I'm seeing bizarre behavior with failover. The server is ISC dhcpd 4.3.6-P1. There are two DHCP Relays. Failover peer "A" responds to initial DISCOVERs (one from each of the two relays) first while failover peer "B" remains silent ("load balance max seconds" isn't configured--I assume it defaults to 3.) The OFFERs from "A" have the full configured lease time (6 hours). The client selects server "A" (since it is the only one to have sent OFFERs) by including the dhcp-server-identifier of "A" in its REQUESTs. Now the strange part--server "B" suddenly replies to REQUEST via Relay 1 with an ACK with lease time MCLT (1 hour), and REQUEST via Relay 2 with an ACK with the full lease time. Server "A" also responds to both REQUESTs with ACKs, both with the full lease time. Finally, the client sends a Unicast REQUEST to server "B", which responds Unicast with the full lease time.
Question 1: Are there any scenarios where server "B" can/should ever respond to REQUESTs where dhcp-server-identifier is set to the IP address of server "A", even though both servers are in full communication/normal state?
Question 2: Why is that first ACK from server "B" using MCLT, while every other ACK from server "A" and "B" are using the full lease time in the same transaction (same xid).
This is causing problems with our DHCP Snooping switches. Sometimes, the client chooses to use the ACK with the full lease time, and the DHCP Snooping switch chooses to store the binding with the ACK with the MCLT lease time. As a result, the client loses connectivity after the DHCP Snooping binding entry expries after MCLT while the client isn't scheduled to renew until much later.
dhcp-users mailing list
[hidden email] https://lists.isc.org/mailman/listinfo/dhcp-users