Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Strange Problem: DHCP Failover after upgrade to 2.5.0 - XMLRPC BUG?

    Scheduled Pinned Locked Moved
    DHCP and DNS
    3
    7
    563
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      charly65
      last edited by charly65

      Hello,

      I've configured two pfSense boxes as Master/Slave.
      There are multiple LAN Interfaces with DHCP configured on each of them.
      There's one OpenVPN-Client connected to a some server on the internet.

      Whenever DHCP-Settings are synced (XMLRPC) to the Slave (e.g. by adding/changing a NTP-Server in the DHCP-Settings), the failover_peerip on the Slave is changed from the Master_ip to the OpenVPN-Client-IP (!!!) on all DHCP-Servers on all LAN-Interfaces, which of course causes DHCP Master/Slave communication to fail.

      When I manually correct the failover_peerips on the Slave, everything works normally until the next sync happens. Excluding DHCP from HA-sync does help.

      Interesting finding: When I disable the OpenVPN-Client, the failover_peerips stay untouched.

      This clearly must be a bug in XMLRPC-Sync somehow ...

      viktor_gV 1 Reply Last reply Reply Quote 0
      • viktor_gV
        viktor_g Netgate @charly65
        last edited by

        This post is deleted!
        1 Reply Last reply Reply Quote 0
        • viktor_gV
          viktor_g Netgate
          last edited by

          @charly65
          What is your DHCP interface? LAN?
          could you show the netstat -n and ifconfig output?

          C 1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Sounds like the order of assigned interfaces doesn't match on both systems when it must match exactly.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • C
              charly65 @viktor_g
              last edited by charly65

              @viktor_g said in Strange Problem: DHCP Failover after upgrade to 2.5.0 - XMLRPC BUG?:

              @charly65
              What is your DHCP interface? LAN?

              All LAN-Interfaces run DHCP ...

              Here's the Console-Overview:
              Screenshot from 2021-02-23 19-58-28.png

              could you show the netstat -n and ifconfig output?

              netstat -n ? sure? I can't think of any reason why, but I'l add it. I'll add -rn, too.
              Since there's quite a lot of interfaces, I've put the content in files ...

              Master is fw2 (.2), Slave is fw3 (.3)

              Again: when I disable OpenVPN, everything's fine, XMLRPC-sync changes the slave-ip in the
              failover_peerip field (on Master) to the master-ip in failover_peerip field on Slave.
              With OpenVPN active, ALL Slaves failover_peerip fields end up showing the XXX.YYY.255.33, which happens to be the OpenVPN Client IP.

              fw2-ifconfig.txt fw2-netstat-n.txt fw2-netstat-rn.txt fw3-ifconfig.txt fw3-netstat-n.txt fw3-netstat-rn.txt

              1 Reply Last reply Reply Quote 0
              • viktor_gV
                viktor_g Netgate
                last edited by viktor_g

                ok, I can reproduce it
                Please try this patch: 151.diff

                Redmine issue created: https://redmine.pfsense.org/issues/11519

                1 Reply Last reply Reply Quote 1
                • C
                  charly65
                  last edited by

                  @viktor_g said in Strange Problem: DHCP Failover after upgrade to 2.5.0 - XMLRPC BUG?:

                  ok, I can reproduce it
                  Please try this patch: 151.diff

                  Perfect! This does the job! Thanks a lot, Viktor!

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post