DHCP Redundant Configuration Question

  • Thread starter Thread starter MPG
  • Start date Start date
M

MPG

Hello folks,

We've got a domain that has about 120 DHCP clients. We've got two
Win2K DCs. Until recently, all of our DHCP was handled by the second
domain controller. I modified the setup to provide some DHCP
redundancy and have some questions. Here is the current setup:

DC1
Scope: 10.1.5.60 - 10.1.5.254
Exclusions: 10.1.5.157 - 10.1.5.254

DC2
Scope: 10.1.5.60 - 10.1.5.254
Exclusions: 10.1.5.60 - 10.1.5.156

The overlapping scopes and mutually exclusive exclusion lists were set
up based on a recommendation in TechNet DHCP best practices. This
basically leaves half of range on each DHCP server. With the current
setup, each DHCP server has 97 available addresses to hand out which,
I know, is not enough for the 120 DHCP clients. The hope is that it
would be enough to get us through a crunch if one of the servers went
down. Until I can get additional IP space allocated, I will have to
live with that setup. I do have some questions about this setup that
some of you may be able to answer:

- Is there a chance a client will not be able to get an address under
normal operations? For example, if the scope on one server fills up
and the client happens to hit that server, will it get denied and give
up?

- Is there any better way of setting this up without changing the IP
range?

TIA!
MPG
 
Hello MPG,

If both servers are up and running, you will be fine, the client will search
for a DHCP server until it gets an address, doesn't matter which one. If
no server is available it will use the APIPA address. So in your case one
server must be down AND the client has to be at the half lease time, because
then it starts to renew the address. So if you are aware that one server
will be down, free the excluded range and all clients can get addresses.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
 
the way you are doing it is exactly the way I have always done it and I have
never had any trouble with it. The lease peiod is 8 days by default,
meaning it renews every 4 days,...so it would probably take quite a while
(but sooner if clients are rebooted daily) to eat up all the addresses on
one DHCP if the other goes down,..but yes it would eventually happen,...the
idea is to just buy time to get the broken one fix right away. If you get
delayed on repairs just adjust the Exclusion on the remaining one to provide
a few more addresses then put it back to original aferwards.

The only difference I do is that I *always* use the entire IP Range in the
Scope based on the subnet mask, then use Exclusions to mark out the lower
Static Addresses.
It still works your way as well, so it is kind of just a preference I
suppose.

So I would have:

DC1 (with a mask of 255.255.255.0)
Scope: 10.1.5.1 - 10.1.5.254
Exclusion: 10.1.5.1 - 10.1.5.59
Exclusion: 10.1.5.157 - 10.1.5.254

DC2 (with a mask of 255.255.255.0)
Scope: 10.1.5.1 - 10.1.5.254
Exclusion: 10.1.5.1 - 10.1.5.59
Exclusion: 10.1.5.60 - 10.1.5.156


--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
 
the way you are doing it is exactly the way I have always done it and I have
never had any trouble with it.  The lease peiod is 8 days by default,
meaning it renews every 4 days,...so it would probably take quite a while
(but sooner if clients are rebooted daily) to eat up all the addresses on
one DHCP if the other goes down,..but yes it would eventually happen,...the
idea is to just buy time to get the broken one fix right away.  If you get
delayed on repairs just adjust the Exclusion on the remaining one to provide
a few more addresses then put it back to original aferwards.

The only difference I do is that I *always* use the entire IP Range in the
Scope based on the subnet mask, then use Exclusions to mark out the lower
Static Addresses.
It still works your way as well, so it is kind of just a preference I
suppose.

So I would have:

DC1 (with a mask of 255.255.255.0)
Scope: 10.1.5.1 - 10.1.5.254
Exclusion: 10.1.5.1 - 10.1.5.59
Exclusion: 10.1.5.157 - 10.1.5.254

DC2 (with a mask of 255.255.255.0)
Scope: 10.1.5.1 - 10.1.5.254
Exclusion: 10.1.5.1 - 10.1.5.59
Exclusion: 10.1.5.60 - 10.1.5.156

--
Phillip Windellwww.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------













- Show quoted text -
Click to expand...

Thanks to both of you for the help. I just ran into another gotcha
with this setup today: IP reservations have to be set up on both DHCP
servers for them to work. Is there any other way of using
reservations with two active DHCP servers? One suggestion I found was
to have the two scopes overlap and put all of the IP reservations in
the overlapping IP space. At least, that way, a client for which
there is a reservation can hit either server to get its IP. However,
you still have to set up the reservations on both servers. Any
thoughts on this?

Thanks!
 
MPG said:
Thanks to both of you for the help. I just ran into another gotcha
with this setup today: IP reservations have to be set up on both DHCP
servers for them to work. Is there any other way of using
reservations with two active DHCP servers? One suggestion I found was
to have the two scopes overlap and put all of the IP reservations in
the overlapping IP space. At least, that way, a client for which
there is a reservation can hit either server to get its IP. However,
you still have to set up the reservations on both servers. Any
thoughts on this?

Thanks!
Click to expand...

You can setup your reservations once on one server then export them and
import them into the second server.

Keeping them in sync is still a pain, but better than entering potentially
hundereds and haveing to do it again.
 
MPG said:
Hello folks,

We've got a domain that has about 120 DHCP clients. We've got two
Win2K DCs. Until recently, all of our DHCP was handled by the second
domain controller. I modified the setup to provide some DHCP
redundancy and have some questions. Here is the current setup:

DC1
Scope: 10.1.5.60 - 10.1.5.254
Exclusions: 10.1.5.157 - 10.1.5.254

DC2
Scope: 10.1.5.60 - 10.1.5.254
Exclusions: 10.1.5.60 - 10.1.5.156

The overlapping scopes and mutually exclusive exclusion lists were set
up based on a recommendation in TechNet DHCP best practices. This
basically leaves half of range on each DHCP server.
Click to expand...

That is the correct way to do this.
With the current
setup, each DHCP server has 97 available addresses to hand out which,
I know, is not enough for the 120 DHCP clients. The hope is that it
would be enough to get us through a crunch if one of the servers went
down. Until I can get additional IP space allocated, I will have to
live with that setup. I do have some questions about this setup that
some of you may be able to answer:
Click to expand...

The strategy should include making the Lease period long enough so
that when one DHCP server goes down, ENOUGH of its clients
will be able to retain an address long enough for you to repair the
problem.

- Is there a chance a client will not be able to get an address under
normal operations?
Click to expand...

Yes, but you reduce that chance through setting the lease correctly.
For example, if the scope on one server fills up
and the client happens to hit that server, will it get denied and give
up?
Click to expand...

If the other is down it will. The trick is to repair the "other" server
rapidly enough.
- Is there any better way of setting this up without changing the IP
range?
Click to expand...

Probably not.
 
Back
Top