Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How do split scopes on MS DHCP 2

Status
Not open for further replies.
mmorgensen

mmorgensen

MIS
Joined
Jun 26, 2002
Messages
58
Location
US
I know the basics about how to split the scopes in windows 2000 DHCP. I have the following question...

How to I configure the network to use the secondary DHCP server if the primary goes down?

My primary will have 80% of addys, and secondary with 20%. We are using a cisco router to relay requests to the primary server from the other subnets.

So if computer in subnet A requests an IP address, the cisco will forward the request to DHCP_PRIMARY. But if DHCP_PRIMARY is down...what happens? Do I need to impliment a NLB solution to have this work?

thanks!

mm
 
Sort by date Sort by votes
Depends if the router is RFC 1542 complient or not. If it is and clients on Subnet A request an address and no DHCP server is there to answer, the broadcast is made to the router, which in turns forwards it on to the backup DHCP server.

IF the router isn't 1542 complinet (but is sounds like it is) then a DHCP Relay agent will need to relay the requests across the router.

Test it out. Take the Primary DHCP server offline and request an address from subnet A.

Hewissa

MCSE, CCNA, CIW
 
Upvote 0 Downvote
using this solution would need a DHCP server on every vlan?

mm
 
Upvote 0 Downvote
You never mentioned vlans....how many?

Hewissa

MCSE, CCNA, CIW
 
Upvote 0 Downvote
sorry...I mentioned it in my other post in cisco land...
My goal is this:

Currently we have 7 vlans, with 7 different DHCP servers, and 7 wins servers, 7 BDC for Nt4.0, etc...

I have killed 5 wins servers, and with our AD miration the BDC's will be gone. Now I need to tackle the DHCP servers as they all reside on the BDC's. My goal was to create 2 DHCP servers for the company and have the cisco routers forward requests to those servers.

So I was wondering how I configure these servers for failover. I found many articles on how to set up scopes, but nothing on how to configure the network to use these servers. I found some stuff on cisco routers and helper IP addresses. So I think I am in the right direction.

any help or best practices would be great!
 
Upvote 0 Downvote
Does it matter to you that the Primary always provides the DHCP first? We have two DHCP servers on our LAN - both configured to provide different scopes with a subnet mask that encompasses both eg DHCP1 provides 10.0.10.x and DHCP2 provides 10.10.20.x and both provide a subnet of 255.255.0.0 - this is just for example - you'd be able to run a massive LAN with that!

We're not fussed which DHCP server answers the request...

Does this help?

H

Hany Mustapha
Excellent Technology Solutions in the UK -
 
Upvote 0 Downvote
Unless you have more than 10,000 users, a new server can provide DHCP services on one large LAN or even with smaller WAN thrown in. Use two for redundancy. Configure your routers to be able to provide 2 IP helpers (DHCP servers). Configure all your DHCP scope to each server but use the 80-20 split for each VLAN IP addresses. Search MS Knowledge Base on how to do this...

As an example using Class C address for 2 VLANs

DHCP1
Scope 10.0.0.1 - 10.0.0.200
Scope 10.0.1.201 - 10.0.1.250

DHCP2
Scope 10.0.0.201 - 10.0.0.250
Scope 10.0.1.1 - 10.0.1.200



P.S. Recommendations made here in no way guarantees your life, job, gf/bf, etc..etc...
 
Upvote 0 Downvote
okay that sounds good...so if the first Ip helper does not respond, the cisco will move to the second ip helper?

thanks!

mm
 
Upvote 0 Downvote
I'm no expert on Cisco but the last time I asked a CCNP that is what I was lead to believe.
 
Upvote 0 Downvote
could jsut use 1 DHCP server and set the other one up but dont authorize it in AD, and disable the service to make sure of no freaky rogueness going on
 
Upvote 0 Downvote
Yep u can do that too as a standby server. However, the server with the disabled service would not be sharing any load - this is not a problem with small networks.
 
Upvote 0 Downvote
I have to ask a few questions:

1. Are both DHCP servers in the same VLAN?
2. Are the IP helper addresses on the router to the DHCP address or VLAN broadcast (10.1.1.255)?
3. How many addresses are you working with?

MS did not make DHCP failover/redundancy an easy thing to do, since there is no type of data base replications like there is in WINS, but it can be done (sorta)

But here is what I have to offer:
The IP helper address can be set to an individual IP address so that all those lost broadcast type UDP port packets are sent to a specific IP (by that I mean TFTP, TACACS, DNS, DHCP, WINS and a few others). Or you can modify which types of traffic (again, by the port numbers) are sent to specific IP’s. You can configure an IP helper for WINS (port137) to point to 10.1.1.1 while DHCP (Port63) is pointed to 10.1.1.2, DNS (port53) to 10.1.1.3 and so on. You can also set an IP helper to broadcast to IP subnet range. If you use the previous IP examples you could configure an IP helper of 10.1.1.255 (based on a /24 address). This will allow all those UDP type ports to be passed to ALL IP’s in that subnet, this can be bad! But I have seen it used when all servers were in a Server Farm VLAN. The reason I bring this up is with two DHCP servers in different VLAN’s the 1st IP helper listed will be the one used to process the IP request. If there is no answer from the 1st address then it will use the second IP helper address to process. This is also why adding the port number is important, and also note that this called an ip forward-protocol command.

So I would build the following:

DHCP1 in VLAN2 with IP of 10.1.1.254 (with 80% of IP needed for each VLAN)*
DHCP2 in VLAN7 with IP of 10.1.7.254 (with 20% of IP needed for each VLAN with a very short lease time!!!) *

*DHCP1 has 20% of the IP’s for VLAN 7 and DHCP2 has 80% of the IP’s for VLAN7

VLAN’s 1-6 have primary IP Helper address of 10.1.1.254 port 67
VLAN’s 1-6 have secondary IP Helper address of 10.1.7.254 port 67
VLAN 7 has primary IP Helper address of 10.1.7.254 port 67
VLAN 7 has secondary IP Helper address of 10.1.1.254 port 67

If both DHCP servers are in the same VLAN modify the IP addresses accordingly but I have seen this configured and it did not work to well. Also note that if properly configured DHCP2 sits very quite with nothing to do. One of the checks and balances I’ve used is to have one of the VLAN’s pull it primary DHCP addresses from DHCP2, in the above example I would make VLAN 7 pull straight from the DHCP2. This way you can make sure the back up is actually working and will not fail when the primary takes a nap!

As another point of design I try to combine my DNS, DHCP and WINS on the same server. For some reason things just work better when all that name resolution and address-finding is done by the same machine.


SF18C
CCNA, MCSE, A+, N+ & HPCC

"Tis better to die on your feet than live on your knees!"
 
Upvote 0 Downvote
Hmm. Isn't the "IP Helper" a feature of routers that are RFC 1542 compliant?

Hewissa

MCSE, CCNA, CIW
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DrB0b
  • Locked
  • Question Question
Hybrid on prem AD with Azure AD
Replies
2
Views
607
DrB0b
DrB0b
goombawaho
  • Locked
  • Question Question
Domain join from wifi connected laptop
Replies
4
Views
1K
goombawaho
goombawaho
DrB0b
  • Locked
  • Question Question
HyperV trying to do extended replica to external HDD
Replies
0
Views
356
DrB0b
DrB0b
James281
  • Locked
  • Question Question
Enrolment agent (enrol on behalf of) stopped working
Replies
1
Views
483
mikehook
mikehook
sburgess73
  • Locked
  • Question Question
MSIPCCache Folder
Replies
0
Views
374
sburgess73
sburgess73

Part and Inventory Search

Sponsor

Back
Top