Send dhcp-users mailing list submissions to
[email protected]
Advertising
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."
Today's Topics:
1. General questions about failover, config changes and
restarting (James Dore)
2. Re: How to set reserved lease via omshell (Frank Price)
3. RE: General questions about failover, config changes and
restarting (Patrick Trapp)
4. Re: General questions about failover, config changes and
restarting (Glenn Satchell)
5. Re: General questions about failover, config changes and
restarting ([email protected])
6. Re: How to set reserved lease via omshell (Glenn Satchell)
----------------------------------------------------------------------
Message: 1
Date: Wed, 2 Mar 2016 12:36:06 +0000
From: James Dore <[email protected]>
To: "[email protected]" <[email protected]>
Subject: General questions about failover, config changes and
restarting
Message-ID: <[email protected]>
Content-Type: text/plain; charset="utf-8"
Hi all,
I?ve had a pair of DHCP servers running in a load balance/failover cluster for
about 9 months, but haven?t really got my head round what happens when I make a
change to the configuration.
I have a bunch of config files called from the main config file thus:
##########################
# #
# Failover configuration #
# #
##########################
failover peer "newc-dhcp" {
primary;
address 129.67.111.199; # address of this server
port 519;
peer address 129.67.111.243; # address of the secondary dhcpd
peer port 519;
max-response-delay 60;
max-unacked-updates 10;
mclt 600;
split 128;
load balance max seconds 3;
}
key primaryhost {
algorithm hmac-md5;
secret <ssshhh!>
};
omapi-key primaryhost;
omapi-port 7911;
###########################
# #
# Load the golbal options #
# #
###########################
include "/etc/dhcpd.d/master.conf"; # (Rarely!) Edit this file to set global
options
########################
# #
# Subnet config files #
# #
########################
include "/etc/dhcpd.d/vlan1.conf"; # 129.67.108.0/22 Main subnet and static
assignments
include "/etc/dhcpd.d/vlan3.conf"; # 10.30.0.0/22 Devices subnet config and
static assignments
include "/etc/dhcpd.d/vlan4.conf"; # 10.4.0.0/16 NAT Vlan4 Subnet config and
static assignments
include "/etc/dhcpd.d/annexe.conf"; # 163.1.173.0/24 Annexe subnet config and
static assignments
Both peers have pretty similar config files, the only difference being the
secret and the address/peer address settings. Everything else is the same.
(Should it be?)
The things I?m curious about are what happens when I make a change to one of
the Subnet config files, for instance to add a new static assignment. My usual
method has been to edit the file one peer, and then scp it over to the other
peer. After that, it seems like I need to do a number of restarts of each peer
before they both return to Normal status. They seem to get stuck in
Partner-down, Recover, or Recover Wait status for a while.
If I can get them both in Recover Wait, then they will synchronise, but it
seems to be difficult to get them there.
Is there anything I can do to smooth the process?
I can?t find much info about troubleshooting failover or load balancing, all my
googling has turned up is instructions on initial setup. Does anyone have some
useful pointers or links?
Cheers,
James
------------------------------
Message: 2
Date: Wed, 2 Mar 2016 08:55:44 -0500
From: Frank Price <[email protected]>
To: Users of ISC DHCP <[email protected]>
Subject: Re: How to set reserved lease via omshell
Message-ID:
<cakqznuczo7rr_drns2mec3+1sko5hfx5je5-a82vctbpnph...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
On Wed, Mar 2, 2016 at 2:55 AM, Simon Hobson <[email protected]> wrote:
> Frank Price <[email protected]> wrote:
>
> > 8 = reserved
>
>
> > - set state = 9 ; update
>
> Is that a typo or a copy&paste error ?
>
>
I thought for a moment it was me being stupid and bleary eyed, but retrying
with either
set state = 8
set state = 00:00:00:08
results in an error
> update
can't update object: invalid argument
obj: lease
client-hostname = "Demo"
ip-address = 0x:cx:dx:fx
state = 00:00:00:08
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20160302/9ac4ec42/attachment-0001.html>
------------------------------
Message: 3
Date: Wed, 2 Mar 2016 13:59:51 +0000
From: Patrick Trapp <[email protected]>
To: Users of ISC DHCP <[email protected]>
Subject: RE: General questions about failover, config changes and
restarting
Message-ID:
<1d507d610594d14f86d40d77c17e9e6626508...@exchangedsb.ruralnex.com>
Content-Type: text/plain; charset="Windows-1252"
I can't answer the whys or hows so much, but I can tell you what we do here. It
was set up by someone that preceded me and I have worked to make it easier to
manage, but the underlying structure, I cannot claim.
