DHCP Failover - initial Configuration
plcmaechler at gmail.com
Wed Aug 8 13:45:19 UTC 2018
Yesterday I wrote the same mail to the list, but it never appeared in the
arrchives or in my inbox. Therefor i resend the mail from another address.
sorry if the messaged is now sent multiple times
One of our dhcp 4.3 servers for DOCSIS died last week ☹ and we’re now in
the process to set up two new servers with version 4.4 😊.
I’d like to introduce failover for some important pools, but still have
The configuration is split into a few pieces.
The static configuration part is rsynce’d once a day to the secondary node.
Both servers have a .local config, which contains next-server,
time-servers, server-name, the subnet declaration for the management net
and our omapi configuration
The dynamic part comes from another system and is uploaded by ftp two both
A script runs every 5 minutes and if we have new files from ftp, we build
the configuration and restart the server. The secondary server does the
same, but the daemon is not enabled, so the server won’t serve any requests.
If we have a planned maintenance, we stop both server, rsync the lease.db
and start the secondary node
Further the lease.db from the primary node is fetched every 10 minutes to
another system. So that when the primary server dies, we have a ~10minute
old lease db (depends on the last reload) that we can put on the second node
If we wanna go for failover, what are the right steps to start?
1. Configure failover on the primary node (in the local confg)
2. Choose which we wanna do failover and configure them
3. Restart the primary node and put it into partner down state
4. Configure the second server (failover and pools)
5. Start the second server
6. Put the primary server into partner-up? Mode
Does this sound right?
We have about ~240 pools, ~50 pools only contain one single ip address.
Does failover makes sense here?
We can’t use hosts definitions because we only know the option-82. Some
customers have more than one device connected but we can only serve the
single ip address to one of them. If we use failover, can it happen, that
server-1 hands out the ip address to device-1 and server two hand out the
ip to device-2?
*Heavily used pools*
The bigger part is our /24 pools. These are all in a shared network config.
I guess the failover part works pretty fine for the individual pools here.
The shared network is sometimes at 95% usage. Can this lead to problems?
Currently we restart the service every 5minutes if something changed. When
we go for failover, we should reload server one and if it synced to his
partner, we can reload the server two. How does server two know, that the
server one is up to date and everything is synced?
The ISC Knowledge Base contains an article about failover setup (
and part 7 is configuring OMAPI access? Who uses that? Is this for the
communication between primary and secondary or only for putting one server
into partner down mode?
We actually do use omapi to check and expire active leases.
I’m sure that as soon as I hit send, more questions come to my mind 😊 e.g
good mctl and split values for lease times of 1h
TIA for all your inputs and recommendations
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dhcp-users