Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Share single DHCP database

Posted on 2007-04-09
16
Medium Priority
?
554 Views
Last Modified: 2010-04-18
What is the best way to share a single DHCP datebase between to DHCP servers.  One is running, the other will be on standy.  Should i store it on a 3rd location and simply point both to that location?
0
Comment
Question by:Mark Walden
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 7
16 Comments
 
LVL 26

Expert Comment

by:Pber
ID: 18876050
The database is designed not to be shared.  You could point it to a third server, but if the 3rd server goes down, your DHCP is down.  So you've only gained complexity and not really any more reliablility.  The best way to do this is to leave the local databases and use the 80/20 rules and have one DHCP server server up 80% of the subnet in each scope and the other servering the other 20% of the addresses.  

See this:
http://technet2.microsoft.com/WindowsServer/en/library/75cd0e1f-f464-40ea-ac88-2060e6769f331033.mspx?mfr=true

If you have clustering you could do this with shared disk.
0
 
LVL 26

Expert Comment

by:Pber
ID: 18876058
Here's the 80/20 rule info, it refers to 2000, but still valid for 2003:

http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/cnet/cncb_dhc_ogjw.mspx?mfr=true
0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18876775
Our network is too large to use a 80/20 setup.  Plus, my bosses dont want to split it up.  I have about 433 Scopes, 9000 or so clients.  Some scopes are near capacity.  I will have the database backed up somewhere else.  But with the network so reliant on DHCP, i can afford zero downtime.  Cluster will be in place, but i need to know how to share the database (Special accounts if needed, how to point to database, permissions to what).  I agree with you on the complexity, but this is what i need.  Thanks for the help.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 26

Expert Comment

by:Pber
ID: 18877002
You mentioned cluster will be in place?  Are you planning on putting this on a Windows Cluster?  Because if this is what you are trying to do, this is easy.  We do this with our DHCP and it's about the same size as yours.

Do you need a hand configuring that?
0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18877061
Yes, windows clustering will be in place.  I just want to get the database issue resolved first.  I know there are some permissions and reg keys that need changed, but im not sure as to which ones.
0
 
LVL 26

Expert Comment

by:Pber
ID: 18877177
Well if you are using Windows Clustering, you put the the DHCP on the shared disk that belongs to the DHCP Resource Group.  Then in the DHCP service parameters in the cluster administrator, you point the database path to your shared disk in the DHCP resource group.

If you are migrating to a cluster from a standalone, during cut over time, turn off the old dhcp service, copy the database to the cluster shared disk.  Then point the DHCP service parameters to the folder that contains the dhcp on the shared disk.  You can also keep the same IP address as your old server (this way you don't have to update every single IP helper on your routers).  Turn on the service and it should pick up the database seamlessly



0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18877459
But, can i do this without cluster inplace.  I can not config clustering yet.  Just want to see if i can get the database working with the 2 machines.  You have been a great help so far.  The points are yours.
0
 
LVL 26

Accepted Solution

by:
Pber earned 1200 total points
ID: 18877695
I haven't done this, but To do what you want to do, you'll probably need to configure the DHCP service to run under a domain account as opposed to the local system account.

So stop the dhcp service, create a domain service account for dhcp to run under.
You'll need to add that account to the local admins of both servers hosting the dhcp service.  You'll need to create a share on the 3rd server (\\server\dhcpshare) with modify rights on the share and ntfs for the domain service account mentioned above (You might need to set this to Full Control, but try Modify first).  You may also have to add this service account to the local DHCP administrators on each of the DHCP servers (You need to add DHCP admin users to each DHCP Administrators group on each server - this has to also be done this way with a server cluster).  
In the DHCP manager on each dhcp, right click the server and click parameters and select the advanced TAB.  Point the Audit/Database/Backup paths to the UNC path of the 3rd server (\\server\dhcpshare).

One problem that will probably come up is IP addresses of the DHCP server.  You'll need to change the ip address of the dhcp server each time you fail over to match the ip helper address you have defined, or add multiple ip helper addresses on your routers to match your 2 servers (same as the 80/20 rule config).

You should be able to fire up the service one at a time on either server.  






0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18877764
Sounds about right.  Thanks for the help.  Im sure i will post more on this issue in the future.
0
 
LVL 26

Expert Comment

by:Pber
ID: 18877795
Not a problem
0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18881476
still not working.  If i start the DHCP service with a network account, i can not access the DHCP console.  It says im not auth (but i am).  If i start the service with my network account, i still cant get in to dhcp.  Ideas?
0
 
LVL 26

Expert Comment

by:Pber
ID: 18881664
Are you in the local Admin of both servers as well as in the local DHCP Administrators Group?
0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18881771
Yes, im in both.
0
 
LVL 26

Expert Comment

by:Pber
ID: 18881794
What are the permissions on the share\NTFS?  Try bumping that up to Full Control.

What happens if you move the database back to the local server?  
I know we're going backwards, but it will narrow things down a bit.  This setup might not work as the DHCP might be internally coded to only use the SYSTEM account.  With a cluster the shared disk is considered local and the SYSTEM can access it fine
0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18881978
Yea, i think ill have to find a SAN.  I believe we have one thats not used.  Ill post a new question (with points) if i need help on the config.  Thanks for all you help.
0
 
LVL 26

Expert Comment

by:Pber
ID: 18882015
Fair enough.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
A Cisco router can be configured as a DHCP Server. There are advantages and disadvantages in making your Cisco router work as DHCP Server. Almost all the features for windows DHCP can be configured on Cisco-based DHCP server. Some of the features me…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question