Thanks for the reply Ludovic. I followed your suggestion, however, on the sync step, I discovered that the networks.conf file reverted the change back to the node's registration network IP address.
Here is a screenshot showing it corrected to use the VIP of 10.9.0.5 for the gateway and dns: [image: image.png] And here is a screenshot showing the same file after running sync --as-master, where it reverted back to 10.9.0.2: [image: image.png] I did not go any further after that. Your thoughts? *Daniel J. Zook* *a.k.a. "Zookie" *(he/him/his) Eastern Mennonite University On Thu, May 2, 2024 at 8:58 AM Zammit, Ludovic <luza...@akamai.com> wrote: > Hello Daniel, > > Make sure the configuration is consistent on all members on the cluster. > > Do on the firs node : > > vim /usr/local/pf/conf/networks.conf (Make sure the VIP IP address is used > for the gateway and DNS ) > > /usr/local/pf/bin/pfcmd configreload hard > > /usr/local/pf/bin/cluster/node/sync --as-master > > Then on node 2 and node 3: > > /usr/local/pf/bin/pfcmd configreload hard > > /usr/local/pf/bin/pfcmd service pf restart > > Thanks, > > > *Ludovic Zammit* > *Product Support Engineer Principal Lead* > *Cell:* +1.613.670.8432 > Akamai Technologies - Inverse > 145 Broadway > Cambridge, MA 02142 > Connect with Us: <https://community.akamai.com> <http://blogs.akamai.com> > <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> > <http://www.linkedin.com/company/akamai-technologies> > <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > > On Apr 30, 2024, at 11:19 AM, Daniel Zook via PacketFence-users < > packetfence-users@lists.sourceforge.net> wrote: > > I have a working packetfence cluster and everything seems to be setup and > working fine except that when a guest connects on the Registration VLAN, > DNS fails. It acts as if there is a firewall blocking it, or there is no > service listening. > > If I stop IPTables on one or more cluster members, DNS starts working > again. Unfortunately, PacketFence somehow restarts IPTables after a period > of time even if I set it to "disabled" (and DNS fails to work again.) > > What do I need to do to prevent IPTables from running so that DNS keeps > working on the Registration network? > > Thanks in advance for your help. > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > > https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!U0N9vfZORkZrsZMlMngvIxLK9YrfKlEED3Lq3jCNRwl8G8DKAstUjvGZqphnSe5Vr_wZ3vUdrcUIyaDw8_Q8NYBnzXS-EP9RkcL7CA$ > > >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
