DHCP from Backup Node?

  • Hi all,

    I configured CARP and it appears nearly everything is working fine. When logged on on the master I can go into maintenance mode and the secondary takes control. Fine so far.

    But I am having an issue with DHCP.
    I have DHCP Server enabled on a CARP'ed Interface. I can not assign DHCP to the Virtual IP (is not offered) so dhcpd is listening on the interface.
    I configured DHCP to send DNS and Gateway as the Virtual IP. I configured HA to sync DHCP server settings to slave. So I expect the dhcp-client to have as gateway address and the same as DNS server.

    DNS works (has .254) but gateway is .202 (IP of backup) instead of the Virtual IP.

    I can ping Virtual IP, ping master IP and ping secondary IP. But I can not reach any host outside my own network.

    Do you guys have any clue what ist going on here?

  • Just as addition:

    When I manually disable DHCP server on backup everything goes as expected.

    Isn't the service handled by CARP/ HA?

  • Realized meanwhile I have to set the slave IP to sync additional on the dhcp settings on master.

    It is not sufficient to have it configured on the HA/sync part...

    No the only not working is my Captive Portal.

  • LAYER 8 Netgate

    You have to set the DHCP server to give the interface CARP VIP as the gateway to the clients. The same holds true for the DNS servers given to the clients if you are using pfSense for that.

    Yes, you have to add the address of the secondary node on that interface to enable shared DHCP between the two. This should do the right thing and add the address of the primary in the same place on the secondary.

    ISC DHCP HA is kind of a strange beast. Both nodes are actually answering queries using a portion of the pool. It is the only thing that I can think of that is close to active/active in pfSense HA (which is active/passive).

    If you view Status > DHCP Leases you should see normal/normal on both nodes. If not, something is wrong.

  • @derelict said in DHCP from Backup Node?:

    If you view Status > DHCP Leases you should see normal/normal on both nodes. If not, something is wrong.

    Yes, I got it working so far, and yes I gave both gateway and DNs the CARP Virtual IP. After figuring out I have to add the slave IP there it started working.

    Unfortunately only on two of the interfaces, but not on the third.
    There it says "My state: recover" and "Peer State: unknown state"

    This is obvious not "normal", but how do I troubleshoot? I alread stopped both services and removed the dhcp-leases files on both servers, but no change.

    I can ping both addresses vice-versa. How can I troubleshoot?

    After re-configuring the dhcp service again and again it went finally to "normal/normal". So it is working now and I am fine.

