Hello Luca,
dhcp is udp traffic so it's not really easy to load balance.
Btw there is a pull request on github for that:
https://github.com/inverse-inc/packetfence/pull/2887
Regards
Fabrice
Le 2018-01-31 à 03:40, luca comes via PacketFence-users a écrit :
> Hi Fabrice,
> I checked and what I can see is that pfdhcplistener is populated only
> on the master machine. The other 2 nodes have queue empty. The cluster
> doesn't balance over all the nodes? Should I tune some parameters?
>
> Luca
>
>
> ------------------------------------------------------------------------
> *Da:* Durand fabrice via PacketFence-users
> <packetfence-users@lists.sourceforge.net>
> *Inviato:* martedì 30 gennaio 2018 01:04
> *A:* packetfence-users@lists.sourceforge.net
> *Cc:* Durand fabrice
> *Oggetto:* Re: [PacketFence-users] R: R: No client IP update in cluster
>
>
> It looks like you probably have a high number of job waiting in the
> queue, take a look on the admin gui to see how many.
>
>
> Le 2018-01-25 à 11:24, luca comes via PacketFence-users a écrit :
>> Hi Fabrice,
>> I then installed dhcp forwarder on my DHCP and I can see traffic
>> arrive with tcpdump. The client IP on the gui has changed but after a
>> long long time. It's strange because in a standalone configuration
>> this feature was really quick is there something else I can check?
>>
>> Thanks
>>
>> Luca
>>
>> ------------------------------------------------------------------------
>> *Da:* Durand fabrice via PacketFence-users
>> <packetfence-users@lists.sourceforge.net>
>> <mailto:packetfence-users@lists.sourceforge.net>
>> *Inviato:* martedì 23 gennaio 2018 03:46
>> *A:* packetfence-users@lists.sourceforge.net
>> <mailto:packetfence-users@lists.sourceforge.net>
>> *Cc:* Durand fabrice
>> *Oggetto:* Re: [PacketFence-users] R: No client IP update in cluster
>>
>>
>> Hello Luca,
>>
>>
>> it's also available for Linux:
>> https://github.com/inverse-inc/packetfence-dhcp-forwarder/tree/master/dhcp-forwarder
>> so you can install it on each cluster's member.
>>
>>
>> Le 2018-01-22 à 10:34, luca comes via PacketFence-users a écrit :
>>> Hi Fabrice,
>>> I'm using a cluster of ISC DHCPD on CentOS 7 so think I can't use
>>> your dhcp forwarder. I understand is it only for windows isn't it?
>>> Anyway I did a test, when the client change role it send a dhcp
>>> request to the server:
>>>
>>> [root@dhcp01 ~]# tail -f /var/log/dhcp/dhcpd.log | grep
>>> 00:9c:02:92:ea:b0
>>> Jan 22 12:23:54 dhcp01 dhcpd: DHCPACK to 172.20.251.192
>>> (00:9c:02:92:ea:b0) via ens160
>>> Jan 22 12:24:00 dhcp01 dhcpd: DHCPREQUEST for 172.20.251.192 from
>>> 00:9c:02:92:ea:b0 (LAB3-NB) via 192.168.167.1: wrong network.
>>> Jan 22 12:24:00 dhcp01 dhcpd: DHCPNAK on 172.20.251.192 to
>>> 00:9c:02:92:ea:b0 via 192.168.167.1
>>> Jan 22 12:24:00 dhcp01 dhcpd: DHCPDISCOVER from 00:9c:02:92:ea:b0
>>> via 192.168.167.1
>>> Jan 22 12:24:01 dhcp01 dhcpd: DHCPOFFER on 192.168.167.190 to
>>> 00:9c:02:92:ea:b0 (LAB3-NB) via 192.168.167.1
>>> Jan 22 12:24:01 dhcp01 dhcpd: DHCPREQUEST for 192.168.167.190
>>> (172.27.112.17) from 00:9c:02:92:ea:b0 (LAB3-NB) via 192.168.167.1
>>> Jan 22 12:24:01 dhcp01 dhcpd: DHCPACK on 192.168.167.190 to
>>> 00:9c:02:92:ea:b0 (LAB3-NB) via 192.168.167.1
>>>
>>> Instead I can't see any packet on the pfdhcplistener for that MAC
>>> Address. The strange thing is that it is receiving traffic from the
>>> DHCP on port 767. At the moment I put an helper address on the
>>> switch so a copy of the traffic is sent directly to the
>>> pfdhcplistener and the client IP is updated. It's always showed as
>>> offline but I don't understand why.
