<div dir="ltr">Hello,<div><br></div><div>For the life of me, I am unable to figure out why my 2 dhcp servers will not talk to each other. I have done multiple searches and poured through as much as the list archives as I could to see if anyone else has run into this. Either I am poor at searching or I'm just unlucky in trying to find anything.</div><div><br></div><div>None of this is production yet, I have set up an internal test to see how exactly dhcp failover will work and will it work with a physical server onsite and a virtual server as its backup. I have checked IP routing and firewalls and have seen nothing to stop them. Both machines are running Centos 6.5.</div><div><br></div><div>Everything starts up, everything seems to be going OK, and my servers will just set at</div><div><br></div><div><div>Oct 28 10:09:55 dhcpd: failover peer dhcp: I move from recover to startup</div><div>Oct 28 10:10:10 dhcpd: failover peer dhcp: I move from startup to recover</div></div><div><br></div><div>And nothing more. I have let this sit for a couple of days as well to see if the states will change, however, that has done nothing either. I have for the life me cannot figure out why this is. I know the boxes can reach other, I can ssh into either from either box, I can reach either server through omshell just fine as well. Which through omshell forcing the state change seems to do nothing for me as well.</div><div><br></div><div>Here is how my Primary and Secondary are set up. If I have missed anything, please let me know. Thanks in advance for advice and guidance.</div><div><br></div><div><b>**** Primary Server ****</b></div><div><br></div><div><b>dhcpd.conf</b></div><div><br></div><div><div>authoritative;</div><div>default-lease-time 3600;</div><div>max-lease-time 3600;</div><div><br></div><div># OMAPI Setup</div><div><br></div><div>omapi-port 7911;</div><div>omapi-key omapi_key;</div><div><br></div><div>key omapi_key {</div><div> algorithm hmac-md5;</div><div> secret hey a key;</div><div> }</div><div><br></div><div># Failover Configuration</div><div><br></div><div>failover peer "dhcp" {</div><div> primary;</div><div> address <a href="http://dhcp.example.net">dhcp.example.net</a>;</div><div> port 647;</div><div> peer address <a href="http://dhcp2.example.net">dhcp2.example.net</a>;</div><div> port 647;</div><div> max-response-delay 60;</div><div> max-unacked-updates 10;</div><div> mclt 3600;</div><div> split 128;</div><div> load balance max seconds 3;</div><div>}</div><div><br></div><div># Stub to make DHCP to start</div><div><br></div><div>subnet xxx.xxx.xxx.xxx netmask 255.255.255.0 {}</div><div><br></div><div># DHCP Declarations</div><div><br></div><div>subnet 172.16.101.0 netmask 255.255.255.0 {</div><div> option routers 172.16.101.1;</div><div> option subnet-mask 255.255.255.0;</div><div> pool {</div><div> failover peer "dhcp";</div><div> range 172.16.101.2 172.16.101.254;</div><div> deny dynamic bootp clients;</div><div> }</div><div>}<br></div><div><br></div><div><b>/etc/shorewall/rules</b></div><div><br></div><div><div>#DHCP Failover</div><div>ACCEPT net fw tcp 647</div><div>ACCEPT net fw tcp 67,68,69</div><div>ACCEPT net fw udp 67,68,69</div></div><div><br></div><div><b>/var/log/messages</b></div><div><br></div><div><div>Oct 28 10:09:55 dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1</div><div>Oct 28 10:09:55 dhcpd: Copyright 2004-2010 Internet Systems Consortium.</div><div>Oct 28 10:09:55 dhcpd: All rights reserved.</div><div>Oct 28 10:09:55 dhcpd: For info, please visit <a href="https://www.isc.org/software/dhcp/">https://www.isc.org/software/dhcp/</a></div><div>Oct 28 10:09:55 dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file</div><div>Oct 28 10:09:55 dhcpd: Wrote 0 leases to leases file.</div><div>Oct 28 10:09:55 dhcpd: Listening on LPF/eth0/00:25:90:6c:cf:90/<a href="http://137.118.48.0/24">137.118.48.0/24</a></div><div>Oct 28 10:09:55 dhcpd: Sending on LPF/eth0/00:25:90:6c:cf:90/<a href="http://137.118.48.0/24">137.118.48.0/24</a></div><div>Oct 28 10:09:55 dhcpd: Sending on Socket/fallback/fallback-net</div><div>Oct 28 10:09:55 dhcpd: failover peer dhcp: I move from recover to startup</div><div>Oct 28 10:10:10 dhcpd: failover peer dhcp: I move from startup to recover</div></div><div><br></div><div><b>/var/lib/dhcpd/dhcpd.leases</b></div><div><b><br></b></div><div><div># The format of this file is documented in the dhcpd.leases(5) manual page.