Send dhcp-users mailing list submissions to
dhcp-users@lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
dhcp-users-requ...@lists.isc.org
You can reach the person managing the list at
dhcp-users-ow...@lists.isc.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."
Today's Topics:
1. Re: Question (Gregory Sloop)
2. Re: Question (Leslie Rhorer)
----------------------------------------------------------------------
Message: 1
Date: Thu, 2 Jun 2022 21:30:19 -0700
From: Gregory Sloop <gr...@sloop.net>
To: dhcp-users@lists.isc.org
Subject: Re: Question
Message-ID: <15810207371.20220602213...@sloop.net>
Content-Type: text/plain; charset="utf-8"
I'm not at all sure your servers are running well, or that they're handling
leases the way you think.
?
One probably trivial thing.
In the config you sent, you have a very odd split, of zero.
That forces all the balance to one side. Toward the secondary, IIRC. Perhaps
you're only testing something I don't know. I think 128 is a "normal" split. (I
don't think there's any good reason not to balance them evenly - at least I've
never heard a use case that made sense.)
?
More toward things that sure seem like symptoms of your peers not communicating
properly.
?
In the logs;
Do you see the two peers go to "normal" when you start them both up. And
interrupted when one is down?
something like:
failover peer dhcp-failover: peer moves from normal to
communications-interrupted?
failover peer dhcp-failover: I move from startup to normal?
failover peer dhcp-failover: peer moves from communications-interrupted to
normal?
failover peer dhcp-failover: Both servers normal?
?
Are you seeing balance messages every hour as the two re-balance the available
lease pool?
?
You say they are both handling leases properly, but how do you know this? (That
a machine gets a lease from somewhere is not good evidence.)
?
A packet capture in front of the secondary might be helpful to see what traffic
is passing - both to the peer and to clients.
?
(I hate making captures, at least as much as the next person, but dang if they
don't, nearly always, show something that was different than I assumed. So,
I've just gotten a lot less averse to getting captures. Yeah, they'll probably
take me extra time to setup and get and paw through, [all when I could be
fixin' stuff!] but they can save hours or days of fruitless searching for a
fix, when I don't even really *know* what's wrong yet. Don't know about anyone
else, but fixing problems gets a whole lot easier when I actually know what's
wrong, or at least have a good idea what's going on. :)
?
-Greg
??
> ??? I don't think so.? The secondary server seems to have gone completely
> silent, now, but I am getting a ton of them on the primary server, now.
> On 6/2/2022 8:06 PM, Richard L. Hamilton wrote:
>> https://serverfault.com/questions/313008/isc-dhcp-fails-to-sync-leases-between-peers
>> Probably the two DHCP servers weren?t able to talk to each other, not
>> surprising when one was having problems.
>>> On Jun 2, 2022, at 7:42 PM, Leslie Rhorer <lesrho...@siliconventures.net>
>>> wrote:
>>> ??? During troubleshooting of my recent issue, I got tons of duplicates of
>>> errors like the following.? They seem to have stopped, now, but I am
>>> curious what they meant.
>>> Jun? 1 00:31:56 Backup dhcpd[15785]: DHCPDISCOVER from 60:01:94:f0:41:48
>>> via enp11s0: not responding (recovering)
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20220602/1639907f/attachment-0001.htm>
------------------------------
Message: 2
Date: Fri, 3 Jun 2022 00:03:10 -0500
From: Leslie Rhorer <lesrho...@siliconventures.net>
To: dhcp-users@lists.isc.org
Subject: Re: Question
Message-ID: <9defc526-da64-2138-4d2f-275df151e...@siliconventures.net>
Content-Type: text/plain; charset=UTF-8; format=flowed
On 6/2/2022 11:15 PM, Glenn Satchell wrote:
> Hi Leslie,
>
> You've got "split 0" in the failover section - this causes dhcpd to
> prefer one of the servers for all renewals, so this might be a reason
> only one server is logging any renewals. "split 128" does a 50-50
> balance between the servers and is the more common setting.
??? OK.? I updated the value on both, but now there seems to be some
more issues on the secondary:
Jun? 2 23:42:28 Backup dhcpd[70596]: Internet Systems Consortium DHCP
Server 4.4.1
Jun? 2 23:42:28 Backup dhcpd[70596]: Copyright 2004-2018 Internet
Systems Consortium.
Jun? 2 23:42:28 Backup dhcpd[70596]: All rights reserved.
Jun? 2 23:42:28 Backup dhcpd[70596]: For info, please visit
https://www.isc.org/software/dhcp/
Jun? 2 23:42:28 Backup dhcpd[70602]: Internet Systems Consortium DHCP
Server 4.4.1
Jun? 2 23:42:28 Backup dhcpd[70602]: Copyright 2004-2018 Internet
Systems Consortium.
Jun? 2 23:42:28 Backup dhcpd[70602]: All rights reserved.
