How to create a backup pool?
dhcp1 at thehobsons.co.uk
Tue Jul 18 10:26:38 UTC 2006
Jukka Laaksola wrote:
>I have set up a quite complex class/subclass configuration for ISC
>dhcpd. It uses Option-82 information to connect some DSLAMs to several
>Now the question is if there is an easy way to add a priority to pools?
>The idea is to add a backup pool with private IPs which will be NATted.
No way at all to do this, BUT there is a way that will 'sort of'
emulate it with a number of ifs and buts !
>So normally I would share public IPs from pool A to customers but if all
>public IPs are in use then next customers will get private IPs
>(10.10.10.x) from a backup pool. All of those private IPs are NATted to
>one public IP.
>The configuration should give first all public IPs and after that start
>to give IPs from private IPs. Is this possible somehow?
OK, two methods come to mind, neither are perfect but may just manage
'enough' to get you by !
1) Run a monitor that enables a pool as required
Well that's it really, write a script that periodically checks the
status of your leases and if it detects that there are no free
addresses in the main pool will re-configure the server to allow it
to use addresses from the backup pool. When it detects free addresses
then you reconfigure the server again - but be aware that this will
most likely cause a client in the backup pool to switch address (and
thus lose all existing connections) on lease renewal.
2) Rely on undocumented behaviour to control address use order.
The server as currently written will allocate addresses starting at
the top of pools (and IIRC, the highest address when multiple pools
are available). You could exploit this to ensure that initially
clients would get addresses from one pool rather than another.
BUT - this only works while addresses in the main pool are unused
(not free, but totally unused as in never been issued before).
You would need to run a cleanup process to periodically remove all
trace of expired leases in the main from the lease database so that
the address could then be used preferentially.
This will not however allow for a client getting back into the main
pool as it will continue using it's address in the backup pool until
something forces it to change.
Much better of course to ensure that you have enough addresses for customers !
There is also the factor of how you will deal with the technical and
support issues of having customers that may or may not be behind NAT
- and where this may change from one session to another. I would be a
bit miffed to say the least if I'd just set up some software on the
assumption that I had a non-nat connection and then found it broken
because I was now behind nat !
More information about the dhcp-users