Dhcp Failover behind load balancers
acqant at optonline.net
Sat May 13 13:32:32 UTC 2006
Glenn Satchell wrote:
>> Date: Fri, 12 May 2006 13:00:00 -0400
>> From: anthony <acqant at optonline.net>
>> To: dhcp-users at isc.org
>> Subject: Dhcp Failover behind load balancers
>> I'm running DHCP failover on two servers behind a load balancer. I have
>> 15 remote sites forwarding the dhcp requests to the virtual ip and they
>> get sent to only one of the two dhcp servers at a time.
>> For awhile it looked like if a request came to one server it would
>> forward it to the other.
>> Now for some reason I have a pool out of wack and the "peer holds all
>> leases" error.
>> I have two questions:
>> 1) Do I need to send the dhcp traffic to both servers behind the load
>> vip 10.0.0.1 ---> goes to primary, secondary hot spare
>> vip 10.0.0.2 ---> goes to secondary, primary hot spare
>> ip address helper 10.0.0.1,10.0.0.2
>> 2) I'm running the rpm package from Fedora Core3. I think I need to
>> upgrade to at least 3.0.3.
> If you're running dhcpd in failover mode then you don't really need the
> load balancer.
> dhcpd failover is a load sharing setup, ie the two dhcp servers
> essentially split the pool of available addresses between them and
> notify the other server when they issue a lease or a lease expires.
> Both need to receive the broadcast DHCPDISCOVER messages and both need
> to receive the renewal requests which are unicast back to the dhcp
> server that issued the lease.
> So your pools are out of wack because only one dhcp server has been
> receiving the client data.
> If you want to use a load balancer then you should configure dhcpd to
> not use failover and then use some other means to copy the dhcpd.leases
> file to the other server periodically (say every couple of minutes or
If you remove the load balancer part how do the two servers get unicast
renewals? Once the client ACK's the offer and has the ip address of the
server that issued it it doesn't broadcast again til much later, correct?
I guess at this point it's a decision of which is more reliable. Use
the load balancer to remove the load balancing features or copy the
lease files. I'd hate to dedicate two servers outside of the load
balance farm since so many other services fit behind them.
It turns out my secondard had a pool that the primary did not so that
was the out of wack part. I think what's happening now is the client
just keeps DISCOVERing until it hits the server based on the mac hash.
If I use two ip's and dedicate a server each to them on the load
balancer and add them both to the ip help-address they both will then
see the DISCOVER.
More information about the dhcp-users