messed up dhcpd.conf (and probably other settings)



  • hi,

    due to a hardware failure some time ago which happened during a periaod where we did configure much firewall rule and ipsec settings, somehow we managed to hose/break some settings/configuration.

    i'm not sure how this happened, but iirc, this may be some maloperation via xmlrpc syncing back from the backup node to the primary node.

    i know you should not do that, but it may have been overread because that warning was not printed in fat blinking text. (btw - why is it possible to be configured that way at all when a node already gets synced from a primary one when this is so dangerous? could somebody at least add fat text for better readability ? ).

    however, i see secondary" in dhcpd.conf settings on both fw nodes now and we need to fix this, but don't know what's the correct way. i don't want to try anything which can get us into deeper trouble as we already are...

    would it be ok to recover the dhcpd.conf files from backup (we have on from before firewall failure) and then simply restart dhcpd ? what about existing leases, will that cause trouble ?

    what about other related issues regarding xmlrpc config sync?

    we still have the secondary node being the active one (doing all configuration on the primary one) because since the failure of the first node we needed to add complicated ipsec to the second node before being able to fix the first one - and when trying to sync config back to the first node, all went fine so far - but ipsec did not work so we left secondary node active one since then...

    unfortunately we detected much later that there also is an issue with dhcp.

    could someone help fixing our configuration on first node so we can switch it back to be the primary/active one (i.e. leave carp maintenance mode?)

    thank you!
    roland


Log in to reply