Conflicting IP addresses from DHCP
-
We have a HA configuration with pfSense.
One firewall returned the following to a DHCP request:
Oct 19 10:34:16 dhcpd 492 DHCPOFFER on 10.17.7.138 to 3c:55:76:dd:e8:b7 (DESKTOP-GP2KQR6) via igb0
The other firewall gave a different address:
Oct 19 10:34:16 dhcpd 45595 DHCPOFFER on 10.17.5.196 to 3c:55:76:dd:e8:b7 (DESKTOP-GP2KQR6) via igb0
Note that timestamps and MAC addresses are the same, only the IP addresses differ. This seems to have confused my Windows 10 host, which logged the following error:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 0x3C5576DDE8B7. The following error occurred: 0x79. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
My questions:
- Shouldn't the firewalls synchronize their leases, so as to avoid offering two different IP addresses to the same device?
- Is it typical to run active-active DHCP servers in a HA setup without manually stopping the DHCP service on one or the other?
- Any other suggestions or workarounds?
Our version of pfSense is the latest:
23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
FreeBSD 14.0-CURRENTThanks in advance for any help you can provide.
-
have you worked through these?
https://docs.netgate.com/pfsense/en/latest/troubleshooting/ha-dhcp-failover.html