carp/ha, sync client-hostname in dhcp lease files missing

loeken

Hello everybody,

I've created a test setup of 2 pfsense vms in order to configure 1 shared vip on the lan

I setup 2 pfsense nodes (primary's lan: 10.0.255.254, secondary's lan: 10.0.255.254 ) , I've successfully created a carp VIP on the lan ( 10.0.255.250 ), enabled State Synchronization Settings (pfsync) on both nodes and enabled xmlrpc sync on the primary node. the synchronization happens via a dedicated interface as described in the documentation. almost everything seems to work i can reroute traffic when entering the carp maintenance mode etc. my vips get the correct skew values set if i add a new client on the 10.0.0.0/16 network and it gets an ip from my pool ( 10.0.0.1-10.0.1.255 ) let's say 10.0.0.1, the lease for this will show up on both pfsense GUIs but only one of the leases will have the client-hostname set, on the other the field is emtpy. I did look at my dhcp logs and from what i can see the dhcp requests are coming in and its either node1 or node2 that respond to it ( this seems to happen randomly ), the one that responds is the one that has the hostname set in the lease view

( I've configured the dhcp server to register the client-hostnames in the dns resolver, but when i query the dns servers for local hostnames, only 1 of the dns servers respond to my dns requests (the one that has the client-hostname set )

I've also looked at the /var/dhcpd/var/db/dhcp.lease files, and noticed the missing client-hostname from the lease block on the server that did not handle the dhcp request, and what surprised me is that i saw 2 correctly formed lease blocks on the other pfsense ( both exactly the same both with a client-hostname set )

Anybody got a clue what I did wrong or is there some bug? I did search redmine but couldnt find anything matching that matched version 2.4.4 which i used for testing. Do let me know if you need me to provide any log/configs

thanks

Derelict

That's just the way ISC dhcpd works.

If I needed HA DHCP host names in one DNS server, I'd set one up (or a pair ) off the firewalls and have them both update the zone there.

loeken

Hi Derelict thanks for your fast response

"That's just the way ISC dhcpd works.", is this in response to multiple lease blocks in the same dhcp.lease file? if this is normal okey, then please ignore this part of my post

My main problem still remains, that hostnames do not synchronize across servers, I've just found a section in this video: https://youtu.be/VnBnnh81G7w?t=3861 where the guy shows that hostnames should be synchronized across pfsenses, he also mentions some bug in isc about synchronizing hostnames - but says it was fixed, I seem to have the problem that the hostname is not getting synchronized properly

Derelict

It is up to ISC dhcpd to sync those. I missed that that was fixed, which is great news.

Does your DHCP pair show normal/normal on Status > DHCP Leases? Anything in the DHCP logs on either node that indicate what might be failing?

That video is going to be the best information available.

ETA: It looks like they might have broken that again.

loeken

the dhcp lease pages both show normal/normal. Nothing in the logs that would indicate an issues from what I can see.

"ETA: It looks like they might have broken that again." <- did you find any open bug/issue addressing this?

Derelict

No. I tested it. When I get confirmation that you and I aren't both doing something wrong I will open a bug. But just like last time it will probably be up to ISC to fix.

loeken

Thank you very much. Do let me know if i should provide any sort of configs/tests/help to get this solved!

loeken

Hey Derelict, has the bug been confirmed by any chance?

loeken

I just updated my test vms to 2.4.4-RELEASE-p1 and from what I can tell the issue has been fixed! I now get the client-hostname on the master and the backup