DHCP Failover Hot-Standby Mode
In the previous blog on DHCP Failover, we discussed the DHCP failover load balance mode where both DHCP servers respond to client requests and load balance the requests between them based on an admin specified load distribution ratio.
In the other mode of a failover relationship, known as the Hot-Standby mode (Active-Passive), only one of the servers actively leases IP addresses and option configuration to clients in given subnet(s)/scope(s) while the other server (standby) is passive. The standby server services the clients, only in event of active server being down. The clients fallback to the active server once the active server becomes available again post the outage.
The Load balance mode is more suited for single site deployment where the 2 DHCP servers in a failover relationship are co-located with the subnets/scopes being served by them. As the servers are in network proximity with the clients, the clients do not experience any latency while acquiring or renewing an IP address.
Hot-Standby mode is more suited for multi-site deployment topologies. Each site would have a local DHCP server which is configured to provide the DHCP service to the clients on the local network and DHCP server at a remote site would be standby server. In a normal state of operation, computers and devices on a given site receive IP addresses and other network configuration from the DHCP server located at the same site as the clients. However, in the event of the local DHCP server being down, the DHCP server from the remote site would provide the service to the clients.
You could choose to deploy hot standby mode in a single-site deployment also if you need to.
Hot-Standby Mode Configuration
While configuring a failover relationship in Hot standby mode, there are 2 configuration parameters which are specific to the Hot Standby mode:
- Role of the Server (Active/Standby)
The role of a server participating in hot standby failover relation can be set to Active / standby server as part of new relationship configuration.
- Reserve Address percentage
As discussed in the blog on Load balanced mode, the free IP address pool of a scope which is part of a failover relationship in Load Balance mode, will be apportioned in the configured load distribution percentage to enable both DHCP servers to respond to client requests for new IP addresses. However, in a hot standby failover mode, free IP address pool is owned by the Active server entirely as it is serving all the client requests. In the event of an outage of the active server, the standby server needs to be able to renew existing IP address leases as well as give out new IP address leases to clients who request a new lease. For the later scenario – leasing new IP addresses to clients, the standby server needs a free IP address pool available to it from which it can give out new leases. The standby server will take over the free IP address pool of the active server only after it transitions into Partner Down state from Communicated Interrupted state and a time period of MCLT (Maximum Client Lead Time) has expired. This is as per the DHCP failover protocol. To enable the standby server to serve new IP address leases to clients during this interim period - i.e. till it transitions to Partner Down and takes over the entire free IP address pool of a scope – a percentage of free IP address pool needs to be available to standby server. This can be provided by the configuration parameter – reserve address percentage.
The percentage of addresses reserved for the hot standby server can be configured for a failover relationship configured for hot standby mode. Free IP addresses in proportion to the percentage value configured would be assigned to the hot standby server. If address reserve percentage is set to 0, no addresses will be reserved for the hot standby server and new client leases cannot be granted by the hot standby server in case of outage of active server. The default value for reserve address percentage is 5%. Since the reserve address percentage is meant for an interim period as discussed above, the value chosen for it can typically be small (5-10%).
Figure 1: Creating a Failover Relation in Hot Standby Mode
A new failover Relationship can be configured for Hot-standby mode and even an existing relationship in load balancing mode can be converted to hot-standby mode and vice-versa.
Operation in Hot Standby mode
Unlike the Load Balance mode, where the 2 DHCP servers compute a hash of the MAC address of the clients and decide whether to respond to the client or not, in hot standby mode, the servers do not compute hash of the MAC address of clients. The active server responds to all client requests and the standby server does not respond to any client requests at all while operating in NORMAL state. When active server goes down, the standby server transitions into Communication Interrupted state and starts responding to the clients. Once the active server is up, the standby server retreats into standby mode and stops responding to clients. This facilitates failback of the clients back to the active server.
