DNS Forwarder on CARP doesn't register hostname in DHCP lease on secondary

bplein

@prices:

Did you ever get this resolved?  I have been having the same problem.  The leases get transferred between the machines, but not the hostnames.

I did NOT ever find a solution to this.

I have stepped away from CARP at the moment and gone with a dedicated, non-redundant pfSense install on a dual-atom platform.

prices

That's too bad.  I am still looking for a solution.  I guess I will keep looking.

neik

I just set this up. I am puzzled that the hostname column of the Status:DHCP Leases page on the master is blank. But DNS lookups of DHCP hostnames does work on both firewalls.

TheLimey

I'm having this issue still, and the consequences are very frustrating.

DHCP leases given out by either machine ARE transferred to the other but without the hostname. As a consequence I can only ping (or remote into) hosts by name that have a lease given out by the primary server. Hosts with leases given out by the secondary server aren't available because the DNS lookups go to the primary server (which doesn't have hostnames for the DHCP leases given out by the secondary server).

How do we contact the developer of that functionality to get this fixed. I'm hoping it's a simple mistake in the code somewhere.

…or failing that could anyone give me pointers to where I might find the code to attempt to locate the source of the issue myself?

Thanks,
Colin

cmb

Not sure how I missed this thread before, and hadn't noticed this myself until now. People who use HA generally have a requirement for a full blown name server, or strictly use DHCP reservations, which is why aside from a few in this thread, it hadn't been noticed.

The root of this issue is ISC dhcpd doesn't send the client-hostname to its peer(s). So each system knows only about the hostnames on leases it issued.

I opened a bug.
https://redmine.pfsense.org/issues/4061

Likely need to get dhcpd fixed upstream. If it's easy to patch, we could patch ours in the mean time.

You're definitely welcome to dig into it. Beyond a cursory review, we're likely not going to be able to do anything in depth on that until post-2.2. I didn't spend a lot of time looking, so some further searching may be productive.

TheLimey

@cmb  Thank you for the incredibly fast response. I wasn't expecting a reply so quickly.

I was planning on switching to static IP's at some point anyway, I guess I'll just have to do it sooner :)

I did try to take a look, but didn't know where to begin. I managed to fix a bug in the IPFire OS, but I think this one is going to be beyond me.  :'(

Thanks again  :D

cmb

Can just make them DHCP reservations in the mean time. Status>DHCP leases, hit the + next to each to add as a static mapping. Though static mappings must be outside the DHCP scope, so it might require a bit of juggling around if you need the IPs to stay the same (or you can just remove that input validation if you want, it'll behave how you need it to in this circumstance, though it won't in many others). The hostnames in the static mappings will resolve correctly on both systems.

coski

Hello!
Has it been any news on this subject?
I'm having the same problem in my workplace.

Thanks!

daviderickson

I'm seeing the same issue, however it looks like this may have been fixed upstream as of isc-dhcpd version 4.3.5:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810971
https://lists.isc.org/pipermail/dhcp-users/2016-October/020331.html

Is it possible as an end user to update and try the new version to see if it fixes the issue?

antiroot

Sorry for the bump, but this thread describes exactly our issue as well

Has anyone found a workaround for this? If there was a way to get the DNS Resolver to query the master and the slave then i'd be fine with that until isc-dhcp is able to sync the client-hostnames properly, but i couldn't get it to work for me unfortunately

jimp

The hostnames sync properly on 2.4. I haven't tried 2.3.3-p1 but they use the same version of the ISC DHCP server so it should work there, too.

antiroot

Thanks jimp! We are running 2.3.3-p1 and it unfortunately does not appear to work as expected. Do you know of any up to date documentation for setting up DHCP/DDNS specifically in a HA environment, seems some of the config fields are a bit ambiguous and it is entirely possible I set it up incorrectly? I've been using pfSense for years, but this is the first time trying to setup DHCP/DDNS with dual WAN + HA and it's been more difficult than every other aspect of pfSense I've had experience with! I'm hesitant to upgrade to 2.4 on production machines and rather use that as a last resort if I can't get it to work on 2.3.3

jimp

None of that should matter, it hasn't changed in years.

As long as you have the failover peers configured and the two nodes show a proper normal/normal pool status that should be good enough.

jstookey

We have been using CARP in a HA availability setup for years and have always had the same problem. The hostname is registered on one host but not the other. We have failover peers configured and a normal/normal pool status. We have been using a workaround which has it's own problems. I recently removed the workaround and we are still seeing the same issue. We are running 2.4.3_1. We would love to see a resolution to the problem.

Derelict

The solution is right there. Set up a DDNS server off the firewall and have both nodes update that.

Locking this ancient thread.