Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    2.5.0 No DHCP on additional Vlans on CARP configurations with use of failover peers

    HA/CARP/VIPs
    2
    3
    112
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Robert de Wit last edited by

      On a (upgraded to 2.5.0) HA configuration with a LAN and two additional VLANs; only the LAN DHCP is working correctly. The extra VLANs are not serviced with DHCP.

      Typical message DHCPDISCOVER from 00:1d:c1:19:6f:dc via igb0.10: not responding (recovering).

      If we configure the DHCP just for one server only without the failover peer the DHCP server is working correctly.

      Any idea?

      Thanks

      1 Reply Last reply Reply Quote 1
      • D
        dyener last edited by

        This sounds like a similar problem to what I experienced today. On the Status / DHCP Leases page, does it say "My Status: Recovering" and "Peer Status: Unknown"? I found that there was a problem with the HA Sync (XMLRPC Sync?) populating the failover peer with the wrong interface address. When I manually change the failover peer address on the backup firewall, everything starts working normally... but as expected, it is overwritten again if I ever change the config.

        To explain, better, in my example, I am trying to set up a DHCP server on OPT10. I go into the GUI for Firewall 1 (master), Services / DHCP, and I input the OPT10 CARP address as the Gateway, and I input the OPT10 interface address of Firewall 2 (backup) as the Failover Peer. I save the config, then, I look in the GUI for Firewall 2 so see what synced over. I find the correct CARP address as the Gateway, but for the peer address, I find the OPT5 address of Firewall 1, instead of the OPT10 address of Firewall 1. I manually change the address in Firewall 2 to the OPT10 address of Firewall 1, and suddenly the DHCP servers starts working. But if I go into the Firewall 1 settings and press "Save", it stops working again, and I see the OPT5 address is back in Firewall 2, and there is a message in the DHCP Status, communication_lost.

        I did check in the config.xml that OPT5 and OPT10 on both firewalls match, in terms of their interface names and subnets!

        I feel like there is a bug here? Or could there be something corrupted in my config that is preventing the sync from working properly?

        R 1 Reply Last reply Reply Quote 0
        • R
          Robert de Wit @dyener last edited by

          This seems to be identical to:

          https://forum.netgate.com/topic/161152/strange-problem-dhcp-failover-after-upgrade-to-2-5-0-xmlrpc-bug

          Solution:
          https://redmine.pfsense.org/issues/11519

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy