Windows 2000 DHCP Redundant Configuration Question

[MPG]

Hello folks,

We've got a domain that has about 120 DHCP clients. We've got two
Win2K DCs. Until recently, all of our DHCP was handled by the second
domain controller. I modified the setup to provide some DHCP
redundancy and have some questions. Here is the current setup:

DC1
Scope: 10.1.5.60 - 10.1.5.254
Exclusions: 10.1.5.157 - 10.1.5.254

DC2
Scope: 10.1.5.60 - 10.1.5.254
Exclusions: 10.1.5.60 - 10.1.5.156

The overlapping scopes and mutually exclusive exclusion lists were set
up based on a recommendation in TechNet DHCP best practices. This
basically leaves half of range on each DHCP server. With the current
setup, each DHCP server has 97 available addresses to hand out which,
I know, is not enough for the 120 DHCP clients. The hope is that it
would be enough to get us through a crunch if one of the servers went
down. Until I can get additional IP space allocated, I will have to
live with that setup. I do have some questions about this setup that
some of you may be able to answer:

- Is there a chance a client will not be able to get an address under
normal operations? For example, if the scope on one server fills up
and the client happens to hit that server, will it get denied and give
up?

- Is there any better way of setting this up without changing the IP
range?

TIA!
MPG

 

[Meinolf Weber]

Hello MPG,

If both servers are up and running, you will be fine, the client will search
for a DHCP server until it gets an address, doesn't matter which one. If
no server is available it will use the APIPA address. So in your case one
server must be down AND the client has to be at the half lease time, because
then it starts to renew the address. So if you are aware that one server
will be down, free the excluded range and all clients can get addresses.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> Hello folks,
>
> We've got a domain that has about 120 DHCP clients. We've got two
> Win2K DCs. Until recently, all of our DHCP was handled by the second
> domain controller. I modified the setup to provide some DHCP
> redundancy and have some questions. Here is the current setup:
>
> DC1
> Scope: 10.1.5.60 - 10.1.5.254
> Exclusions: 10.1.5.157 - 10.1.5.254
> DC2
> Scope: 10.1.5.60 - 10.1.5.254
> Exclusions: 10.1.5.60 - 10.1.5.156
> The overlapping scopes and mutually exclusive exclusion lists were set
> up based on a recommendation in TechNet DHCP best practices. This
> basically leaves half of range on each DHCP server. With the current
> setup, each DHCP server has 97 available addresses to hand out which,
> I know, is not enough for the 120 DHCP clients. The hope is that it
> would be enough to get us through a crunch if one of the servers went
> down. Until I can get additional IP space allocated, I will have to
> live with that setup. I do have some questions about this setup that
> some of you may be able to answer:
>
> - Is there a chance a client will not be able to get an address under
> normal operations? For example, if the scope on one server fills up
> and the client happens to hit that server, will it get denied and give
> up?
>
> - Is there any better way of setting this up without changing the IP
> range?
>
> TIA!
> MPG

 

[Phillip Windell]

the way you are doing it is exactly the way I have always done it and I have
never had any trouble with it. The lease peiod is 8 days by default,
meaning it renews every 4 days,...so it would probably take quite a while
(but sooner if clients are rebooted daily) to eat up all the addresses on
one DHCP if the other goes down,..but yes it would eventually happen,...the
idea is to just buy time to get the broken one fix right away. If you get
delayed on repairs just adjust the Exclusion on the remaining one to provide
a few more addresses then put it back to original aferwards.

The only difference I do is that I *always* use the entire IP Range in the
Scope based on the subnet mask, then use Exclusions to mark out the lower
Static Addresses.
It still works your way as well, so it is kind of just a preference I
suppose.

So I would have:

DC1 (with a mask of 255.255.255.0)
Scope: 10.1.5.1 - 10.1.5.254
Exclusion: 10.1.5.1 - 10.1.5.59
Exclusion: 10.1.5.157 - 10.1.5.254

DC2 (with a mask of 255.255.255.0)
Scope: 10.1.5.1 - 10.1.5.254
Exclusion: 10.1.5.1 - 10.1.5.59
Exclusion: 10.1.5.60 - 10.1.5.156


--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

"MPG" <mgaciarz@gmail.com> wrote in message
news:bba87c3c-59f0-4e9b-bcca-83a7bf547c7e@l64g2000hse.googlegroups.com...
> Hello folks,
>
> We've got a domain that has about 120 DHCP clients. We've got two
> Win2K DCs. Until recently, all of our DHCP was handled by the second
> domain controller. I modified the setup to provide some DHCP
> redundancy and have some questions. Here is the current setup:
>
> DC1
> Scope: 10.1.5.60 - 10.1.5.254
> Exclusions: 10.1.5.157 - 10.1.5.254
>
> DC2
> Scope: 10.1.5.60 - 10.1.5.254
> Exclusions: 10.1.5.60 - 10.1.5.156
>
> The overlapping scopes and mutually exclusive exclusion lists were set
> up based on a recommendation in TechNet DHCP best practices. This
> basically leaves half of range on each DHCP server. With the current
> setup, each DHCP server has 97 available addresses to hand out which,
> I know, is not enough for the 120 DHCP clients. The hope is that it
> would be enough to get us through a crunch if one of the servers went
> down. Until I can get additional IP space allocated, I will have to
> live with that setup. I do have some questions about this setup that
> some of you may be able to answer:
>
> - Is there a chance a client will not be able to get an address under
> normal operations? For example, if the scope on one server fills up
> and the client happens to hit that server, will it get denied and give
> up?
>
> - Is there any better way of setting this up without changing the IP
> range?
>
> TIA!
> MPG

