dhcp failover

Wed Jul 5 23:45:52 UTC 2006

Hi listers I am new to the list, in my experience this would only be a
real issue when dhcp must server many hundreds+ of clients as each
client when starting will get NAK and then start the negotiation from
begining. It has also all sorts of additional issues such as dups as
mentioned for networks that don't respond quick enough, on large
networks it can cause backoff on the switch port your server is
connected to.
>>> "Ivo Sabev" <summerborn at gmail.com> 07/05/06 7:06 PM >>>
ISC DHCPD makes ping checks to detect ip availability. If you loose your
lease file, I think it is not so bad, because the second dhcp server
will
detect that the IP that it wants to give is not free.

> -----Original Message-----
> From: dhcp-users-bounce at isc.org [mailto:dhcp-users-bounce at isc.org] On
> Behalf Of Simon Hobson
> Sent: Wednesday, July 05, 2006 11:15 AM
> To: dhcp-users at isc.org
> Subject: Re: dhcp failover
>
> Tony Aldo wrote:
>
> >Hi, I have a 2 node cluster using the Linux HA project.
> >I am not using any of DHCP's built in failover features but instead
have
> >linux ha manage dhcp by keeping one node running dhcp at a time.
> >My question is, how bad is it not to mirror the leases databases
between
> the
> >two servers?
>
> Potentially very bad !
>
> Simple scenario :
> You primary server fails, secondary is brought into use.
> Secondary has no lease database.
> New client* connects to network, address is allocated from 'free'
pool.
> Server pings address, but gets no reply because loads of stuff these
> days have firewalls that block pings.
> Server offers address to client which accepts it.
> You now have two devices with the same IP address.
>
> It's up to you whether it's a problem or not to have a high
> probability of issuing duplicate addresses - personally I'd say
> that's a BIG problem.
>
>
> * This applies to any client that doesn't already think it has an
> address on this subnet :
> - it's never been connected to the network before
> - it's last been on a different network
> - it doesn't have non-volatile storage & clock so can't remember
> lease info across power cycles
> - it releases it's lease on shutdown (Macs do this)
>
>
> If a client already has an address on this subnet, then it will
> typically request the same address later. In this case it doesn't
> matter too much as the server will give it the same address if it's
> free and so populate it's database.
>
>
> You will almost certainly have problems with DDNS. When you lose your
> lease database, you lose all records of dns entries you've created -
> so nothing will get removed when leases expire. Since the server is
> now different, I think it will generate a different hash for the
> 'security key' and you will have failures because the new server
> can't update/replace existing dns entries.
>
>
> That enough problems for you ?
>
> Simon

**********************************************************************
*****   IMPORTANT INFORMATION    *****
This document should be read only by those persons to whom it is 
addressed and its content is not intended for use by any other 
persons.  If you have received this message in error, please notify 
us immediately.  Please also destroy and delete the message from 
your computer.  Any unauthorised form of reproduction of this message 
is strictly prohibited.

St George Bank Limited AFSL 240997, Advance Asset Management Limited 
AFSL 240902,  St George Life Limited AFSL 240900, ASGARD Capital Management Limited 
AFSL 240695 and Securitor Financial Group Limited AFSL 240687 is not liable for 
the proper and complete transmission of the information contained in 
this communication, nor for any delay in its receipt.
**********************************************************************