Hello Luca,
it's also available for Linux:
https://github.com/inverse-inc/packetfence-dhcp-forwarder/tree/master/dhcp-forwarder
so you can install it on each cluster's member.
Le 2018-01-22 à 10:34, luca comes via PacketFence-users a écrit :
Hi Fabrice,
I'm using a cluster of ISC DHCPD on CentOS 7 so think I can't use your
dhcp forwarder. I understand is it only for windows isn't it? Anyway I
did a test, when the client change role it send a dhcp request to the
server:
[root@dhcp01 ~]# tail -f /var/log/dhcp/dhcpd.log | grep 00:9c:02:92:ea:b0
Jan 22 12:23:54 dhcp01 dhcpd: DHCPACK to 172.20.251.192
(00:9c:02:92:ea:b0) via ens160
Jan 22 12:24:00 dhcp01 dhcpd: DHCPREQUEST for 172.20.251.192 from
00:9c:02:92:ea:b0 (LAB3-NB) via 192.168.167.1: wrong network.
Jan 22 12:24:00 dhcp01 dhcpd: DHCPNAK on 172.20.251.192 to
00:9c:02:92:ea:b0 via 192.168.167.1
Jan 22 12:24:00 dhcp01 dhcpd: DHCPDISCOVER from 00:9c:02:92:ea:b0 via
192.168.167.1
Jan 22 12:24:01 dhcp01 dhcpd: DHCPOFFER on 192.168.167.190 to
00:9c:02:92:ea:b0 (LAB3-NB) via 192.168.167.1
Jan 22 12:24:01 dhcp01 dhcpd: DHCPREQUEST for 192.168.167.190
(172.27.112.17) from 00:9c:02:92:ea:b0 (LAB3-NB) via 192.168.167.1
Jan 22 12:24:01 dhcp01 dhcpd: DHCPACK on 192.168.167.190 to
00:9c:02:92:ea:b0 (LAB3-NB) via 192.168.167.1
Instead I can't see any packet on the pfdhcplistener for that MAC
Address. The strange thing is that it is receiving traffic from the
DHCP on port 767. At the moment I put an helper address on the switch
so a copy of the traffic is sent directly to the pfdhcplistener and
the client IP is updated. It's always showed as offline but I don't
understand why.
If you didn't install the forwarder , from where do you receive the copy
of the dhcp traffic on the port 767 ?
Also inline/offline is based on the accounting , not from the dhcp.
Regards
Fabrice
Luca
Inviato da Outlook <http://aka.ms/weboutlook>
------------------------------------------------------------------------
*Da:* Durand fabrice via PacketFence-users
<packetfence-users@lists.sourceforge.net>
*Inviato:* sabato 20 gennaio 2018 03:21
*A:* packetfence-users@lists.sourceforge.net
*Cc:* Durand fabrice
*Oggetto:* Re: [PacketFence-users] No client IP update in cluster
Hello Lucas,
first use that instead:
https://github.com/inverse-inc/packetfence-dhcp-forwarder
And there is no listening process on UDP 767 but pfdhcplistener
capture the traffic on 67/68 and 767.
If you tail pfdhcplistener on the server where the vip is , do you see
some updates from te hproduction dhcp server ?
Also do a capture on the management interface to see if you receive
something on the port 767. (tshark -i eth0 -f "port 767")
Regards
Fabrice
Le 2018-01-18 à 09:43, luca comes via PacketFence-users a écrit :
Hi all,
I've migrated my single node infrastructure to a 3 node cluster. At
the moment I'm testing 802.1x with a Cisco catalyst 2950 and the
authentication is working fine. I also have in production a wireless
guest access with sponsor on Cisco WLC taht is working really well.
Unfortunately I noticed that the client IP address is never updated
on the nodes page. I have a production DHCP server on the same
management VLAN with udp_reflector pointing to the new VIP on the
cluster. With single node the problem wasn't showed and the IP was
correctly updated after a few seconds. The command I'm using on the
DHCP server is:
/usr/local/bin/udp_reflector -s pcap2:67 -d 172.27.17.7:767 -b 25000 &
Where 172.27.17.7 is the VIP exposed by the cluster.
I would expect UDP port 767 on PF nodes in listening but they are
not. Is something missing in my configuration?
Thanks
Luca
Inviato da Outlook <http://aka.ms/weboutlook>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
