How to properly break DHCPd failover peer relationship

Tue Mar 13 17:25:02 UTC 2018

On Mon, Mar 12, 2018 at 5:23 PM, Justin Sanderson <
justin.sanderson104 at gmail.com> wrote:

> Hi everyone. I'm new to the list and am in need of some advice.
>
> I have 2 servers running RHEL 5.x using dhcp-3.0.5-23 that are running in
> a peer relationship.
>
> I'm looking for the best/easiest method to break this peer relationship
> and reduce the dhcp server functionality back to just one server w/o
> interrupting clients.
>
> Again, any advice or past experiences would be helpful.
>
> Here's a snippet of the conf files where the pool is being balanced/split.
>
> ================================================
> PRIMARY SERVER
> subnet 172.20.10.0 netmask 255.255.255.0 {
>         pool {
>                 range 172.20.10.1 172.20.10.45;
>                 range 172.20.10.47 172.20.10.95;
>                 range 172.20.10.97 172.20.10.149;
>                 ping-check true;
>                 option subnet-mask 255.255.255.0;
>                 option broadcast-address 172.20.10.255;
>                 option routers 172.20.10.254;
>                 deny dynamic bootp clients;
>                 failover peer "xxxxx";
>         }
> }
> =======================================================
> PRIMARY SERVER
> failover peer "xxxxx" {
>         primary;
>         address 172.20.10.200;
>         port 520;
>         peer address 172.20.10.201;
>         peer port 521;
>         max-response-delay 120;
>         max-unacked-updates 10;
>         mclt 1800;
>         split 128;
>         load balance max seconds 3;
> }
>
> =========================================================
>
> SECONDARY SERVER (the server i want to remove from the relationship)
>
> subnet 172.20.10.0 netmask 255.255.255.0 {
>         pool {
>                 range 172.20.10.1 172.20.10.45;
>                 range 172.20.10.47 172.20.10.95;
>                 range 172.20.10.97 172.20.10.149;
>                 ping-check true;
>                 option subnet-mask 255.255.255.0;
>                 option broadcast-address 172.20.10.255;
>                 option routers 172.20.10.254;
>                 deny dynamic bootp clients;
>                 failover peer "xxxxx";
>         }
> }
> ==============================================================
> SECONDARY SERVER
>
> failover peer "adtran" {
>         secondary;
>         address 172.20.10.201;
>         port 521;
>         peer address 172.20.10.200;
>         peer port 520;
>         max-response-delay 120;
>         max-unacked-updates 10;
>         load balance max seconds 3;
> }
>
>
>
> ThankS in advance.
>
> Regards,
> Justin
>
>
I would suggest these steps:

1. On the failover server, stop the DHCP process.
2. On the primary server, put in "partner down" mode.  (I don't have the
exact command in front of me, I think you use omshell.)
3. Wait for as long as your longest lease time.  You can watch the clients
do DHCPREQUESTs to the failover server from half the lease time to 7/8, and
then DHCPDISCOVER and get the lease renewed from the primary server.
4. Reconfigure the primary server without the failover options.

-- 
Bob Harold
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20180313/a4ce2782/attachment.html>