</div><div># This lease file was written by isc-dhcp-4.1.1-P1</div><div><br></div><div><br></div><div>failover peer "dhcp" state {</div><div> my state recover at 4 2014/10/23 19:51:14;</div><div> partner state unknown-state at 4 2014/10/23 19:51:14;</div><div>}</div><div>server-duid "\000\001\000\001\033\334\030\262\000%\220l\317\220";</div><div><br></div><div><br></div><div>failover peer "dhcp" state {</div><div> my state recover at 4 2014/10/23 19:51:14;</div><div> partner state unknown-state at 4 2014/10/23 19:51:14;</div><div>}</div><div><br></div><div>failover peer "dhcp" state {</div><div> my state recover at 4 2014/10/23 19:51:14;</div><div> partner state unknown-state at 4 2014/10/23 19:51:14;</div><div>}</div></div><div><br></div><div><b>**** Secondary Server ****</b></div><div><br></div><div><b>dhcpd.conf</b></div><div><br></div><div><div>authoritative;</div><div>default-lease-time 3600;</div><div>max-lease-time 3600;</div><div><br></div><div># OMAPI Setup</div><div><br></div><div>omapi-port 7911;</div><div>omapi-key omapi_key;</div><div><br></div><div>key omapi_key {</div><div> algorithm hmac-md5;</div><div> secret hey a key;</div><div> }</div><div><br></div><div># Failover Configuration</div><div><br></div><div>failover peer "dhcp" {</div><div> secondary;</div><div> address <a href="http://dhcp2.example.net">dhcp2.example.net</a>;</div><div> port 647;</div><div> peer address <a href="http://dhcp.example.net">dhcp.example.net</a>;</div><div> port 647;</div><div> max-response-delay 60;</div><div> max-unacked-updates 10;</div><div> mclt 3600;</div><div> load balance max seconds 3;</div><div>}</div><div><br></div><div># DHCP Declarations</div><div><br></div><div>#stub to make DHCP start</div><div>subnet xxx.xxx.xxx.xxx netmask 255.255.255.0 {}</div><div><br></div><div>subnet 172.16.101.0 netmask 255.255.255.0 {</div><div> option routers 172.16.101.1;</div><div> option subnet-mask 255.255.255.0;</div><div> pool {</div><div> failover peer "dhcp";</div><div> range 172.16.101.2 172.16.101.254;</div><div> deny dynamic bootp clients;</div><div> }</div><div>}</div></div><div><br></div><div><b>/etc/shorewall/rules</b></div><div><b><br></b></div><div><div>#DHCP Failover</div><div>ACCEPT net fw tcp 647</div><div>ACCEPT net fw tcp 67,68,69</div><div>ACCEPT net fw udp 67,68,69</div></div><div><br></div><div><b>/var/log/messages</b></div><div><b><br></b></div><div><div>Oct 28 10:09:57 dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1</div><div>Oct 28 10:09:57 dhcpd: Copyright 2004-2010 Internet Systems Consortium.</div><div>Oct 28 10:09:57 dhcpd: All rights reserved.</div><div>Oct 28 10:09:57 dhcpd: For info, please visit <a href="https://www.isc.org/software/dhcp/">https://www.isc.org/software/dhcp/</a></div><div>Oct 28 10:09:57 dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file</div><div>Oct 28 10:09:57 dhcpd: Wrote 0 leases to leases file.</div><div>Oct 28 10:09:57 dhcpd: Listening on LPF/eth0/00:50:56:02:08:00/<a href="http://137.118.42.0/24">137.118.42.0/24</a></div><div>Oct 28 10:09:57 dhcpd: Sending on LPF/eth0/00:50:56:02:08:00/<a href="http://137.118.42.0/24">137.118.42.0/24</a></div><div>Oct 28 10:09:57 dhcpd: Sending on Socket/fallback/fallback-net</div><div>Oct 28 10:09:57 dhcpd: failover peer dhcp: I move from recover to startup</div><div>Oct 28 10:10:12 dhcpd: failover peer dhcp: I move from startup to recover</div></div><div><br></div><div><b>/var/lib/dhcpd/dhcpd.leases</b></div><div><b><br></b></div><div><div style># The format of this file is documented in the dhcpd.leases(5) manual page.</div><div style># This lease file was written by isc-dhcp-4.1.1-P1</div><div style><br></div><div style><br></div><div style>failover peer "dhcp" state {</div><div style> my state recover at 4 2014/10/23 19:51:14;</div><div style> partner state unknown-state at 4 2014/10/23 19:51:14;</div><div style> mclt 3600;</div><div style>}</div><div style>server-duid "\000\001\000\001\033\334\030\262\000PV\002\010\000";</div><div style><br></div><div style><br></div><div style>failover peer "dhcp" state {</div><div style> my state recover at 4 2014/10/23 19:51:14;</div><div style> partner state unknown-state at 4 2014/10/23 19:51:14;</div><div style> mclt 3600;</div><div style>}</div><div style><br></div><div style>failover peer "dhcp" state {</div><div style> my state recover at 4 2014/10/23 19:51:14;</div><div style> partner state unknown-state at 4 2014/10/23 19:51:14;</div><div style> mclt 3600;</div><div style>}</div></div><div><br></div>-- <br><div dir="ltr">Jonathan Labbé<div><br></div><div><div><br></div></div></div>
</div></div>