 

[MPG]

On Apr 17, 2:19 pm, "Phillip Windell" <philwind...@hotmail.com> wrote:
> the way you are doing it is exactly the way I have always done it and I have
> never had any trouble with it.  The lease peiod is 8 days by default,
> meaning it renews every 4 days,...so it would probably take quite a while
> (but sooner if clients are rebooted daily) to eat up all the addresses on
> one DHCP if the other goes down,..but yes it would eventually happen,...the
> idea is to just buy time to get the broken one fix right away.  If you get
> delayed on repairs just adjust the Exclusion on the remaining one to provide
> a few more addresses then put it back to original aferwards.
>
> The only difference I do is that I *always* use the entire IP Range in the
> Scope based on the subnet mask, then use Exclusions to mark out the lower
> Static Addresses.
> It still works your way as well, so it is kind of just a preference I
> suppose.
>
> So I would have:
>
> DC1 (with a mask of 255.255.255.0)
> Scope: 10.1.5.1 - 10.1.5.254
> Exclusion: 10.1.5.1 - 10.1.5.59
> Exclusion: 10.1.5.157 - 10.1.5.254
>
> DC2 (with a mask of 255.255.255.0)
> Scope: 10.1.5.1 - 10.1.5.254
> Exclusion: 10.1.5.1 - 10.1.5.59
> Exclusion: 10.1.5.60 - 10.1.5.156
>
> --
> Phillip Windellwww.wandtv.com
>
> The views expressed, are my own and not those of my employer, or Microsoft,
> or anyone else associated with me, including my cats.
> -----------------------------------------------------
>
> "MPG" <mgaci...@gmail.com> wrote in message
>
> news:bba87c3c-59f0-4e9b-bcca-83a7bf547c7e@l64g2000hse.googlegroups.com...
>
>
>
> > Hello folks,
>
> > We've got a domain that has about 120 DHCP clients.  We've got two
> > Win2K DCs.  Until recently, all of our DHCP was handled by the second
> > domain controller.  I modified the setup to provide some DHCP
> > redundancy and have some questions.  Here is the current setup:
>
> > DC1
> > Scope: 10.1.5.60 - 10.1.5.254
> > Exclusions: 10.1.5.157 - 10.1.5.254
>
> > DC2
> > Scope: 10.1.5.60 - 10.1.5.254
> > Exclusions: 10.1.5.60 - 10.1.5.156
>
> > The overlapping scopes and mutually exclusive exclusion lists were set
> > up based on a recommendation in TechNet DHCP best practices.  This
> > basically leaves half of range on each DHCP server.  With the current
> > setup, each DHCP server has 97 available addresses to hand out which,
> > I know, is not enough for the 120 DHCP clients.  The hope is that it
> > would be enough to get us through a crunch if one of the servers went
> > down.  Until I can get additional IP space allocated, I will have to
> > live with that setup.  I do have some questions about this setup that
> > some of you may be able to answer:
>
> > - Is there a chance a client will not be able to get an address under
> > normal operations?  For example, if the scope on one server fills up
> > and the client happens to hit that server, will it get denied and give
> > up?
>
> > - Is there any better way of setting this up without changing the IP
> > range?
>
> > TIA!
> > MPG- Hide quoted text -
>
> - Show quoted text -

Thanks to both of you for the help. I just ran into another gotcha
with this setup today: IP reservations have to be set up on both DHCP
servers for them to work. Is there any other way of using
reservations with two active DHCP servers? One suggestion I found was
to have the two scopes overlap and put all of the IP reservations in
the overlapping IP space. At least, that way, a client for which
there is a reservation can hit either server to get its IP. However,
you still have to set up the reservations on both servers. Any
thoughts on this?

Thanks!

 

[kj [SBS MVP]]

