• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 500
  • Last Modified:

DHCP in use and already have scope , reservations, and MAC filtering need to add redundancy

Hi, We already have DHCP installed and running on a Domain Controller , Windows Server 2008 Standard  SP1 64 bit O/S.  This server also has Active Directory and dns.  The DHCP scope is already defined and has several reservations. Also it is using MAC filtering.  There is a second Windows 2008 server as a Domain Controller , running dns and Active Directory. So we need to implement DHCP redundancy or cluster or a backup failover DHCP server. What is recommended and not sure adding to or splitting the DHCP scope would be an option as need to have reservations and MAC filtering.  An automated solution would be nice but is it possible to implement without changing the current working DHCP server ?
0
zephon50
Asked:
zephon50
  • 3
  • 3
  • 2
  • +1
2 Solutions
 
norcaltyCommented:
http://technet.microsoft.com/en-us/library/hh831385.aspx

"In Windows ServerĀ® 2008 R2, there are two high availability options available for DHCP Server deployment. Each of these options is associated with some challenges.
DHCP in a Windows failover cluster. This option places the DHCP server in a cluster with an additional server configured with the DHCP service that assumes the load if the primary DHCP server fails. The clustering deployment option uses a single shared storage. This makes the storage a single point of failure, and requires additional investment in redundancy for storage. In addition, clustering involves relatively complex setup and maintenance.

Split scope DHCP. Split scope DHCP uses two independent DHCP servers that share responsibility for a scope. Typically 70% of the addresses in the scope are assigned to the primary server and the remaining 30% are assigned to the backup server. If clients cannot reach the primary server then they can get an IP configuration from the secondary server. Split scope deployment does not provide IP address continuity and is unusable in scenarios where the scope is already running at high utilization of address space, which is very common with Internet Protocol version 4 (IPv4)."
0
 
Matt VCommented:
Split scope probably the easiest to manage.

You create the same scope on both DHCP servers, then exclude the lower half on one, and the upper half of the IP range on the other.

You make the same reservations on both DHCP servers, so no matter which one they attach to the client will get the reservation.

We do this and it works very well.
0
 
norcaltyCommented:
I'd like to mention that in smaller environments typically you don't setup DHCP failover unless you have some outstanding circumstances like running a 24/7 shop.  Since you have only two servers mentioned I'm assuming your environment is smaller.

 It's so easy to setup DHCP quickly that I usually just install DHCP on another server and document the settings.  It's about 5 minutes to setup a new one and authorize it as a DHCP server.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
zephon50Author Commented:
Thanks for the responses.  We do run 24/7 and DHCP shows 984 in use.  I mentioned the second Windows 2008 server only to reference that we can implement DHCP on that server but we are trying to determine how best to do that. As you all have mentioned and having read other articles there are different approaches. Given that we use some reservations and we have to add every MAC address in a file for MAC filtering and several staff members do this the dual entry probably would not be feasible. We are simply looking for a means to have fault tolerance on DHCP, it would be nice if there was an automated Primary Secondary. How can we easily get DHCP to run from another Server without making changes to the scope on the Primary in the event that the Primary is not available?
0
 
norcaltyCommented:
The only way to do that is clustering the two machines as in the first example.  You must have shared storage to do this which will create another single point of failure without a secondary.  You can do it this way, it's just less common, more complicated and difficult and more expensive.
0
 
Matt VCommented:
Another option would be to install the DHCP service on the other server, and run nightly exports of the DHCP config to that server.

Then in a failure you could do a quick import and be up and running.

netsh dhcp server export c:\dhcpd all

netsh dhcp server import c:\dhcpd all
0
 
ChiefITCommented:
How many computers?

Split the Address Pool, not the scope.
0
 
zephon50Author Commented:
Hi, regarding the nightly export , how would you suggest managing the reservation list and MAC list ? Thanks
0
 
zephon50Author Commented:
Thanks for the feedback and suggestions.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now