Show Posts
1
24.1 Legacy Series / 24.1.6 Kea DHCP failover for "sync-timeout": 6000 doesn't occur
« on: May 07, 2024, 10:08:14 am »
Hi
We have a straightforward setup with CARP configured for WAN and LAN which is working fine. We also set up Kia DHCP and failover from Master/primary (when it's switched off) to the backup only occurs after 5-6 unacted clients and never occurs after "sync-timeout": 60000. This was tested a few times.
Config is:
kea-ctrl-agent.conf on both servers:
kea-dhcp4.conf on MASTER/primary:
kea-dhcp4.conf on BACKUP:
Log extract is attached. Expected behavior - if master/primary is not reachable after 60 seconds switch to Backup. This doesn't happen - it's possibly a bug. Failover only occurs after 5-6 unacted clients.
Thanks.
We have a straightforward setup with CARP configured for WAN and LAN which is working fine. We also set up Kia DHCP and failover from Master/primary (when it's switched off) to the backup only occurs after 5-6 unacted clients and never occurs after "sync-timeout": 60000. This was tested a few times.
Config is:
kea-ctrl-agent.conf on both servers:
Code: [Select]
{
"Control-agent": {
"http-host": "127.0.0.1",
"http-port": 8000,
"control-sockets": {
"dhcp4": {
"socket-type": "unix",
"socket-name": "/var/run/kea4-ctrl-socket"
},
"dhcp6": {
"socket-type": "unix",
"socket-name": "/var/run/kea6-ctrl-socket"
},
"d2": {
"socket-type": "unix",
"socket-name": "/var/run/kea-ddns-ctrl-socket"
}
},
"loggers": [
{
"name": "kea-ctrl-agent",
"output_options": [
{
"output": "syslog"
}
],
"severity": "INFO",
"debuglevel": 0
}
]
}
}kea-dhcp4.conf on MASTER/primary:
Code: [Select]
{
"Dhcp4": {
"valid-lifetime": 1800,
"interfaces-config": {
"interfaces": ["em0"]
},
"lease-database": {
"type": "memfile",
"persist": true
},
"control-socket": {
"socket-type": "unix",
"socket-name": "/var/run/kea4-ctrl-socket"
},
"loggers": [
{
"name": "kea-dhcp4",
"output_options": [
{
"output": "syslog"
}
],
"severity": "INFO"
}
],
"subnet4": [
{
"id": 1,
"subnet": "192.168.222.0/24",
"option-data": [
{
"name": "domain-name-servers",
"data": "192.168.222.1"
},
{
"name": "routers",
"data": "192.168.222.1"
},
{
"name": "ntp-servers",
"data": "192.168.222.1"
},
{
"name": "domain-name",
"data": "citi.intranet"
}
],
"pools": [
{ "pool": "192.168.222.20 - 192.168.222.245" }
],
"reservations": [
{
"hw-address": "[mac]",
"ip-address": "192.168.222.2",
"hostname": "OPNsense1.citi.intranet"
},
{
"hw-address": "[mac]",
"ip-address": "192.168.222.3",
"hostname": "OPNsense2.citi.intranet"
},
{
"hw-address": "[mac]",
"ip-address": "192.168.222.6",
"hostname": "srvr-2.citi.intranet"
},
{
"hw-address": "[mac]",
"ip-address": "192.168.222.5",
"hostname": "srvr-1.citi.intranet"
},
{
"hw-address": "[mac]",
"ip-address": "192.168.222.7",
"hostname": "srvr-3.citi.intranet"
}
]
}
]
,"hooks-libraries": [
{
"library": "/usr/local/lib/kea/hooks/libdhcp_lease_cmds.so",
"parameters": { }
},
{
"library": "/usr/local/lib/kea/hooks/libdhcp_ha.so",
"parameters": {
"high-availability": [ {
"this-server-name": "OPNsense1",
"mode": "hot-standby",
"heartbeat-delay": 10000,
"max-response-delay": 60000,
"max-ack-delay": 5000,
"max-unacked-clients": 5,
"sync-timeout": 60000,
"peers": [
{
"name": "OPNsense1",
"role": "primary",
"url": "http://192.168.222.2:8001/"
},
{
"name": "OPNsense2",
"role": "standby",
"url": "http://192.168.222.3:8001/"
}
]
} ]
}
}
]
}
}kea-dhcp4.conf on BACKUP:
Code: [Select]
{
"Dhcp4": {
"valid-lifetime": 1800,
"interfaces-config": {
"interfaces": ["em0"]
},
"lease-database": {
"type": "memfile",
"persist": true
},
"control-socket": {
"socket-type": "unix",
"socket-name": "/var/run/kea4-ctrl-socket"
},
"loggers": [
{
"name": "kea-dhcp4",
"output_options": [
{
"output": "syslog"
}
],
"severity": "INFO"
}
],
"subnet4": [
{
"id": 1,
"subnet": "192.168.222.0/24",
"option-data": [
{
"name": "domain-name-servers",
"data": "192.168.222.1"
},
{
"name": "routers",
"data": "192.168.222.1"
},
{
"name": "ntp-servers",
"data": "192.168.222.1"
},
{
"name": "domain-name",
"data": "citi.intranet"
}
],
"pools": [
{ "pool": "192.168.222.20 - 192.168.222.245" }
],
"reservations": [
{
"hw-address": "[mac]",
"ip-address": "192.168.222.2",
"hostname": "OPNsense1.citi.intranet"
},
{
"hw-address": "[mac]",
"ip-address": "192.168.222.3",
"hostname": "OPNsense2.citi.intranet"
},
{
"hw-address": "[mac]",
"ip-address": "192.168.222.6",
"hostname": "srvr-2.citi.intranet"
},
{
"hw-address": "[mac]",
"ip-address": "192.168.222.5",
"hostname": "srvr-1.citi.intranet"
},
{
"hw-address": "[mac]",
"ip-address": "192.168.222.7",
"hostname": "srvr-3.citi.intranet"
}
]
}
]
,"hooks-libraries": [
{
"library": "/usr/local/lib/kea/hooks/libdhcp_lease_cmds.so",
"parameters": { }
},
{
"library": "/usr/local/lib/kea/hooks/libdhcp_ha.so",
"parameters": {
"high-availability": [ {
"this-server-name": "OPNsense2",
"mode": "hot-standby",
"heartbeat-delay": 10000,
"max-response-delay": 60000,
"max-ack-delay": 5000,
"max-unacked-clients": 5,
"sync-timeout": 60000,
"peers": [
{
"name": "OPNsense1",
"role": "primary",
"url": "http://192.168.222.2:8001/"
},
{
"name": "OPNsense2",
"role": "standby",
"url": "http://192.168.222.3:8001/"
}
]
} ]
}
}
]
}
}Log extract is attached. Expected behavior - if master/primary is not reachable after 60 seconds switch to Backup. This doesn't happen - it's possibly a bug. Failover only occurs after 5-6 unacted clients.
Thanks.
