DHCP Load Balancing vs. Failover/Hot Standby

[Kurt Buff]

All 2019 Servers

Current DHCP server is on a different subnet than intended partner DC. 

Current DHCP server holds all FSMO roles, if that makes a difference.

One scope (for wired end-user workstations and printers) has a /24 scope with about 170 leases, the other scopes (29!?) are all /24s, but have far fewer leases.

(Definitely need to break that large scope out to separate printers from workstations, and break apart departments, but that's a project for a different day - but that's why we have so many scopes, as preparation for that day.)

I've been doing some reading and have seen comments that failover is perhaps preferred, but I haven't actually set this up before.

Thoughts?

Thanks,

Kurt

[Melvin Backus]

I don’t know if it’s preferred but we’re setup with all our scopes split between the 2 dhcp servers. All the leases show up on both and they know which one issued them, etc., so they seems to be happy that way. I don’t know if there’s any benefit to failover instead. We chose this why back when we moved to 2012R2 and have had no issues. We don’t have nearly that many scopes but we do have a superscope setup to handle a subnet that required us to join two /24s.

 

My only complaint has been that Microsoft has yet to realize that when you put in a reservation it should go to both partners. We still have to script that to make it happen.

 

--
There are 10 kinds of people in the world...
         those who understand binary and those who don't.

 

¯\_(ツ)_/¯

--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce7bWXyn8z%3DO6Cugvt6iAmVtzT6Uc4OkX%2BykPXY6EARMNg%40mail.gmail.com.

[Michael B. Smith]

Yep, six of one, half-dozen of the other; as long as your routers and switches are properly configured.

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/1ADD796D2529E94DB4552E7C1F12A21A01E00CA41B%40ATLEXCH04.byers.local.

[Belanger, Xavier B]

Hi,

 

Melvin Backus wrote:

 

My only complaint has been that Microsoft has yet to realize that when you put in a reservation it should go to both partners. We still have to script that to make it happen.

 

I need to look at my archives but I should have a script that does this, plus another one that will output a text version of the configuration of each DHCP server to confirm that they are actually in sync.

 

Anyone interested, please reach out to me directly.

 

Sincerely,

--

Xavier Belanger

IT Security Architect | CISSP | Office of Information Security

University of North Carolina Wilmington

 

From: ntsys...@googlegroups.com <ntsys...@googlegroups.com> On Behalf Of Melvin Backus
Sent: Monday, October 9, 2023 2:35 PM
To: ntsys...@googlegroups.com

Subject: RE: [ntsysadmin] DHCP Load Balancing vs. Failover/Hot Standby

 

[This email originated from outside of UNCW]

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/1ADD796D2529E94DB4552E7C1F12A21A01E00CA41B%40ATLEXCH04.byers.local.

[Gantry Zettler]

Just one anecdote but.....   

At a client we setup a load balancing DHCP server with 2016 servers and one day after working fine forever VOIP phones randomly wouldn't get an IP.  After WAY too much troubleshooting we realized that if we stopped the service on the secondary DHCP server (it wasn't a 50/50 load balance iirc) everything started working.  Didn't affect the other scopes on there and it was a small % of phones but man it was a heck of an issue to figure out. 

Since that day I've been in the "failover over load balancing" camp, unfair as that is...

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/PH7PR06MB9069F9E81E8E33EE6E719EEDC3CEA%40PH7PR06MB9069.namprd06.prod.outlook.com.

[Rick McClure]

Did you re-enable the secondary DHCP server?.....and just monitor the hell out of it?

 

Rick.

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CAFZFFO379FBaMHWmAJF_YEGpaTz25%2B2FVzSTAgxA%3DHyieBMbmw%40mail.gmail.com.

[Gantry Zettler]

An excellent question that I don't have an answer to, been awhile and there were multiple folks involved.   We may have just disabled the load balancing after that...

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/ABCEB02DCBBDBB429FE098A2F85D11DA07662186%40VENUS2A.RMC-CORP.local.

[Michael B. Smith]

We spent a lot of time trying to ensure that everything the MSFT console would display, that our script also displayed:

 

https://www.carlwebster.com/downloads/download-info/dhcp/

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/PH7PR06MB9069F9E81E8E33EE6E719EEDC3CEA%40PH7PR06MB9069.namprd06.prod.outlook.com.

