Page MenuHomeVyOS Platform

Ability to start DHCP cluster in degraded state
Needs testing, LowPublicFEATURE REQUEST

Description

Our primary firewall has been exhibiting some complete lockups for the past week, and we've brought up the secondary firewall to replace it. These two are meant to be a single failover cluster, but i've unfortunately not had time to finish the configuration for this.

While doing this, we were unable to get the DHCP server on the secondary firewall to hand out any leases, it was giving the error peer holds all free leases. As far as i can tell, this happens when a secondary DHCP server is brought up, never having seen the primary DHCP server. It can be fixed by forcing the secondary server into PARTNER-DOWN mode (see the section 'Failover Startup' in https://linux.die.net/man/5/dhcpd.conf).

In the end, we got around this by removing the failover config chunk from our DHCP servers, but that means we won't be able to bring the primary firewall back online without reconfiguration once the issue is resolved.

A way of forcing a secondary server into this mode if everything has gone horribly wrong would be very useful - even if it only lasts until next reboot. There is a script which shows how to put the dhcpd into this mode at (Search for change_state.sh at https://bugzilla.redhat.com/show_bug.cgi?id=610219)

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close

Event Timeline

From the man page:

You can put the server into the PARTNER-DOWN state either by using the omshell (1) command or by stopping the server, editing the last peer state declaration in the lease file, and restarting the server.

Since VyOS has omshell available (sudo omshell), as a workaround you should be able to execute those commands manually. It would be nice to have a VyOS CLI command to do that though

syncer changed the task status from Open to Needs testing.Apr 17 2019, 7:52 PM
syncer assigned this task to zsdc.
syncer triaged this task as Low priority.
syncer edited projects, added VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.