Send dhcp-users mailing list submissions to
        dhcp-users@lists.isc.org

To subscribe or unsubscribe via the World Wide Web, visit
        https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
        dhcp-users-requ...@lists.isc.org

You can reach the person managing the list at
        dhcp-users-ow...@lists.isc.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."


Today's Topics:

   1. Re: dhcp-users Digest, Vol 133, Issue 6 (Cayab, Jefrey E.)
   2. Re: dhcp-users Digest, Vol 133, Issue 6 (Andrew Bell)
   3. Re: dhcpd restart takes almost 7 minutes in CentOS7 (Was:
      dhcp-users Digest, Vol 133, Issue 4) (Simon Hobson)


----------------------------------------------------------------------

Message: 1
Date: Tue, 12 Nov 2019 00:23:17 +0800
From: "Cayab, Jefrey E." <jca...@gmail.com>
To: dhcp-users@lists.isc.org
Subject: Re: dhcp-users Digest, Vol 133, Issue 6
Message-ID:
        <CAH1A-e=HEGpDp5_RO_PUbyX9J3GmBVOWrYdOdO=cbqmwpvh...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

Charles,

Thank you for the suggestion which I did and the warning messages went away.
Unfortunately, this server serves large events wherein wifi users could get
up to 60,000

Here's the log messages when I applied the changes:
[root@dhcp ~]# tail -f /var/log/messages
Nov 12 00:06:52 dhcp systemd: Stopping DHCPv4 Server Daemon...
Nov 12 00:06:52 dhcp systemd: Stopped DHCPv4 Server Daemon.
Nov 12 00:06:52 dhcp systemd: Starting DHCPv4 Server Daemon...
Nov 12 00:06:52 dhcp dhcpd: Internet Systems Consortium DHCP Server 4.2.5
Nov 12 00:06:52 dhcp dhcpd: Copyright 2004-2013 Internet Systems Consortium.
Nov 12 00:06:52 dhcp dhcpd: All rights reserved.
Nov 12 00:06:52 dhcp dhcpd: For info, please visit
https://www.isc.org/software/dhcp/
Nov 12 00:07:08 dhcp dhcpd: Not searching LDAP since ldap-server, ldap-port
and ldap-base-dn were not specified in the config file
Nov 12 00:07:08 dhcp dhcpd: Internet Systems Consortium DHCP Server 4.2.5
Nov 12 00:07:08 dhcp dhcpd: Copyright 2004-2013 Internet Systems Consortium.
Nov 12 00:07:08 dhcp dhcpd: All rights reserved.
Nov 12 00:07:08 dhcp dhcpd: For info, please visit
https://www.isc.org/software/dhcp/
Nov 12 00:13:10 dhcp dhcpd: Wrote 0 class decls to leases file.
Nov 12 00:13:10 dhcp dhcpd: Wrote 0 deleted host decls to leases file.
Nov 12 00:13:10 dhcp dhcpd: Wrote 0 new dynamic host decls to leases file.
Nov 12 00:13:11 dhcp dhcpd: Wrote 77733 leases to leases file.
Nov 12 00:13:11 dhcp dhcpd: Listening on LPF/eth0/50:6b:8d:03:a8:b9/
10.16.5.0/24
Nov 12 00:13:11 dhcp dhcpd: Sending on   LPF/eth0/50:6b:8d:03:a8:b9/
10.16.5.0/24
Nov 12 00:13:11 dhcp dhcpd: Sending on   Socket/fallback/fallback-net
Nov 12 00:13:11 dhcp systemd: Started DHCPv4 Server Daemon.

