cutover from conf file to ldap

dave c dhcp at gvtc.drakkar.org
Thu May 19 13:25:06 UTC 2016 

I've not tried moving config to ldap myself, but it sounds like the key indicator is that 
message when you were testing the leases file against the ldap config with the -T... that no 
subnets were found.

Then when you made the config active, it sounded like the subnets couldn't be found in the 
config and as a result the devices that had active leases were NAKed and no leases were being 
issued.

I don't know if there is a way to have dhcp pull out the configs it acquired from LDAP and 
display them so you can verify what it's seeing... but the likeliest scenario is that it has 
enough knowledge and visibility to test clean when using ldap, but not have the shared networks 
and subnets defined to anchor the leases.

Dave

On 5/18/16 18:17, Brendan Kearney wrote:
> running fedora 20, dhcp 4.2.7 (i will be upgrading to f24 shortly after it comes out)
>
> i have put a bunch of effort into setting up ldap to house my configs and all of the directives
> in my conf file(s) are in ldap at this point.  if i run the below:
>
> dhcpd -4 -f -t -cf /etc/dhcp/dhcpd.conf.ldap bond0
>
> i get:
>
> Internet Systems Consortium DHCP Server 4.2.7
> Copyright 2004-2014 Internet Systems Consortium.
> All rights reserved.
> For info, please visit https://www.isc.org/software/dhcp/
>
> it seems that no issues exist in the config, as housed in ldap.  if i run the same command with
> a -T, to test the leases file, every IP in all subnets, pools, etc is reported with the below line:
>
> lease 192.168.xxx.xxx: no subnet.
>
> the subnet definition exists in ldap, so i dont know what this might be.  a nuance with the
> lease file, maybe?  any pointers would be appreciated.
>
> now, when i cutover from conf files to ldap, what is the proper procedure?  i tried to do so
> already, and all sorts of problems came from it.  existing leases were getting NAK responses for
> renewals, and new leases were not being given out.  i even wound up with "peer holds all free
> leases" errors from both servers.
>
> i stopped both instances, changed the conf files from static files to a config pointing to ldap
> for configs, and started one instance. i waited a minute or so and started the second instance.
>
> i also stopped both instances and removed the leases files from both servers and restarted.  in
> no scenario was i able to get leases to start being handed out.  because the network is a lab
> network, i dont have any real requirement for things to stay online at all times.
>
> am i missing something in my approach?  are there best practices to perform such a change?
>
> thanks in advance,
>
> brendan
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users

-- 
Dave Calafrancesco

More information about the dhcp-users mailing list