DHCP Failover
DHCP is an essential network service. If clients are unable to obtain an IP address, they cannot communicate with each other or access the Internet. In a previous post, I examined DHCP backup and restore. However, restoring a DHCP configuration from backup may not be sufficient from a high availability perspective. An organization may require the network to be functional at all times. Concerning DHCP (which is only one part of the puzzle), high availability can be achieved with a feature known as "failover".
In the following paragraphs, I'm going to experiment with this feature and then leave the reader with links to some Microsoft documentation on the subject.
I also want to try some of the remote management capacity of Server Manager to configure the second DHCP server.
As the reader may have understood (I hope), DHCP failover implies the presence of two DHCP servers, one being able to "failover" to the other. In other words, if one DHCP server ceases to function, the other can manage IP address alloction in its place. We'll see that there are two ways to configure this in practice.
In this exercise, DC-001 is the existing (first) DHCP server and SVR-003 will be configured as the second DHCP server. It will also be the "standby" server for "failover".
Step 1: install the DHCP role on a second server
OK, I'm assuming that a first DHCP (DC-001) server has been configured. In my case, this was done - and described - in an earlier post.
Now I'll install the DHCP role on the second server (SVR-003), the server that will assume DHCP operations if the first server is unable to do so.
*
On DC-001 I open Server Manager and select SVR-003, right-click and open "Add Roles and Features". Yes, that's right: I could also perform this action directly on SVR-003 but I'm taking advantage of the Windows 2012 Server Manager functionality that allows me to manage all my servers (or here, both of my servers..) from a single console.
I opt to install a role (the DHCP role):
It looks like I have to select SVR-003 again:
I select the DHCP role and add the Management Tools as well:
I authorize a restart of the destination server, if necessary:
Step 2: configure Failover on DC-001 (the first DHCP server)
Notice that I do not configure any scopes or reservations (etc.) on SVR-003. The necessary information will be migrated from DC-001.
On DC-001, I select the scope I want to configure for Failover:
Yes, Failover can be configured per scope:
We select the partner server:
SVR-003 in this case...
We can configure two types of relationships: "Load Balance" or "Hot Standby". In the first case, both DHCP servers share a percentage of the workload. If one fails, the other must assume the other - or entire - percentage:
In the "Hot Standby" mode, one DHCP server manages all requests in normal circumstances but if it becomes unavailable, the second DHCP server leaves standby mode and assumes all address allocation operations:
In either case, it is necessary to enter a "Shared Secret" that secures communication between the two servers.
I've opted for the "Hot Standby" mode which produces the following setup summary:
If all goes well, we should see this:
Step 3: check configuration on SVR-003 (second server) and test failover
As I mentioned just before, the scope information is migrated from DC-001 to SVR-003. There is nothing to (re)configure on SVR-003:
The image above may not be entirely clear but the name of the server is indeed SVR-003.
If we look at the scope properties (Failover tab) in normal circumstances, this is what we see:
If we stop the DHCP server on DC-001...
SVR-003 loses contact with DC-001 but...
It will allocate IP addresses to clients that request one.
I tested by starting Windows 7 client "PC1" that initially obtained an address from the first DHCP server (DC-001).
These are the results as shown by ipconfig /all on the client:
[...]
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e07e:50de:a86e:edc7%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.1.1.21(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : Thursday, October 17, 2015 10:06:53 PM
Lease Expires . . . . . . . . . . : Thursday, October 17, 2015 10:30:38 PM
Default Gateway . . . . . . . . . : 10.1.1.4
DHCP Server . . . . . . . . . . . : 10.1.1.10
After I stopped the DHCP service on DC-001, PC1 attempted to renew its IP address. That was apparently successful with the results shown below:
[...]
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e07e:50de:a86e:edc7%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.1.1.21(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : Thursday, October 17, 2015 10:06:53 PM
Lease Expires . . . . . . . . . . : Thursday, October 17, 2015 10:32:28 PM
Default Gateway . . . . . . . . . : 10.1.1.4
DHCP Server . . . . . . . . . . . : 10.1.1.11
The client obtains the same IP address with an expiration date two minutes later.
Note: I reduced the lease time to two minutes so the client would attempt to renew its IP address more quickly (for testing purposes of course, normally you would have a lease of at least 8 hours for wireless clients and probably more - up to a week - for wired clients).
The most important parameter to note is the "DHCP Server". The ipconfig output shows that SVR-003 did indeed take charge of DHCP operations, since it is the source of the new IP address information.
*
Ensuring High Availability of DHCP using Windows Server 2012 DHCP Failover (Microsoft Windows DHCP Team Blog)
Step-by-Step: Configure DHCP for Failover
Thank you for reading the article about Windows Server 2012 - DHCP - Part 6 - Failover (GUI) on the blog NEW TECH If you want to disseminate this article on please list the link as the source, and if this article was helpful please bookmark this page in your web browser by pressing Ctrl + D on your keyboard keys.