Send dhcp-users mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."
Today's Topics:
1. Re: General questions about failover, config changes and
restarting (James Dore)
2. Re: How to set reserved lease via omshell (Shawn Routhier)
3. Re: How to set reserved lease via omshell (Frank Price)
4. Re: General questions about failover, config changes and
restarting (S Ca)
5. OMAPI file descriptors leak on open/close TCP connections to
7911? (Konstantin Orekhov)
----------------------------------------------------------------------
Message: 1
Date: Wed, 2 Mar 2016 16:52:26 +0000
From: James Dore <[email protected]>
To: Users of ISC DHCP <[email protected]>
Subject: Re: General questions about failover, config changes and
restarting
Message-ID: <[email protected]>
Content-Type: text/plain; charset="utf-8"
Hi Glenn,
Thanks for that - what am I looking for in the dhcpd.log that tells me
synchronisation has finished on the first server?
I ask because we?ve had occasions in the past where I?ve restarted the first
server, but left the second for a couple of hours, and we stop getting
addresses issued to new clients. This is the kind of log message we get during
this situation -
dhcpd.log-20151123:2015-11-19T11:45:33.497093+00:00 garibaldi dhcpd:
DHCPDISCOVER from 58:7f:57:17:00:1f (Keiths-iPhone-2) via 163.1.173.254: not
responding (recover wait)
and they don?t clear until both the peers have moved back to ?normal?.
I could see if there?s more log detail I can turn on, I suppose.
Cheers,
James
> On 2 Mar 2016, at 15:34, Glenn Satchell <[email protected]> wrote:
>
> Hi James
>
> The configurations for the subnets and everything except the failover (and
> possibly the keys) should be exactly the same, so editting one and scp the
> file to the other server is exactly the right thing to do.
>
> It doesn't matter too much which server is restarted first, but you should
> not restart the second until the first has finished synchronising lease
> information. This may take a little while if there are many thousands of
> leases - I see you have a /22 and /16, so maybe up to 17000 or so leases.
> Could take a few minuted depending on network speed and latency between
> the servers.
>
> Once the first server has finished synchronising, then it's ok to restart
> the other server, and this should synchronise much quicker.
>
> regards,
> -glenn
>
> On Wed, March 2, 2016 11:36 pm, James Dore wrote:
>> Hi all,
>>
>> I??Tve had a pair of DHCP servers running in a load balance/failover
>> cluster for about 9 months, but haven??Tt really got my head round what
>> happens when I make a change to the configuration.
>>
>> I have a bunch of config files called from the main config file thus:
>>
>> ##########################
>> # #
>> # Failover configuration #
>> # #
>> ##########################
>> failover peer "newc-dhcp" {
>> primary;
>> address 129.67.111.199; # address of this server
>> port 519;
>> peer address 129.67.111.243; # address of the secondary dhcpd
>> peer port 519;
>> max-response-delay 60;
>> max-unacked-updates 10;
>> mclt 600;
>> split 128;
>> load balance max seconds 3;
>> }
>>
>> key primaryhost {
>> algorithm hmac-md5;
>> secret <ssshhh!>
>> };
>>
>> omapi-key primaryhost;
>> omapi-port 7911;
>>
>>
>> ###########################
>> # #
>> # Load the golbal options #
>> # #
>> ###########################
>>
>> include "/etc/dhcpd.d/master.conf"; # (Rarely!) Edit this file to set
>> global options
>>
>> ########################
>> # #
>> # Subnet config files #
>> # #
>> ########################
>>
>> include "/etc/dhcpd.d/vlan1.conf"; # 129.67.108.0/22 Main subnet and
>> static assignments
>> include "/etc/dhcpd.d/vlan3.conf"; # 10.30.0.0/22 Devices subnet config
>> and static assignments
>> include "/etc/dhcpd.d/vlan4.conf"; # 10.4.0.0/16 NAT Vlan4 Subnet config
>> and static assignments
>> include "/etc/dhcpd.d/annexe.conf"; # 163.1.173.0/24 Annexe subnet config
>> and static assignments
>>
>> Both peers have pretty similar config files, the only difference being the
>> secret and the address/peer address settings. Everything else is the same.
>> (Should it be?)
>>
>> The things I??Tm curious about are what happens when I make a change to
>> one of the Subnet config files, for instance to add a new static
>> assignment. My usual method has been to edit the file one peer, and then
>> scp it over to the other peer. After that, it seems like I need to do a
>> number of restarts of each peer before they both return to Normal status.
>> They seem to get stuck in Partner-down, Recover, or Recover Wait status
>> for a while.
>>
>> If I can get them both in Recover Wait, then they will synchronise, but it
>> seems to be difficult to get them there.
>>
>> Is there anything I can do to smooth the process?
>>
>> I can??Tt find much info about troubleshooting failover or load balancing,
>> all my googling has turned up is instructions on initial setup. Does
>> anyone have some useful pointers or links?
>>
>> Cheers,
>> James
>>
>>
>> _______________________________________________
>> dhcp-users mailing list
>> [email protected]
>> https://lists.isc.org/mailman/listinfo/dhcp-users
>>
>>
>
>
> _______________________________________________
> dhcp-users mailing list
> [email protected]
> https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
Message: 2
Date: Wed, 2 Mar 2016 09:06:06 -0800
From: Shawn Routhier <[email protected]>
To: Users of ISC DHCP <[email protected]>
Subject: Re: How to set reserved lease via omshell
Message-ID: <[email protected]>
Content-Type: text/plain; charset="us-ascii"
We recently found and fixed some bugs in the infinite-is-reserved
and reserved functionality. You should wait until the next release
(which will be out pretty soon) before trying to use them.
Part of the release note for this about reserved and OMAPI is:
In addition, corrections
were made to the server to allow a lease's flags field to be set via omapi.
