DHCP Failover on Windows Server

Learn About DHCP Failover on Windows Server and How to Set It Up

Key Takeaways:

• DHCP failovers are essential for dealing with planned or unplanned outages.
• There are two options for configuring redundant DHCP servers: hot standby mode and load balancing mode.
• DHCP is only available in Windows Server 2012 and later versions.
• Maximum client lead time (MCLT) is the maximum time that either server can grant a DHCP lease beyond what the partner server is aware of. The recommended MCLT is one minute.

What Is DHCP Failover?

This feature allows two Microsoft DHCP servers to communicate and provide high DHCP availability. It is available in Windows Server 2012 and later versions. The two DHCP servers in a failover are configured to manage the same pool of addresses, making it possible for them to share the responsibility of assigning leases for that pool. Additionally, each of the servers is aware of the existence of the other. When one is unavailable, maybe due to network outages, the other acts as a backup and takes over the role of assigning IP address configurations.

The DHCP failover provides redundancy and load balancing by assigning one or more pools of addresses between two or more DHCP servers, also known as failover peers. One DHCP server with several existing partnerships with different peers is possible. In the configuration stage of DHCP failover, a peering relationship is first established, and then you can determine which pools will benefit from the failover relationship.

How to Set Up A DHCP Failover

• Choose your servers: First, you will need to select the servers to use. One should be the primary one and the other the secondary.
• Synchronize time: For the failover to function smoothly, the time between the two servers in the failover relationship needs to be synchronized. You can do this by deploying the Network Time Protocol (NTP). Once you run the failover configuration wizard, the time on both servers will be compared, and if there is a difference of more than one minute, an error will halt the process and request you keep the time on the servers synchronized.
• Identify the networks and address pools to be served: DHCP servers can be on the same or different networks. However, the most important thing is that the network connection between the failover partners remains uninterrupted.
• Determine other network elements that recognize both servers: You must configure DHCP relays to communicate requests to both servers. Also, ensure firewalls and filters permit DHCP traffic and failover protocol messages can reach the servers.
• Add declaration blocks for failover peers.
• Restart the servers: This is done to allow all the configuration changes to take effect.
• Test: To ensure the failover was correctly set up, shut down a server and see if everything is working as it should. If yes, put everything back into operation, and you are set to go.

When configuring DHCP failover, remember that the failover is only supported on BlueCat DNS/DHCP servers (BDDSes). Also, when you enable or disable failover, the DHCP service will have to restart, causing an interruption in the service. Additionally, the communication between failover partners is not encrypted since most servers exist within an organization’s secure network. However, if the communication goes through insecure networks,  consider using VPN tunneling for protection.

DHCP Failover Configuration Modes

There are two ways to configure DHCP failover: load balance and hot standby. You could also use both modes on the same servers if configuring them for multiple failover relationships.

1. Load Balance

This setup is most suited for situations where the servers in a failover relationship are at a similar physical location. It is a default deployment mode where both servers simultaneously serve IP addresses and options to clients on a specific subnet. All the DHCP client requests are balanced and shared between the two DHCP servers. Usually, the balance ratio is automatically set at 50:50 but can be customized to your chosen ratio.

If one of the servers loses communication with its failover partner, it will start to grant leases to all DHCP clients. When a request for lease renewal assigned to the failover partner comes from a client, it will temporarily renew the same IP address lease for the maximum client lead time. Depending on availability, the server will grant a new lease from its free IP address pool if the request comes from a client not previously assigned a lease. If the pool is exhausted, it will use its failover partner’s free IP address pool. Before assuming 100% responsibility for the partner’s IP address pool, the active server will wait for the maximum client lead time duration to expire.

2. Hot Standby

As the name implies, this setup involves one of the servers in a failover relationship taking a standby role. One active server is solely responsible for leasing clients IP addresses and configuration information. At the same time, the other is only set up to take over the same responsibilities when the active server is unavailable. This configuration is suitable in situations where the standby DHCP server is in a different physical location from the active server, thus reducing the chances of both servers failing simultaneously due to power or hardware problems.

Usually, when working with the standby mode, you must configure a percentage of IP addresses on the active server and reserve them for use by the standby server when the active server fails to respond, usually 5%. The reserve will be used for new DHCP leases, which will be granted maximum client lead time. For example, suppose the standby server depletes its reserve percentage of leases before the maximum client lead time expires. In that case, it will refuse to issue new DHCP leases but will continue to renew existing ones. After the maximum client lead time expires, it will be granted full access to the IP address pool for new leases.

Benefits of DHCP Failover

The methods used in the past to ensure DHCP server availability on Windows Servers had some limitations. For instance, the split scope method provided limited IP availability during outages. At the same time, the DHCP server cluster approach created a single point of failure for DHCP services, thus not wholly reliable. However, the new approach of the DHCP failover ensures DHCP service availability at all times. Here are some of its benefits:

•  It is simple since it uses a wizard to create the failover relationships between the DHCP servers. All scopes and settings from the primary server are automatically replicated to the failover partner.
• DHCP failover is flexible because you can be configured for redundancy using the hot standby mode or for sharing client requests between two servers as in the load balancing mode.
• It allows DHCP clients to maintain the same IP address even when the issuing server has changed, creating a seamless experience,
• It favors different deployment architectures. For example, the failover parent does not always have to be in the same physical location as the primary server.

Conclusion

Although the DCHP guarantees server availability, essential for enterprise networks, it also has shortcomings. To begin with, it only supports a maximum of two DHCP servers. The other limitation is that the failover relationship between servers is limited to IPv4 scopes and subnets. Besides that, the method effectively allows servers to back up each other during a network outage.

At CTI Technology, we provide outstanding server management solutions with experience in Linux and Windows solutions. Book a meeting with us today to save time and money on server management or other IT and computer solutions. We are located in Chicago and are available throughout the year, every day of the week.