[Kea-users] DHCP redundancy

Munroe Sollog mus3 at lehigh.edu
Mon Nov 27 14:11:38 UTC 2017 

Just to add my 2 cents to this thread.  I am currently working on a 3-host
galera MySQL cluster along with 2 kea servers that will handle my DHCP
failover seemlessly.  Built on Debian Stretch, the last piece I am writing
is a migration script to take the lease4.csv file and import it into mysql.

On Wed, Nov 22, 2017 at 8:34 AM, Hugh Connolly <hconnolly at gcet.net> wrote:

> I'm working on something similar.
>
>
> It uses 2+ Kea instances with the postgresql lease db in Amazons RDS.
>
> To manage the VIP the cluster uses ocf_heartbeat_IPaddr2 (pacemaker)
>
>
> Works quite well thus far.
>
>
> What do you think?
>
>
> One improvement (beyond in-housing the Postgresql cluster) that comes to
> mind is better fencing in PCS to restart the service or shutdown the node
> if there is a problem. Something beyond just checking that the service is
> running, maybe checking the ports?
>
>
> Was fairly straight forward to setup
> ------------------------------
> *From:* Kea-users <kea-users-bounces at lists.isc.org> on behalf of Klaus
> Steden <klausfiend at gmail.com>
> *Sent:* Friday, November 17, 2017 4:14:00 PM
> *To:* SoupNazi izaNpuoS
> *Cc:* KEA-Users (kea-users at lists.isc.org)
> *Subject:* Re: [Kea-users] DHCP redundancy
>
>
> Our implementation uses a single database backend (which is itself HA, but
> the endpoint is a VIP, so it appears to be just a single host)  with a
> different server per environment running a Kea server. It seems they
> coexist quite happily as long as they're not trying to both handle the same
> row/table, which means each environment only uses a single IP helper.
>
> We use Monit on the servers themselves to keep the Kea daemon running,
> since as noted it doesn't retry when it encounters an error talking to the
> database; the whole system is generally fairly resilient, FWIW, even if
> it's less than industrial strength.
>
> cheers,
> Klaus
>
> On Fri, Nov 17, 2017 at 6:48 AM, SoupNazi izaNpuoS <soupnazi34 at gmail.com>
> wrote:
>
> Not at all.  It does split the pools, automatically.  You just need to
> make sure you don't use more than 90% of your addresses as it may have
> difficulty transferring IPs amongst the devices if you do (say if the
> secondary runs out, the primary may not be able to send IPs to it).
>
> On Fri, Nov 17, 2017 at 9:44 AM, John Ratliff <john at bluemarble.net> wrote:
>
> On 11/17/2017 9:37 AM, SoupNazi izaNpuoS wrote:
>
> Out of curiosity, was there a reason you didn't use the built in failover
> configuration in ISC DHCP?
>
>
> It's extremely confusing to me. Perhaps my understanding is flawed, but as
> I understand it, you need to split your pool and have one side responsible
> for their individual split. Our pools do not have enough spare IPs to allow
> that. It just never seemed work the effort.
>
> --John
>
>
> On Fri, Nov 17, 2017 at 9:25 AM, John Ratliff <john at bluemarble.net
> <mailto:john at bluemarble.net>> wrote:
>
>     I'm seeking best practice advice on how to setup DHCP server
>     redundancy with kea.
>
>     With ISC DHCP, I used VRRP with two servers and configured it to
>     send the dhcp-server-identifier option as the VRRP IP. Then I would
>     run a script that sync'd the lease database automatically via cron.
>
>     This process is messy and error prone, so I would like to use kea
>     instead.
>
>     The subnets I am allocating via DHCP is not the same subnet that the
>     server is in, so we use ip-helper statements to forward DHCP
>     requests to the server.
>
>     I have kea using mySQL as a lease backend. The mySQL server is not
>     on the same machine as kea.
>
>     My first thought was to use VRRP and supply the
>     dhcp-server-identifier option again. I ran into a problem though
>     that if kea started before VRRP, it wouldn't listen on the VRRP IP.
>     There is probably a solution to that, but I don't have one yet.
>
>     So then I changed the router configuration to use two ip-helper
>     statements, sending the request to both primary and secondary kea
>     servers; I also removed the dhcp-server-identifier option. This
>     seems to work.
>
>     Is this a reasonable setup for DHCP redundancy with kea? Is there a
>     better option I might want to consider? Are there any concerns I
>     should be aware of with both servers being active?
>
>     Thanks.
>     _______________________________________________
>     Kea-users mailing list
>     Kea-users at lists.isc.org <mailto:Kea-users at lists.isc.org>
>     https://lists.isc.org/mailman/listinfo/kea-users
>     <https://lists.isc.org/mailman/listinfo/kea-users>
>
>
>
>
>
> _______________________________________________
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
>
>
>
> _______________________________________________
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
>
>


-- 
Munroe Sollog
Senior Network Engineer
munroe at lehigh.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20171127/9610167a/attachment.htm>

More information about the Kea-users mailing list