Jun? 2 23:42:28 Backup dhcpd[70602]: For info, please visit
https://www.isc.org/software/dhcp/
Jun? 2 23:42:28 Backup dhcpd[70602]: Wrote 0 deleted host decls to
leases file.
Jun? 2 23:42:28 Backup dhcpd[70602]: Wrote 0 new dynamic host decls to
leases file.
Jun? 2 23:42:28 Backup dhcpd[70602]: Wrote 0 leases to leases file.
Jun? 2 23:42:28 Backup dhcpd[70602]: failover peer dhcp-failover: I move
from recover to startup
Jun? 2 23:42:28 Backup dhcpd[70602]: Server starting service.
Jun? 2 23:42:28 Backup dhcpd[70602]: Failover CONNECTACK from
dhcp-failover: already connected
Jun? 2 23:42:28 Backup dhcpd[70602]: failover peer dhcp-failover: peer
moves from unknown-state to recover
Jun? 2 23:42:28 Backup dhcpd[70602]: failover peer dhcp-failover:
requesting full update from peer
Jun? 2 23:42:28 Backup dhcpd[70602]: failover peer dhcp-failover: I move
from startup to recover
Jun? 2 23:42:28 Backup dhcpd[70602]: dhcp_failover_put_message:
something went wrong.
Jun? 2 23:42:28 Backup dhcpd[70602]: peer dhcp-failover: disconnected
Jun? 2 23:42:33 Backup dhcpd[70602]: Failover CONNECTACK from
dhcp-failover: already connected
Jun? 2 23:42:33 Backup dhcpd[70602]: failover peer dhcp-failover: peer
moves from recover to recover
Jun? 2 23:42:33 Backup dhcpd[70602]: failover peer dhcp-failover:
requesting full update from peer
Jun? 2 23:42:33 Backup dhcpd[70602]: dhcp_failover_put_message:
something went wrong.
Jun? 2 23:42:33 Backup dhcpd[70602]: peer dhcp-failover: disconnected
Jun? 2 23:42:33 Backup dhcpd[70602]: Failed to send update request all
message to dhcp-failover: socket is not connected
Jun? 2 23:42:38 Backup dhcpd[70602]: Failover CONNECTACK from
dhcp-failover: already connected
Jun? 2 23:42:38 Backup dhcpd[70602]: failover peer dhcp-failover: peer
moves from recover to recover
Jun? 2 23:42:38 Backup dhcpd[70602]: failover peer dhcp-failover:
requesting full update from peer
Jun? 2 23:42:38 Backup dhcpd[70602]: dhcp_failover_put_message:
something went wrong.
Jun? 2 23:42:38 Backup dhcpd[70602]: peer dhcp-failover: disconnected
Jun? 2 23:42:38 Backup dhcpd[70602]: Failed to send update request all
message to dhcp-failover: socket is not connected
Jun? 2 23:42:38 Backup dhcpd[70602]: peer dhcp-failover: disconnected
Jun? 2 23:42:43 Backup dhcpd[70602]: peer dhcp-failover: disconnected
Jun? 2 23:42:43 Backup dhcpd[70602]: Failover CONNECTACK from
dhcp-failover: already connected
Jun? 2 23:42:43 Backup dhcpd[70602]: failover peer dhcp-failover: peer
moves from recover to recover
Jun? 2 23:42:43 Backup dhcpd[70602]: failover peer dhcp-failover:
requesting full update from peer
Jun? 2 23:42:43 Backup dhcpd[70602]: dhcp_failover_put_message:
something went wrong.
Jun? 2 23:42:43 Backup dhcpd[70602]: peer dhcp-failover: disconnected
Jun? 2 23:42:43 Backup dhcpd[70602]: Failed to send update request all
message to dhcp-failover: socket is not connected
Jun? 2 23:42:48 Backup dhcpd[70602]: Failover CONNECTACK from
dhcp-failover: already connected
Jun? 2 23:42:48 Backup dhcpd[70602]: failover peer dhcp-failover: peer
moves from recover to recover
Jun? 2 23:42:48 Backup dhcpd[70602]: failover peer dhcp-failover:
requesting full update from peer
Jun? 2 23:42:48 Backup dhcpd[70602]: dhcp_failover_put_message:
something went wrong.
Jun? 2 23:42:48 Backup dhcpd[70602]: peer dhcp-failover: disconnected
Jun? 2 23:42:48 Backup dhcpd[70602]: Failed to send update request all
message to dhcp-failover: socket is not connected
Jun? 2 23:42:48 Backup dhcpd[70602]: peer dhcp-failover: disconnected
Jun? 2 23:48:26 Backup dhcpd[70654]: Internet Systems Consortium DHCP
Server 4.4.1
Jun? 2 23:48:26 Backup dhcpd[70654]: Copyright 2004-2018 Internet
Systems Consortium.
Jun? 2 23:48:26 Backup dhcpd[70654]: All rights reserved.
