Failover host stops releasing IP's if the peer is down.

[Simon Hobson]

Niall O'Reilly <niall.oreilly at ucd.ie> wrote:
> 

> Sure. See https://kb.isc.org/docs/isc-dhcp-44-manual-pages-dhcpdconf (or the
> corresponding documentation for the version of interest to you) and in particular
> the warning, "Think very carefully before enabling this feature."

Specifically, the section on "The auto-partner-down statement".
Just to expand in case the OP doesn't get it - IMO the warning might not be recognised by some users. There is no guarantee that a loss of communications between peers means that one of them can no longer serve clients. Having two isolated servers handling the same address range is highly liable to create some very "interesting" problems as they start to hand out the same addresses to different clients and other such bad behaviour. This is why this option is turned off by default and did not exist until fairly recently.

Turn it on if you wish, but be prepared for weird behaviour under some fault conditions. Personally I don't think this is a sane option to turn on unless both servers are co-located and both connected to ports on the same switch.

An alternative is to simply put monitoring in place (there are many tools to do this) and alert your duty admins should a server go offline or a server go into comms interrupted state. They can then apply some sanity checks and manually put the active server into partner-down state.