Multi-Site deployment topologies for DHCP Failover


The two modes of configuring DHCP Failover Load Balance and Hot Standby enables a wide range of deployment topologies involving failover deployment between the DHCP servers present in the same site or spread across multiple sites.

The most rudimentary one is the single-site deployment, where both the servers in a failover relationship are located at the same physical site. The two servers can be either in a Load Balance or Hot Standby mode and serve a set of subnets which are in the same site. Load balance mode is more suited for this kind of deployment because both servers can respond to DHCP client requests without any network latency. The clients remain agnostic of which server is serving the IP Addresses and the other DHCP options. 

There are a lot of variations possible in the multi-site deployment scenarios. The deployment can be done involving 2 or more sites. Below are some of the standard topologies.

Symmetric Relationship

The deployment construct of two DHCP servers backing up each other for two different set of scopes via two failover relationships is extensible to more than two sites. In the scenario shown below, the site 1 and the site 2 each have a local DHCP server servicing clients in that site. To ensure high availability of the DHCP service at both the sites, one can setup two failover relationships in Hot Standby mode. One of the failover relationships will comprise all subnets/scopes at site 1. It will have the DHCP server at site 1 as the active server with the DHCP server at site 2 as the standby. The second failover relationship will comprise all subnets/scopes at site 2. It will have the DHCP server at site 2 as the active server and the DHCP server at site 1 as the standby.

Figure 1: Symmetric Model

Ring Topology

The symmetric model can still be enhanced and visualized as a ring topology involving multiple sites where a server at each site – in addition to being the active server for the local network – is the standby server for another site. The failover relationships can be set up to form a ring topology (as shown in the illustration below) through the DHCP servers at different sites.

For example, in the illustration in Figure below, in the event of DHCP server 1 being down, the computers and devices on site 1 will be provided DHCP service by DHCP server 4 located at site 4 and likewise for all the other sites. In such a deployment each DHCP server will have 2 failover relationships – one for which it is active (this will have the subnets/scopes of the local site) and the other for which it is standby (this will have the subnets/scopes of the remote site)

 

Figure 2: Ring Topology

 

Hub and Spoke Model

The other variation in case of a multi-site deployment is where each remote site has a local server which is configured to provide the DHCP service to the computers and devices on the local network. That is it acts as a primary active server for the local network.  Another DHCP server at a central office or data center acts as a secondary for all the remote sites.

In a normal mode of operation, computers and devices on a given site receive IP addresses and other network configuration (options) from the DHCP server located at the same site. However, in the event of the local DHCP server being down, the DHCP server from the central site would provide the service. When deployed in this fashion, each of the remote site DHCP servers will have single failover relationship with the hub DHCP server. The hub DHCP server will have as many failover relationships as the number of remote sites (spokes) – for each of which its a secondary/standby server.

Hot standby mode of operation is best suited to such kind of deployments where a central office or data center server acts as a standby backup server to a server at a remote site, which is local to the DHCP clients. In such deployments, it is undesirable to have computers and devices on a site being served by the DHCP server at the remote site unless the local DHCP server becomes unavailable because of delays associated with communication over the inter-site link and unwarranted traffic on the inter-site link.

 

Figure 3: Hub-and-Spoke Model

Besides these deployment topologies, DHCP failover can be deployed in several other variations of aforementioned deployment topologies.

You can also have a DHCP server be part of a load balance and a hot standby failover relationship (each for a different set of scopes of course) at the same time.

Other Links

Team DHCP

 

Comments (25)

  1. teamdhcp says:

    Chris, with DHCP failover you _do_ _not_ need to use split scope. You should configure server 1 and server 2 with a failover relationship for scope 10.10.1.0/24.

  2. teamdhcp says:

    Victor, DHCP failover does not support more than 2 servers hosting the same set of scopes. This as per the IETF DHCP failover spec. You will need to use a combination of DHCP failover and Windows clustering to achieve what you want. See
    http://technet.microsoft.com/en-us/library/dn338983.aspx#cluster.

  3. teamdhcp says:

    Hi Marc, the IP helpers (relay) on the router should be configured with IP addresses of both DHCP servers. The router will send the request to both DHCP servers. DHCP servers perform a hash of the MAC address in each client message and based on the has
    value only one of the DHCP servers will respond to the client.

  4. teamdhcp says:

    Marc, as far as I know, capability to configure 2 IP helpers has been in routers for quite some time.

  5. teamdhcp says:

    Salah, you can look at
    http://technet.microsoft.com/en-us/library/dn338983.aspx#cluster which talks about the first option that I mentioned above.

  6. teamdhcp says:

    Victor, see this link for setting up DHCP server on a Windows failover cluster –
    http://technet.microsoft.com/en-us/library/ee405263(v=WS.10).aspx

  7. teamdhcp says:

    Steven,

    You need to configure the DHCP relay agent/IP helpers on switch/router to forward the traffic to IP addresses of both the DHCP servers in the failover relation.

