Thanks for you help.
That problem is solved, but now, I can't get dhcp failover to work again.
They seem to be not syncronized. I see the following on the DHCP leases
status page on the primary pfSense box:
"dhcp0" recover-wait 2008/10/08 14:36:34 recover-wait 2008/10/08
14:36:34
"dhcp1" recover 2008/10/08 14:36:34 unknown-state 2008/10/08
14:36:34
Here is the dhcpd.conf from each the two boxes:
pf1:
# cat /var/dhcpd/etc/dhcpd.conf
option domain-name "mi.local.optenet.com";
default-lease-time 7200;
max-lease-time 86400;
authoritative;
log-facility local7;
ddns-update-style none;
one-lease-per-client true;
deny duplicates;
failover peer "dhcp0" {
primary;
address 192.168.112.253;
port 519;
peer address 192.168.112.252;
peer port 520;
max-response-delay 10;
max-unacked-updates 10;
split 128;
mclt 600;
load balance max seconds 3;
}
failover peer "dhcp1" {
primary;
address 192.168.114.253;
port 519;
peer address 192.168.114.252;
peer port 520;
max-response-delay 10;
max-unacked-updates 10;
split 128;
mclt 600;
load balance max seconds 3;
}
subnet 192.168.112.0 netmask 255.255.255.0 {
pool {
option domain-name-servers 192.168.112.254;
deny dynamic bootp clients;
failover peer "dhcp0";
range 192.168.112.10 192.168.112.110;
}
option routers 192.168.112.254;
ddns-domainname "mi.local.optenet.com";
ddns-update-style interim;
option domain-name-servers 192.168.112.254;
option ntp-servers 192.168.112.254;
}
subnet 192.168.114.0 netmask 255.255.255.0 {
pool {
option domain-name-servers 192.168.114.254;
deny dynamic bootp clients;
failover peer "dhcp1";
range 192.168.114.10 192.168.114.110;
}
option routers 192.168.114.254;
ddns-domainname "mi.local.optenet.com";
ddns-update-style interim;
option domain-name-servers 192.168.114.254;
option ntp-servers 192.168.114.254;
}
pf2:
# cat /var/dhcpd/etc/dhcpd.conf
option domain-name "mi.local.optenet.com";
default-lease-time 7200;
max-lease-time 86400;
authoritative;
log-facility local7;
ddns-update-style none;
one-lease-per-client true;
deny duplicates;
failover peer "dhcp0" {
secondary;
address 192.168.112.252;
port 520;
peer address 192.168.112.253;
peer port 519;
max-response-delay 10;
max-unacked-updates 10;
mclt 600;
load balance max seconds 3;
}
failover peer "dhcp1" {
secondary;
address 192.168.114.252;
port 520;
peer address 192.168.114.253;
peer port 519;
max-response-delay 10;
max-unacked-updates 10;
mclt 600;
load balance max seconds 3;
}
subnet 192.168.112.0 netmask 255.255.255.0 {
pool {
option domain-name-servers 192.168.112.254;
deny dynamic bootp clients;
failover peer "dhcp0";
range 192.168.112.10 192.168.112.110;
}
option routers 192.168.112.254;
ddns-domainname "mi.local.optenet.com";
ddns-update-style interim;
option domain-name-servers 192.168.112.254;
option ntp-servers 192.168.112.254;
}
subnet 192.168.114.0 netmask 255.255.255.0 {
pool {
option domain-name-servers 192.168.114.254;
deny dynamic bootp clients;
failover peer "dhcp1";
range 192.168.114.10 192.168.114.110;
}
option routers 192.168.114.254;
option domain-name-servers 192.168.114.254;
option ntp-servers 192.168.114.254;
}
Network connectivity is fine between both hosts.
Any help would be very appreciated.
Gary Buckmaster escribió:
That's a pretty helpful log message. Looks like you declared a failover
peer incorrectly. Please review your configuration with that in mind.
Matias Surdi wrote:
Hi,
I'm using pfSense 1.2 , and suddenly DHCP seems to have stopped
working. On the system log, i see the following:
Oct 7 22:23:34 dhcpd: Internet Systems Consortium DHCP Server V3.0.5
Oct 7 22:23:34 dhcpd: Copyright 2004-2006 Internet Systems
Consortium.
Oct 7 22:23:34 dhcpd: All rights reserved.
Oct 7 22:23:34 dhcpd: For info, please visit
http://www.isc.org/sw/dhcp/
Oct 7 22:23:34 dhcpd: failover peer declaration with no referring
pools.
Oct 7 22:23:34 dhcpd: In order to use failover, you MUST refer to
your main failover declaration
Oct 7 22:23:34 dhcpd: in each pool declaration. You MUST NOT use
range declarations outside
Oct 7 22:23:34 dhcpd: of pool declarations.
Any idea?
---------------------------------------------------------------------
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]