Prior to this, the server, depending on the host architecture, would
incorrectly parse the new flags value from the omapi message.
[ISC-Bugs #31179]
regards,
Shawn
> On Mar 2, 2016, at 8:34 AM, Glenn Satchell <[email protected]> wrote:
>
> Hi Frank
>
> There is the infinite-is-reserved setting, so if that is set to true then
> in omshell set the lease expiry time to infinite and it will become
> reserved. I'm not familiar enough with omshell to know how to do that.
> Maybe a value of ff:ff:ff:ff ?
>
> regards,
> -glenn
>
> On Thu, March 3, 2016 12:55 am, Frank Price wrote:
>> On Wed, Mar 2, 2016 at 2:55 AM, Simon Hobson <[email protected]>
>> wrote:
>>
>>> Frank Price <[email protected]> wrote:
>>>
>>>> 8 = reserved
>>>
>>>
>>>> - set state = 9 ; update
>>>
>>> Is that a typo or a copy&paste error ?
>>>
>>>
>> I thought for a moment it was me being stupid and bleary eyed, but
>> retrying
>> with either
>> set state = 8
>> set state = 00:00:00:08
>>
>> results in an error
>>
>>> update
>> can't update object: invalid argument
>> obj: lease
>> client-hostname = "Demo"
>> ip-address = 0x:cx:dx:fx
>> state = 00:00:00:08
>> _______________________________________________
>> dhcp-users mailing list
>> [email protected]
>> https://lists.isc.org/mailman/listinfo/dhcp-users
>
>
> _______________________________________________
> dhcp-users mailing list
> [email protected]
> https://lists.isc.org/mailman/listinfo/dhcp-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20160302/77aa8e10/attachment-0001.html>
------------------------------
Message: 3
Date: Wed, 2 Mar 2016 12:09:29 -0500
From: Frank Price <[email protected]>
To: Users of ISC DHCP <[email protected]>
Subject: Re: How to set reserved lease via omshell
Message-ID:
<cakqznufrra2fkgfkfu8obqjyngjgnhsal17gsazfjv9mptr...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
On Wed, Mar 2, 2016 at 12:06 PM, Shawn Routhier <[email protected]> wrote:
> We recently found and fixed some bugs in the infinite-is-reserved
> and reserved functionality. You should wait until the next release
> (which will be out pretty soon) before trying to use them.
>
> Part of the release note for this about reserved and OMAPI is:
>
> In addition, corrections
> were made to the server to allow a lease's flags field to be set via
> omapi.
> Prior to this, the server, depending on the host architecture, would
> incorrectly parse the new flags value from the omapi message.
> [ISC-Bugs #31179]
>
>
That's good to know, thanks Shawn. So then is flags the right attribute to
set, and not state?
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20160302/ecc7f86b/attachment-0001.html>
------------------------------
Message: 4
Date: Wed, 2 Mar 2016 17:21:37 +0000
From: S Ca <[email protected]>
To: Users of ISC DHCP <[email protected]>
Subject: Re: General questions about failover, config changes and
restarting
Message-ID:
<calmep04zqobn2ggwrqlxrz6v97r1zdt2lo+33lzwdeporny...@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
On 2 March 2016 at 16:52, James Dore <[email protected]> wrote:> Hi Glenn,
> I ask because we?ve had occasions in the past where I?ve restarted the first
> server, but left the second for a couple of hours, and we stop getting
> addresses issued to new clients. This is the kind of log message we get
> during this situation -
Sync is finished when both peers return to NORMAL mode. You need to
restart both servers (just kill dhcpd and restart it) one after
another or you're likely to run into issues with the pools not
matching, and then you'll run into issues with not leasing IPs.
Steve
------------------------------
Message: 5
Date: Thu, 3 Mar 2016 00:59:50 +0000 (UTC)
From: Konstantin Orekhov <[email protected]>
To: "[email protected]" <[email protected]>
Subject: OMAPI file descriptors leak on open/close TCP connections to
7911?
Message-ID:
<[email protected]>
Content-Type: text/plain; charset="utf-8"
Hello, folks!
I have recently started migration efforts for our DHCP infrastructure to
CentOS7.2 and just ran into an issue with OMAPI in included into CentOS 4.2.5
version of ISC DHCP.
Unlike version 4.1.1 (stock version that came in CentOS6.7), I can kill OMAPI
part of running dhcpd within minutes with this simple loop:
[root@spc02 conf]# while true; do echo | telnet 0 7911; ls -l /proc/`pgrep
dhcpd`/fd | wc -l; done
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
Connection closed by foreign host.
21
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
Connection closed by foreign host.
22
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
Connection closed by foreign host.
23
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
Connection closed by foreign host.
24
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
Connection closed by foreign host.
25
<snip>
1025
Trying 0.0.0.0...
^C
Once the max number of open files is reached, OMAPI becomes unresponsive even
though DHCP daemon appears to still server the requests, so have to restart
dhcpd after that. This is causing an issue for us as ECV checks by the
load-balancer are the ones that would kill OMAPI they are supposed to monitor :)
I also just complied and tried the same on 4.3.3 and got pretty much the same
result with the only difference that dhcpd just dies completely instead of
OMAPI becoming unresponsive.
As I mentioned, 4.1.1 does not have this issue and above while loop keeps a
number of FDs at steady 10-15 range.
Anyone ran into this issue? Am I missing something in my config? Or this is a
bug and strangely enough nobody ran into it? Ideas/suggestions?
Thanks!?Konstantin Orekhov
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20160303/2dae26ba/attachment.html>
------------------------------
_______________________________________________
dhcp-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/dhcp-users
End of dhcp-users Digest, Vol 89, Issue 6
*****************************************
