[pfSense Support] Re: Very urgent - DHCP server failure

[Matias Surdi]

Thanks for you help.

That problem is solved, but now, I can't get dhcp failover to work again.
They seem to be not syncronized. I see the following on the DHCP leases 
status page on the primary pfSense box:

"dhcp0"  	recover-wait  	2008/10/08 14:36:34  	recover-wait  	2008/10/08 
14:36:34  	  	
"dhcp1"  	recover  	2008/10/08 14:36:34  	unknown-state  	2008/10/08 
14:36:34


Here is the dhcpd.conf from each the two boxes:

pf1:

# cat /var/dhcpd/etc/dhcpd.conf
option domain-name "mi.local.optenet.com";
default-lease-time 7200;
max-lease-time 86400;
authoritative;
log-facility local7;
ddns-update-style none;
one-lease-per-client true;
deny duplicates;
failover peer "dhcp0" {
  primary;
  address 192.168.112.253;
  port 519;
  peer address 192.168.112.252;
  peer port 520;
  max-response-delay 10;
  max-unacked-updates 10;
  split 128;
  mclt 600;

  load balance max seconds 3;
}
failover peer "dhcp1" {
  primary;
  address 192.168.114.253;
  port 519;
  peer address 192.168.114.252;
  peer port 520;
  max-response-delay 10;
  max-unacked-updates 10;
  split 128;
  mclt 600;

  load balance max seconds 3;
}
subnet 192.168.112.0 netmask 255.255.255.0 {
        pool {
                option domain-name-servers 192.168.112.254;
                deny dynamic bootp clients;
                failover peer "dhcp0";
                range 192.168.112.10 192.168.112.110;
        }
        option routers 192.168.112.254;
        ddns-domainname "mi.local.optenet.com";
        ddns-update-style interim;
        option domain-name-servers 192.168.112.254;
        option ntp-servers 192.168.112.254;
}
subnet 192.168.114.0 netmask 255.255.255.0 {
        pool {
                option domain-name-servers 192.168.114.254;
                deny dynamic bootp clients;
                failover peer "dhcp1";
                range 192.168.114.10 192.168.114.110;
        }
        option routers 192.168.114.254;
        ddns-domainname "mi.local.optenet.com";
        ddns-update-style interim;
        option domain-name-servers 192.168.114.254;
        option ntp-servers 192.168.114.254;
}





pf2:

# cat /var/dhcpd/etc/dhcpd.conf
option domain-name "mi.local.optenet.com";
default-lease-time 7200;
max-lease-time 86400;
authoritative;
log-facility local7;
ddns-update-style none;
one-lease-per-client true;
deny duplicates;
failover peer "dhcp0" {
  secondary;
  address 192.168.112.252;
  port 520;
  peer address 192.168.112.253;
  peer port 519;
  max-response-delay 10;
  max-unacked-updates 10;
  mclt 600;

  load balance max seconds 3;
}
failover peer "dhcp1" {
  secondary;
  address 192.168.114.252;
  port 520;
  peer address 192.168.114.253;
  peer port 519;
  max-response-delay 10;
  max-unacked-updates 10;
  mclt 600;

  load balance max seconds 3;
}
subnet 192.168.112.0 netmask 255.255.255.0 {
        pool {
                option domain-name-servers 192.168.112.254;
                deny dynamic bootp clients;
                failover peer "dhcp0";
                range 192.168.112.10 192.168.112.110;
        }
        option routers 192.168.112.254;
        ddns-domainname "mi.local.optenet.com";
        ddns-update-style interim;
        option domain-name-servers 192.168.112.254;
        option ntp-servers 192.168.112.254;
}
subnet 192.168.114.0 netmask 255.255.255.0 {
        pool {
                option domain-name-servers 192.168.114.254;
                deny dynamic bootp clients;
                failover peer "dhcp1";
                range 192.168.114.10 192.168.114.110;
        }
        option routers 192.168.114.254;
        option domain-name-servers 192.168.114.254;
        option ntp-servers 192.168.114.254;
}





Network connectivity is fine between both hosts.


Any help would be very appreciated.









Gary Buckmaster escribió:
That's a pretty helpful log message.  Looks like you declared a failover 
peer incorrectly.  Please review your configuration with that in mind.

Matias Surdi wrote:
Hi,

I'm using pfSense 1.2 , and suddenly DHCP seems to have stopped 
working. On the system log, i see the following:

Oct 7 22:23:34     dhcpd: Internet Systems Consortium DHCP Server V3.0.5
Oct 7 22:23:34     dhcpd: Copyright 2004-2006 Internet Systems 
Consortium.
Oct 7 22:23:34     dhcpd: All rights reserved.
Oct 7 22:23:34     dhcpd: For info, please visit 
http://www.isc.org/sw/dhcp/
Oct 7 22:23:34     dhcpd: failover peer declaration with no referring 
pools.
Oct 7 22:23:34     dhcpd: In order to use failover, you MUST refer to 
your main failover declaration
Oct 7 22:23:34     dhcpd: in each pool declaration. You MUST NOT use 
range declarations outside
Oct 7 22:23:34     dhcpd: of pool declarations.




Any idea?



---------------------------------------------------------------------
To unsubscribe, e-mail: 
[EMAIL PROTECTED]
For additional commands, e-mail: 
[EMAIL PROTECTED]



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]