<div dir="ltr"><div dir="ltr"><br></div><div class="gmail_quote"><div dir="ltr">On Tue, Dec 25, 2018 at 4:24 AM Eugene Grosbein <<a href="mailto:eugen@grosbein.net">eugen@grosbein.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi!<br>
<br>
I run two ISC DHCP Servers version 4.3.5 in failover mode.<br>
<br>
They have been running just fine for several years being upgraded from time to time<br>
until recently I found that first one runs in "partner-down" state<br>
and second in "shutdown" state despite of tcp/647 control connection<br>
in perfectly working state and data running over it according to tcpdump.<br>
<br>
They were running in such state for very long time (over a year) and<br>
I have no old logs to check due to log rotation. At the moment,<br>
second server added "not responding (shut down)" to DHCPDISCOVER/DHCPREQUEST<br>
lines written to its log.<br>
<br>
I tried to resolve the issue by stopping second dhcpd completely<br>
and starting it again. At start, it wrote to the log:<br>
<br>
dhcpd: failover peer default: I move from shutdown to startup<br>
<br>
Then it connected its control connection tcp/647 to second server,<br>
exchanged some data over the connection, appended to dhcpd.leases file:<br>
<br>
failover peer "default" state {<br>
my state shutdown at 4 2017/03/30 02:17:13;<br>
partner state partner-down at 4 2017/03/30 02:17:13;<br>
mclt 60;<br>
}<br>
<br>
Then it wrote to the log:<br>
<br>
dhcpd: failover peer default: I move from startup to shutdown<br>
<br>
And things settle again in same state.<br>
<br>
Restart of first server did not help either.<br>
<br>
I was forced to stop both of servers for short time, manually delete all<br>
"failover" records quoted above from both dhcpd.leases files<br>
and start servers again. Only then both servers got to "normal" state<br>
(editing only one of dhcpd.leases files did not help).<br>
<br>
My question: why did servers stuck in partner-down/shutdown state "forever"<br>
and could not get from it without manual intervention despite of perfectly working<br>
control TCP connection? Is this problem fixed in recent versions?<br>
<br>
Here is dhcpd.conf of first server:<br>
<br>
# default ports tcp/647<br>
<br>
failover peer "default" {<br>
primary;<br>
address 62.231.191.161;<br>
peer address 62.231.191.174;<br>
max-response-delay 60;<br>
max-unacked-updates 10;<br>
mclt 60;<br>
split 128;<br>
auto-partner-down 60;<br>
load balance max seconds 3;<br>
}<br>
<br>
subnet 62.231.191.160 netmask 255.255.255.252 {}<br>
include "/usr/local/etc/dhcpd.master";<br>
<br>
Second server uses same configuraton except of IP addresses<br>
and it uses identical dhcpd.master file containin rest of configuration.<br>
<br></blockquote><div><br></div><div>When you say " Second server uses same configuraton ", I hope you did not accidentally mark both as "primary".</div><div>Here is the config on one of my pairs, for comparision:</div><div><br></div><div>-------- first server ------------<br><br>failover peer "mydhcppair1"<br>{<br> primary;<br> address 141.211.147.232;<br> port 847;<br> peer address 141.211.147.248;<br> peer port 647;<br> max-response-delay 60;<br> max-unacked-updates 10;<br> mclt 1800;<br> split 128;<br> load balance max seconds 3;<br>}<br><br><br>-------- second server ------------<br><br>failover peer "mydhcppair1"<br>{<br> secondary;<br> address X.X.X.248;<br> port 647;<br> peer address X.X.X.232;<br> peer port 847;<br> max-response-delay 60;<br> max-unacked-updates 10;<br> load balance max seconds 3;<br>}<br><br>Note that "mclt" and "split" can only be specified on the primary.<br></div><div><br></div><div>-- </div><div>Bob Harold</div><div><br></div></div></div>