How to create a backup pool?

Simon Hobson dhcp1 at thehobsons.co.uk
Tue Jul 18 10:26:38 UTC 2006 

Jukka Laaksola wrote:

>I have set up a quite complex class/subclass configuration for ISC
>dhcpd. It uses Option-82 information to connect some DSLAMs to several
>pools etc.
>
>Now the question is if there is an easy way to add a priority to pools?
>The idea is to add a backup pool with private IPs which will be NATted.

No way at all to do this, BUT there is a way that will 'sort of' 
emulate it with a number of ifs and buts !

>So normally I would share public IPs from pool A to customers but if all
>public IPs are in use then next customers will get private IPs
>(10.10.10.x) from a backup pool. All of those private IPs are NATted to
>one public IP.
>
>The configuration should give first all public IPs and after that start
>to give IPs from private IPs. Is this possible somehow?


OK, two methods come to mind, neither are perfect but may just manage 
'enough' to get you by !


1) Run a monitor that enables a pool as required

Well that's it really, write a script that periodically checks the 
status of your leases and if it detects that there are no free 
addresses in the main pool will re-configure the server to allow it 
to use addresses from the backup pool. When it detects free addresses 
then you reconfigure the server again - but be aware that this will 
most likely cause a client in the backup pool to switch address (and 
thus lose all existing connections) on lease renewal.


2) Rely on undocumented behaviour to control address use order.

The server as currently written will allocate addresses starting at 
the top of pools (and IIRC, the highest address when multiple pools 
are available). You could exploit this to ensure that initially 
clients would get addresses from one pool rather than another.

BUT - this only works while addresses in the main pool are unused 
(not free, but totally unused as in never been issued before).

You would need to run a cleanup process to periodically remove all 
trace of expired leases in the main from the lease database so that 
the address could then be used preferentially.

This will not however allow for a client getting back into the main 
pool as it will continue using it's address in the backup pool until 
something forces it to change.



Much better of course to ensure that you have enough addresses for customers !


There is also the factor of how you will deal with the technical and 
support issues of having customers that may or may not be behind NAT 
- and where this may change from one session to another. I would be a 
bit miffed to say the least if I'd just set up some software on the 
assumption that I had a non-nat connection and then found it broken 
because I was now behind nat !

Simon

More information about the dhcp-users mailing list