DHCP 2016 failover and Cisco
Denes, Laszlo
Hello everyone and thanks in advance for insights.
Migrating our single DHCP server from 2009R2 to 2016 and was considering setting it up (see article) so we have redundancy by implementing hot stand-by so one DHCP is live with all scopes and the second is in standby.
The Windows side seems fairly straightforward based on articles I have read, but of course if you know of any issues please don’t be shy.
However, the piece I am not so sure about is the IP HELPDER address setup on our core CISCO switch.
Right now it is pointing only to one DHCP server only and works fine.
Can I add two IP HELPER addresses on the switch for both DHCP servers so that it knows about them, since I don’t see how it would route requests to the DHCP if only one is listed and that happens to be the one that goes down, unless it is somehow handled by Windows but I don’t see that.
https://www.dtonias.com/implement-dhcp-failover-windows-server-2016/
Has anyone done this? Cheers in advance.
Laszlo Denes
Technical Analyst Servers
Information Systems
The Salvation Army Toronto Grace Health Centre
650 Church Street, Toronto, ON M4Y 2G5
f: 416-925-3211
Exceptional and compassionate care for all.
NOTICE: This message, including any attachments, may contain privileged or confidential information and is intended for use only by the individual to whom it is specifically addressed (or those responsible for the delivery of the message to such person). Any distribution, copying or disclosure is strictly prohibited without the written consent of the sender. If you are not the intended recipient or have received this message in error, please notify us by reply email and permanently delete the original transmission from us. Thank you for your cooperation. If you have any questions about this message please contact the Information Systems Department, Salvation Army Toronto Grace Health Centre, 650 Church St., Toronto, ON M4Y 2G5. Phone: (416) 925-2251
Xavier Belanger
On 9/1/2021 7:32 AM, Denes, Laszlo wrote:
(...)
> setup on our core CISCO switch.
>
> Right now it is pointing only to one DHCP server only and works fine.
>
> Can I add two IP HELPER addresses on the switch for both DHCP servers so
> that it knows about them, since I don’t see how it would route requests
> to the DHCP if only one is listed and that happens to be the one that
> goes down, unless it is somehow handled by Windows but I don’t see that.
there is a configuration line pointing to each one (on Cisco Nexus
7000):
interface Vlan1400
no ip redirects
ip address 10.6.0.2/24
no ipv6 redirects
ip router eigrp 1
ip pim sparse-mode
hsrp 1
ip 10.6.0.1
ip dhcp relay address 10.3.4.31
ip dhcp relay address 10.3.6.52
no shutdown
You may want to check the Cisco documentation (or even to reach to
Cisco support) for the exact router that you're using to confirm
the appropriate syntax.
Sincerely,
--
Xavier Belanger
Network Engineer III - CISSP
Technology Services
The Catholic University of America
Melvin Backus
I’ll assume you’re talking about the failover functionality for DHCP. That said, we’ve been running it for quite some time. The only caveat is that MAC filters don’t sync automatically. You have to update them manually. That may also apply to reservations, I’m not positive. We run a script via scheduled task which updates both filters and reservations, so unless they’ve resolved that since 2012R2 you’ll need to handle those if you happen to be using them.
--
There are 10 kinds of people in the world...
those who understand binary and those who don't.
¯\_(ツ)_/¯
--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
ntsysadmin+...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ntsysadmin/68b707567477421bb6b0936c81f01a25%40TGHVSEX2013ACT.torontograce.org.
Henry Awad
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/1ADD796D2529E94DB4552E7C1F12A21A01BC1B4037%40ATLEXCH03.byers.local.
Michael B. Smith
Or 2022. 😊
Exceptional and compassionate care for all.
________________________________________
NOTICE: This message, including any attachments, may contain privileged or confidential information and is intended for use only by the individual to whom it is specifically addressed (or those responsible for the delivery of the message to such person). Any distribution, copying or disclosure is strictly prohibited without the written consent of the sender. If you are not the intended recipient or have received this message in error, please notify us by reply email and permanently delete the original transmission from us. Thank you for your cooperation. If you have any questions about this message please contact the Information Systems Department, Salvation Army Toronto Grace Health Centre, 650 Church St., Toronto, ON M4Y 2G5. Phone: (416) 925-2251--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/68b707567477421bb6b0936c81f01a25%40TGHVSEX2013ACT.torontograce.org.
--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/1ADD796D2529E94DB4552E7C1F12A21A01BC1B4037%40ATLEXCH03.byers.local.
--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
ntsysadmin+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CAGaCHK4BQfheQwcq60hXVRbZ85sOC7yzmKOW1QE4Y2hXW9Pj%3DA%40mail.gmail.com.
Kroll, Thomas P.
Yes, you can define multiple IP addresses in IP Helper, up to 16 per this link. Define your DHCP failover relationship between the servers and test in off hours, but I don’t think you’ll have a minutes trouble. It’s worked flawlessly
for us across every Windows server version.
https://extremeportal.force.com/ExtrArticleDetail?an=000086379
|
Thomas P. Kroll |
||
|
O:
312-704-3345 |
F:
312-704-3001 |
||
|
||
|
|
From: ntsys...@googlegroups.com <ntsys...@googlegroups.com>
On Behalf Of Henry Awad
Sent: Wednesday, September 01, 2021 8:19 AM
To: ntsys...@googlegroups.com
Subject: Re: [ntsysadmin] RE: DHCP 2016 failover and Cisco
*** External email ***
**CAUTION: Verify the sender and use caution before opening any attachments, clicking on links or responding to a request for information.**
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CAGaCHK4BQfheQwcq60hXVRbZ85sOC7yzmKOW1QE4Y2hXW9Pj%3DA%40mail.gmail.com.