>> If you didn't install the forwarder , from where do you receive the
>> copy of the dhcp traffic on the port 767 ?
>> Also inline/offline is based on the accounting , not from the dhcp.
>>
>> Regards
>> Fabrice
>>
>>>
>>> Luca
>>>
>>> Inviato da Outlook <http://aka.ms/weboutlook>
>>>
>>> ------------------------------------------------------------------------
>>> *Da:* Durand fabrice via PacketFence-users
>>> <packetfence-users@lists.sourceforge.net>
>>> <mailto:packetfence-users@lists.sourceforge.net>
>>> *Inviato:* sabato 20 gennaio 2018 03:21
>>> *A:* packetfence-users@lists.sourceforge.net
>>> <mailto:packetfence-users@lists.sourceforge.net>
>>> *Cc:* Durand fabrice
>>> *Oggetto:* Re: [PacketFence-users] No client IP update in cluster
>>>
>>>
>>> Hello Lucas,
>>>
>>>
>>> first use that instead:
>>>
>>> https://github.com/inverse-inc/packetfence-dhcp-forwarder
>>>
>>>
>>> And there is no listening process on UDP 767 but pfdhcplistener
>>> capture the traffic on 67/68 and 767.
>>>
>>> If you tail pfdhcplistener on the server where the vip is , do you
>>> see some updates from te hproduction dhcp server ?
>>>
>>> Also do a capture on the management interface to see if you receive
>>> something on the port 767. (tshark -i eth0 -f "port 767")
>>>
>>>
>>> Regards
>>>
>>> Fabrice
>>>
>>>
>>>
>>> Le 2018-01-18 à 09:43, luca comes via PacketFence-users a écrit :
>>>> Hi all,
>>>> I've migrated my single node infrastructure to a 3 node cluster. At
>>>> the moment I'm testing 802.1x with a Cisco catalyst 2950 and the
>>>> authentication is working fine. I also have in production a
>>>> wireless guest access with sponsor on Cisco WLC taht is working
>>>> really well. Unfortunately I noticed that the client IP address is
>>>> never updated on the nodes page. I have a production DHCP server on
>>>> the same management VLAN with udp_reflector pointing to the new VIP
>>>> on the cluster. With single node the problem wasn't showed and the
>>>> IP was correctly updated after a few seconds. The command I'm using
>>>> on the DHCP server is:
>>>>
>>>> /usr/local/bin/udp_reflector -s pcap2:67 -d 172.27.17.7:767 -b 25000 &
>>>>
>>>> Where 172.27.17.7 is the VIP exposed by the cluster.
>>>>
>>>> I would expect UDP port 767 on PF nodes in listening but they are
>>>> not. Is something missing in my configuration?
>>>>
>>>> Thanks
>>>>
>>>> Luca
>>>>
>>>> Inviato da Outlook <http://aka.ms/weboutlook>
>>>>
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Check out the vibrant tech community on one of the world's most
>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>>
>>>>
>>>> _______________________________________________
>>>> PacketFence-users mailing list
>>>> PacketFence-users@lists.sourceforge.net
>>>> <mailto:PacketFence-users@lists.sourceforge.net>
>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>
>>>
>>> _______________________________________________
>>> PacketFence-users mailing list
>>> PacketFence-users@lists.sourceforge.net
>>> <mailto:PacketFence-users@lists.sourceforge.net>
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>
>>
>> _______________________________________________
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> <mailto:PacketFence-users@lists.sourceforge.net>
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
>
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
