Can I have some DHCP Server backup advice please??

blastman · 24 Nov 2008 at 09:57

Hey guys,

I (at work) currently have one (Server1) DHCP and DNS Server for my office. It handles about 150 users and hasn't had a problem yet. (touches wood..)

I've come the to realisation that if server1 was to die then my office would be unable to work as IP address leases would expire and not be able to be renewed and DNS enquires would have no where to go.

I have a second server (server2) that currently only has a few Con jobs and windows update server running on it. I'd like to backup all the DHCP and DNS stuff to my second server so that in the event that the server1 does go down, server2 can come to the rescue.

Both servers are on the same subnet and both run server 2003.

If anyone can point me in the right direction or provide detailed information on how I can do this, I'd be forever grateful!!

Cheers in advance!

Skidilliplop · 24 Nov 2008 at 10:12

Two ways you can do this in my view. One would be to create a VM on server2 which is a clone of server1 and use software like Xen that can detect failure of a server and boot the VM automatically.
OR you create redundancy in your DHCP pool by having two pools within the same subnet each with enough leases for the whole network and run two DHCP servers in parallel so if one fails the hosts just use the other server. DNS isn't an issue as you can run two DNS servers happily alongside each other just make sure the DHCP leases specify both servers.

blastman · 24 Nov 2008 at 10:27

Cheers for the reply.

Is there any configuration change I need to to do to allow a second DHCP server?? I mean, if server1 dies, how do all my clients know to use server2 ??? Or does the DHCP renew request just get broadcast over the network for any DHCP server to hear?

about the DNS, I'll install it on server2, but is there a way to easily copy all the data from the DNS on server1 to server2??

blastman · 24 Nov 2008 at 10:41

ok,

I've installed both DHCP and DNS on server2. DNS is fine as it has picked up all the data it needs.

DHCP has also been configured so it uses a different scope, that way they won't over lap and I'll be able to tell what server dished out what IP address to any client if needs be.

Sorted.

Skidilliplop · 24 Nov 2008 at 11:28

Kinda late as you seem to have done it anyway, However in answer to your question a client doesn't ever know the IP address of it's DHCP server prior to getting a lease. All it does is send out a limited broadcast to 255.255.255.255 with a request. All nodes recieve it but only a DHCP server daemon will respond. The client will take a lease from whichever server responds first. One thing you should do is set any timeouts for dishing out leases to a short time like <5 seconds. This way if both servers respond the one whos lease isn't taken won't sit there waiting for an answer that isnt coming for too long. But this is just a mild tidyup performance tweak it'll work fine without it for a small network <50 PCs

blastman · 24 Nov 2008 at 11:36

that sound like a good idea since I have about 150 machines using these servers. How do I set that time out property??

Skidilliplop · 24 Nov 2008 at 11:43

Depends on whether your DHCPd supports it. If you're using the built in one for server 2003 I don't think you can, but worth drilling down the options.

One question I do have is how you managed to fit two scopes of 150 leases into a subnet? I'm assuming with 150 hosts you used class C /24 allocation? 150 x2 = 300 + static assignments which would need a /23 mask surely?
Unless you've done a superscope over two subnets and set up routing?

blastman · 24 Nov 2008 at 12:22

Skidilliplop said:
Depends on whether your DHCPd supports it. If you're using the built in one for server 2003 I don't think you can, but worth drilling down the options.

Yes I'm using the one built in to 2003, and no I can't find that option. Cheers anyway.

Skidilliplop said:
One question I do have is how you managed to fit two scopes of 150 leases into a subnet?

One server is handing out addresses with xxx.xxx.10.2-254 and the other xxx.xxx.11.2-254. both servers and are on the same subnet 255.255.240.0.

Skidilliplop said:
I'm assuming with 150 hosts you used class C /24 allocation? 150 x2 = 300 + static assignments which would need a /23 mask surely?
Unless you've done a superscope over two subnets and set up routing?

????? you've lost me I'm afraid!!

Skidilliplop · 24 Nov 2008 at 12:46

ah you have a non-classful Subnet mask. The last bit is irrelevant in this case. I was just checking to be sure you weren't accidentally giving out IPs on a different subnet as it'd cause major issues.
Pirmarily covering my arse so if it did happen it wasn't my fault for telling you to do it

But you use a /20 or /21 mask, cant remember which or be bothered to work it out but it's host portion is > /23 so it'll be fine as it is.

blastman · 24 Nov 2008 at 12:58

arh, ok.

Cheers for all your help!!

She be working a treat!!

Skidilliplop · 24 Nov 2008 at 13:24

What use is wisedom if it is not shared?

Do bear in mind this is all theory work we've just done. I would try turning off DHCP service on server1 and separately DNS service, under controlled circumstances to ensure the failover works reliably.
Better to find out any hitches now when it only takes 2 seconds to restart the service than when the server goes pop and it's too late

Any backup/redundancy system should be routinely tested so you know you can count on it when/if the time comes.