Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    HA/CARP, with DHCP error

    HA/CARP/VIPs
    3
    6
    232
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bimpe last edited by bimpe

      Re: CARP DHCP Failover in VLANs

      Hi Team,

      I have been assigned to set up a HA on two pfsense XG7100U (DHCP failover with CARP). The config is done via GUI. The sync works fine but when I turn on the DHCP on my multi-network setup (that is I turn on DHCP on my user VLAN), it returns with an error and LAN DHCP also stops working. I am quite a rookie with pfsense, but I would try to explain my design as a need some help here. this is my configuration in this diagram below:
      ![0_1589880186650_202083d0-8f66-47aa-9988-821b4d77e136-image.png](Uploading 0%) a41df7ea-0d7e-49ef-8b09-96f2ead9bdb9-image.png

      d2bae98e-611c-4344-81b4-8bb2ce41612c-image.png

      VIP is also configured fine. But when I turn on DHCP on the user interface, I get this error on the system log and no DHCP is assigned to the users on VLAN 20 and 50:
      5427d4cf-5510-40c0-a3fa-9d5b825df856-image.png
      https://forum.netgate.com/topic/106394/dhcp-not-working-properly-solved

      Please what am I missing? What am I not getting right?

      1 Reply Last reply Reply Quote 0
      • dotdash
        dotdash last edited by

        Did you setup the DHCP server for HA?
        https://docs.netgate.com/pfsense/en/latest/book/highavailability/example-redundant-configuration.html
        Sometimes you need to restart DHCP on both boxes to get DHCP in sync.

        1 Reply Last reply Reply Quote 0
        • B
          bimpe last edited by bimpe

          Thanks @dotdash ,
          I had tried that before when I got that from some of the forums. However, I followed the steps that were listed in the link that you shared. I guess the results were still the same, please see
          7826971d-5f93-4417-be83-088c94e839a1-image.png

          Even after the restart, these were the results (DHCP set on LAN and USER VLANs)
          24ecf5ca-aff3-4e14-bdf0-b423e95a538c-image.png
          3f1b38c8-3fce-4906-9b75-497c59e4d269-image.png
          Thanks, and open to all help please

          1 Reply Last reply Reply Quote 0
          • dotdash
            dotdash last edited by

            After a PM, I just looked at your post again, as I couldn't remember the exact details. This time I looked closer and noticed you have an error in the subnet mask on vlan 20. 172.16.46.0/22 is not the subnet boundry. Perhaps it was supposed to be /24. The subnet would be 172.16.44.0/22 and would encompass 172.16.44.1-172.16.47.254, which conflicts with the subnets defined on vlans 50 and 99. This could be the root cause of the dhcp failure.

            1 Reply Last reply Reply Quote 0
            • B
              bimpe last edited by

              @dotdash . Thanks for you help so far. I made the changes based on your suggestions, but was not successful.

              1 Reply Last reply Reply Quote 0
              • lexxai
                lexxai last edited by

                @bimpe said in HA/CARP, with DHCP error:

                https://forum.netgate.com/topic/106394/dhcp-not-working-properly-solved

                The XMLRPC process will automatically add +100 to each skew when synchronizing the VIPs to the secondary node.

                skew on second server with DHCP is more than 20 by ifconfig | grep carp ?

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy