In a network with PXE clients, the embedded PXE Client on the NIC (Network Interface Card) of a system leases an IP address from the DHCP server during the PXE client startup. After the PXE client preboot process is completed, the leased IP address is no longer required but is not released. The IP address is released only after the lease time expires. When the operating system is loaded, the DHCP client of the operating system will also send a DHCP request with the same client hardware address, but a different client identifier.
Since the client identifier of the operating system's DHCP client and the client identifier of the PXE client are different, dhcpd will lease two different IP addresses to the same device. To facilitate the release of the IP address leased to the PXE client, you must reduce the default lease time for the IP addresses allocated to PXE clients during preboot.
Create a class. For more information, see <link to create a class>
Select the newly created class to modify it. In the Conditional Expression field, add the following string:
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; default-lease-time 240; max-lease-time 300;
This will set the default lease time to 4 minutes and maximum lease time to 5 minutes. You must ensure that you set the default-lease-time and max-lease-time to a smaller value to facilitate the release of the IP address.
Select the Pool object that you want to influence with the newly created class and add the PXE Class from the Available DHCP Classes to the Allowed DHCP Class for the pool.
Click
Add the
setting from to .Set the value of the unknown-clients setting to
and click .Cause: The DHCP Server and DHCP Service objects do not exist.
Action: Use iManager to create the DHCP Server and DHCP Service object. See Section 7.1, Using iManager to Manage DHCP
Cause: The DHCP server and DHCP Service have been created but the association between both of these objects is not set.
Action: Set the DHCP server and DHCP Service association by using the Viewing or Modifying a Service task.
Cause: The Locator object contains a reference to the DHCP servers installed on the eDirectory tree. Information for the newly installed DHCP Server is added to the Locator object. Because of the delay in synchronizing the replica, the Locator object does not find the newly installed DHCP server object inside its own replica.
Action: To resolve this problem, perform one of the following actions:
Delete the replica and reinstall the DHCP server.
While configuring the newly installed DHCP server, provide the IP address of the OES machine where eDirectory is installed.
Cause: The dhcpd.log file was probably deleted and the file you see now is the new file.
Action: Execute the rcsyslog restart command
Cause: The syslog-ng.conf file has been modified
Action: Check the /etc/syslog-ng/syslog-ng.conf file for the following lines:
filter f_dhcpd {facility(daemon) and match('^dhcpd:');}; destination dhcpmessages {file(var/log/dhcpd.log);}; log {source(src); filter(f_dhcpd); destination(dhcpmessages);};
Action: If you want to log only to the /var/log/dhcpd.log file, then edit syslog-ng.conf files
Restart the syslog daemon by using the rcsyslog restart command.
Cause: The DHCP server might have been blocked by the AppArmor process.
Action: Run AppArmor in complain mode to see if DHCP server has been blocked. For details on running AppArmor in complain mode, see the Novell AppArmor Administration Guide
Cause: No credentials are set in CASA
Action: Verify the credentials set in CASA by using the CASAcli -l command in the console. If no information is displayed, then set the CASA credentials by using the following command:
KEYVALUE=<DN of runtime user> CASAcli -s -n dhcp-ldap -k CN
KEYVALUE=<password of runtime user> CASAcli -s -n dhcp-ldap -k Password
Action: Verify the credentials set in CASA by using the CASAcli -l command. If dhcp-ldap information is displayed, stop the CASA daemon by using the following command:
rcmicasad stop
Store the username and password details in the /etc/dhcpd.conf file.
For example,
ldap-username "cn=runtimeuser,o=novell"; ldap-password "novell";
Cause: Wrong credentials are set in CASA
Action: Reset the CASA credentials by using the CASAcli tool.
To retrieve the password, run the following commands:
DNS: /opt/novell/named/bin/dns_retrieve_proxy_cred PassWord <file_name>
DHCP: /opt/novell/dhcp/bin/dhcp_retrieve_proxy_cred PassWord <file_name>
NOTE:The retrieved password is stored in the file that you specify.
Cause: DHCP fails to start and throws an error “No subnet declaration for ethx”. Subnet declaration for the interface to which DHCP listens is missing in the configuration.
Action: Declare the same subnet as the DHCP listening interface.
Example 18-1 Example:
If DHCP is listening on the eth0 interface 192.168.1.1, then declare a subnet for 192.168.1.0.
NOTE:If you decide not to manage this subnet by this DHCP server, leave the subnet declaration empty i.e, do not create any pools within this subnet.
Unknown Erroron the console
Cause: The details for user (- user) and group (-group) passed as command line arguments do not exist on the local machine.
Action: In the /etc/sysconfig/dhcpd file, set the value of DHCPD_RUN_AS as the local system user.
For example, DHCPD_RUN_AS=<user>.
The <user> parameter corresponds to the local system user. You can create a local system user with the
option in YaST.Cause: The DHCP server might have been blocked by the AppArmor process.
Action: Run AppArmor in complain mode to see if DHCP server has been blocked. For details on running AppArmor in complain mode, see the Novell AppArmor Administration Guide
Cause: Permission to /var/run/novell-lum/.nam_nss_sock is not granted to DHCP and/or nscd in the Apparmor profile.
Action: Edit the Apparmor profile of the DHCP server and include /var/run/novell-lum/.nam_nss_sock with read and write permissions.
Cause: The db directory might not be owned by the user that is used in /etc/sysconfig/dhcpd in the parameter DHCPD_RUN_AS="dhcpd".
Action: Verify that there is a dhcpd user. For details on resolution see TID 7001158