Failover static and dynamic lease

Simon Hobson dhcp1 at thehobsons.co.uk
Thu May 26 07:03:17 UTC 2016


Marcos Renato da Silva Junior <marcosjr at dee.feis.unesp.br> wrote:

>> For dynamic ranges you have choices.
>> "Failover" is one approach. With some caveats in terms of managing state, this allows one or other server to carry on if it's partner fails - leaving all clients with the same address.
>> If you have enough addresses, and don't mind hosts changing address if a server fails, then you can just configure two (or more if you want) servers with non-overlapping ranges. If a server fails, then clients will be unable to renew leases and will eventually get a new lease (different address) from another server. For this to work, you need enough addresses that if a server fails, the other server(s) have enough addresses to service all the clients.

> In my case the second choice also work well.
> 
> My project is to use two Raspberry Pi to manage my home network.
> 
> So no problem with hosts changing address and enough addresses.

A couple of things to bear in mind.

BIND doesn't have the ability (AFAIK) to run a master/master system with failover. So regardless of what you do with DHCP, DNS will always have a single master - and if that goes down, DDNS updates will fail but the slave will be able to continue serving it's copy of the zone. Ie, with the master down, the DNS zone will still be served, but won't get updates.

If you use the second option of two independent DHCP masters, then DNS updates may work "oddly". If a client is unable to renew it's lease with one server, it'll get a lease from the other. So say A is down, B will attempt a DDNS update - but this will fail because the DNS entry is "owned"* by server A. Only when A expires the lease and removes it's DNS entries will B be able to replace them next time the client renews.

So in practice, DDNS won't work well in a failure scenario as clients will change address but their DNS entries won't follow suit.

* This is what the TXT record is for. It's a hash allowing a server to identify if it was the server that put a DNS record in - and it'll refuse to remove/replace one that doesn't "belong" to it.



More information about the dhcp-users mailing list