MPG wrote:
> On Apr 17, 2:19 pm, "Phillip Windell" <philwind...@hotmail.com> wrote:
>> the way you are doing it is exactly the way I have always done it
>> and I have never had any trouble with it. The lease peiod is 8 days
>> by default, meaning it renews every 4 days,...so it would probably
>> take quite a while (but sooner if clients are rebooted daily) to eat
>> up all the addresses on one DHCP if the other goes down,..but yes it
>> would eventually happen,...the idea is to just buy time to get the
>> broken one fix right away. If you get delayed on repairs just adjust
>> the Exclusion on the remaining one to provide a few more addresses
>> then put it back to original aferwards.
>>
>> The only difference I do is that I *always* use the entire IP Range
>> in the Scope based on the subnet mask, then use Exclusions to mark
>> out the lower Static Addresses.
>> It still works your way as well, so it is kind of just a preference I
>> suppose.
>>
>> So I would have:
>>
>> DC1 (with a mask of 255.255.255.0)
>> Scope: 10.1.5.1 - 10.1.5.254
>> Exclusion: 10.1.5.1 - 10.1.5.59
>> Exclusion: 10.1.5.157 - 10.1.5.254
>>
>> DC2 (with a mask of 255.255.255.0)
>> Scope: 10.1.5.1 - 10.1.5.254
>> Exclusion: 10.1.5.1 - 10.1.5.59
>> Exclusion: 10.1.5.60 - 10.1.5.156
>>
>> --
>> Phillip Windellwww.wandtv.com
>>
>> The views expressed, are my own and not those of my employer, or
>> Microsoft, or anyone else associated with me, including my cats.
>> -----------------------------------------------------
>>
>> "MPG" <mgaci...@gmail.com> wrote in message
>>
>> news:bba87c3c-59f0-4e9b-bcca-83a7bf547c7e@l64g2000hse.googlegroups.com...
>>
>>
>>
>>> Hello folks,
>>
>>> We've got a domain that has about 120 DHCP clients. We've got two
>>> Win2K DCs. Until recently, all of our DHCP was handled by the second
>>> domain controller. I modified the setup to provide some DHCP
>>> redundancy and have some questions. Here is the current setup:
>>
>>> DC1
>>> Scope: 10.1.5.60 - 10.1.5.254
>>> Exclusions: 10.1.5.157 - 10.1.5.254
>>
>>> DC2
>>> Scope: 10.1.5.60 - 10.1.5.254
>>> Exclusions: 10.1.5.60 - 10.1.5.156
>>
>>> The overlapping scopes and mutually exclusive exclusion lists were
>>> set up based on a recommendation in TechNet DHCP best practices.
>>> This basically leaves half of range on each DHCP server. With the
>>> current setup, each DHCP server has 97 available addresses to hand
>>> out which, I know, is not enough for the 120 DHCP clients. The hope
>>> is that it would be enough to get us through a crunch if one of the
>>> servers went down. Until I can get additional IP space allocated, I
>>> will have to live with that setup. I do have some questions about
>>> this setup that some of you may be able to answer:
>>
>>> - Is there a chance a client will not be able to get an address
>>> under normal operations? For example, if the scope on one server
>>> fills up and the client happens to hit that server, will it get
>>> denied and give up?
>>
>>> - Is there any better way of setting this up without changing the IP
>>> range?
>>
>>> TIA!
>>> MPG- Hide quoted text -
>>
>> - Show quoted text -
>
> Thanks to both of you for the help. I just ran into another gotcha
> with this setup today: IP reservations have to be set up on both DHCP
> servers for them to work. Is there any other way of using
> reservations with two active DHCP servers? One suggestion I found was
> to have the two scopes overlap and put all of the IP reservations in
> the overlapping IP space. At least, that way, a client for which
> there is a reservation can hit either server to get its IP. However,
> you still have to set up the reservations on both servers. Any
> thoughts on this?
>
> Thanks!

You can setup your reservations once on one server then export them and
import them into the second server.

Keeping them in sync is still a pain, but better than entering potentially
hundereds and haveing to do it again.

--
/kj

 

[Herb Martin]

"MPG" <mgaciarz@gmail.com> wrote in message
news:bba87c3c-59f0-4e9b-bcca-83a7bf547c7e@l64g2000hse.googlegroups.com...
> Hello folks,
>
> We've got a domain that has about 120 DHCP clients. We've got two
> Win2K DCs. Until recently, all of our DHCP was handled by the second
> domain controller. I modified the setup to provide some DHCP
> redundancy and have some questions. Here is the current setup:
>
> DC1
> Scope: 10.1.5.60 - 10.1.5.254
> Exclusions: 10.1.5.157 - 10.1.5.254
>
> DC2
> Scope: 10.1.5.60 - 10.1.5.254
> Exclusions: 10.1.5.60 - 10.1.5.156
>
> The overlapping scopes and mutually exclusive exclusion lists were set
> up based on a recommendation in TechNet DHCP best practices. This
> basically leaves half of range on each DHCP server.

That is the correct way to do this.

> With the current
> setup, each DHCP server has 97 available addresses to hand out which,
> I know, is not enough for the 120 DHCP clients. The hope is that it
> would be enough to get us through a crunch if one of the servers went
> down. Until I can get additional IP space allocated, I will have to
> live with that setup. I do have some questions about this setup that
> some of you may be able to answer:

The strategy should include making the Lease period long enough so
that when one DHCP server goes down, ENOUGH of its clients
will be able to retain an address long enough for you to repair the
problem.


> - Is there a chance a client will not be able to get an address under
> normal operations?

Yes, but you reduce that chance through setting the lease correctly.

> For example, if the scope on one server fills up
> and the client happens to hit that server, will it get denied and give
> up?

If the other is down it will. The trick is to repair the "other" server
rapidly enough.

> - Is there any better way of setting this up without changing the IP
> range?

Probably not.