I am working on a redundant firewall setup for my home network and am running into issues with DHCP.
When I have a single firewall running (backup has DHCP disabled, CARP enabled but in forced maintenance mode so I can troubleshoot on a single switch), the DHCP server hands out addresses just fine. When I set it up in load-balancing mode (Both DHCP servers on a network segment are active, each has a subset of the original DHCP pool, default failover peer configuration), I consistently get this error:
DHCPDISCOVER from 1x:xx:xx:xx:xx:xx via lagg1_vlan100: not responding (recovering)
I have a DHCP server on each node now, with no dhcp redundancy set up between the nodes. It is working fine as long as I don't have duplicate IP pools on the servers. Not my favorite config but if it works, it works, I guess.
Hi,
as far as I see there are only two prerequisites:
a) correct carp setup (e.g. "Ensure one machine's advskew<20 (and the other is >20)")
b) definition of Failover peer IP on each dhcp node
my setup is running fine, maybe this link is useful for you, too: https://www.thomas-krenn.com/en/wiki/OPNsense_HA_Cluster_configuration (also note the order of the steps in regards of dhcp...)
BR
Berndt