DHCP failover setup with several relay agents

Simon Hobson dhcp1 at thehobsons.co.uk
Mon Sep 22 14:33:15 UTC 2008 

Robert Blayzor wrote:

>In reading the docs and a lot of posts on the list, it seems as if 
>this type of setup only works with local LAN based broadcast setups 
>where the servers can see all requests coming in.

Should work with any setup.

>In our setup, we have no local broadcast DHCP clients and all of our 
>requests come pointed to one server IP address from different DHCP 
>relay agents (ie: Cisco routers).
>
>The question is, can a DHCP failover setup work for relay agents if 
>requests are only directed at one server?  Now, I know that this is 
>not the perfect failover setup, as if the primary failed, the agents 
>would have to be directed toward the working server.  This can 
>easily be fixed with the L3 switch we have in front of the servers 
>that can direct traffic for a virtual IP instead of the physical 
>IP's if the active server fails.

The simple answer is to configure your relay agents properly - ie to 
send to both servers at the same time. Either add two helper 
addresses, or use a broadcast address.

>I think the problem is however that if we just keep sending all 
>requests to one server, the IP pools will be "half" of what they 
>normally are because the "failover" setup is actually a "load 
>balanced with failover" setup.  If that's the case then would it be 
>safe to assume them that failover only properly works in a broadcast 
>based environment only?

No, what will happen is one server will allocate leases. Over time, 
it's free pool will deplete and free addresses will get balanced over 
to it. In extreme you will end up with one server giving out all the 
available addresses.

>Would it make more sense in this type of setup to just run one 
>active server and use something like rsync to send the leases file 
>over to a secondary "standby" server?   I was hoping that in DHCP 
>failover one could actually be a primary and one could be a standby, 
>but from the docs, it doesn't sound like that will work because the 
>secondary unit will hold half of the available leases per pool.

It depends on what your requirements are - but trying to run failover 
(or any other type of redundancy) when requests can only get to one 
of them is not going to work if the 'active' server fails and nothing 
can get to your failover/backup/redundant server !

More information about the dhcp-users mailing list