Other Links
- About DHCP Failover
- Step-by-Step Guide to configure DHCP Failover
- DHCP Failover Load Balance Mode
- Multi-Site deployment topologies for DHCP Failover
- Migrate existing deployments to DHCP Failover
Team DHCP
Comments
Anonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
Hi Chang, when the link goes down, both servers will go into a failover state called "Communicated Interrupted". In this state, both servers will renew IP address leases which are already leased. For clients trying to obtain a new IP address lease (not renew existing lease), again both DHCP servers will grant new leases but they will do so from different portion of the free IP address pool of the scope - thereby avoiding any conflict. The standby server during this period (when it is Communicated Interrupted) will give new IP address leases from the percentage of the free IP pool reserved for it (reserve address percentage). If the link continues to be down for a long period (state switch over interval), if automatic switchover is enabled, both server will move into Partner down. The situation of both servers running in partner down should be avoided.Anonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
Hi Rimvydas, your observation is correct. The unicast renew requests will not be responded to by the standby server. The rebind requests (broadcast) will be responded to. The standby server does not respond to renew for the following reason - by not responding to renew but only to rebind, the failback of the client to the original server is sooner i.e. if the active server is up by the time the client gets into rebinding state, it will respond to the client and not the standby server. So, the client will continue to talk to the active server.Anonymous
January 01, 2003
Hi Ramvydas, regarding your comment "correct mistakes in examples as there are mistakes in there. For example when both servers are up clients get IP addresses with lease time equal to scope lease time and not MCLT time."
When both servers are up and failover relationship is in NORMAL state, a new client lease is given for MCLT duration. When the client comes back for renewing the lease at a time (MCLT/2), it will get the scope lease duration.Anonymous
January 01, 2003
Hi Joey, if the 2 DHCP servers are able to reach other, the failover relationship will be in NORMAL state. In NORMAL state, the client will get an IP address from the standby server provideed it is retransmitting the request messages (most clients including Windows does retransmissions). A standby server which is NORMAL failover state, will respond to 2nd retransmission of DISCOVER and REBIND protocol messages (but not RENEW). So, the short answer is yes, the client will be able to renew an existing lease or obtain a new lease provided the client is retransmitting the messages as required by DHCP RFC.Anonymous
January 01, 2003
Joey, can you please elaborate on what are the exact steps you are performing and what are your observations during those steps.Anonymous
January 01, 2003
Steve, after deactivating the scope, you need to perform "Replicate Scope" to replicate the state of the scope (deactivated) to the partner server. This will ensure that the scope is deactivates on the partner server and it will not respond to clients.Anonymous
January 01, 2003
Hi Dave, your observation is correct, if the standby server is running in COMMUNICATION INTERRUPTED state and if it runs out of IP addresses in it's reserved IP address pool, it will not be able to give new leases though it will continue to renew existing leases. An admin should manually move the server from COMMUNICATION INTERRUPTED state to PARTNER DOWN state if he/she has not enabled automatic state switchover and the active server is going to be down for quite some time. DHCP server logs events when it transitions into COMMUNICATION INETRRUPTED state which should be picked up by a monitoring solution and alert the admin. The System Center Operations Manager has a DHCP server management pack which picks up these events and sends alerts in the SCOM console. You can download the SCOM DHCP management pack for 2012 here - http://www.microsoft.com/en-in/download/details.aspx?id=39062Anonymous
January 01, 2003
Hi PSY, As soon as primary server goes down, the partner standby server will move into COMMUNICATION INTERRUPTED state (Lost contact with partner) and will start responding to renew requests from the clients. It does not wait for MCLT to expire for renewing clients.Anonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
Hi Chang, when the link goes down, both servers will go into a failover state called "Communicated Interrupted". In this state, both servers will renew IP address leases which are already leased. For clients trying to obtain a new IP address lease (not renew existing lease), again both DHCP servers will grant new leases but they will do so from different portion of the free IP address pool of the scope - thereby avoiding any conflict. The standby server during this period (when it is Communicated Interrupted) will give new IP address leases from the percentage of the free IP pool reserved for it (reserve address percentage). If the link continues to be down for a long period (state switch over interval), if automatic switchover is enabled, both server will move into Partner down. The situation of both servers running in partner down should be avoided.Anonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
Hi Amitraj, the 2 DHCP failover servers can be in different subnet. There is no performance impact.
The deployment that you have mentioned is support and quite typical.Anonymous
January 01, 2003
DHCP Failover itself has no dependency on AD so the lease synchronization protocol itself would work fine between 2 DHCP servers in different AD domains without trust. However, you may run into issues while configuring since the user setting up failover needs to be member of DHCP Administrators account on both the DHCP servers for which you are setting up failover.Anonymous
January 01, 2003
Kenneth, DHCP failover protocol does not have any dependency on domain membership of the 2 DHCP servers. However, to configure DHCP failover, the user needs to have permissions of "DHCP administrators" on both the DHCP servers. I am not sure if that's possible with 2 servers being in different forest w/o trust relationship.Anonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
Hi Bashar, you can install it on 2 Windows Server 2012 AD domain controllers. There is no need for dedicated servers for DHCP FailoverAnonymous
January 01, 2003
Albert, most of what you described is correct. Some corrections -
- lease renew via a unicasted message is done by the client at 1/2 of the lease period (not 7/8th)
- if unicast renew message fails to get a response, at 7/8th of the lease period, the client starts sending the same message as a broadcast (this is called REBIND state/message).
