General questions about failover, config changes and restarting
Patrick Trapp
ptrapp at nex-tech.com
Wed Mar 2 13:59:51 UTC 2016
I can't answer the whys or hows so much, but I can tell you what we do here. It was set up by someone that preceded me and I have worked to make it easier to manage, but the underlying structure, I cannot claim.
We have two DHCP servers in a failover configuration that are essentially the same, as you describe. We also have a third DHCP server that is also the same, but it has no reference to the failover configuration of the other two. DHCP is never actually started on the third server. We make our changes to the third server and test the configuration for syntactical errors, then we run a script that uses version control to upload the resulting configuration - just the part that the production servers will have in common, not the server-specific bits - to the version control server, remote in to each of production servers in turn, have them download the new configuration and restart. I have not seen any issues with restarts in our scenario, but I don't know what the pertinent bits might be that make the difference.
Patrick
________________________________________
From: dhcp-users-bounces at lists.isc.org [dhcp-users-bounces at lists.isc.org] on behalf of James Dore [james.dore at new.ox.ac.uk]
Sent: Wednesday, March 02, 2016 6:36 AM
To: dhcp-users at lists.isc.org
Subject: General questions about failover, config changes and restarting
Hi all,
I’ve had a pair of DHCP servers running in a load balance/failover cluster for about 9 months, but haven’t really got my head round what happens when I make a change to the configuration.
I have a bunch of config files called from the main config file thus:
##########################
# #
# Failover configuration #
# #
##########################
failover peer "newc-dhcp" {
primary;
address 129.67.111.199; # address of this server
port 519;
peer address 129.67.111.243; # address of the secondary dhcpd
peer port 519;
max-response-delay 60;
max-unacked-updates 10;
mclt 600;
split 128;
load balance max seconds 3;
}
key primaryhost {
algorithm hmac-md5;
secret <ssshhh!>
};
omapi-key primaryhost;
omapi-port 7911;
###########################
# #
# Load the golbal options #
# #
###########################
include "/etc/dhcpd.d/master.conf"; # (Rarely!) Edit this file to set global options
########################
# #
# Subnet config files #
# #
########################
include "/etc/dhcpd.d/vlan1.conf"; # 129.67.108.0/22 Main subnet and static assignments
include "/etc/dhcpd.d/vlan3.conf"; # 10.30.0.0/22 Devices subnet config and static assignments
include "/etc/dhcpd.d/vlan4.conf"; # 10.4.0.0/16 NAT Vlan4 Subnet config and static assignments
include "/etc/dhcpd.d/annexe.conf"; # 163.1.173.0/24 Annexe subnet config and static assignments
Both peers have pretty similar config files, the only difference being the secret and the address/peer address settings. Everything else is the same. (Should it be?)
The things I’m curious about are what happens when I make a change to one of the Subnet config files, for instance to add a new static assignment. My usual method has been to edit the file one peer, and then scp it over to the other peer. After that, it seems like I need to do a number of restarts of each peer before they both return to Normal status. They seem to get stuck in Partner-down, Recover, or Recover Wait status for a while.
If I can get them both in Recover Wait, then they will synchronise, but it seems to be difficult to get them there.
Is there anything I can do to smooth the process?
I can’t find much info about troubleshooting failover or load balancing, all my googling has turned up is instructions on initial setup. Does anyone have some useful pointers or links?
Cheers,
James
_______________________________________________
dhcp-users mailing list
dhcp-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
More information about the dhcp-users
mailing list