DHCP in use and already have scope , reservations, and MAC filtering need to add redundancy

Posted on 2013-01-25
Last Modified: 2013-02-04
Hi, We already have DHCP installed and running on a Domain Controller , Windows Server 2008 Standard  SP1 64 bit O/S.  This server also has Active Directory and dns.  The DHCP scope is already defined and has several reservations. Also it is using MAC filtering.  There is a second Windows 2008 server as a Domain Controller , running dns and Active Directory. So we need to implement DHCP redundancy or cluster or a backup failover DHCP server. What is recommended and not sure adding to or splitting the DHCP scope would be an option as need to have reservations and MAC filtering.  An automated solution would be nice but is it possible to implement without changing the current working DHCP server ?
Question by:zephon50
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1

Assisted Solution

norcalty earned 250 total points
ID: 38819438

"In Windows Server® 2008 R2, there are two high availability options available for DHCP Server deployment. Each of these options is associated with some challenges.
DHCP in a Windows failover cluster. This option places the DHCP server in a cluster with an additional server configured with the DHCP service that assumes the load if the primary DHCP server fails. The clustering deployment option uses a single shared storage. This makes the storage a single point of failure, and requires additional investment in redundancy for storage. In addition, clustering involves relatively complex setup and maintenance.

Split scope DHCP. Split scope DHCP uses two independent DHCP servers that share responsibility for a scope. Typically 70% of the addresses in the scope are assigned to the primary server and the remaining 30% are assigned to the backup server. If clients cannot reach the primary server then they can get an IP configuration from the secondary server. Split scope deployment does not provide IP address continuity and is unusable in scenarios where the scope is already running at high utilization of address space, which is very common with Internet Protocol version 4 (IPv4)."
LVL 22

Expert Comment

by:Matt V
ID: 38819453
Split scope probably the easiest to manage.

You create the same scope on both DHCP servers, then exclude the lower half on one, and the upper half of the IP range on the other.

You make the same reservations on both DHCP servers, so no matter which one they attach to the client will get the reservation.

We do this and it works very well.

Expert Comment

ID: 38819462
I'd like to mention that in smaller environments typically you don't setup DHCP failover unless you have some outstanding circumstances like running a 24/7 shop.  Since you have only two servers mentioned I'm assuming your environment is smaller.

 It's so easy to setup DHCP quickly that I usually just install DHCP on another server and document the settings.  It's about 5 minutes to setup a new one and authorize it as a DHCP server.
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.


Author Comment

ID: 38819902
Thanks for the responses.  We do run 24/7 and DHCP shows 984 in use.  I mentioned the second Windows 2008 server only to reference that we can implement DHCP on that server but we are trying to determine how best to do that. As you all have mentioned and having read other articles there are different approaches. Given that we use some reservations and we have to add every MAC address in a file for MAC filtering and several staff members do this the dual entry probably would not be feasible. We are simply looking for a means to have fault tolerance on DHCP, it would be nice if there was an automated Primary Secondary. How can we easily get DHCP to run from another Server without making changes to the scope on the Primary in the event that the Primary is not available?

Expert Comment

ID: 38819924
The only way to do that is clustering the two machines as in the first example.  You must have shared storage to do this which will create another single point of failure without a secondary.  You can do it this way, it's just less common, more complicated and difficult and more expensive.
LVL 22

Accepted Solution

Matt V earned 250 total points
ID: 38820335
Another option would be to install the DHCP service on the other server, and run nightly exports of the DHCP config to that server.

Then in a failure you could do a quick import and be up and running.

netsh dhcp server export c:\dhcpd all

netsh dhcp server import c:\dhcpd all
LVL 38

Expert Comment

ID: 38822275
How many computers?

Split the Address Pool, not the scope.

Author Comment

ID: 38827405
Hi, regarding the nightly export , how would you suggest managing the reservation list and MAC list ? Thanks

Author Closing Comment

ID: 38851556
Thanks for the feedback and suggestions.

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question