Authoritative use.

[Keith Woodworth]

On Fri, 13 Oct 2006, Simon Hobson wrote:

|->>Is the use of Authoritative a required command to use in a subnet
|->>declaration?
|->>
|->Not necessarily in the subnet declaration (it is usually a global
|->option), but it is required somewhere in scope for the server to act
|->correctly (NACK invalid requests).

Thats what I thought, that it is required somewhere, but was not sure
exactly where. Ive got 12 subnet declarations on the new server. Can I
just put authoritative in here:

option domain-name "mynetwork.net";
ddns-update-style none;
ddns-updates off;
omapi-port 7911;
authoritative;

As those are outside any of the subnets.

|->The clients will attempt to contact the old server directly by
|->unicast to renew their leases - so you will need to tell it to ignore
|->them. Simply removing (or commenting out) the subnet declaration is
|->the easiest way to do it.

Thats what I had read and know from some past experience.

|->>I was going to do this for all the networks. One at a time lower the lease
|->>time on the subnet, change the dhcp relay (ip-helper) address on the
|->>approprate vlan and just comment out the subnet on the old server and let
|->>the new one take over. Will this work ok?
|->
|->Yes, but be aware that your cannot shorten existing leases. So for
|->example, if you've been giving out 4 week leases, you need to start
|->your work at least 4 weeks in advance - I would do it in stages by
|->cutting down to 2 weeks at 4 weeks to go, then down to 1 week at 2
|->weeks to go, and so on until you arrive at cutover time with no
|->client having a long lease. If you just went to 30 minute leases with
|->4 weeks to go, then you expose yourself to increased server load, and
|->more risk from a server failure, for several weeks.

Its a 7 day lease time for all clients and I started the first subnet
9 days ago and all clients now have a 30 min lease.

The only big change Ive ever done with DHCP is renumber a small segment
from a /26 into a /24 and basically just lowered the lease time to 15 mins
from 7 days, waited 7 days, renumbered the links, added the new subnet to
dhcpd and restarted it and it all worked.

|->If you don't stat well in advance, you can end up with clients that
|->still have weeks of lease left when you want to change over - if they
|->are never rebooted, put to sleep, or disconnected from the network
|->then they will not attempt to renew when you want them to.

Ive been planning this out for weeks now on how to do it and getting the
new server ready to go. I'm ready to start the first subnet and if it
works as I think it should I'll start the rest.

|->Your method will work, but so too will the copy the files option -
|->with some changes. You can copy the subnet definitions a subnet at a
|->time, which is what you are effectively doing anyway.

As I'm integrating two dhcp servers into one the only way I could see was
to move each subnet one by one. Decrease the lease time on one subnet,
wait for the old lease to expire, comment out the subnet on the old
server, restart it, then change the dhcp relay on the vlan to point to the
new server.

|->You can also copy the leases files - you only need to copy the one
|->for the subnet you are moving at any point. What you need to do is to
|->append the lease file to the existing lease file, then when you start
|->the new server again it will discard any leases for subnets it

I'd rather not have to move the lease file(s) around and just start with a
new fresh lease file on the new server.

|->On the whole, with a migration like this it's as easy to just let the
|->clients take on a new lease with the new server. Many clients will
|->ask for their previous address anyway, so little will change.

Thats what I'm hoping.

Thanks for the reply Simon. Much appreciated.