Still 7 minutes :(


On Mon, Nov 11, 2019 at 9:40 PM <dhcp-users-requ...@lists.isc.org> wrote:

> Send dhcp-users mailing list submissions to
>         dhcp-users@lists.isc.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://lists.isc.org/mailman/listinfo/dhcp-users
> or, via email, send a message with subject or body 'help' to
>         dhcp-users-requ...@lists.isc.org
>
> You can reach the person managing the list at
>         dhcp-users-ow...@lists.isc.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of dhcp-users digest..."
>
>
> Today's Topics:
>
>    1. Re: [EXT] Re: dhcp-users Digest, Vol 133, Issue 4
>       (Anderson, Charles R)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 11 Nov 2019 13:40:13 +0000
> From: "Anderson, Charles R" <c...@wpi.edu>
> To: Users of ISC DHCP <dhcp-users@lists.isc.org>
> Subject: Re: [EXT] Re: dhcp-users Digest, Vol 133, Issue 4
> Message-ID: <20191111134010.e3a3vxw57x2iq...@angus.ind.wpi.edu>
> Content-Type: text/plain; charset="us-ascii"
>
> On Mon, Nov 11, 2019 at 08:26:27PM +0800, Cayab, Jefrey E. wrote:
> > Hi,
> >
> > # No service will be given on this subnet, but declaring it helps the
> > # DHCP server to understand the network topology.
> >
> > subnet 0.0.0.0 netmask 0.0.0.0 {
> > }
> >
> > It was taken from the comment above it; I thought I could just put
> anything
> > - I'd appreciate if someone can give me what's the proper Subnet/Netmask
> to
> > put there. Does the comment above means that if my dhcp server is in
> > 10.16.5.0/24 - this is the subnet and netmask I need to put there?
>
> Yes.  Your subnet statements must reflect reality and yes you do need a
> subnet for your dhcp server local interface.
>
> The long loading time is because you have a HUGE number of IPs in ranges.
> Added up, you have about 656,000 IP addresses the server has to keep track
> of.  Do you really need each subnet to handle 65534 dynamic IPs?
>
>
>
>
> Move these group and host statements to global scope (not inside any
> subnet).
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
>
> ------------------------------
>
> End of dhcp-users Digest, Vol 133, Issue 6
> ******************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 
<https://lists.isc.org/pipermail/dhcp-users/attachments/20191112/f64d5b5a/attachment-0001.htm>

------------------------------

Message: 2
Date: Mon, 11 Nov 2019 11:29:47 -0500
From: Andrew Bell <and...@poscomp.ca>
To: Users of ISC DHCP <dhcp-users@lists.isc.org>
Subject: Re: dhcp-users Digest, Vol 133, Issue 6
Message-ID:
        <CAMcY7=gwXObjzptTj4DUarRks29aWSMq23NU3fHS=rlfscx...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

What kind of wifi controller are you using that can handle 65000+ users on
a single subnet?!

On Mon, Nov 11, 2019 at 11:23 AM Cayab, Jefrey E. <jca...@gmail.com> wrote:

> Charles,
>
> Thank you for the suggestion which I did and the warning messages went
> away.
> Unfortunately, this server serves large events wherein wifi users could
> get up to 60,000
>
> Here's the log messages when I applied the changes:
> [root@dhcp ~]# tail -f /var/log/messages
> Nov 12 00:06:52 dhcp systemd: Stopping DHCPv4 Server Daemon...
> Nov 12 00:06:52 dhcp systemd: Stopped DHCPv4 Server Daemon.
> Nov 12 00:06:52 dhcp systemd: Starting DHCPv4 Server Daemon...
> Nov 12 00:06:52 dhcp dhcpd: Internet Systems Consortium DHCP Server 4.2.5
> Nov 12 00:06:52 dhcp dhcpd: Copyright 2004-2013 Internet Systems
> Consortium.
> Nov 12 00:06:52 dhcp dhcpd: All rights reserved.
> Nov 12 00:06:52 dhcp dhcpd: For info, please visit
> https://www.isc.org/software/dhcp/
> Nov 12 00:07:08 dhcp dhcpd: Not searching LDAP since ldap-server,
> ldap-port and ldap-base-dn were not specified in the config file
> Nov 12 00:07:08 dhcp dhcpd: Internet Systems Consortium DHCP Server 4.2.5
> Nov 12 00:07:08 dhcp dhcpd: Copyright 2004-2013 Internet Systems
> Consortium.
> Nov 12 00:07:08 dhcp dhcpd: All rights reserved.
> Nov 12 00:07:08 dhcp dhcpd: For info, please visit
> https://www.isc.org/software/dhcp/
> Nov 12 00:13:10 dhcp dhcpd: Wrote 0 class decls to leases file.
> Nov 12 00:13:10 dhcp dhcpd: Wrote 0 deleted host decls to leases file.
> Nov 12 00:13:10 dhcp dhcpd: Wrote 0 new dynamic host decls to leases file.
> Nov 12 00:13:11 dhcp dhcpd: Wrote 77733 leases to leases file.
> Nov 12 00:13:11 dhcp dhcpd: Listening on LPF/eth0/50:6b:8d:03:a8:b9/
> 10.16.5.0/24
> Nov 12 00:13:11 dhcp dhcpd: Sending on   LPF/eth0/50:6b:8d:03:a8:b9/
> 10.16.5.0/24
> Nov 12 00:13:11 dhcp dhcpd: Sending on   Socket/fallback/fallback-net
> Nov 12 00:13:11 dhcp systemd: Started DHCPv4 Server Daemon.
>
> Still 7 minutes :(
>
>
> On Mon, Nov 11, 2019 at 9:40 PM <dhcp-users-requ...@lists.isc.org> wrote:
>
>> Send dhcp-users mailing list submissions to
>>         dhcp-users@lists.isc.org
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>>         https://lists.isc.org/mailman/listinfo/dhcp-users
>> or, via email, send a message with subject or body 'help' to
>>         dhcp-users-requ...@lists.isc.org
>>
>> You can reach the person managing the list at
>>         dhcp-users-ow...@lists.isc.org
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of dhcp-users digest..."
>>
>>
>> Today's Topics:
>>
>>    1. Re: [EXT] Re: dhcp-users Digest, Vol 133, Issue 4
>>       (Anderson, Charles R)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Mon, 11 Nov 2019 13:40:13 +0000
>> From: "Anderson, Charles R" <c...@wpi.edu>
>> To: Users of ISC DHCP <dhcp-users@lists.isc.org>
>> Subject: Re: [EXT] Re: dhcp-users Digest, Vol 133, Issue 4
>> Message-ID: <20191111134010.e3a3vxw57x2iq...@angus.ind.wpi.edu>
>> Content-Type: text/plain; charset="us-ascii"
>>
>> On Mon, Nov 11, 2019 at 08:26:27PM +0800, Cayab, Jefrey E. wrote:
>> > Hi,
>> >
>> > # No service will be given on this subnet, but declaring it helps the
>> > # DHCP server to understand the network topology.
>> >
>> > subnet 0.0.0.0 netmask 0.0.0.0 {
>> > }
>> >
>> > It was taken from the comment above it; I thought I could just put
>> anything
>> > - I'd appreciate if someone can give me what's the proper
>> Subnet/Netmask to
>> > put there. Does the comment above means that if my dhcp server is in
>> > 10.16.5.0/24 - this is the subnet and netmask I need to put there?
>>
>> Yes.  Your subnet statements must reflect reality and yes you do need a
>> subnet for your dhcp server local interface.
>>
>> The long loading time is because you have a HUGE number of IPs in
>> ranges.  Added up, you have about 656,000 IP addresses the server has to
>> keep track of.  Do you really need each subnet to handle 65534 dynamic IPs?
>>
>>
>>
>>
>> Move these group and host statements to global scope (not inside any
>> subnet).
>>
>>
>> ------------------------------
>>
>> Subject: Digest Footer
>>
>> _______________________________________________
>> dhcp-users mailing list
>> dhcp-users@lists.isc.org
>> https://lists.isc.org/mailman/listinfo/dhcp-users
>>
>>
>> ------------------------------
>>
>> End of dhcp-users Digest, Vol 133, Issue 6
>> ******************************************
>>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 
<https://lists.isc.org/pipermail/dhcp-users/attachments/20191111/f2d3b29f/attachment-0001.htm>

