27 February 2012

DHCP high availability deployment options Windows Server 8

There are various ways to deploy DHCP in a high availability manner, by that I mean a deployment that will keep working if one DHCP server goes down.

DHCP Basics
To really understand how the various deployments work we need to first understand the basics of how the DHCP process works. Here is a brief rundown of the messages being passed.


  • Step 1 - Client Broadcasts DHCPDiscover to find available DHCP server --->
  • Step 2 - All DHCP servers that received the message return broadcasts a DHCPOffer <---
  • Step 3 - Client broadcats DHCPRequest to the DHCP server --->
  • Step 4 - DHCP server broadcasts DHCPAck to client containing defined options <---


There are a few exceptions but for the most of it all DHCP traffic is broadcast since the client does not officially have an IP yet.

Deployment options
In all of these scenarios you will have at least two server that are configured with the DHCP role.

To illustrate this I am going to work through a scenario where there is a single VLAN that contains 200 DHCP client machines

Dual Scopes per VLAN
The simplest way of doing this is to configure two DHCP servers for a VLAN.  Each configured with a big enough scope to accommodate all the machines on that VLAN. This means you are allocation 200% of the required IPs

  • Server 1 Scope 1 - 10.0.0.50 - 10.0.0.250
  • Server 2 Scope 2 - 10.0.1.50 - 10.0.0.250

The drawback here is that the VLAN now has to span two class C subnets.  The scopes also need to be manually created on both servers.

Implementing  - Dual Scope Deployment

Open DHCP Console

  • Add Server 1
  • Add server 2
  • From server 1 expand to the IPv4
  • Right Click - New Scope
  • Specify and Name and Description
  • Specify a Start IP Address and End Address
  • Specify the Length for the subnet mask
  • Specify any exclusion if you need them
  • Specify the lease duration (Default is 8 days but I prefer much shorter)
  • Yes to configure and DHCP options
  • Specify Default gateway
  • Specify domain name
  • Skip WINS
  • Do not activate the scope yet
  • Finish The wizard

Repeat the process for server 2 but specify the secondary scope range

To load balance you would not specify any response delay in the advance properties for the scope.  This will allow the client to select the server based on "who answered first."  

To achieve a primary and secondary server you would set a delay on the secondary server (max 1000ms)



Split Scope
This deployment method configured both servers with the same scope.  To avoid conflicts the split scope wizard set exclusion ranges that are mutually exclusive. The method for favoring one server over the other is the same time delay.  Often this deployment is done in a a 80/20 ratio.  One server hold the reservation for 80% of the addresses while the secondary holds 20% the theory being that when the primary fails the secondary can continue on till the primary is restored.


  • Server 1 Scope 1 - 10.0.0.50 - 10.0.0.250 - Exclusion range - 10.0.0.210 - 10.0.0.250
  • Server 2 Scope 1 - 10.0.0.50 - 10.0.0.250 - Exclusion range - 10.0.0.50 - 10.0.0.209

You can also load balance by doing a 50/50 split.  The drawback being that you would only be able to serve half the request with one server, or you have to again specify 200% of the required range.  An advantage here is that the scope creation is scripted for the second server.


Implementing Split Scope
Open DHCP Console

  • Add Server 1
  • Add server 2
  • From server 1 expand to the IPv4
  • Right Click - New Scope
  • Specify and Name and Description
  • Specify a Start IP Address and End Address
  • Specify the Length for the subnet mask
  • Specify any exclusion if you need them
  • Specify the lease duration (Default is 8 days but I prefer much shorter)
  • Yes to configure and DHCP options
  • Specify Default gateway
  • Specify domain name
  • Skip WINS
  • Do not activate the scope yet
  • Top configure spit scope
  • Right click the scope - Advanced - Split-Scope
  • Next
  • Add the second server
  • Adjust the slider to allocate the percentage split
  • Specify a Delay for the second server
  • The summary will now show what gets configured where
  • Finish the wizard




The scope is created on the second server and populated with the range, the exclusions and the DHCP options.  The original host is also updated with the new exclusions.



Fail over Cluster
This deployment method is the most efficient when it comes to DHCP allocated IPs.  A single scope is allocated per DHCP service on a failover cluster. The main drawback is that the required infrastructure is a fail over cluster using shared storage.

DHCP Failover (Windows Server 8)
New in Windows Server 8 is another deployment method called failover.  This has the same advantages as using a failover cluster service but without the requirement for a failover cluster.

A single scope is created.  When specifying failover the scope is duplicated on the secondary server.  The server are kept in sync so that conflicts do not occur.  The Wizard will create the scope on the second server.


  • Server 1 Scope 1 - 10.0.0.50 - 10.0.0.250 
  • Server 2 Scope 1 - 10.0.0.50 - 10.0.0.250 


You can have the relation ship as a load balance or as a hot fail over


Implementing Failover

Open DHCP Console

  • Add Server 1
  • Add server 2
  • From server 1 expand to the IPv4
  • Right Click - New Scope
  • Specify and Name and Description
  • Specify a Start IP Address and End Address
  • Specify the Length for the subnet mask
  • Specify any exclusion if you need them
  • Specify the lease duration (Default is 8 days but I prefer much shorter)
  • Yes to configure and DHCP options
  • Specify Default gateway
  • Specify domain name
  • Skip WINS
  • Do not activate the scope yet
  • Right Click the scope - Configure Failover
  • Select the scope to configure
  • Specify a partner server (second DHCP server)
  • Choose the relationship type - Load balance or Hot Standby
  • Specify a share secret
  • Finish the wizard




If you inspect the scope on both server they are identical


Conclusion
There are various way to implement DHCP so that you have fault tolerance and load balancing.  There are pros and cons to all of them.  The most elegant implementation of this is the Failover option in Windows Server 8.

No comments:

Post a Comment