Jun? 2 23:48:26 Backup dhcpd[70654]: For info, please visit
https://www.isc.org/software/dhcp/
Jun? 2 23:50:16 Backup dhcpd[70685]: Internet Systems Consortium DHCP
Server 4.4.1
Jun? 2 23:50:16 Backup dhcpd[70685]: Copyright 2004-2018 Internet
Systems Consortium.
Jun? 2 23:50:16 Backup dhcpd[70685]: All rights reserved.
Jun? 2 23:50:16 Backup dhcpd[70685]: For info, please visit
https://www.isc.org/software/dhcp/
Jun? 2 23:50:16 Backup dhcpd[70691]: Internet Systems Consortium DHCP
Server 4.4.1
Jun? 2 23:50:16 Backup dhcpd[70691]: Copyright 2004-2018 Internet
Systems Consortium.
Jun? 2 23:50:16 Backup dhcpd[70691]: All rights reserved.
Jun? 2 23:50:16 Backup dhcpd[70691]: For info, please visit
https://www.isc.org/software/dhcp/
Jun? 2 23:50:16 Backup dhcpd[70691]: Wrote 0 deleted host decls to
leases file.
Jun? 2 23:50:16 Backup dhcpd[70691]: Wrote 0 new dynamic host decls to
leases file.
Jun? 2 23:50:16 Backup dhcpd[70691]: Wrote 0 leases to leases file.
Jun? 2 23:50:16 Backup dhcpd[70691]: failover peer dhcp-failover: I move
from recover to startup
Jun? 2 23:50:16 Backup dhcpd[70691]: Server starting service.
Jun? 2 23:50:16 Backup dhcpd[70691]: Failover CONNECTACK from
dhcp-failover: already connected
Jun? 2 23:50:16 Backup dhcpd[70691]: failover peer dhcp-failover: I move
from startup to recover
Jun? 2 23:50:16 Backup dhcpd[70691]: dhcp_failover_put_message:
something went wrong.
Jun? 2 23:50:16 Backup dhcpd[70691]: peer dhcp-failover: disconnected
Jun? 2 23:50:21 Backup dhcpd[70691]: Failover CONNECTACK from
dhcp-failover: already connected
Jun? 2 23:50:21 Backup dhcpd[70691]: failover peer dhcp-failover: peer
moves from recover to recover
Jun? 2 23:50:21 Backup dhcpd[70691]: failover peer dhcp-failover:
requesting full update from peer
Jun? 2 23:50:21 Backup dhcpd[70691]: dhcp_failover_put_message:
something went wrong.
Jun? 2 23:50:21 Backup dhcpd[70691]: peer dhcp-failover: disconnected
Jun? 2 23:50:21 Backup dhcpd[70691]: Failed to send update request all
message to dhcp-failover: socket is not connected
Jun? 2 23:50:26 Backup dhcpd[70691]: Failover CONNECTACK from
dhcp-failover: already connected
Jun? 2 23:50:26 Backup dhcpd[70691]: failover peer dhcp-failover: peer
moves from recover to recover
Jun? 2 23:50:26 Backup dhcpd[70691]: failover peer dhcp-failover:
requesting full update from peer
Jun? 2 23:50:26 Backup dhcpd[70691]: dhcp_failover_put_message:
something went wrong.
Jun? 2 23:50:26 Backup dhcpd[70691]: peer dhcp-failover: disconnected
Jun? 2 23:50:26 Backup dhcpd[70691]: Failed to send update request all
message to dhcp-failover: socket is not connected
>
> "not responding (recovering)" sounds like the failover protocol hasn't
> synced between the servers, so it won't respond to any requests while
> it's in that state to prevent both dhcpd servers handing out
> conflicting responses, eg both hand out the same IP to different
> clients. dhcpd will log messages to syslog when failover states change.
>
> You could use tcpdump or wireshark to look and see if there is any
> traffic on tcp port 647 between the servers. Also the dhcpd.conf man
> page in the section titled FAILOVER STARTUP goes through the steps and
> may help debug what's going on.
>
> I think you might have already done this, bu check there is no local
> firewall rules on the server blocking failover traffic between those
> ports.
??? There are no firewalls.
>
> dhcpd.leases is the current lease file, you can run tail -f to see
> updates being appended. Every hour it renames this to dhcpd.leases~
> and writes out a new dhcpd.leases from the in-memory copy of the data.
> dhcpd.leases is only ever appended to, so you can have multiple
> entries for the same IP address - the last one is the active state.
> When the file gets re-written it removes all the duplicate records.
??? OK, but neither server is writing any leases to the leases files.?
They talk plenty about their peer status, but nothing about any leases,
despite the fact the primary, at least, is issuing leases, and the
secondary does as well if the primary is offline.
------------------------------
Subject: Digest Footer
_______________________________________________
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
dhcp-users mailing list
dhcp-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
End of dhcp-users Digest, Vol 164, Issue 5
******************************************
