DHCP in use and already have scope , reservations, and MAC filtering need to add redundancy

Posted on 2013-01-25
Last Modified: 2013-02-04
Hi, We already have DHCP installed and running on a Domain Controller , Windows Server 2008 Standard  SP1 64 bit O/S.  This server also has Active Directory and dns.  The DHCP scope is already defined and has several reservations. Also it is using MAC filtering.  There is a second Windows 2008 server as a Domain Controller , running dns and Active Directory. So we need to implement DHCP redundancy or cluster or a backup failover DHCP server. What is recommended and not sure adding to or splitting the DHCP scope would be an option as need to have reservations and MAC filtering.  An automated solution would be nice but is it possible to implement without changing the current working DHCP server ?
Question by:zephon50
  • 3
  • 3
  • 2
  • +1

Assisted Solution

norcalty earned 250 total points
ID: 38819438

"In Windows Server® 2008 R2, there are two high availability options available for DHCP Server deployment. Each of these options is associated with some challenges.
DHCP in a Windows failover cluster. This option places the DHCP server in a cluster with an additional server configured with the DHCP service that assumes the load if the primary DHCP server fails. The clustering deployment option uses a single shared storage. This makes the storage a single point of failure, and requires additional investment in redundancy for storage. In addition, clustering involves relatively complex setup and maintenance.

Split scope DHCP. Split scope DHCP uses two independent DHCP servers that share responsibility for a scope. Typically 70% of the addresses in the scope are assigned to the primary server and the remaining 30% are assigned to the backup server. If clients cannot reach the primary server then they can get an IP configuration from the secondary server. Split scope deployment does not provide IP address continuity and is unusable in scenarios where the scope is already running at high utilization of address space, which is very common with Internet Protocol version 4 (IPv4)."
LVL 22

Expert Comment

by:Matt V
ID: 38819453
Split scope probably the easiest to manage.

You create the same scope on both DHCP servers, then exclude the lower half on one, and the upper half of the IP range on the other.

You make the same reservations on both DHCP servers, so no matter which one they attach to the client will get the reservation.

We do this and it works very well.

Expert Comment

ID: 38819462
I'd like to mention that in smaller environments typically you don't setup DHCP failover unless you have some outstanding circumstances like running a 24/7 shop.  Since you have only two servers mentioned I'm assuming your environment is smaller.

 It's so easy to setup DHCP quickly that I usually just install DHCP on another server and document the settings.  It's about 5 minutes to setup a new one and authorize it as a DHCP server.
Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.


Author Comment

ID: 38819902
Thanks for the responses.  We do run 24/7 and DHCP shows 984 in use.  I mentioned the second Windows 2008 server only to reference that we can implement DHCP on that server but we are trying to determine how best to do that. As you all have mentioned and having read other articles there are different approaches. Given that we use some reservations and we have to add every MAC address in a file for MAC filtering and several staff members do this the dual entry probably would not be feasible. We are simply looking for a means to have fault tolerance on DHCP, it would be nice if there was an automated Primary Secondary. How can we easily get DHCP to run from another Server without making changes to the scope on the Primary in the event that the Primary is not available?

Expert Comment

ID: 38819924
The only way to do that is clustering the two machines as in the first example.  You must have shared storage to do this which will create another single point of failure without a secondary.  You can do it this way, it's just less common, more complicated and difficult and more expensive.
LVL 22

Accepted Solution

Matt V earned 250 total points
ID: 38820335
Another option would be to install the DHCP service on the other server, and run nightly exports of the DHCP config to that server.

Then in a failure you could do a quick import and be up and running.

netsh dhcp server export c:\dhcpd all

netsh dhcp server import c:\dhcpd all
LVL 38

Expert Comment

ID: 38822275
How many computers?

Split the Address Pool, not the scope.

Author Comment

ID: 38827405
Hi, regarding the nightly export , how would you suggest managing the reservation list and MAC list ? Thanks

Author Closing Comment

ID: 38851556
Thanks for the feedback and suggestions.

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Router assigned IP addresses 18 103
SMB Packet - File Data 4 41
In Which situation we need to add static routes 10 42
Switch port problems 15 28
Is your computer hacked? learn how to detect and delete malware in your PC
Join Greg Farro and Ethan Banks from Packet Pushers ( and Greg Ross from Paessler ( for a discussion about smart network …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question