4. Carp, DHCP VIP Issue with Hosts Connected to Secondary IP

Carp, DHCP VIP Issue with Hosts Connected to Secondary IP

  • R

    So, I am running 2.0.3 (i386) with CARP setup. The issue I am having is when hosts on the LAN network either reconnect (ipconfig /release/renew) or 1st time connect, I get a split DHCP server IP in the lease table. My admin laptop gets the secondary Carp IP for DHCP and thus this causes issues trying to connect to VPNs, routing and leases. Any suggestions to why the CARP IP for DHCP is using Secondary instead of the Primary? I am stumped.

    This only happens on the LAN network. I have an any any rule for LAN to reach any host out default gateway (which is a CARP IP) thinking that will solve my problem but it doesnt.

    R

    0
  • C

    You have to specify the CARP IP as the gateway in your DHCP server config.

    0
  • R

    I have the correct setup for LAN. DHCP conf has the VIP Gateway set bc if not, then the LAN net wouldnt be able to communicate. It just doesnt make any sense why my laptop (DHCP Static Mapped) doesnt get the primary LAN IP for DHCP server. The dhcp renewal religiously uses the Secondary LAN IP instead.

    For example…

    My Laptop => 192.168.1.198 (Static DHCP Mapping)

    Def GW => 192.168.1.1 (CARP IP)
    FW #1 Lan IP => 192.168.1.2 (Primary)
    FW #2 Lan IP => 192.168.1.3 (Secondary)

    Ipconfig /all  "Eth LAN Adp"

    IPv4 Address. . . . . . . . . . . : 192.168.1.198(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Thursday, May 02, 2013 1:33:43 PM
    Lease Expires . . . . . . . . . . : Thursday, May 02, 2013 3:33:43 PM
    Default Gateway . . . . . . . . . : 192.168.1.1
    DHCP Server . . . . . . . . . . . : 192.168.1.3
    DNS Servers . . . . . . . . . . . : xx.xx.xx.xx

    I should be getting for DHCP server the Interal FW1 IP, not FW2 IP.

    What fixes my problem is to turn off FW 2, but this doesnt allow for redundancy. This is not an option, CARP failover is necessary.

    Additional thought, why does FW 2 show DHCP Leases for host on FW1? Bug?

    0

  • If you have your DHCP configured correctly, (failover peer set and sync dhcpd checked) they will not issue leases in use by the other server. Verify your DHCP status shows normal on both units. The DHCP server will show as issued from one of the physical boxes, this does not impact failover, as the other box will issue leases if one is offline.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy