firewalld service file for dhcpd-failover

The problem

I have been practicing with ISC dhcp in preparation for overhauling my network. While working with dhcp failover peers, I have run into a problem. My peers couldn’t talk to each other. I eventually figured out it was the firewall. Some of the errors I got included:

Apr 05 17:56:55 centos7-01a.vm.example.com dhcpd[956]: failover peer allvm: I move from recover to startup
Apr 05 17:56:55 centos7-01a.vm.example.com systemd[1]: Started DHCPv4 Server Daemon.
Apr 05 17:57:10 centos7-01a.vm.example.com dhcpd[956]: failover peer allvm: I move from startup to recover

The solution

With the help of a post on the World Wide Web, I have shamelessly ripped off a firewalld service file. Loading this file into the firewall daemon solved my dhcp failover peer communication problem. Do this on both servers.

tf=/usr/lib/firewalld/services/dhcpd-failover.xml
touch "${tf}"; chmod 0644 "${tf}"
cat <<EOF >"${tf}"
<?xml version="1.0" encoding="utf-8"?>
<!-- Reference: https://www.centos.org/forums/viewtopic.php?t=54348 -->
<service version="1.0">
  <short>DHCPD Failover</short>
  <description>This allows a DHCP server to communicate with a failover peer.</description>
  <port protocol="tcp" port="647" />
</service>
EOF
systemctl reload firewalld.service
firewall-cmd --permanent --add-service=dhcpd-failover
firewall-cmd --reload

References

Weblinks

  1. https://www.centos.org/forums/viewtopic.php?t=54348
  2. DHCP failover guide http://geekyadmins.com/dhcp-server-setup-with-failover-in-centos-7/
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s