  8. teamdhcp says:

    Ian, a failover relationship can be only between 2 DHCP servers and is associated with a set of scopes.
    lets say you hub site has scopes 1 thru 5 and are setup for DHCP failover on server1 and server 2 at the hub. You can have a server3 at a spoke site with a failover relationship (with scopes 6 thru 10) to server 1 or server 2 serving as standby. But if you already have server 3 and server 4 in a failover relationship (with scopes 6 thru 10), you cannot have another failover relationship with server1 or server 2 for the same scopes.
    If you need more than one level of redundancy, you can combine DHCP Failover with Windows clustering.
    For example, server 1 and server 2 are on a Windows clustered and the clustered DHCP server has a failover relationship with server 3 which is standalone or again on a Windows cluster.

  9. teamdhcp says:

    Victor, the steps for setting up DHCP server on a Windows failover cluster has not changed between 2008R2 and 2012R2.

  10. teamdhcp says:

    Marc, as far as I know, capability to configure 2 IP helpers has been in routers for quite some time.

  11. teamdhcp says:

    Salah, there are 2 options
    – Deploy DHCP on a 2 node Windows Failover cluster at HO site. Separately, deploy DHCP on another 2 node windows failover cluster at DR site. Now, create a Hot standby DHCP failover relationship between the two.

    – Configure 80/20 split scope between the DHCP server at HO and DHCP server at DR site. Then configure DHCP failover at HO with another DHCP server. In this configuration, be aware that your DR site has only 20% of the IP address pool.

  12. Are you considered a super-nerd when you get excited about DHCP? This is truly awesome and at the same time soooo overdue! Good Work!

  13. teamdhcp says:

    Hi Marc, no – you need to configure the router so that it sends the DHCP client packet to both the DHCP servers at the same time.

  14. teamdhcp says:

    Praveen, the standby DHCP server will respond to retransmission of client messages. Most DHCP clients (including Windows) do multiple retransmissions until they get a response. There is a seconds field in the DHCP message in which the client is supposed
    to send how long it has been retransmitting. If this is more than 6 seconds, the standby DHCP server will respond.

  15. In a symmetric model (or any multi-site model really), how does the network know where to send DHCP requests?

  16. Ian says:

    Any idea if is possible to have a hub site active / active pair also server as stand by for a spoke site active / passive configuration?

  17. Chris H says:

    If we split scopes, for example Server 1 handles DHCP for 10.10.1.1-100 and Server 2 handles DHCP for 10.10.1.101-200. Can we still have a failover relationship for these two servers with 2 backup servers?

  18. salah1 says:

    if I want to have 2 DHCP servers in HO site and highly resilient on DR site. what is the best way to do that ? instead of using DHCP cluster can I have 50/50 scopes across 2 DHCP server in HO site, and 2 standby servers on DR site ???

  19. Victor says:

    I currently have 2 consolidated DHCP server at my HQ serving all the regions across the country. its on a DHCP failover load balancer. But I need to create another DHCP server {just one} on a DR site, & I want it to be on a Hot standby mode so date I can
    always use it when the main site goes down. Any help as regards to this.

  20. Victor says:

    thanks for the response, please how do I go about the Clustering since am currently using two Virtual machines has my DHCP servers. Any documentation I can use please?

  21. Victor says:

    hi, the example in the link above for the clustering is for Windows server 2008 R2. its not going to work in my environment because am using virtual machines running windows server 2012 R2. Can I have a scenario that works for 2012 R2 or a documentation
    on how to go about it.

    thanks.

  22. Marc says:

    Hi team, I want to deploy two new DHCP servers w2012 r2 (dhcp1 and dhcp2) in Load Balanced Mode and multi-subnets environment.

    I have some offices and we need to change the dhcp relay in the router of all offices. If in the router i set ip relay1 to dhcp1 and ip relay 2 to dhcp2, Who does it work?

    Does the router send the client ip request to both servers at the same time and two servers execute the hash and one respond the request? or always dhcp1 respond to the request…

    thanks

  23. Marc says:

    I thinked that the router sent the request to ip helper 1 and if the dhcp1 is down then the router send the request to ip helper 2 and dhcp2 and it does not send to the both ip helpers ( similar to dns, send the request to the primary dns and if dns1 is
    down then you send the request to the secondary dns configured in your server)

  24. Marc says:

    Perfect!!, thank you very much. I have a last question but maybe it is not the apropiate site. Is a standard feature for all routers (configure 2 ip helpers) or only for new / premium routers?

  25. Parveen says:

    I have scenario where DHCP servers have been deployed at two main sites serving about 70 customer locations. The DHCP scope have been configured in Hot Standby mode in such a way that for 35 locations DHCP server at site 1 has Active scope and DHCP server
    at site 2 as fallback scope and similarly for other 35 locations DHCP server at site 2 has Active Scope and DHCP server at site 1 has fallback scope. All the offices are on MPLS backbone

    As per customer there are situations due to network routing issues, some of the client sites have access to one of the main site that is holding DHCP Standby scope for those subnets. So in this case DHCP server with Active scope is UP and running but it is
    not reachable from another client site while other DHCP server having standby scope is reachable from client site. The clients will not get new IP Address from Standby DHCP server.

    My query is – whether it would be possible to change the relationship role at that time. What are the drawbacks ? What will happen to existing lease already issued to the clients of that site ?