[Miller Bonnie L.]

We’ve been using DHCP failover for many years now and while it’s had its own quirks at times (mostly early when it was WS12 only) it generally works well, and replicating reservations is included.  There are a few things that don’t replicate like server options but once you know what they are it’s easy to work with—from the quick MS overview I had years ago it’s generally those server-level config items vs anything at the scope level.  We’ve even recently upgraded some of the failover servers one at a time while keeping it all online.

 

The one thing that can be a gotcha for some is that it ONLY works for true DHCP clients.  It will not load balance if your devices are only BOOTP, which sounds a bit like it could possibly be the problem described below.

 

-Bonnie

 

From: ntsys...@googlegroups.com <ntsys...@googlegroups.com> On Behalf Of Gantry Zettler
Sent: Monday, October 9, 2023 1:05 PM
To: ntsys...@googlegroups.com

Subject: Re: [ntsysadmin] DHCP Load Balancing vs. Failover/Hot Standby

 

***EXTERNAL: This message is not from Mukilteo School District. Use caution responding to or opening attachments and links in this email.***

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CAFZFFO379FBaMHWmAJF_YEGpaTz25%2B2FVzSTAgxA%3DHyieBMbmw%40mail.gmail.com.

[Melvin Backus]

My apologies, I misspoke. It’s filters that don’t replicate, not reservations. Logically I suppose that might make some sense given that filters are a server object and not a scope object. Still a PITA to chase until you realize it. Scripting is easy enough, and I don’t know how many other folks actually use filters.

 

--
There are 10 kinds of people in the world...
         those who understand binary and those who don't.

 

¯\_(ツ)_/¯

 

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/7c352c0d7413484b8d3ac202d6c93032%40mukilteo.wednet.edu.

[Denes, Laszlo]

Yeah that manual intervention or script to keep things clean is what is holding me back from doing it.

How is that working out for you… any issues… does it get ugly If script fails to run.. is it a github script or custom

 

Thank you in advance for your time.

 

Laszlo

 

Laszlo Denes

Technical Analyst Servers

Information Systems

t: ext. 214

lde...@torontograce.org

 

From: ntsys...@googlegroups.com <ntsys...@googlegroups.com> On Behalf Of Melvin Backus
Sent: Monday, October 9, 2023 2:35 PM
To: ntsys...@googlegroups.com

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/1ADD796D2529E94DB4552E7C1F12A21A01E00CA41B%40ATLEXCH04.byers.local.

[Denes, Laszlo]

Isn’t that merely adding all required ip-helper addresses on the layer 3 switches

 

Thank you in advance for your time.

 

Laszlo

 

Laszlo Denes

Technical Analyst Servers

Information Systems

t: ext. 214

lde...@torontograce.org

 

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/d8cd35196c7346aea1c242c802c65294%40smithcons.com.

[Denes, Laszlo]

Hi Xavier I would be interested for sure, but did not see a direct email for you.

 

Thank you in advance for your time.

 

Laszlo

 

Laszlo Denes

Technical Analyst Servers

Information Systems

t: ext. 214

lde...@torontograce.org

 

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/PH7PR06MB9069F9E81E8E33EE6E719EEDC3CEA%40PH7PR06MB9069.namprd06.prod.outlook.com.

[Michael B. Smith]

Yes, and routers if need be.

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/YQBPR01MB10286C6ACF5F2714585B0E69DBAD7A%40YQBPR01MB10286.CANPRD01.PROD.OUTLOOK.COM.

[Melvin Backus]

It’s trival. Just a couple of commands. I actually used to do it on a timed basis but then I realized I could tie it to the filter add events and run it only when somebody updated the filters.

 

Get-DhcpServerv4Filter -ComputerName sourcemachine  | Add-DhcpServerv4Filter -ComputerName targetmachine -ErrorAction SilentlyContinue

 

All one line, watch for wrap

 

--
There are 10 kinds of people in the world...
         those who understand binary and those who don't.

 

¯\_(ツ)_/¯

 

.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/YQBPR01MB1028648AB7F8E0683BB18427DBAD7A%40YQBPR01MB10286.CANPRD01.PROD.OUTLOOK.COM.

[Denes, Laszlo]

Cheers for that

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/1ADD796D2529E94DB4552E7C1F12A21A01E00F8F5E%40ATLEXCH04.byers.local.