We have two DHCP servers in a failover configuration that are essentially the
same, as you describe. We also have a third DHCP server that is also the same,
but it has no reference to the failover configuration of the other two. DHCP is
never actually started on the third server. We make our changes to the third
server and test the configuration for syntactical errors, then we run a script
that uses version control to upload the resulting configuration - just the part
that the production servers will have in common, not the server-specific bits -
to the version control server, remote in to each of production servers in turn,
have them download the new configuration and restart. I have not seen any
issues with restarts in our scenario, but I don't know what the pertinent bits
might be that make the difference.
Patrick
________________________________________
From: [email protected] [[email protected]] on
behalf of James Dore [[email protected]]
Sent: Wednesday, March 02, 2016 6:36 AM
To: [email protected]
Subject: General questions about failover, config changes and restarting
Hi all,
I?ve had a pair of DHCP servers running in a load balance/failover cluster for
about 9 months, but haven?t really got my head round what happens when I make a
change to the configuration.
I have a bunch of config files called from the main config file thus:
##########################
# #
# Failover configuration #
# #
##########################
failover peer "newc-dhcp" {
primary;
address 129.67.111.199; # address of this server
port 519;
peer address 129.67.111.243; # address of the secondary dhcpd
peer port 519;
max-response-delay 60;
max-unacked-updates 10;
mclt 600;
split 128;
load balance max seconds 3;
}
key primaryhost {
algorithm hmac-md5;
secret <ssshhh!>
};
omapi-key primaryhost;
omapi-port 7911;
###########################
# #
# Load the golbal options #
# #
###########################
include "/etc/dhcpd.d/master.conf"; # (Rarely!) Edit this file to set global
options
########################
# #
# Subnet config files #
# #
########################
include "/etc/dhcpd.d/vlan1.conf"; # 129.67.108.0/22 Main subnet and static
assignments
include "/etc/dhcpd.d/vlan3.conf"; # 10.30.0.0/22 Devices subnet config and
static assignments
include "/etc/dhcpd.d/vlan4.conf"; # 10.4.0.0/16 NAT Vlan4 Subnet config and
static assignments
include "/etc/dhcpd.d/annexe.conf"; # 163.1.173.0/24 Annexe subnet config and
static assignments
Both peers have pretty similar config files, the only difference being the
secret and the address/peer address settings. Everything else is the same.
(Should it be?)
The things I?m curious about are what happens when I make a change to one of
the Subnet config files, for instance to add a new static assignment. My usual
method has been to edit the file one peer, and then scp it over to the other
peer. After that, it seems like I need to do a number of restarts of each peer
before they both return to Normal status. They seem to get stuck in
Partner-down, Recover, or Recover Wait status for a while.
If I can get them both in Recover Wait, then they will synchronise, but it
seems to be difficult to get them there.
Is there anything I can do to smooth the process?
I can?t find much info about troubleshooting failover or load balancing, all my
googling has turned up is instructions on initial setup. Does anyone have some
useful pointers or links?
Cheers,
James
_______________________________________________
dhcp-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
Message: 4
Date: Thu, 3 Mar 2016 02:34:25 +1100
From: "Glenn Satchell" <[email protected]>
To: "Users of ISC DHCP" <[email protected]>
Subject: Re: General questions about failover, config changes and
restarting
Message-ID:
<[email protected]>
Content-Type: text/plain;charset=iso-8859-1
Hi James
The configurations for the subnets and everything except the failover (and
possibly the keys) should be exactly the same, so editting one and scp the
file to the other server is exactly the right thing to do.
It doesn't matter too much which server is restarted first, but you should
not restart the second until the first has finished synchronising lease
information. This may take a little while if there are many thousands of
leases - I see you have a /22 and /16, so maybe up to 17000 or so leases.
Could take a few minuted depending on network speed and latency between
the servers.
Once the first server has finished synchronising, then it's ok to restart
the other server, and this should synchronise much quicker.
regards,
-glenn
On Wed, March 2, 2016 11:36 pm, James Dore wrote:
> Hi all,
>
> I???ve had a pair of DHCP servers running in a load balance/failover
> cluster for about 9 months, but haven???t really got my head round what
> happens when I make a change to the configuration.
