCUMENTS ATTACHED may contain privileged or confidential information. If the reader of this message is not the intended recipient, please notify the sender immediately and delete the original message. Thank you.

On 2016-02-10 10:52 AM, Simon Hobson wrote:
> Rob Morin <rmorin at datavalet.com> wrote:
>
>> What was done is the following….
>>   
>> I made both our  dhcp-1(primary) and our dhcp-2(secondary) into stand alone mode(no fail over) , I know this might have not been the correct way to do this, but at the time it seemed practical.
>> We then configured our clients controllers to go half to dhcp-1 and half to dhcp-2
>> This worked fine.
>> We then gradually moved, over the course of a couple days,  all the client controllers to go only to dhcp-2 server, so at that point all controllers were going to dhcp-2 only.
>> This was working fine.
> What I would have suggested was :
> Just stop server 1 and put server 2 into partner down mode (or remove it's failover config. Clients with a lease from server 1 would try and renew directly for a while, then finally broadcast a request for the address in use. At this point, server2 would answer and the client would "switch servers" without changing address.
>
>> I then swapped out dhcp-1 server for a more updated one, with the above mentioned specs.
> So server1 is now a newer version than server 2 ? I'm not really familiar with failover, but I suspect that there may well be some compatibility issues between different versions - especially if one of them is 4 years old.
>
> I would be inclined to suggest migrating clients to the new server, then upgrade server2. The quick and easy way to do this is to :
> Do not even start server 1 (or just nuke it's leases file), stop server 2, copy the leases file from server2 to server 1, start server 1 and make sure that server2 can't be accidentally started.
>
>
> If you don't want this big-bang change, then it can be done by (assuming you don't have the luxury of a huge address space) :
> Start up server 1 with a small pool that does not overlap with the pool in use by server 2. You need to reduce the lease length offered by server 2.
> Incrementally, decrease the size of the pool offered by server 2, and increase the size of the pool offered by server 1 - always allowing all leases in the freed up space on server2 to expire before adding the range to server 1. The more spare addresses you have, the faster you can do this. After a while, all clients are using server 1.
>
> You can avoid clients address churn by taking advantage of an undocumented behaviour in the code (warning: undocumented and not guaranteed to never change without warning). The ISC server allocated "never used" addresses from the top down - ie higher addresses first. This is just an artifact of the hashing process.
> So if you put the new range used by server1 higher (numerically) than server 2, any new clients looking for a lease will get addresses from this range. But if you remove addresses from the top of the range offered by server 2 and immediately add them to the bottom of the range offered by server1, clients will keep the same address as they switch servers. Because new clients will get addresses at the top of the range, there's a fairly good chance you'll avoid any conflicts.
>
>
> Finally, you can upgrade server2. When you've done that, add the failover config and let it sync the client data from server 1.
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users



More information about the dhcp-users mailing list