Hinshaw & Culbertson LLP is an Illinois registered limited liability partnership that has elected to be governed by the Illinois Uniform Partnership Act (1997).
The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential and may be subject to applicable attorney/client and/or work product privileges. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute or copy this message and/or any attachments and if you are not the intended recipient, do not disclose the contents or take any action in reliance upon the information contained in this communication or any attachments.
Denes, Laszlo
Okay cheers … great tip as I had no idea and it is not mentioned anywhere lol
Laszlo Denes
Technical Analyst Servers
Information Systems
t: ext. 214
From: ntsys...@googlegroups.com [mailto:ntsys...@googlegroups.com]
On Behalf Of Melvin Backus
Sent: Wednesday, September 1, 2021 8:09 AM
To: ntsys...@googlegroups.com
Subject: [ntsysadmin] RE: DHCP 2016 failover and Cisco
CAUTION: External mail. Do not open attachments or click links that you do not trust.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/1ADD796D2529E94DB4552E7C1F12A21A01BC1B4037%40ATLEXCH03.byers.local.
Denes, Laszlo
LOL! I will but not yet
Laszlo Denes
Technical Analyst Servers
Information Systems
t: ext. 214
From: ntsys...@googlegroups.com [mailto:ntsys...@googlegroups.com]
On Behalf Of Michael B. Smith
Sent: Wednesday, September 1, 2021 9:45 AM
To: ntsys...@googlegroups.com
Subject: RE: [ntsysadmin] RE: DHCP 2016 failover and Cisco
CAUTION: External mail. Do not open attachments or click links that you do not trust.
Or 2022. 😊
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/0e7bfd8b5ba243ba94f39f4412748548%40smithcons.com.
Denes, Laszlo
2016 is a corporate requirement and we only have two scopes. Cheers
Laszlo Denes
Technical Analyst Servers
Information Systems
t: ext. 214
From: ntsys...@googlegroups.com [mailto:ntsys...@googlegroups.com]
On Behalf Of Henry Awad
Sent: Wednesday, September 1, 2021 9:19 AM
To: ntsys...@googlegroups.com
Subject: Re: [ntsysadmin] RE: DHCP 2016 failover and Cisco
CAUTION: External mail. Do not open attachments or click links that you do not trust.
Why have your DHCP servers in an active/passive mode? Why not use split scope DHCP failover where both servers would be active. We have our DHCP servers setup to do a 50/50 split so both servers will be able to serve DHCP clients at the same time. And if one server is down the other server will be able to manage the entire scope (Step-by-Step: Configure DHCP for Failover | Microsoft Docs). Also, why upgrade to Windows Server 2016 instead of 2019?
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CAGaCHK4BQfheQwcq60hXVRbZ85sOC7yzmKOW1QE4Y2hXW9Pj%3DA%40mail.gmail.com.
Denes, Laszlo
Awesome. Thanks so much J
Laszlo Denes
Technical Analyst Servers
Information Systems
From: ntsys...@googlegroups.com [mailto:ntsys...@googlegroups.com]
On Behalf Of Kroll, Thomas P.
Sent: Wednesday, September 1, 2021 10:00 AM
To: ntsys...@googlegroups.com
Subject: RE: [ntsysadmin] RE: DHCP 2016 failover and Cisco
CAUTION: External mail. Do not open attachments or click links that you do not trust.
Yes, you can define multiple IP addresses in IP Helper, up to 16 per this link. Define your DHCP failover relationship between the servers and test in off hours, but I don’t think you’ll have a minutes trouble. It’s worked flawlessly
for us across every Windows server version.
https://extremeportal.force.com/ExtrArticleDetail?an=000086379
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/c56aa6cd5d884db79147249b11c08291%40dchexmbx01.hinshawad.com.
Xavier Belanger
Melvin Backus wrote:
> (...) We run a script via scheduled task which updates both
> filters and reservations, (...)
I have also noticed that DHCP scope replication is not always 100%
reliable (and adding human error on top of this) so we are using
two PowerShell scripts:
- one to create DHCP reservations directly on both servers (plus
limiting user input to a minimum and processing CSV file in batch
if needed). That way we limit the configuration drift between servers.
- one to generate a "text configuration file" listing the options
for all scopes, in order to compare that the two servers are
actually in sync.
Those scripts have specific elements for our environment and I cannot
share those as-is, but if someone is interested, please let me know
off list.
Sincerely,
--
Xavier Belanger
Network Engineer III - CISSP
Michael B. Smith
It's got most of the stuff you would want in it (and if something is missing, let me know).
https://carlwebster.com/downloads/download-info/dhcp/
-----Original Message-----
From: ntsys...@googlegroups.com <ntsys...@googlegroups.com> On Behalf Of Xavier Belanger
Sent: Wednesday, September 1, 2021 2:14 PM
To: ntsys...@googlegroups.com
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
Denes, Laszlo
Laszlo Denes
Technical Analyst Servers
Information Systems
lde...@torontograce.org
-----Original Message-----
From: ntsys...@googlegroups.com [mailto:ntsys...@googlegroups.com] On Behalf Of Xavier Belanger
Sent: Wednesday, September 1, 2021 2:14 PM
To: ntsys...@googlegroups.com
CAUTION: External mail. Do not open attachments or click links that you do not trust.
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
Denes, Laszlo
Laszlo Denes
Technical Analyst Servers
Information Systems
lde...@torontograce.org
-----Original Message-----
From: ntsys...@googlegroups.com [mailto:ntsys...@googlegroups.com] On Behalf Of Michael B. Smith
Sent: Wednesday, September 1, 2021 2:59 PM
To: ntsys...@googlegroups.com
Subject: RE: [ntsysadmin] RE: DHCP 2016 failover and Cisco
CAUTION: External mail. Do not open attachments or click links that you do not trust.