<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 05/19/2016 10:43 AM, brendan kearney
wrote:<br>
</div>
<blockquote
cite="mid:CAARxGtg-VYJzR4zeuBUFc3ZR9zPOgKmeGL-t7XJjNa8--ny-wQ@mail.gmail.com"
type="cite">
<p dir="ltr">I was figuring that to be the case. There is a
startup debug file I can write out to, and will review that
again. I do notice that formatting (line terminators,
whitespace , etc) doesnt seem very clean but I am not sure if
that makes a difference.</p>
<div class="gmail_quote">On May 19, 2016 9:25 AM, "dave c" <<a
moz-do-not-send="true" href="mailto:dhcp@gvtc.drakkar.org">dhcp@gvtc.drakkar.org</a>>
wrote:<br type="attribution">
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">I've not
tried moving config to ldap myself, but it sounds like the key
indicator is that message when you were testing the leases
file against the ldap config with the -T... that no subnets
were found.<br>
<br>
Then when you made the config active, it sounded like the
subnets couldn't be found in the config and as a result the
devices that had active leases were NAKed and no leases were
being issued.<br>
<br>
I don't know if there is a way to have dhcp pull out the
configs it acquired from LDAP and display them so you can
verify what it's seeing... but the likeliest scenario is that
it has enough knowledge and visibility to test clean when
using ldap, but not have the shared networks and subnets
defined to anchor the leases.<br>
<br>
Dave<br>
<br>
On 5/18/16 18:17, Brendan Kearney wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
running fedora 20, dhcp 4.2.7 (i will be upgrading to f24
shortly after it comes out)<br>
<br>
i have put a bunch of effort into setting up ldap to house
my configs and all of the directives<br>
in my conf file(s) are in ldap at this point. if i run the
below:<br>
<br>
dhcpd -4 -f -t -cf /etc/dhcp/dhcpd.conf.ldap bond0<br>
<br>
i get:<br>
<br>
Internet Systems Consortium DHCP Server 4.2.7<br>
Copyright 2004-2014 Internet Systems Consortium.<br>
All rights reserved.<br>
For info, please visit <a moz-do-not-send="true"
href="https://www.isc.org/software/dhcp/" rel="noreferrer"
target="_blank">https://www.isc.org/software/dhcp/</a><br>
<br>
it seems that no issues exist in the config, as housed in
ldap. if i run the same command with<br>
a -T, to test the leases file, every IP in all subnets,
pools, etc is reported with the below line:<br>
<br>
lease 192.168.xxx.xxx: no subnet.<br>
<br>
the subnet definition exists in ldap, so i dont know what
this might be. a nuance with the<br>
lease file, maybe? any pointers would be appreciated.<br>
<br>
now, when i cutover from conf files to ldap, what is the
proper procedure? i tried to do so<br>
already, and all sorts of problems came from it. existing
leases were getting NAK responses for<br>
renewals, and new leases were not being given out. i even
wound up with "peer holds all free<br>
leases" errors from both servers.<br>
<br>
i stopped both instances, changed the conf files from static
files to a config pointing to ldap<br>
for configs, and started one instance. i waited a minute or
so and started the second instance.<br>
<br>
i also stopped both instances and removed the leases files
from both servers and restarted. in<br>
no scenario was i able to get leases to start being handed
out. because the network is a lab<br>
network, i dont have any real requirement for things to stay
online at all times.<br>
<br>
am i missing something in my approach? are there best
practices to perform such a change?<br>
<br>
thanks in advance,<br>
<br>
brendan<br>
_______________________________________________<br>
dhcp-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:dhcp-users@lists.isc.org" target="_blank">dhcp-users@lists.isc.org</a><br>
<a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/dhcp-users"
rel="noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a><br>
</blockquote>
<br>
-- <br>
Dave Calafrancesco<br>
_______________________________________________<br>
dhcp-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:dhcp-users@lists.isc.org" target="_blank">dhcp-users@lists.isc.org</a><br>
<a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/dhcp-users"
rel="noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a><br>
</blockquote>
</div>
</blockquote>
i found the issue with the leases. it turns out that for some
reason you have to define one pool in a subnet (looks like the first
enumerated pool) using the dhcpPoolDN attribute. oddly, all other
pools are found and dont require you to explicit define them.<br>
<br>
anyway, the tests come back clean now and i restarted using ldap for
my configs. again, the NAK and "peer holds all free
leases" errors from both servers started again. i have switched
back, but what should i be looking for now?
</body>
</html>