ISC DHCP Users

Recommendation for redundancy

classic Classic list List threaded Threaded
10 messages Options
Pereida, Alejandro
Reply | Threaded
Open this post in threaded view
|

Recommendation for redundancy

Pereida, Alejandro

Hello all:

 

We have been using a single Linux server as our DHCP server running ISC DHCP Server 4.3.1

We are building a “secondary datacenter” for disaster recovery purposes. What is the most recommended

Option for implementing a redundant DHCP server scenario in case the main datacenter (where the DHCP server resides)

goes dark?

 

Thanks in advance

 

Alex Pereida


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Simon Hobson
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation for redundancy

Simon Hobson
"Pereida, Alejandro" <[hidden email]> wrote:

> We have been using a single Linux server as our DHCP server running ISC DHCP Server 4.3.1
> We are building a “secondary datacenter” for disaster recovery purposes. What is the most recommended
> Option for implementing a redundant DHCP server scenario in case the main datacenter (where the DHCP server resides)
> goes dark?

You need to expand a bit - is this to support the existing addresses, or another range, or something else ? And are the sites permanently networked together ?

In principle, all you need to do is add another server in a failover pair - and then both servers will support the same address range(s). Given the additional hop, it's likely that the on-site server will handle requests most of the time as it'll get a reply back to the clients first.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Bob Harold
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation for redundancy

Bob Harold

On Tue, Mar 6, 2018 at 8:13 AM, Simon Hobson <[hidden email]> wrote:
"Pereida, Alejandro" <[hidden email]> wrote:

> We have been using a single Linux server as our DHCP server running ISC DHCP Server 4.3.1
> We are building a “secondary datacenter” for disaster recovery purposes. What is the most recommended
> Option for implementing a redundant DHCP server scenario in case the main datacenter (where the DHCP server resides)
> goes dark?

You need to expand a bit - is this to support the existing addresses, or another range, or something else ? And are the sites permanently networked together ?

In principle, all you need to do is add another server in a failover pair - and then both servers will support the same address range(s). Given the additional hop, it's likely that the on-site server will handle requests most of the time as it'll get a reply back to the clients first.

 
The two servers will share the load, unless you change "split", "hba", or "load balance max seconds".  Setting "split" to 255 is probably what you want if you want the primary server to answer everyone, and the failover to only answer if the primary is unreachable.

-- 
Bob Harold



_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Tiago SR
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation for redundancy

Tiago SR
In reply to this post by Pereida, Alejandro
If you make use of DHCP Relay or can implement it, you could get the servers failover by VRRP, IP SLA, OSPF, etc.
The DHCP Relay would query a DHCP Server IP address that would automatically point to secondary server in case of primary going down.


 ---- On Mon, 05 Mar 2018 20:20:50 -0300 Pereida, Alejandro <[hidden email]> wrote ----
 >       Hello all:
 >  
 >  We have been using a single Linux server as our DHCP server running ISC DHCP Server 4.3.1
 >  We are building a “secondary datacenter” for disaster recovery purposes. What is the most recommended
 >  Option for implementing a redundant DHCP server scenario in case the main datacenter (where the DHCP server resides)
 >  goes dark?
 >  
 >  Thanks in advance
 >  
 >  Alex Pereida
 >     _______________________________________________
 > dhcp-users mailing list
 > [hidden email]
 > https://lists.isc.org/mailman/listinfo/dhcp-users 
 >


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Pereida, Alejandro
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation for redundancy

Pereida, Alejandro
In reply to this post by Simon Hobson
We would like redundancy to support the existing addresses (about 80
address pools), yes both the active Datacenter and DR center are
permanently tied
Together via a redundant 10Gb fiber link

On 3/6/18, 5:13 AM, "dhcp-users on behalf of Simon Hobson"
<[hidden email] on behalf of [hidden email]>
wrote:

>"Pereida, Alejandro" <[hidden email]> wrote:
>
>> We have been using a single Linux server as our DHCP server running ISC
>>DHCP Server 4.3.1
>> We are building a ³secondary datacenter² for disaster recovery
>>purposes. What is the most recommended
>> Option for implementing a redundant DHCP server scenario in case the
>>main datacenter (where the DHCP server resides)
>> goes dark?
>
>You need to expand a bit - is this to support the existing addresses, or
>another range, or something else ? And are the sites permanently
>networked together ?
>
>In principle, all you need to do is add another server in a failover pair
>- and then both servers will support the same address range(s). Given the
>additional hop, it's likely that the on-site server will handle requests
>most of the time as it'll get a reply back to the clients first.
>
>_______________________________________________
>dhcp-users mailing list
>[hidden email]
>https://lists.isc.org/mailman/listinfo/dhcp-users

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Simon Hobson
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation for redundancy

Simon Hobson
In reply to this post by Tiago SR
Tiago SR <[hidden email]> wrote:

> If you make use of DHCP Relay or can implement it, you could get the servers failover by VRRP, IP SLA, OSPF, etc.
> The DHCP Relay would query a DHCP Server IP address that would automatically point to secondary server in case of primary going down.

