2.5.0 No DHCP on additional Vlans on CARP configurations with use of failover peers
-
On a (upgraded to 2.5.0) HA configuration with a LAN and two additional VLANs; only the LAN DHCP is working correctly. The extra VLANs are not serviced with DHCP.
Typical message DHCPDISCOVER from 00:1d:c1:19:6f:dc via igb0.10: not responding (recovering).
If we configure the DHCP just for one server only without the failover peer the DHCP server is working correctly.
Any idea?
Thanks
-
This sounds like a similar problem to what I experienced today. On the Status / DHCP Leases page, does it say "My Status: Recovering" and "Peer Status: Unknown"? I found that there was a problem with the HA Sync (XMLRPC Sync?) populating the failover peer with the wrong interface address. When I manually change the failover peer address on the backup firewall, everything starts working normally... but as expected, it is overwritten again if I ever change the config.
To explain, better, in my example, I am trying to set up a DHCP server on OPT10. I go into the GUI for Firewall 1 (master), Services / DHCP, and I input the OPT10 CARP address as the Gateway, and I input the OPT10 interface address of Firewall 2 (backup) as the Failover Peer. I save the config, then, I look in the GUI for Firewall 2 so see what synced over. I find the correct CARP address as the Gateway, but for the peer address, I find the OPT5 address of Firewall 1, instead of the OPT10 address of Firewall 1. I manually change the address in Firewall 2 to the OPT10 address of Firewall 1, and suddenly the DHCP servers starts working. But if I go into the Firewall 1 settings and press "Save", it stops working again, and I see the OPT5 address is back in Firewall 2, and there is a message in the DHCP Status, communication_lost.
I did check in the config.xml that OPT5 and OPT10 on both firewalls match, in terms of their interface names and subnets!
I feel like there is a bug here? Or could there be something corrupted in my config that is preventing the sync from working properly?
-
This seems to be identical to:
https://forum.netgate.com/topic/161152/strange-problem-dhcp-failover-after-upgrade-to-2-5-0-xmlrpc-bug
Solution:
https://redmine.pfsense.org/issues/11519