Failover Questions

Tue Jan 23 10:59:47 UTC 2007

>From: Tina Siegenthaler <tina at zool.unizh.ch>
>Subject: Re: Failover Questions
>Date: Mon, 22 Jan 2007 16:52:41 +0100
>
>Am 20.01.2007 um 07:04 schrieb Glenn Satchell:
>
>>
>>> Date: Fri, 19 Jan 2007 16:54:34 -0500
>>> From: Jonathan Brockmeier <brockj at hope.edu>
>>> To: dhcp-users at isc.org
>>> Subject: Failover Questions
>>>
>>> We are getting ready to move from 1 DHCP server to 2 that load  
>>> balance.
>>> I have been having a headache for the last couple of days on some  
>>> question:
>>>
>>> 1)  In the failover peer section defining the connection between
>>> primary+seconday and secondary+primary should that be the same  
>>> "name" on
>>> both the primary and secondary servers?
>>
>> Here's a working example, primary first and then secondary:
>>
>> failover peer "Uniq14subnet" {
>>   primary;
>>   address drill.uniq.com.au;
>>   port 519;
>>   peer address lager.uniq.com.au;
>>   peer port 519;
>>   max-response-delay 60;
>>   max-unacked-updates 10;
>>   mclt 3600;
>>   split 128;
>>   load balance max seconds 3;
>> }
>>
>> failover peer "Uniq14subnet" {
>>   secondary;
>>   address lager.uniq.com.au;
>>   port 519;
>>   peer address drill.uniq.com.au;
>>   peer port 519;
>>   max-response-delay 60;
>>   max-unacked-updates 10;
>>   load balance max seconds 3;
>> }
>>
>
>This may be a stupid question, but do the two servers need to have  
>the same peer name? Mine have two different names, and this works,  
>though I really do not understand which name is to go with which  
>server...
>The host name of my primary ist DHCP-0465, and I put DHCP-0465 in its  
>peer declaration; the secondary's host name is DHCP-0352, and I put  
>DHCP-0352 in its peer declaration. Like this:
>
>failover peer "DHCP-0465" {
>         primary;
>         address 130.60.23.4;
>         port 520;
>         peer address 130.60.23.114;
>         peer port 520;
>         max-response-delay 60;
>         max-unacked-updates 10;
>         mclt 3600;
>         split 128;
>         load balance max seconds 5;
>}
>
>and:
>
>failover peer "DHCP-0352" {
>         secondary;
>         address 130.60.23.114;
>         port 520;
>         peer address 130.60.23.4;
>         peer port 520;
>         max-response-delay 60;
>         max-unacked-updates 10;
>         load balance max seconds 5;
>}
>
>
>
>Is that wrong???

Well they're *supposed* to be the same :)

I vaguely remember David Hankins posting some time ago that the actual
key used to determine the failover peer was the IP addresses and ports.
And that this was going to change in a later release (maybe 3.1.0?) to
actually use the peer name.

So to make sure your configuration continues to work you should use the
same peer names.

It makes it much easier when , for example, you have different peer
relationships between more than two dhcp servers. Eg servers A and B
are peers for a pool A, and servers B and C are peers for pool B and so
on.

To quote the dhcpd.conf man page:

     The  server currently  does very  little   sanity  checking,
     so  if   you  configure  it wrong, it will just  fail in odd
     ways.

regards,
-glenn