So, in your first para, client will get lease duration as specified on the corresponding scope at MCLT/2.
Regarding your second para, the server in PARTNER DOWN or COMMUNICATION INTERRUPTED state always gives lease for MCLT duration and never full scope lease duration.Anonymous
January 01, 2003
You can manually change the state of a server which is running in communication interrupted to partner down using DHCP MMC or DHCP PowerShell. In MMC, go to IPv4->Properties, go to Failover tab, select the specific failover relationship and click edit. You will see "Change to partner down" button on the edit page. This button is enabled when the server is running in communication interrupted state. In PowerShell, You can run the following command - Set-DhcpServerv4Failover -ComputerName <servername> -Name <Failover relationship name> -PartnerDown Again, this will work only if the server is in communication interrupted state.Anonymous
January 01, 2003
Hi Kapil, the issue you have mentioned sounds familiar to the first issue discussed in the blog at
http://blogs.technet.com/b/teamdhcp/archive/2014/02/26/dhcp-failover-patch-to-address-a-reservation-issue-and-another-issue-related-to-failover-partner-not-accepting-state-transition-from-bad-address-gt-active-has-been-released.aspx.
Please install KB 2919393 for Windows Server 2012 or KB 2919355 if you are running Windows Server 2012 R2. This should resolve it if its the same issue.Anonymous
January 01, 2003
Thank you. I've just tested in my lab and everything checks out.Anonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
Amitraj, are these options configured at the scope level or the server level. Server level options are not replicated by the failover configuration wizard (or PowerShell cmdlet). If these are scope options, can you try the "Replicate Scope" action in MMC on the specific scope and check if these get replicated.
Regarding your question about Cisco TFTP server, the remote site would be a different DHCP scope on the server correct ?Anonymous
January 01, 2003
Hello Ben, IP helper/relaying needs to be configured. The relays/IP helper should have IP addresses of both the DHCP servers. Only the primary server will respond to the clients while it is still running. If it goes down, standby server will start responding to the clients.Anonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
Gaurav, yes you can have a single DHCP server at the central site as a standby server for each of the remote site DHCP servers. See the hub and spoke model in the blog at -http://blogs.technet.com/b/teamdhcp/archive/2012/09/05/multi-site-deployment-topologies-for-dhcp-failover.aspxAnonymous
November 19, 2012
If you do not specify the "state switchover interval" parameter, how do you instruct a server that the partner is down? Reading the documentation: "Since there is no way for the server to detect the reason for loss of communication with its partner, the server will continue to remain in communication interrupted state until the administrator manually changes the state to partner down." I don't see an option to manually change to partner down. thanks!Anonymous
August 18, 2013
Can we install this new DHCP Failover in 2 Windows server 2012 AD domain controller servers or it should be in two dedicated servers?Anonymous
October 28, 2013
Normally it was my best solution to put it together with the DC Role, but the Best Practices Analyzer had some failures if put the roles on same machine. Or was this only for Srv 2008 ? technet.microsoft.com/.../ee941109(v=ws.10).aspxAnonymous
October 28, 2013
The comment has been removedAnonymous
November 20, 2013
The comment has been removedAnonymous
November 20, 2013
The comment has been removedAnonymous
December 11, 2013
Is it possible to have the Maximum Client Lead Time to 20 minutes and set State Switch over Interval to 60 minutes. From what I gather, after 60 mins the active server will be transition to a down state but since the MCLT is 20 mins... Will the standby DHCP server poll thrice in a hour before it takes over the scope. Thanks.Anonymous
December 11, 2013
PSY, You can set MCLT to 20 minutes and state switch over to 60 minutes. When a server is unable to communicate with its partner DHCP server (which could be because the partner server is down or there is a network connectivity problem between the two), it will automatically transition to COMMUNICATION INTERRUPTED state. If state switch over is enabled, it will start a timer for the specified state switch over interval (in this case 60 minutes). During this time (state switch over interval), it will try repeatedly to establish contact with the partner DHCP server - every few seconds. If the server succeeds in re-establishing communication with partner DHCP server, the server transitions back to NORMAL state of the failover relationship. If even after expiry of the state switch over time, the server is not able to establish communication with partner DHCP server, it automatically moves to PARTNER DOWN state. After moving to PARTNER DOWN state, the server will start another timer for MCLT. On expiry of this timer, if it is still in PARTNER DOWN state, it will take over the portion of the free IP pool which was owned by the partner DHCP server. Even while in PARTNER DOWN state, the server will continue to make attempts to re-establish communication with partner server every few seconds. If communication with partner is re-established, it will transition out of PARTNER DOWN state and eventually moved back into NORMAL state.Anonymous
