I have now had an unexpected dhcp server behavior occur twice on a
pfsense cluster when a power supply has malfunctioned and caused one
pfsense device to go offline. Here are the details.
Hardware Setup:
2 Server grade servers running pfsense 1.2.3RC1 with Intel Nics, dual
core processors with the smp pfsense kernel, and 4 gigabytes of RAM.
Multiple WAN links using tagged VLAN's. Multiple LAN links using tagged
VLAN's. CARP enabled. DHCP Server enabled on both firewalls with
failover DHCP peer setup enabled. On each device, the failover peer in
the DHCP server setup is the real interface IP for the other firewall on
that particular interface. For example, on pfsense1 LAN interface, the
failover DHCP peer is pfsense2 real LAN IP. On pfsense2 LAN, the
failover DHCP peer is pfsense1 real LAN IP. These two machines usually
operate with 4000 to 7000 total active states from 75 to 130 nodes on
the LAN side at any given time.
Normal DHCP Messages:
During normal operation with both firewalls functioning, both devices
show "My State" -- Normal and "Peer State" -- Normal in the DHCP Status
page.
Possible DHCP Error:
When one of the pfsense firewalls goes off-line unexpectedly (e.g. due
to power failure on one of the devices, etc.), the DHCP server on the
remaining unit shows unexpected behavior. First, the status of the
remaining DHCP server shows "My State" -- Communications Interrupted and
"Peer State" -- Normal. Second, initially, DHCP leases renew, but seem
to take much longer than normal to get served to clients. After a long
period of having only one active firewall, however, DHCP leases seem to
stop getting handed-out, or the client's dhcp acquisition process times
out before the remaining firewall answers the DHCP request.
-Vaughn Reid III
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