------------------------------

Message: 3
Date: Mon, 11 Nov 2019 20:16:28 +0000
From: Simon Hobson <dh...@thehobsons.co.uk>
To: Users of ISC DHCP <dhcp-users@lists.isc.org>
Subject: Re: dhcpd restart takes almost 7 minutes in CentOS7 (Was:
        dhcp-users Digest, Vol 133, Issue 4)
Message-ID: <ff037248-d088-4440-95f4-cd688206a...@thehobsons.co.uk>
Content-Type: text/plain; charset=us-ascii

Please don't top post, and PLEASE set the subject back to what it should be. 
It's really annoying an impolite to just use the Digest title as it means 
nothing at all to anyone.

Cayab, Jefrey E. <jca...@gmail.com> wrote:

> # No service will be given on this subnet, but declaring it helps the
> # DHCP server to understand the network topology.
> 
> subnet 0.0.0.0 netmask 0.0.0.0 {
> }
> 
> It was taken from the comment above it; I thought I could just put anything - 
> I'd appreciate if someone can give me what's the proper Subnet/Netmask to put 
> there. Does the comment above means that if my dhcp server is in 10.16.5.0/24 
> - this is the subnet and netmask I need to put there?

Yes, it would normally be the subnet for the server's interface - if not 
elsewhere defined.

> Please refer to the attached file for the dhcpd.conf

> # FCC1-1 - VLAN165
> subnet 10.151.0.0 netmask 255.255.0.0 {
>   default-lease-time 28800;
>   max-lease-time 86400;
>   option domain-name-servers 10.16.5.106;
>   option routers 10.151.0.1;
>   option broadcast-address 10.151.255.255;
>   range 10.151.0.2 10.151.255.254;
> }

And as already mentioned, your problem is immediately obvious - you WILL have 
slow server startup with that config. It's a known issue.
I count something like 95 subnets with 65k pools, that makes over 6.1 millions 
addresses.

When the server is loading the config, it builds data tables containing a lease 
record for every address included in a pool - whether used or not. This takes 
both memory (have you looked at memory usage ?) and time - hence your 7 minute 
startup time. I would suggest you take another look at the network 
configuration and see if there is any scope for reducing the number of 
addresses in use. You said that some events could attract 60k visitors - is 
there scope for only provisioning that number of addresses when needed ?

Also, I don't know the details, but there are some optimisations you should 
make for handling such large IP lists. The internal tables are hashed, and the 
hashing is configured for more typical list sizes. IIRC there are compile time 
options to configure the hashing to be more efficient for very large lists.


There is another issue you need to address or it will bite you in the backside 
sooner or later.
> # WiFi-Gold - VLAN282
> subnet 10.254.0.0 netmask 255.254.0.0 {
>   default-lease-time 28800;
>   max-lease-time 86400;
>   option domain-name-servers 10.16.5.106;
>   option routers 10.254.0.1;
>   option broadcast-address 10.255.255.255;
>   range 10.254.0.2 10.255.255.254;
>   group {
>     host first { hardware ethernet 24:ee:9a:5c:58:78; fixed-address 
> 10.255.255.252; }
>     host second { hardware ethernet 24:ee:9a:5c:ca:b5; fixed-address 
> 10.255.255.253; }
>     host third { hardware ethernet dc:71:96:70:51:16; fixed-address 
> 10.255.255.254; }
>   }
> }

Host statements are ALWAYS global in scope regardless of where you define them. 
You have posted log entries showing a warning about this.
What happens is that a device can connect to a different subnet, matches the 
host statement, but the fixed-address isn't valid. The device will get a 
dynamic address appropriate to the subnet to which it is connected - but it 
will inherit options from where it is defined, something that AFAIK no-one has 
come up with a use case for !
So move all your host declarations to the global scope and avoid the problems 
it could cause you in the future.




------------------------------

Subject: Digest Footer

_______________________________________________
dhcp-users mailing list
dhcp-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users


------------------------------

End of dhcp-users Digest, Vol 133, Issue 7
******************************************

Reply via email to