Hi,
I want to thank everyone that has replied to me. I was able to solve both
issues. I used /dev/MAKEDEV to create new /dev/bpf devices to solve the
urlsnarf issue. For the dhcpd issue I was able to bind it to the real
hardware interface (bge0) instead of the carp interface. Since the hardware
interfaces are always listed first it works. Even though the Cisco's helper
dhcp are pointing to the carp address it still works. Down the road I think I
will try Nick's suggestion below but for now everything is good.
For everyone that has suggested I upgrade to 4.3 or 4.4. I would love to be
running the latest greatest but at this point I am trying to hit a deadline.
When I started this I tried 4.2 at the time it was the newest and I run into
some problems. I don't even remember the details but I think it required a
xwin library for something we installed and the old version didn't. My
manager suggested that because we did know all of the changes that were made
it would be better to run with 4.1 which I already had running on a test
server. We upgraded from 3.9. I think the issue was fixed in 4.3 but I
haven't played with it at that much. We have a number of custom applications
in addition to OpenBSD.
I used the isc dhcp because I needed dhcp-failover and USE_SOCKETS. I needed
USE_SOCKETS for the ability to dhcp clients through the gre tunnels. We used
to terminate the tunnels on a Cisco ASA but for better failover and a much
less complicated infrastructure I decided to terminate the tunnels on a carp
interface directly on the OpenBSD servers.
Things are good now. I have all my interfaces and everything is working
great. Next year I can work on upgrading OpenBSD along with a number of other
changes.
Thanks,
Carl
-----Original Message-----
From: Nick Gustas [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 30, 2008 8:04 AM
To: Carl Horne; misc@openbsd.org
Subject: Re: DHCP failing to find interface after 20 Interfaces
Carl Horne wrote:
> Hi,
>
> Sorry but I run into another block. This time it's dhcpd that is having
the
> issue. I hope Stuart can find an answer as fast as he did last time. This
is
> the issue. If I have 20 or less interfaces configured then dhcpd starts up
as
> expected. Dhcpd listens to the carp interface carp1:. The startup command
is
> "/usr/sbin/dhcpd carp1". If I have 20 interfaces the dhcpd finds the carp1
> interface and it starts up. If I add an interface so there is 21
interfaces
> the dhcpd will not startup because it can not find carp1. If I do ifconfig
-a
> it lists the interfaces in some kind of order. It seems that it uses this
> order and it can only see the first 20 in the list. The carp interfaces
are
> always at the bottom of the list.
>
> Thanks,
> Carl
>
> Dhcpd:
> I build this from source because I needed USE_SOCKETS enabled. It's
version
> 3.0.7. It is running in using dhcp-failover between to servers.
>
> # uname -a
> OpenBSD xxx.xxx.xxx 4.1 GENERIC.MP#1152 amd64
>
> # ifconfig -a
> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33192
> groups: lo
> inet 127.0.0.1 netmask 0xff000000
> inet6 ::1 prefixlen 128
> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7
> bge0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
> lladdr 00:09:3d:11:99:02
> groups: egress
> media: Ethernet autoselect (1000baseT full-duplex)
> status: active
> inet 65.44.125.14 netmask 0xffffff00 broadcast 65.44.125.255
> inet6 fe80::209:3dff:fe11:9902%bge0 prefixlen 64 scopeid 0x1
> bge1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
> lladdr 00:09:3d:11:99:03
> media: Ethernet autoselect (1000baseT full-duplex)
> status: active
> inet 159.212.73.14 netmask 0xffffff80 broadcast 159.212.73.127
> inet6 fe80::209:3dff:fe11:9903%bge1 prefixlen 64 scopeid 0x2
> em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> lladdr 00:04:23:ae:1a:14
> media: Ethernet autoselect (1000baseT full-duplex)
> status: active
> inet 192.168.63.56 netmask 0xffffff00 broadcast 192.168.63.255
> inet6 fe80::204:23ff:feae:1a14%em0 prefixlen 64 scopeid 0x3
> em1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
> lladdr 00:04:23:ae:1a:15
> media: Ethernet autoselect (none)
> status: no carrier
> pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33192