>
> I have a bunch of config files called from the main config file thus:
>
> ##########################
> # #
> # Failover configuration #
> # #
> ##########################
> failover peer "newc-dhcp" {
> primary;
> address 129.67.111.199; # address of this server
> port 519;
> peer address 129.67.111.243; # address of the secondary dhcpd
> peer port 519;
> max-response-delay 60;
> max-unacked-updates 10;
> mclt 600;
> split 128;
> load balance max seconds 3;
> }
>
> key primaryhost {
> algorithm hmac-md5;
> secret <ssshhh!>
> };
>
> omapi-key primaryhost;
> omapi-port 7911;
>
>
> ###########################
> # #
> # Load the golbal options #
> # #
> ###########################
>
> include "/etc/dhcpd.d/master.conf"; # (Rarely!) Edit this file to set
> global options
>
> ########################
> # #
> # Subnet config files #
> # #
> ########################
>
> include "/etc/dhcpd.d/vlan1.conf"; # 129.67.108.0/22 Main subnet and
> static assignments
> include "/etc/dhcpd.d/vlan3.conf"; # 10.30.0.0/22 Devices subnet config
> and static assignments
> include "/etc/dhcpd.d/vlan4.conf"; # 10.4.0.0/16 NAT Vlan4 Subnet config
> and static assignments
> include "/etc/dhcpd.d/annexe.conf"; # 163.1.173.0/24 Annexe subnet config
> and static assignments
>
> Both peers have pretty similar config files, the only difference being the
> secret and the address/peer address settings. Everything else is the same.
> (Should it be?)
>
> The things I???m curious about are what happens when I make a change to
> one of the Subnet config files, for instance to add a new static
> assignment. My usual method has been to edit the file one peer, and then
> scp it over to the other peer. After that, it seems like I need to do a
> number of restarts of each peer before they both return to Normal status.
> They seem to get stuck in Partner-down, Recover, or Recover Wait status
> for a while.
>
> If I can get them both in Recover Wait, then they will synchronise, but it
> seems to be difficult to get them there.
>
> Is there anything I can do to smooth the process?
>
> I can???t find much info about troubleshooting failover or load balancing,
> all my googling has turned up is instructions on initial setup. Does
> anyone have some useful pointers or links?
>
> Cheers,
> James
>
>
> _______________________________________________
> dhcp-users mailing list
> [email protected]
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
>
------------------------------
Message: 5
Date: Wed, 02 Mar 2016 16:52:35 +0100 (CET)
From: [email protected]
To: [email protected], [email protected]
Subject: Re: General questions about failover, config changes and
restarting
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset=us-ascii
> The configurations for the subnets and everything except the failover (and
> possibly the keys) should be exactly the same, so editting one and scp the
> file to the other server is exactly the right thing to do.
Absolutely. For us it has worked well to separate the config into
dhcpd-server-specific.conf - Server related stuff (e.g. failover)
dhcpd-common.conf - Common config (e.g. pools)
where the server-specific stuff typically changes very rarely, while
subnets etc. are defined in the common configuration (same for both
servers in a failover pair) - which can then safely be scp'ed over as
necessary when it changes. And one of the files then includes the other.
Steinar Haug, Nethelp consulting, [email protected]
------------------------------
Message: 6
Date: Thu, 3 Mar 2016 03:34:45 +1100
From: "Glenn Satchell" <[email protected]>
To: "Users of ISC DHCP" <[email protected]>
Subject: Re: How to set reserved lease via omshell
Message-ID:
<[email protected]>
Content-Type: text/plain;charset=iso-8859-1
Hi Frank
There is the infinite-is-reserved setting, so if that is set to true then
in omshell set the lease expiry time to infinite and it will become
reserved. I'm not familiar enough with omshell to know how to do that.
Maybe a value of ff:ff:ff:ff ?
regards,
-glenn
On Thu, March 3, 2016 12:55 am, Frank Price wrote:
> On Wed, Mar 2, 2016 at 2:55 AM, Simon Hobson <[email protected]>
> wrote:
>
>> Frank Price <[email protected]> wrote:
>>
>> > 8 = reserved
>>
>>
>> > - set state = 9 ; update
>>
>> Is that a typo or a copy&paste error ?
>>
>>
> I thought for a moment it was me being stupid and bleary eyed, but
> retrying
> with either
> set state = 8
> set state = 00:00:00:08
>
> results in an error
>
>> update
> can't update object: invalid argument
> obj: lease
> client-hostname = "Demo"
> ip-address = 0x:cx:dx:fx
> state = 00:00:00:08
> _______________________________________________
> dhcp-users mailing list
> [email protected]
> https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
_______________________________________________
dhcp-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/dhcp-users
End of dhcp-users Digest, Vol 89, Issue 5
*****************************************