February 19, 2014
Is it possible to have the failover server in another non-trusted domain?Anonymous
March 16, 2014
Thanks for the previous response on MCLT and State Switch Over. You mentioned that once the state is moved to PARTNER DOWN, the MCLT timer is kicked in and after the MCLT is lapsed then the free IP pool is seized and owned by the other server. What would happen if the client doesn't request a new IP but rather renews it. Will the standby server be able to renew the same IP address issued by the primary server before it lost communication and if the MCLT timer has not lapsed. So for example if the MCLT value is 1 hour and the primary server went down in 30 minutes, will the clients requesting renew be serviced by the standby server or will it have to wait for the time till the MCLT value expires?Anonymous
March 20, 2014
Hi DHCP Team,
Can you clarify the following thing. When standby server moves to PARTNER DOWN state, how exactly must it respond to client requests? Because I'm seeing the following:
Client gets an IP address from standby server. Lease duration is equal to MCLT time. Everything ok here. But when client tries to renew its IP address from standby server at 50% MCLT time by sending direct request to dhcp server, dhcp server simply refuses to respond. And only when client goes to rebinding state, only then DHCP server renews client's lease. And then the same bahavior again - dhcp standby server does not respond to direct client's renew requests and only responds when client goes to rebinding state. Is such behavior expected and normal???Anonymous
March 30, 2014
The comment has been removedAnonymous
March 30, 2014
Thank you very much for the quick response. So if the State Switch Interval has passed and still if the link is down, will both DHCP servers stop leasing out new IP address as it is in partner down state. Our SSI interval is set to 10 mins so there is a possibility that the link is down for more than 10 mins. Also I am assuming that the lease renewal will be serviced by the standby server.Anonymous
March 31, 2014
The comment has been removedAnonymous
March 31, 2014
Hi teamdhcp,
Thank you for your clarifications. But I still think that there will be no bad things for standby server to respond to direct renew requests. Clients get IPs from standby with lease time equal to MCLT which is short so I thing there will be no huge delays for the clients to get back to primary server. To be honest I see no difference. When primary server is up, standby will stop to respond and we'll have the same bahavior with almost the same times. As for now, because standby server does not respond to direct renew requests - it is simply bombarded by huge ammount of direct clients requests. I think this is not good thing.
And please, expand your docs and include what exactly standby server does when it is in partner down state. There is mentioned nothing what it does at such time.
And please, correct mistaked in examples as there are mistakes in there. For example when both servers are up clients get IP addresses with lease time equal to scope lease time and not MCLT time.Anonymous
April 01, 2014
The comment has been removedAnonymous
April 02, 2014
The comment has been removedAnonymous
April 09, 2014
We have 2 DHCP 2012 implemented at my site and both are in cluster with hotstandby mode (one is active and another is standby). We face issue that the IPs which are reserved earlier are getting deleted and the same IP is getting assigned to some other machine which is not reserved. Require guidance for resolving the issue.Anonymous
April 11, 2014
I'm a little confused about something not explicitly mentioned in the documentation (at least, not that I can find). The way I understand things, if the standby server is in the COMMUNICATIONS INTERRUPTED state and has available addresses in its reserved pool, it can lease those addresses to clients that don't already have an existing lease.
If the state switchover interval isn't enabled, the standby server won't automatically transition to PARTNER DOWN, so what happens if its reserved pool is exhausted? Does it simply stop giving out new leases? Assuming clients can't contact the active server, either because it's down or the link between it and the clients is severed, are they just out of luck until something gets fixed or someone transitions the standby server to the PARTNER DOWN state?Anonymous
April 15, 2014
The comment has been removedAnonymous
April 15, 2014
The comment has been removedAnonymous
April 15, 2014
Please ignore my previous comment with Standby mode issue. It turned out that my VMWARE workstation ran into some issues and fix was to restart all the DHCP and DC servers.. Thanks for your help :-)Anonymous
May 29, 2014
For a Load Balancing mode, Do we need to place both servers on a same subnet ? or we can place it on a diffrent subnet , is there any performance impact?
