Cisco IP-Helper address configuration for 2 2016 DHCP servers (fail-over scenario)
Hello Everyone and thank you in advance for your insights. I am going to migrate our 2008R2 DHCP server scopes to our two 2016 DC with the intent of setting them up for failover, i.e. same scopes on both with one active and the other only taking over if the first one is down for some reason, e.g. server maintenance. This document outlines the Windows server side steps for DHCP failover (https://www.itprotoday.com/windows-78/configuring-dhcp-failover-windows-server-2016) but I also need to adjust our core CISCO switch IP-Helper address. Currently it is only pointing to the single DHCP server, but how would we adjust it so it points to both new DHCP servers and let the servers handle the failover option, i.e. CISCO forwards to both servers and then on the Windows side the one that is 'active' responds as determined by the failover on Windows? I would assume that a failover on Windows DHCP is pointless if the Cisco only knows about one of the DHCP servers. Appreciate insights. Cheers.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you very much looks great and also for the additional article. Really appreciate it Mohammad Rummaneh
Did you run into any other issues since you did it recently? Cheers again
Did you run into any other issues since you did it recently? Cheers again
ASKER
Oh and if I read that correctly CISCO sends it to both and then lets windows failover sort it out. :-)
In our scenario though both servers are on the same subnet.
In our scenario though both servers are on the same subnet.
No , it is working fine from long time ago ..if you feel some afraid because you are in production you can simulate it in virtual lab for testing before applying anything in your production .
i am usually use https://www.eve-ng.net/ for testing cases .
Good Luck .
i am usually use https://www.eve-ng.net/ for testing cases .
Good Luck .
How many scopes do you have?
I have hundreds of scopes in total. Yes, just have all of the IP helper statements in for all of your DHCP servers. I have four.
Since I have so many scopes, there are lots of DHCP relay statements. When upgrading my DHCP servers, I reuse the same IP address on the new servers so that I don't need to adjust the IP helper statements.
I have hundreds of scopes in total. Yes, just have all of the IP helper statements in for all of your DHCP servers. I have four.
Since I have so many scopes, there are lots of DHCP relay statements. When upgrading my DHCP servers, I reuse the same IP address on the new servers so that I don't need to adjust the IP helper statements.
ASKER
Just 4 scopes.
Can't reuse IP since it is going on 2 DC and they have different IP.
Not worried at all since I have moved it before just not to 2 failover DHCP servers, but articles seem to suggest it is straightforward.
Thanks for test site.. new to me...
Cheers everyone :-)
Can't reuse IP since it is going on 2 DC and they have different IP.
Not worried at all since I have moved it before just not to 2 failover DHCP servers, but articles seem to suggest it is straightforward.
Thanks for test site.. new to me...
Cheers everyone :-)
I meant that say your DHCP servers are 10.10.10.10 and 10.10.10.11.
Say you want to replace the DHCP servers with Windows 2023... give the new DHCP servers those same IP addresses of 10.10.10.10 and 10.10.10.11.
If your DHCP servers are also DNS servers, then you don't need to change your ip helper statements, or your DHCP scopes, or any static DNS server settings. It's a huge time saver.
Say you want to replace the DHCP servers with Windows 2023... give the new DHCP servers those same IP addresses of 10.10.10.10 and 10.10.10.11.
If your DHCP servers are also DNS servers, then you don't need to change your ip helper statements, or your DHCP scopes, or any static DNS server settings. It's a huge time saver.
ASKER
"If your DHCP servers are also DNS servers, then you don't need to change your IP helper statements, or your DHCP scopes, or any static DNS server settings. It's a huge time saver."
Could you elaborate on that... right now the 2008R2 DHCP is a stand-alone DHCP server, but it is moving to two AD Domain Controllers (2016) and both run DNS. The IP of the current DHCP server is different at 192.168.1.5 and the two DC it is moving to are 192.168.1.2 and 192.18.1.3. I would be moving over all the scopes (4-5 as we are small environment) to one DC and setting up failover on it to include the 2nd DC. So why would I not update the IP-Helper on Cisco switch to point to different DHCP servers? Very interested if you could expand on that thought. Cheers!
Could you elaborate on that... right now the 2008R2 DHCP is a stand-alone DHCP server, but it is moving to two AD Domain Controllers (2016) and both run DNS. The IP of the current DHCP server is different at 192.168.1.5 and the two DC it is moving to are 192.168.1.2 and 192.18.1.3. I would be moving over all the scopes (4-5 as we are small environment) to one DC and setting up failover on it to include the 2nd DC. So why would I not update the IP-Helper on Cisco switch to point to different DHCP servers? Very interested if you could expand on that thought. Cheers!
I will give my network as an example. My main 2 DC addresses have been in place since at least 2006. They were on Windows 2000 machines. They have DHCP and DNS, among other things. Since that time, those DCs have been replaced maybe six times. Each time, however, the new DCs get the old IP address of the old DC it is replacing. This means that none of my ip helpers need to be updated, since the IP address of the DHCP server remains the same. I don't need to update the DNS server in any of my DHCP scopes. I don't need to update the DNS server on any statically assigned device. I don't need to update the NTP server setting on any device. That's the benefit.
Between NTP settings, DHCP scope settings, IP helper settings, and devices with static DNS server settings, if I were to change the IP address of a DNS/NTP/DHCP server, it would means thousands of changes across over hundreds of devices.
Between NTP settings, DHCP scope settings, IP helper settings, and devices with static DNS server settings, if I were to change the IP address of a DNS/NTP/DHCP server, it would means thousands of changes across over hundreds of devices.
!
interface Vlan200
ip address 192.168.200.1 255.255.255.0
ip helper-address 192.168.100.10
ip helper-address 192.168.100.11
!
See Cisco IOS – DHCP Helper (DHCP Relay) – IP-Helper Setup
</P>