The problem with that is that unless you use the failover protocol then you cannot easily have a seamless handover - this is NOT a stateless server like a web server serving static pages. The standby server must AT ALL TIMES have a completer and up to date copy of what the master server has - that is not easy to do without using failover. If the backup server does not have a complete and accurate copy of the primary server's lease database then you will suffer from one or more potentially serious problems.

Once you use failover to manage syncing the leases to the backup, then you might as well just use failover to manage availability.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Tiago SR
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation for redundancy

Tiago SR
My suggestion may also work if you have a centralized leases database, which both servers query (directly or via Radius) to assign addresses.


 ---- On Tue, 06 Mar 2018 16:08:25 -0300 Simon Hobson <[hidden email]> wrote ----
 > Tiago SR <[hidden email]> wrote:
 >  
 > > If you make use of DHCP Relay or can implement it, you could get the servers failover by VRRP, IP SLA, OSPF, etc.
 > > The DHCP Relay would query a DHCP Server IP address that would automatically point to secondary server in case of primary going down.
 >  
 > The problem with that is that unless you use the failover protocol then you cannot easily have a seamless handover - this is NOT a stateless server like a web server serving static pages. The standby server must AT ALL TIMES have a completer and up to date copy of what the master server has - that is not easy to do without using failover. If the backup server does not have a complete and accurate copy of the primary server's lease database then you will suffer from one or more potentially serious problems.
 >  
 > Once you use failover to manage syncing the leases to the backup, then you might as well just use failover to manage availability.
 >  
 > _______________________________________________
 > dhcp-users mailing list
 > [hidden email]
 > https://lists.isc.org/mailman/listinfo/dhcp-users 
 >


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Chris Buxton
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation for redundancy

Chris Buxton
In reply to this post by Pereida, Alejandro
In addition to failover, which is active/active no matter how you set the split value and which comes with its own headaches, you might also consider an appliance-based solution that offers HA clustering.

I work for BlueCat, and we offer dhcpd on Linux including features designed to support failover. But we also have an HA clustering feature which can work between data centers, as long as a layer 2 VLAN can be stretched between the two sites. Then only one appliance would be active at a time, with all leases written to disk in both servers. The cluster has a VIP, an IP address which floats between the two appliances.

I apologize for sounding like a commercial. Please note that BlueCat is not the only vendor offering this kind of solution. Different vendor offerings have different strengths and weaknesses, so you should evaluate which one best fits your needs.

Hope this helps.
Chris Buxton

Sent from my iPhone

> On Mar 6, 2018, at 8:07 AM, Pereida, Alejandro <[hidden email]> wrote:
>
> We would like redundancy to support the existing addresses (about 80
> address pools), yes both the active Datacenter and DR center are
> permanently tied
> Together via a redundant 10Gb fiber link
>
> On 3/6/18, 5:13 AM, "dhcp-users on behalf of Simon Hobson"
> <[hidden email] on behalf of [hidden email]>
> wrote:
>
>> "Pereida, Alejandro" <[hidden email]> wrote:
>>
>>> We have been using a single Linux server as our DHCP server running ISC
>>> DHCP Server 4.3.1
>>> We are building a ³secondary datacenter² for disaster recovery
>>> purposes. What is the most recommended
>>> Option for implementing a redundant DHCP server scenario in case the
>>> main datacenter (where the DHCP server resides)
>>> goes dark?
>>
>> You need to expand a bit - is this to support the existing addresses, or
>> another range, or something else ? And are the sites permanently
>> networked together ?
>>
>> In principle, all you need to do is add another server in a failover pair
>> - and then both servers will support the same address range(s). Given the
>> additional hop, it's likely that the on-site server will handle requests
>> most of the time as it'll get a reply back to the clients first.
>>
>> _______________________________________________
>> dhcp-users mailing list
>> [hidden email]
>> https://lists.isc.org/mailman/listinfo/dhcp-users
>
> _______________________________________________
> dhcp-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/dhcp-users
>

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Simon Hobson
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation for redundancy

Simon Hobson
In reply to this post by Tiago SR
Tiago SR <[hidden email]> wrote:

> My suggestion may also work if you have a centralized leases database, which both servers query (directly or via Radius) to assign addresses.

But AFAIK the ISC server does not have that capability.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Rick Coloccia
Reply | Threaded
Open this post in threaded view
|

Re: Recommendation for redundancy

Rick Coloccia
but kea does, also from isc.


On 3/8/2018 9:43 AM, Simon Hobson wrote:
> Tiago SR <[hidden email]> wrote:
>
>> My suggestion may also work if you have a centralized leases database, which both servers query (directly or via Radius) to assign addresses.
> But AFAIK the ISC server does not have that capability.
>
> _______________________________________________
> dhcp-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/dhcp-users

--
Rick Coloccia, Jr.
Network Manager
State University of NY College at Geneseo
1 College Circle, 119 South Hall
Geneseo, NY 14454
V: 585-245-5577
F: 585-245-5579

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Free forum by Nabble Edit this page