• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

DHCPv6 failover peer broken due to 'deny dynamic bootp clients' in dhcpdv6.conf

2.1 Snapshot Feedback and Problems - RETIRED
2
3
4.0k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    justanotherpfsenseuser
    last edited by Sep 1, 2013, 8:14 PM Sep 1, 2013, 7:30 PM

    Having tried to enable failover for ipv6 dns I added the backup firewall's ipv6 address to the dhcpdv6 config page and the subsequent restart of dhcpd failed:

    fw1 php: /services_dhcpv6.php: The command '/usr/local/sbin/dhcpd -6 -user dhcpd -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid vr1_vlan69' returned exit code '1', the output was 'Internet Systems Consortium DHCP Server 4.2.5-P1 Copyright 2004-2013 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ /etc/dhcpdv6.conf line 15: expecting allow/deny key deny dynamic ^ /etc/dhcpdv6.conf line 15: expecting a parameter or declaration deny dynamic bootp clients; ^ Configuration file errors encountered – exiting If you did not get this software from ftp.isc.org, please get the latest from ftp.isc.org and install that before requesting help. If you did get this software from ftp.isc.org and have not yet read the README, please read it before requesting help. If you intend to request help from the dhcp-server@isc.org mailing list, please read the

    Having looked at the /var/dhcpd/etc/dhcpdv6.conf file I see it has not actually added teh config for a failover peer, however has inserted the following:

    subnet6 2001:40a0:1011:69::/64 {
    deny dynamic bootp clients;

    I can see mention of this in dhcpd.conf man page that suggests this should be used when a failover peer is configured, althought the example config puts this command within the pool { } config section that seems not to be present here?

    Does anyone else have a working ipv6 dhcp failover config?

    Thanks.

    1 Reply Last reply Reply Quote 0
    • J
      justanotherpfsenseuser
      last edited by Sep 6, 2013, 10:55 AM

      still broken, this may be something to look at before progressing to RC2 as it doesnt seem like you can have a resilient pair of firewalls if you want to use DHCP for ipv6 address assignment :(

      1 Reply Last reply Reply Quote 0
      • J
        jimp Rebel Alliance Developer Netgate
        last edited by Sep 6, 2013, 6:05 PM

        DHCPv6 does not support failover, not sure why the options were in the GUI, but aside from the one that broken the backup config, they were not in the backend.

        Current recommendation is to run them independently with separate pools.

        We're considering maybe having the DHCPv6 daemon shut down in a failover config if the interface is in a CARP backup status, but that isn't quite so easy.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        1 out of 3
        • First post
          1/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.