firewalld service file for dhcpd-failover

The problem

I have been practicing with ISC dhcp in preparation for overhauling my network. While working with dhcp failover peers, I have run into a problem. My peers couldn’t talk to each other. I eventually figured out it was the firewall. Some of the errors I got included:

Apr 05 17:56:55 dhcpd[956]: failover peer allvm: I move from recover to startup
Apr 05 17:56:55 systemd[1]: Started DHCPv4 Server Daemon.
Apr 05 17:57:10 dhcpd[956]: failover peer allvm: I move from startup to recover

The solution

With the help of a post on the World Wide Web, I have shamelessly ripped off a firewalld service file. Loading this file into the firewall daemon solved my dhcp failover peer communication problem. Do this on both servers.

touch "${tf}"; chmod 0644 "${tf}"
cat <<EOF >"${tf}"
<?xml version="1.0" encoding="utf-8"?>
<!-- Reference: -->
<service version="1.0">
  <short>DHCPD Failover</short>
  <description>This allows a DHCP server to communicate with a failover peer.</description>
  <port protocol="tcp" port="647" />
systemctl reload firewalld.service
firewall-cmd --permanent --add-service=dhcpd-failover
firewall-cmd --reload



  2. DHCP failover guide