Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    2.5.0 No DHCP on additional Vlans on CARP configurations with use of failover peers

    HA/CARP/VIPs
    2
    3
    270
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Robert de Wit last edited by

      On a (upgraded to 2.5.0) HA configuration with a LAN and two additional VLANs; only the LAN DHCP is working correctly. The extra VLANs are not serviced with DHCP.

      Typical message DHCPDISCOVER from 00:1d:c1:19:6f:dc via igb0.10: not responding (recovering).

      If we configure the DHCP just for one server only without the failover peer the DHCP server is working correctly.

      Any idea?

      Thanks

      1 Reply Last reply Reply Quote 1
      • D
        dyener last edited by

        This sounds like a similar problem to what I experienced today. On the Status / DHCP Leases page, does it say "My Status: Recovering" and "Peer Status: Unknown"? I found that there was a problem with the HA Sync (XMLRPC Sync?) populating the failover peer with the wrong interface address. When I manually change the failover peer address on the backup firewall, everything starts working normally... but as expected, it is overwritten again if I ever change the config.

        To explain, better, in my example, I am trying to set up a DHCP server on OPT10. I go into the GUI for Firewall 1 (master), Services / DHCP, and I input the OPT10 CARP address as the Gateway, and I input the OPT10 interface address of Firewall 2 (backup) as the Failover Peer. I save the config, then, I look in the GUI for Firewall 2 so see what synced over. I find the correct CARP address as the Gateway, but for the peer address, I find the OPT5 address of Firewall 1, instead of the OPT10 address of Firewall 1. I manually change the address in Firewall 2 to the OPT10 address of Firewall 1, and suddenly the DHCP servers starts working. But if I go into the Firewall 1 settings and press "Save", it stops working again, and I see the OPT5 address is back in Firewall 2, and there is a message in the DHCP Status, communication_lost.

        I did check in the config.xml that OPT5 and OPT10 on both firewalls match, in terms of their interface names and subnets!

        I feel like there is a bug here? Or could there be something corrupted in my config that is preventing the sync from working properly?

        R 1 Reply Last reply Reply Quote 0
        • R
          Robert de Wit @dyener last edited by

          This seems to be identical to:

          https://forum.netgate.com/topic/161152/strange-problem-dhcp-failover-after-upgrade-to-2-5-0-xmlrpc-bug

          Solution:
          https://redmine.pfsense.org/issues/11519

          1 Reply Last reply Reply Quote 0
          • First post
            Last post