best practice for moving subnets?

Simon Hobson dhcp1 at thehobsons.co.uk
Wed Nov 17 09:52:58 UTC 2010 

Bjarne Blichfeldt wrote:

>I think I would :
>
>add the subnets to the new failoverpair
>change helper addresses
>change the config for the relevant subnets on the old pair to include :
>	# 1 = DHCPDISCOVER
>              if option dhcp-message-type = 1 {
>                         deny booting;
>               }
>             deny after 4 2010/12/28 16:00:00;
>or something suitable.
>
>The thing is, even if you change helper address, the clients will 
>continue to use the old dhcp serves if there are
>network connectivity.
>Only discoveries are sent as broadcast make use of the helper 
>address. DHCPINFORM, DHCPREQUEST will be sent directly to the 
>previous
>used dhcp sever.

That's a lot more work than just stopping the service on the old servers !

Yes, the clients will initially attempt to renew with the old 
servers, but when that fails they will broadcast a request for their 
current address. At this point, the new servers can respond, and if 
you've copied the config and leases file over from the old pair, then 
the client will get it's current address renewed and carry on without 
a break.

With your method, you would still have the problem of DDNS entries. 
Clients getting an address from the new servers would trigger the new 
servers to attempt a DDNS update. Since the old lease wouldn't (in 
most cases) have expired, the DNS records would still have a TXT key 
from the old server pair and the update would fail. IFF the client 
gets the same address, at this point it will still have valid DNS 
records, but if it gets a new address then the records are now wrong.

At some point, the old server will expire the lease and remove the 
DNS entries. The client now has no DNS entries and will remain like 
that until next time it renews it's lease - at which point the new 
server will be able to do the DDNS updates.


Depending on what other services are running on the machines, another 
technique could be to move the DHCP service to it's own address - and 
also switch that to the new machines when you move the service. That 
would avoid any break whatsoever.

Or you could use the failover functionality for the switch. Eg, take 
down A2 and flag A1 as partner down. Change the config to make B2 
it's partner and then bring B2 up. B2 will now get all the lease info 
transferred from A1. If you leave it a while, then some clients will 
get to know that B2 is now their server for renewals.
Finally, shutdown A1, change the config on B2, and bring up B1. B1 
will now get the lease info transferred from B2, and after a short 
delay the system will be fully running.

Personally I think just copying the config and lease files over for a 
"big bang" switchover is a lot simpler.

-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

More information about the dhcp-users mailing list