3.1.1 Failover Speed (was: Re: 4.1.0a1 Failover sync speed)

Michael Kaegler Michael.Kaegler at marist.edu
Thu May 29 14:18:42 UTC 2008 

>Are the clocks synchronized with NTP?  What are your configuration
>file contents?  At least post the failover stanzas and the subnet/pool
>stanzas.

Clocks are synched via ntp to the same time source. Config snip:

~~~~
failover peer "dhcp-failover" {
   primary; # declare this to be the primary server
   address 10.12.1.31;
   port 647;
   peer address 10.12.1.32;
   peer port 647;
   max-response-delay 30;
   max-unacked-updates 10;
   load balance max seconds 3;
   mclt 30; # set deliberately low for initial sync
   split 128;
}
[...]
subnet 10.32.232.0 netmask 255.255.248.0 {
    option routers 10.32.232.1;
    option netbios-name-servers 10.12.1.13, 10.12.1.14;
    ddns-domainname "ch-recy.ddns.marist.edu";
    pool { failover peer "dhcp-failover"; range 10.32.232.20 10.32.239.254; }
}
subnet 10.32.240.0 netmask 255.255.248.0 {
    option netbios-name-servers 10.12.1.13, 10.12.1.14;
    option routers 10.32.240.1;
    ddns-domainname "facstaff.ddns.marist.edu";
    pool { failover peer "dhcp-failover"; range 10.32.240.20 10.32.247.254; }
}
[...]
~~~~
(the entire file is 3.7mb. The server goes from starting to serving 
in less than 2 seconds normally.)

>  > We do have 140 subnets (mostly /21s). The load averages on the test servers
>  > were high (4.00 - 6.00) but the interfaces were only pushing 60kbit.
>
>140 * 2048 = 286,720.  I'm not sure what the expected performance
>should be for synchronizing almost 300,000 leases over failover.

I would expect failover transfers to be capable of running at the 
same speed as regular DHCP requests.

>  > There are fixed-address lines within those ranges which will be removed
>  > (but can't be yet, we still need them).
>
>You have a configuration error.  You must not have fixed-addresses
>that are within ranges.
[...]
>If you don't do this, you will confuse the dhcp server which will try
>to assign dynamic IPs that match your fixed-address, causing an IP
>conflict.

This may have been true once, but we tested this: setup a subnet with 
a "range 10.10.10.4 10.10.10.5" and assigned '.4 fixed. We joined two 
machines, neither of which were the MAC assigned '.4, and no other 
machines were on the subnet at all. The first was assigned .5, the 
second just generated a 'no addresses available' error.

-porkchop
-- 
Michael "Porkchop" Kaegler, Sr. Network Analyst
(845) 575-3061 Marist College, Poughkeepsie, NY

More information about the dhcp-users mailing list