We are planning to place one server at our Datacenter and another in our office and we have 1GB point to point network connection between Datacenter and Office, please advice..
regards
AmitrajAnonymous
June 19, 2014
The comment has been removedAnonymous
June 19, 2014
For Load Balancing mode:
As explained previously, We are planning to place one DHCP server at our Data center and another in our office and we have 1GB point to point network connection between Data center and Office,
1.since both servers will be on a separate sites how clients from office will get IP's from both the servers.
will the DHCP server located in office gets overloaded? as client is close to the DHCP server in office.
or how the clients requests will go to DHCP server located in Data center ( as no of hops are more)
2. If the N/w latency of DHCP server located in Data center is more compared to the DHCP server located at office. how the clients will manage to get IP's from both DHCP servers ( will the DHCP request will be balanced between both servers)
3. Does latency mismatch between DHCP servers to client will make any difference in serving the DHCP requests?Anonymous
July 22, 2014
The comment has been removedAnonymous
July 22, 2014
Hi
we have many scopes , which are already utilized 100% lease quota.
for such scopes how do we transition to hotstnadby failover mode? as i understand we need to have 5% of free address.Anonymous
September 10, 2014
The comment has been removedAnonymous
December 10, 2014
The comment has been removedAnonymous
April 13, 2015
The comment has been removedAnonymous
April 20, 2015
We have hotstandby failover configured in Hub and spoke model.
Single central standby failover server and other remote servers have failover established.
when i configure failover relation, i don't get all the scope options reflected on central failover server.
for example for wireless , we need to have option 043 on primary server with 10.141.x.x IP but when i go and check on failover server scope options for this subnet it shows blank (even though 043 option enabled )
There are some other options on the scope that also are not showng up on failover partner like, TFT server IP and 066 Boot server hostname and 067 Bootfilename
due this wireles wasn't working from failover partner.
Most of the non default dhcp options are with emptyvalue on failover partner.
Please advice how to replicate scopes options with actual value.Anonymous
April 20, 2015
and also we have diffrent cisco TFTP servers for remote site, how can we make sure it is reflected on failover partnerAnonymous
June 29, 2015
The comment has been removedAnonymous
July 01, 2015
Jeff, Yes you could script this using DHCP PowerShell cmdlets. Here are the steps with CPE-OCPhone as an example. I will try and post a script to do this.
/* Remove any option value assigned for vendor class specific option - in this case Vlanid (option id 10) /
Remove-DhcpServerv4OptionValue -ScopeId -VendorClass " CPE-OCPhone " -OptionId 10
/ Remove the vendor class specific option definition - vlanid (option id 10)*/
Remove-DhcpServerv4OptionDefinition -VendorClass "CPE-OCPhone" -OptionId 10
/Remove the vendor class definition - CPE-OCPhone/
Remove-DhcpServerv4Class -Name " CPE-OCPhone" -Type Vendor
/Add the vendor class definition with correct case - CPEOCPHONE/
Add-DhcpServerv4Class -Name "CPE-OCPHONE" -Type Vendor -Data "CPE-OCPHONE"
/*Add the vendor class specific option definition - vlanid (option id 10) /
Add-DhcpServerv4OptionDefinition -VendorClass "CPE-OCPHONE" -OptionId 10 -Name "VLAN ID" -Type "Word"
/ Re-add the option value assigned for vendor class specific option which was removed in the first step - in this case Vlanid (option id 10) */
Set-DhcpServerv4OptionValue -ScopeId 10.20.0.0 -VendorClass "CPE-OCPHONE" -OptionId 10 -Value 10Anonymous
August 13, 2015
The comment has been removedAnonymous
August 14, 2015
What firewall ports must be open between dhcp servers ?Anonymous
August 16, 2015
Gosa, all failover communication between the DHCP failover servers is over TCP port 647. Firewall rules for this are installed by default on the Windows Server where DHCP server role is installed.Anonymous
August 16, 2015
The comment has been removedAnonymous
September 16, 2015
The comment has been removedAnonymous
September 21, 2015
The comment has been removed