Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Fixed: Not-a-bug: Bug affecting dhcpd failover state

    Scheduled Pinned Locked Moved DHCP and DNS
    4 Posts 2 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      jason0
      last edited by

      Hello,

      I believe I found a bug.

      I am running pfsense 2.4.1-release (amd64) on two fw-7541c lanner firewalls. ( not supported by the pfsense team…I know).

      I have verified the config.xml files are nearly identiical (enclosed).

      The bug is in the dhpd.conf files on either system.  I have also enclosed both files.

      Primary dhcpd.conf exerpt:
        failover peer "dhcp_lan" { primary; ... split 128; mclt 600; }
        failover peer "dhcp_opt2" { secondary; ... }

      Secondary dhcpd.conf exerpt:
        failover peer "dhcp_lan" { secondary; ... }
        failover peer "dhcp_opt2" { secondary; ... }

      Note that "secondary" appears in the failover description from the primary system, and also does not include split, or mclt.

      With this configuration, no dhcp addresses are handed out by either server on the "dhcp_opt2" aka em4.1002.

      In the dhcpd logs on either primary or backup, I see the messages (for the correct interface):

      DHCPDISCOVER from xx:yy:zz:aa:bb:cc via em4.1002: peer holds all free leases
      DHCPREQUEST for 10.37.56.188 from xx:yy:zz:aa:bb:cc  via em4.1002: not responding (recovering)

      Otherwise: carp seems to operate correctly.

      The symptoms are that no ip addresses are handed out on the guestwifi, and the following appears on the dhcpd.leases status page:

      Pool Status

      | Failover Group | My State | Since | Peer State | Since |
      | dhcp_lan (LAN) | normal | 2017/11/08 18:05:08 | normal | 2017/11/08 18:05:13 |
      | dhcp_opt2 (GUESTWIFI) | recover | 2017/11/08 17:53:22 | unknown-state | 2017/11/08 17:53:22 |

      I followed the instructions on https://doc.pfsense.org/index.php/DHCP_Failover_Troubleshooting, and no change occurs.

      My work-around is I have removed "dhcp server settings" from the sync-options, removed the peer address from the primary dhcp config for the guest wifi, and disabled the guestwifi dhcp server on the secondary system.

      –jason

      fw1-primary-config.xml.txt
      fw2-secondary-config.xml.txt
      fw1-dhcpd.conf.txt
      fw2-dhcpd.conf.txt

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        The primary/secondary stuff is keyed off the presence of a CARP VIP for the subnet and its skew and so on.

        Your VIP for opt2 isn't in the correct subnet, it's 192.168.56.1 when the subnet is 10.37.56.0/24. That's broken in several ways, DHCP is only one of them.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • J Offline
          jason0
          last edited by

          Wow!  Good eye on that one!  Thanks!

          1 Reply Last reply Reply Quote 0
          • J Offline
            jason0
            last edited by

            So yes, what Jim said is correct: my carp ip address was in a different subnet as the network it was supposed to be on.

            I am happy to be wrong!

            –jason

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.