Hi,
I got a strange issue here: We are using ISC DHCP v4 which is default in Open SuSE 11.4. These two options 'default-lease-time' and 'max-lease-time' are set in all subnets, with values between 43200 (12 hours) to 518400 (144 hours). See partial dhcpd.conf below please.
Now the lease time from Windows client's ipconfig output is only 10 minutes. Why? (dhcpd on servers restarted many times. ipconfig /release, ipconfig /renew on client run many times)
Please help. Thank you much in advance!
lease-file-name "/etc/dhcpd.leases";
default-lease-time 43200; # 12 hours
max-lease-time 86400; # 24 hours
one-lease-per-client true;
subnet 10.1.1.0 netmask 255.255.255.0 {
pool {
failover peer "failover";
range 10.1.1.100 10.1.1.200;
deny dynamic bootp clients;
}
option subnet-mask 255.255.255.0;
option broadcast-address 10.1.1.255;
option routers 10.1.1.1;
default-lease-time 86400;
max-lease-time 518400;
}
Are you sure the clients are leasing from you?
99.9% sure.
I've found the problem cause is DHCP failover feature. If failover is enabled on a subnet, the lease time for this subnet is limited to 10 minutes although default-lease-time is set to 100 hours. If failover is disabled on a subnet, the least time is set to the default lease time. I don't know why. Here is the failover sections in dhcpd.conf files:
# dhcpd.conf for primary dhcp server:
failover peer "failover" {
primary;
address 10.1.6.71;
port 647;
peer address 10.1.5.71;
peer port 647;
max-response-delay 60;
max-unacked-updates 10;
mclt 3600;
split 128;
load balance max seconds 3;
}
# dhcpd.conf for secondary dhcp server:
failover peer "failover" {
secondary;
address 10.1.5.71;
port 647;
peer address 10.1.6.71;
peer port 647;
max-response-delay 60;
max-unacked-updates 10;
load balance max seconds 3;
}
Please help. Thank you!
Well, a nice design for failover has the secondary just recording leases unless the primary dies. A nasty design says it has to wait 10 minutes and then all the leases are free. Google time again.
Is the other server master and set lower? Try increasing MCLT. dhcpd.conf(5): dhcpd config file - Linux man page
The mclt statement
mclt seconds; The mclt statement defines the Maximum Client Lead Time. It must be specified on the primary, and may not be specified on the secondary. This is the length of time for which a lease may be renewed by either failover peer without contacting the other. The longer you set this, the longer it will take for the running server to recover IP addresses after moving into PARTNER-DOWN state. The shorter you set it, the more load your servers will experience when they are not communicating. A value of something like 3600 is probably reasonable, but again bear in mind that we have no real operational experience with this.
1 Like
3600 (1 hour) for mclt is much longer than 10 minutes. How do you think it's still a mclt issue?
Thanks.
Are both boxes configured just the same? Renewal should happen in a fraction of lease time, usually less than 50%. Could anything be messing with udp/tcp ports DHCP uses (firewall, other app.)?
Did you check both logs, to see that the failover feature is running right, not fallen over?