> enc0: flags=0<> mtu 1536
> pfsync0: flags=0<> mtu 1460
> pfsync: syncdev: em0 syncpeer: 192.168.63.57 maxupd: 128
> groups: carp pfsync
> gre1: flags=b011<UP,POINTOPOINT,LINK0,LINK1,MULTICAST> mtu 1476
> groups: gre
> physical address inet 159.212.73.16 --> 159.212.48.152
> inet6 fe80::209:3dff:fe11:9902%gre1 -> prefixlen 64 scopeid 0xb
> inet 192.168.0.1 --> 192.168.1.1 netmask 0xffffffff
> gre126: flags=b011<UP,POINTOPOINT,LINK0,LINK1,MULTICAST> mtu 1476
> groups: gre
> physical address inet 159.212.73.16 --> 159.212.48.111
> inet6 fe80::209:3dff:fe11:9902%gre126 -> prefixlen 64 scopeid 0xc
> inet 192.168.0.126 --> 192.168.1.126 netmask 0xffffffff
> gre132: flags=b011<UP,POINTOPOINT,LINK0,LINK1,MULTICAST> mtu 1476
> groups: gre
> physical address inet 159.212.73.16 --> 10.140.253.251
> inet6 fe80::209:3dff:fe11:9902%gre132 -> prefixlen 64 scopeid 0xf
> inet 192.168.0.132 --> 192.168.1.132 netmask 0xffffffff
> gre146: flags=b011<UP,POINTOPOINT,LINK0,LINK1,MULTICAST> mtu 1476
> groups: gre
> physical address inet 159.212.73.16 --> 159.212.187.7
> inet6 fe80::209:3dff:fe11:9902%gre146 -> prefixlen 64 scopeid 0x10
> inet 192.168.0.146 --> 192.168.1.146 netmask 0xffffffff
> gre112: flags=b011<UP,POINTOPOINT,LINK0,LINK1,MULTICAST> mtu 1476
> groups: gre
> physical address inet 159.212.73.16 --> 10.192.15.15
> inet6 fe80::209:3dff:fe11:9902%gre112 -> prefixlen 64 scopeid 0x11
> inet 192.168.0.112 --> 192.168.1.112 netmask 0xffffffff
> gre110: flags=b011<UP,POINTOPOINT,LINK0,LINK1,MULTICAST> mtu 1476
> groups: gre
> physical address inet 159.212.73.16 --> 10.108.8.7
> inet6 fe80::209:3dff:fe11:9902%gre110 -> prefixlen 64 scopeid 0x12
> inet 192.168.0.110 --> 192.168.1.110 netmask 0xffffffff
> gre114: flags=b011<UP,POINTOPOINT,LINK0,LINK1,MULTICAST> mtu 1476
> groups: gre
> physical address inet 159.212.73.16 --> 10.108.16.60
> inet6 fe80::209:3dff:fe11:9902%gre114 -> prefixlen 64 scopeid 0x13
> inet 192.168.0.114 --> 192.168.1.114 netmask 0xffffffff
> gre118: flags=b011<UP,POINTOPOINT,LINK0,LINK1,MULTICAST> mtu 1476
> groups: gre
> physical address inet 159.212.73.16 --> 10.108.24.45
> inet6 fe80::209:3dff:fe11:9902%gre118 -> prefixlen 64 scopeid 0x14
> inet 192.168.0.118 --> 192.168.1.118 netmask 0xffffffff
> gre140: flags=b011<UP,POINTOPOINT,LINK0,LINK1,MULTICAST> mtu 1476
> groups: gre
> physical address inet 159.212.73.16 --> 10.108.32.61
> inet6 fe80::209:3dff:fe11:9902%gre140 -> prefixlen 64 scopeid 0x15
> inet 192.168.0.140 --> 192.168.1.140 netmask 0xffffffff
> gre142: flags=b011<UP,POINTOPOINT,LINK0,LINK1,MULTICAST> mtu 1476
> groups: gre
> physical address inet 159.212.73.16 --> 10.108.40.10
> inet6 fe80::209:3dff:fe11:9902%gre142 -> prefixlen 64 scopeid 0x16
> inet 192.168.0.142 --> 192.168.1.142 netmask 0xffffffff
> carp1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> lladdr 00:00:5e:00:01:01
> carp: MASTER carpdev bge0 vhid 1 advbase 1 advskew 20
> groups: carp
> inet6 fe80::200:5eff:fe00:101%carp1 prefixlen 64 scopeid 0x8
> inet 65.44.125.16 netmask 0xffffff00 broadcast 65.44.125.255
> carp2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> lladdr 00:00:5e:00:01:02
> carp: MASTER carpdev bge1 vhid 2 advbase 1 advskew 20
> groups: carp
> inet6 fe80::200:5eff:fe00:102%carp2 prefixlen 64 scopeid 0x9
> inet 159.212.73.16 netmask 0xffffff80 broadcast 159.212.73.127
>
>
FWIW, I tried this with an OpenBSD 4.3 system, and after creating an
appropriate number of /dev/bpf?? entries, it worked with base dhcpd and
96 vlans. Since you are using isc-dhcpd, this isn't OpenBSD dhcpd
related anymore.
About 5 years ago I had to create a VLAN router on FreeBSD for a hotel,
and ran into the limit on interfaces with isc-dhcpd V3.0.1rc12. I
couldn't find my modified source from back then, so I grabbed 3.0.7 and
figured it out again.
# diff -u common/discover.c.orig common/discover.c
--- common/discover.c.orig Tue Sep 30 05:56:38 2008
+++ common/discover.c Tue Sep 30 05:56:47 2008
@@ -126,7 +126,7 @@
{
struct interface_info *tmp, *ip;
struct interface_info *last, *next;
- char buf [2048];
+ char buf [16384];
struct ifconf ic;
struct ifreq ifr;
int i;
This should be good for around 160 interfaces, give or take.
