Frustrated DHCP failover not working.. :(

Simon Hobson dhcp1 at thehobsons.co.uk
Wed Feb 10 15:52:19 UTC 2016


Rob Morin <rmorin at datavalet.com> wrote:

> What was done is the following….
>  
> I made both our  dhcp-1(primary) and our dhcp-2(secondary) into stand alone mode(no fail over) , I know this might have not been the correct way to do this, but at the time it seemed practical.
> We then configured our clients controllers to go half to dhcp-1 and half to dhcp-2
> This worked fine.
> We then gradually moved, over the course of a couple days,  all the client controllers to go only to dhcp-2 server, so at that point all controllers were going to dhcp-2 only.
> This was working fine.

What I would have suggested was :
Just stop server 1 and put server 2 into partner down mode (or remove it's failover config. Clients with a lease from server 1 would try and renew directly for a while, then finally broadcast a request for the address in use. At this point, server2 would answer and the client would "switch servers" without changing address.

> I then swapped out dhcp-1 server for a more updated one, with the above mentioned specs.

So server1 is now a newer version than server 2 ? I'm not really familiar with failover, but I suspect that there may well be some compatibility issues between different versions - especially if one of them is 4 years old.

I would be inclined to suggest migrating clients to the new server, then upgrade server2. The quick and easy way to do this is to :
Do not even start server 1 (or just nuke it's leases file), stop server 2, copy the leases file from server2 to server 1, start server 1 and make sure that server2 can't be accidentally started.


If you don't want this big-bang change, then it can be done by (assuming you don't have the luxury of a huge address space) :
Start up server 1 with a small pool that does not overlap with the pool in use by server 2. You need to reduce the lease length offered by server 2.
Incrementally, decrease the size of the pool offered by server 2, and increase the size of the pool offered by server 1 - always allowing all leases in the freed up space on server2 to expire before adding the range to server 1. The more spare addresses you have, the faster you can do this. After a while, all clients are using server 1.

You can avoid clients address churn by taking advantage of an undocumented behaviour in the code (warning: undocumented and not guaranteed to never change without warning). The ISC server allocated "never used" addresses from the top down - ie higher addresses first. This is just an artifact of the hashing process.
So if you put the new range used by server1 higher (numerically) than server 2, any new clients looking for a lease will get addresses from this range. But if you remove addresses from the top of the range offered by server 2 and immediately add them to the bottom of the range offered by server1, clients will keep the same address as they switch servers. Because new clients will get addresses at the top of the range, there's a fairly good chance you'll avoid any conflicts.


Finally, you can upgrade server2. When you've done that, add the failover config and let it sync the client data from server 1.



More information about the dhcp-users mailing list