[Kea-users] DHCP redundancy

Jason Lixfeld jason-kea at lixfeld.ca
Fri Nov 17 14:37:03 UTC 2017 


> On Nov 17, 2017, at 9:25 AM, John Ratliff <john at bluemarble.net> wrote:
> 
> I'm seeking best practice advice on how to setup DHCP server redundancy with kea.
> 
> With ISC DHCP, I used VRRP with two servers and configured it to send the dhcp-server-identifier option as the VRRP IP. Then I would run a script that sync'd the lease database automatically via cron.
> 
> This process is messy and error prone, so I would like to use kea instead.
> 
> The subnets I am allocating via DHCP is not the same subnet that the server is in, so we use ip-helper statements to forward DHCP requests to the server.
> 
> I have kea using mySQL as a lease backend. The mySQL server is not on the same machine as kea.
> 
> My first thought was to use VRRP and supply the dhcp-server-identifier option again. I ran into a problem though that if kea started before VRRP, it wouldn't listen on the VRRP IP. There is probably a solution to that, but I don't have one yet.
> 
> So then I changed the router configuration to use two ip-helper statements, sending the request to both primary and secondary kea servers; I also removed the dhcp-server-identifier option. This seems to work.

That’s how we’re deploying Kea, and that’s also how we’ve done it in the past in the ISC days.

> Is this a reasonable setup for DHCP redundancy with kea? Is there a better option I might want to consider? Are there any concerns I should be aware of with both servers being active?

The only thing you want to be careful of is your database.  Right now, if Kea loses it’s database connection, it doesn’t re-try.  ISC is working on that for 1.4, I believe.  Also, I know this applies to PostgreSQL, not sure about MySQL, but Kea will only make a single database connection currently, and we’ve observed in our testing that the signal database connection is a bottleneck after some quantity of hundreds of leases per second.  This too is something that ISC is working on, but I don’t recall if it’s for 1.4 or later. In with that, they may make database connections via UNIX sockets an option, instead of just IP based.  Maybe that will help with the throughput issues when the DB is on the same box as Kea.

> Thanks.
> _______________________________________________
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users

More information about the Kea-users mailing list