Fredo Frog
asked on
2016 DHCP Failover not working when 1 x off DHCP is turned off
Hi There,
DHCP fail over not assigning addresses when 1 x off dhcp is turned off
Here my set up
2 x networks
-> First Network
192.168.1.0/24
DC & DHCP role installed
-> Second Network
192.168.2.0/24
DC & DHCP role installed
Site are in different physical location & connected via site to site VPN
Ping between both network OK
I have setup my DHCP failover exactly like here:
https://technet.microsoft.com/en-us/library/hh831385(v=ws.11).aspx
When I turn off on of my DHCP server for testing purposes, the DHCP orange appears, but that is about all that happen. No ips are assigned.
Any ideas?
Thanks
DHCP fail over not assigning addresses when 1 x off dhcp is turned off
Here my set up
2 x networks
-> First Network
192.168.1.0/24
DC & DHCP role installed
-> Second Network
192.168.2.0/24
DC & DHCP role installed
Site are in different physical location & connected via site to site VPN
Ping between both network OK
I have setup my DHCP failover exactly like here:
https://technet.microsoft.com/en-us/library/hh831385(v=ws.11).aspx
When I turn off on of my DHCP server for testing purposes, the DHCP orange appears, but that is about all that happen. No ips are assigned.
Any ideas?
Thanks
Aard Vark
First of all your failover settings.
- Have you configured DHCP failover to occur manually or automatically; that is have you enabled the state switch over internal and for how long?
- Have you correctly configured your DHCP helpers/forwarders to send DHCP requests to both DHCP servers?
- Can you manually failover?
- Do you have DHCP logging enabled and if you do what do the logs say (by default under C:\Windows\System32\DHCP).
- What do the DHCP server logs say under the DHCP administrative logs in event viewer?
ASKER
Hi,
Thanks for your comment.
Please find answer to your questions below:
1)Have you configured DHCP failover to occur manually or automatically; that is have you enabled the state switch over internal and for how long?
Not sure if I have seen a setting for a manual failover. I did set the failover as follow for testing purposes:
Failover mode: Hot Standby
State Switchover interval: 1mins
I have stop DHCP server for testing & nothing happens
Run all know common cmd ipconfig /release & ipconfig /renew
There is no address being given
2) Have you correctly configured your DHCP helpers/forwarders to send DHCP requests to both DHCP servers?
Could you please give an example of a correct DHCP requests as I am not sure what you mean?
3) Can you manually failover?
Yes, by stopping DHCP services or even turn off server
4) Do you have DHCP logging enabled and if you do what do the logs say (by default under C:\Windows\System32\DHCP).
How do you enable DHCP logging, is it on by default?
Which file name so I need to look for, they are quite a few there.
5) What do the DHCP server logs say under the DHCP administrative logs in event viewer?
It says “The DHCP service failed to see a directory server for authorization”
Thanks for your comment.
Please find answer to your questions below:
1)Have you configured DHCP failover to occur manually or automatically; that is have you enabled the state switch over internal and for how long?
Not sure if I have seen a setting for a manual failover. I did set the failover as follow for testing purposes:
Failover mode: Hot Standby
State Switchover interval: 1mins
I have stop DHCP server for testing & nothing happens
Run all know common cmd ipconfig /release & ipconfig /renew
There is no address being given
2) Have you correctly configured your DHCP helpers/forwarders to send DHCP requests to both DHCP servers?
Could you please give an example of a correct DHCP requests as I am not sure what you mean?
3) Can you manually failover?
Yes, by stopping DHCP services or even turn off server
4) Do you have DHCP logging enabled and if you do what do the logs say (by default under C:\Windows\System32\DHCP).
How do you enable DHCP logging, is it on by default?
Which file name so I need to look for, they are quite a few there.
5) What do the DHCP server logs say under the DHCP administrative logs in event viewer?
It says “The DHCP service failed to see a directory server for authorization”
The DHCP service failed to see a directory server for authorizationThis seems to suggest you are unable to contact a domain controller to validate authorisation. When the DHCP service starts up it checks with AD to see if it is authorised to start serving clients.
Does the DHCP server icon in the DHCP management console show as authorised? Refer to the Microsoft icon reference here.
ASKER
Yes, server is authorized. Out of all the icons presented from Microsoft in the link provided, the icon I get is not there.
The icon I have when it goes to failover mode is an orange arow (see attachment)
How can I check this ->
"This seems to suggest you are unable to contact a domain controller to validate authorisation. When the DHCP service starts up it checks with AD to see if it is authorised to start serving clients."
Apart from DHCP failover not working, AD replication & DFS working perfectly (if that helps)
Cheers
dhcp-iconPNG.PNG
The icon I have when it goes to failover mode is an orange arow (see attachment)
How can I check this ->
"This seems to suggest you are unable to contact a domain controller to validate authorisation. When the DHCP service starts up it checks with AD to see if it is authorised to start serving clients."
Apart from DHCP failover not working, AD replication & DFS working perfectly (if that helps)
Cheers
dhcp-iconPNG.PNG
ASKER
1) Can it also be an issue cause it is over VPN? any ports configuration?
2) See attached properties of failover when DHCP stopped, maybe something wrong there
2) See attached properties of failover when DHCP stopped, maybe something wrong there
ASKER
Failover properties attachment
failover2.PNG
failover2.PNG
The icon I have when it goes to failover mode is an orange arow (see attachment)OK that icon just means that fail over is configured for the server. Linked you off to the old DHCP server icon reference, the one for Server 2012 is here. OK so the hot standby server is seeing that the partner is down. Run Wireshark on the hot standby server with the active server not serving clients. Filter the display for:
(udp.port eq 67 or udp.port eq 68)
You should be seeing DHCP requests coming in. This will not be the case if you perform a simple ipconfig /renew. You need to release first otherwise the client will continue trying to contact the original DHCP server until its lease expires at which point it would send out a new DHCP discover request.
You should also be seeing DHCP events for failover (event reference here).
ASKER
Hi there,
Please find attached a screen shot of wireshark on udp port 67 , sorry no so good at reading it!
192.168.2.10 being the fail-over server & 192.168.1.10 being the one down
Thanks again
wireshark.PNG
Please find attached a screen shot of wireshark on udp port 67 , sorry no so good at reading it!
192.168.2.10 being the fail-over server & 192.168.1.10 being the one down
Thanks again
wireshark.PNG
Sorry I have been away. You're not applying the DHCP filter correctly in Wireshark. That's showing all traffic. Did you apply the filter (can't just type it).
ASKER
sorry mate, but I am not an experienced wireshark user & might have to close this request.
I have followed by the letter articles on technet & re-create my scope a number of times.
A little disappointing
Thank you for trying
I have followed by the letter articles on technet & re-create my scope a number of times.
A little disappointing
Thank you for trying
I suspect your DHCP helpers/forwarders are not correctly configured, it is in my mind the only possible cause with the information on hand.
ASKER
Ok, how do I set the helpers/forwarders?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.