dhcp failover
Ivo Sabev
summerborn at gmail.com
Wed Jul 5 09:06:54 UTC 2006
ISC DHCPD makes ping checks to detect ip availability. If you loose your
lease file, I think it is not so bad, because the second dhcp server will
detect that the IP that it wants to give is not free.
> -----Original Message-----
> From: dhcp-users-bounce at isc.org [mailto:dhcp-users-bounce at isc.org] On
> Behalf Of Simon Hobson
> Sent: Wednesday, July 05, 2006 11:15 AM
> To: dhcp-users at isc.org
> Subject: Re: dhcp failover
>
> Tony Aldo wrote:
>
> >Hi, I have a 2 node cluster using the Linux HA project.
> >I am not using any of DHCP's built in failover features but instead have
> >linux ha manage dhcp by keeping one node running dhcp at a time.
> >My question is, how bad is it not to mirror the leases databases between
> the
> >two servers?
>
> Potentially very bad !
>
> Simple scenario :
> You primary server fails, secondary is brought into use.
> Secondary has no lease database.
> New client* connects to network, address is allocated from 'free' pool.
> Server pings address, but gets no reply because loads of stuff these
> days have firewalls that block pings.
> Server offers address to client which accepts it.
> You now have two devices with the same IP address.
>
> It's up to you whether it's a problem or not to have a high
> probability of issuing duplicate addresses - personally I'd say
> that's a BIG problem.
>
>
> * This applies to any client that doesn't already think it has an
> address on this subnet :
> - it's never been connected to the network before
> - it's last been on a different network
> - it doesn't have non-volatile storage & clock so can't remember
> lease info across power cycles
> - it releases it's lease on shutdown (Macs do this)
>
>
> If a client already has an address on this subnet, then it will
> typically request the same address later. In this case it doesn't
> matter too much as the server will give it the same address if it's
> free and so populate it's database.
>
>
> You will almost certainly have problems with DDNS. When you lose your
> lease database, you lose all records of dns entries you've created -
> so nothing will get removed when leases expire. Since the server is
> now different, I think it will generate a different hash for the
> 'security key' and you will have failures because the new server
> can't update/replace existing dns entries.
>
>
> That enough problems for you ?
>
> Simon
More information about the dhcp-users
mailing list