Is there anything new on the DHCP Failover Horizon? An Update

Simon Hobson dhcp1 at
Sat Apr 16 18:29:11 UTC 2011

Martin McCormick wrote:

>The lease time on the network in question was 2 days and
>we have a secondary problem in that the first messages of "peer
>holds all free leases" occurred well before the outage
>indicating that both servers are not getting the same feed from
>the routers in question so this must be corrected as soon as
>possible. Our remote campuses fall victim to this condition more
>often than I care to think of. Equipment is older and telling
>people that both servers must see the same traffic seems to
>almost fall on deaf ears.

Well that is a fundamental problem, and if you cannot get the guys 
configuring the network to do their job properly then there's no way 
to get reliable services (of any kind) running properly.

>I more or less chose a default/maximum lease time of
>around 2 days many years ago because it seemed like a good
>compromise between churning of the server all day long and
>situations in which some networks appear to fill up because of a
>very high transient nature.

Yes it's always a compromise. Ideally you could do with being able to 
throw more addresses at the problem - if you could have enough 
addresses so that either server could handle the whole network on 
it's own then you shouldn't have the problem at all (and in fact you 
could run them without failover).

>Any ideas are appreciated by me and, eventually, by our

Just as a sanity check, you are aware that if one of the servers is 
down, you have to manually put the other into partner down state 
aren't you ? Some admins have come up with technique to automate 
this, but the ISC team took the decision that they couldn't possibly 
know all permutations and so the only safe option was to assume that 
only inter-server comms was down. It's quite feasible to have a 
network problem (routing issue for example) that would leave both 
servers able to service clients, while being unable to communicate 
with each other.

Until you put one server in partner down state, then it cannot use 
the addresses "owned" by the other server.

Simon Hobson

