ISC DHCP Users

problem with dhcp failover

classic Classic list List threaded Threaded
6 messages Options
Julie Xu
Reply | Threaded
Open this post in threaded view
|

problem with dhcp failover

Julie Xu

 

Hi,

 

I have configured our dhcp pair as failover, as below:

failover peer "xxx" {

    primary;

    address 10.10.10.10;

    peer address 10.10.10.11;

    port xxx;

    peer port xxx;

    max-response-delay 60;

    max-unacked-updates 10;

    mclt 300;

    split 128;

    load balance max seconds 3;

    auto-partner-down 0;

    max-lease-misbalance 15;

    max-lease-ownership 10;

    min-balance 60;

    max-balance 3600;

}

 

It is working good if both dhcp servers online. However, if one of the server is offline, than half of my ip addresses can not be renewed.

 

How can I troubleshoot this issue? What possible reasons can cause this issue?

 

Any comments will be appreciated

 

Thanks in advance

 

Julie


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Nicolas Ecarnot
Reply | Threaded
Open this post in threaded view
|

Re: problem with dhcp failover

Nicolas Ecarnot
Le 08/12/2017 à 05:53, Julie Xu a écrit :

> Hi,
>
> I have configured our dhcp pair as failover, as below:
>
> failover peer "xxx" {
>
>      primary;
>
>      address 10.10.10.10;
>
>      peer address 10.10.10.11;
>
>      port xxx;
>
>      peer port xxx;
>
>      max-response-delay 60;
>
>      max-unacked-updates 10;
>
>      mclt 300;
>
>      split 128;
>
>      load balance max seconds 3;
>
>      auto-partner-down 0;
>
>      max-lease-misbalance 15;
>
>      max-lease-ownership 10;
>
>      min-balance 60;
>
>      max-balance 3600;
>
> }
>
> It is working good if both dhcp servers online. However, if one of the
> server is offline, than half of my ip addresses can not be renewed.

Hello,

According what I remember (I've setup a complex bunch of failovers peers
years ago), when a failover pool is setup, both servers share the pool
of ip addresses and manage its half whatever happens.
When a pair if failing, the half pool it was managing is not available
anymore : it is not assignable. The remaining server has to welcome new
requests in its remaining half pool.
Clients from the lost pool will have to issue a new query that will be
managed by the live server, but their ip will change.
Knowing this, one has to provide a large enough pool forecasting such a
case.

--
Nicolas ECARNOT
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Simon Hobson
Reply | Threaded
Open this post in threaded view
|

Re: problem with dhcp failover

Simon Hobson
Nicolas Ecarnot <[hidden email]> wrote:

> According what I remember (I've setup a complex bunch of failovers peers years ago), when a failover pool is setup, both servers share the pool of ip addresses and manage its half whatever happens.
> When a pair if failing, the half pool it was managing is not available anymore : it is not assignable. The remaining server has to welcome new requests in its remaining half pool.
> Clients from the lost pool will have to issue a new query that will be managed by the live server, but their ip will change.
> Knowing this, one has to provide a large enough pool forecasting such a case.

Well it's a bit more complicated than that.
During normal operations, the servers will balance the FREE IPs between them - so it's quite possible for the two servers to have a very imbalanced number of active leases. But you are correct, when one peer "dies", the other will go into "communications interrupted" state because it has no way of knowing if the other server is "gone" or just "not reachable" (there are a number of topologies and failure modes which could allow both peers to respond to clients but not reach each other).

So any server that cannot communicate with it's peer will ONLY deal with addresses it "owns". You need to allow enough free IP space to allow for clients unable to renew with one server to get addresses from the other - initially.
The answer is to put the remaining partner into "partner down" state - at which point it will now behave (as far as clients are concerned) as if failover was not being used, handling all the IP space. As above, the admin has to do this manually because it's not possible to automatically determine the difference between down and unreachable - though AIUI there is now a config option to make this automatic for admins that like to live dangerously ;-)

When the peer comes back up, they will re-establish communications, sync their leases, and eventually get back to normal operations.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Nicolas Ecarnot
Reply | Threaded
Open this post in threaded view
|

Re: problem with dhcp failover

Nicolas Ecarnot
Le 08/12/2017 à 11:54, Simon Hobson a écrit :
> Well it's a bit more complicated than that.

Sure. Thank you for correcting some points I wasn't fully sure about.

--
Nicolas ECARNOT
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Julie Xu
Reply | Threaded
Open this post in threaded view
|

Re: problem with dhcp failover

Julie Xu

Thanks for the advice.

If it is the case, is possible to config hot standby for failover?

And what will happen than?


Sent from my iPhone

On 8 Dec 2017, at 10:09 pm, Nicolas Ecarnot <[hidden email]> wrote:

Le 08/12/2017 à 11:54, Simon Hobson a écrit :
Well it's a bit more complicated than that.

Sure. Thank you for correcting some points I wasn't fully sure about.

--
Nicolas ECARNOT
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Simon Hobson
Reply | Threaded
Open this post in threaded view
|

Re: problem with dhcp failover

Simon Hobson
Julie Xu <[hidden email]> wrote:

> If it is the case, is possible to config hot standby for failover?
>
> And what will happen than?

As in, running one server and if that fails, fire up a replacement (with same config and copy of the leases database) ?

Yes you can do that, keeping the config file up to date is fairly easy - keeping the leases file in sync is harder.
How up to date it needs to be to avoid significant problems depends a lot on your network and how it's used. For a stable network with little client churn then you don't need the leases file to be very up to date. For a volatile network then you really need a veery recent copy of the leases file.

It's probably easier to use failover - that way, the servers automatically sync the leases. If you are confident in your network topology, you could set the automatic partner down mode - otherwise just have network/server monitoring that will alert you to one going down so you can manually put the other into partner down mode.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Free forum by Nabble Edit this page