Windows Server 2012 R2 – DHCP High Availability / Fail-over Setup Guide (Part 1)

windows_server_2012

Part 1 – Background on Windows DHCP

Click here to go to Part 2

Why move to Windows 2012 R2 for DHCP? (from 2008 R2)

First we must understand how DHCP works in Windows Server 2008 R2. DHCP met high availability requirements by hosting the DHCP service on a Windows Failover Cluster or using split scope deployments. These mechanisms both have their disadvantages.

The split scope mechanism relies on configuring identical scopes on two DHCP servers and setting up the exclusion ranges in such a fashion that 80% of a subnet’s IP range is used for leasing out IP addresses by one of the servers (primary) and remaining 20% by the other server (secondary). The secondary server is often configured to respond to clients with a slightly delayed response so that clients use IP addresses from the primary server whenever it is available. Split scope deployments suffer from two problems. IPv4 subnets often run at utilization rates above 80%. In such subnets, split scope deployment is not effective given the low free pool of IP addresses available. The other issue with split scope is the lack of IP address continuity for clients in case of an outage of the primary server. Since the IP address given out by the primary DHCP server would be in the exclusion range of the secondary server, the client will not be able to renew the lease on the current IP address and will need to obtain a new IP address lease from the secondary server. In the case of split scope, the two DHCP servers are oblivious to each others presence and do not synchronize the IP address lease information.

dhcpsplitscope

When using Windows Failover Cluster, the DHCP database needs to be hosted on a shared storage accessible to both nodes of a cluster in addition to the deployment of the cluster itself. DHCP servers running on each node of the cluster operate on the same DHCP database hosted on the shared storage. In order to avoid the shared storage being the single point of failure, a storage redundancy solution needs to be deployed. In a virtual environment this is even more complicated. This increases the complexity as well as the TCO of the DHCP high availability deployment. Yuck..

windowsfailoverclustering

 

Windows Server 2012 R2 brings real fail over to the table!

The Windows Server 2012 DHCP fail over mechanism eliminates these shortcomings and provides a vastly simplified deployment experience. Moreover, DHCP fail-over is supported in all editions (Foundation, Standard, Data Center) of Windows Server 2012.

  • DHCP failover can be configured, and settings can be modified without the need to pause, stop, or restart the DHCP Server service.
  • Replication of scope settings can be initiated from either DHCP server to its failover partner server.
  • DHCP servers configured as failover partners can be located on different subnets, but this is not required.
  • When DHCP failover is enabled on a DHCP scope, the DHCP server that renews a DHCP client lease can be different from the DHCP server that initially granted the lease.
  • Two DHCP servers configured as failover partners will attempt to maintain a persistent TCP/IP connection.
  • Two separate, synchronized client lease databases are maintained independently by each DHCP failover partner server.
  • DHCP servers configured as failover partners are both aware of the status of the DHCP service on the other server, and are informed of any change in that status with minimal delay.
  • If two DHCP servers configured as failover partners are unable to communicate, precautions are taken to avoid the same IP address lease being issued to two different DHCP clients.
  • If a DHCP server becomes unavailable before it is able to successfully synchronize all DHCP client information with its failover partner, precautions are taken to ensure DHCP lease continuity for DHCP clients.

imarealboy

Windows Server 2012 DHCP provides a new high availability mechanism addressing these critical aspects. Two DHCP servers can be set up to provide a highly available DHCP service by entering into a fail-over relationship. A fail-over relationship has a couple of parameters which govern the behavior of the DHCP servers as they orchestrate the fail-over. One of them is the mode of the fail-over operation – I will describe this shortly. The other is the set of scopes that are part of the fail-over relation. These scopes are set up identically between the two servers when fail-over is configured. Once set up in this fashion, the DHCP servers replicate the IP address leases and associated client information between them and thereby have up-to-date information of all the clients on the network. So even when one of the servers goes down – either in a planned or in an unplanned manner – the other DHCP server has the required IP address lease data to continue serving the clients.

Gotcha’s

  • You cannot configure DHCP failover on a DHCP scope to include more than two DHCP servers.
  • DHCP failover supports DHCPv4 scopes only. DHCPv6 scopes cannot be failover-enabled.
  • If parameters of a failover-enabled scope are modified, these settings must be manually replicated to the partner DHCP server. Note: Automatic replication of scope settings is available if you use IP address management (IPAM) in Windows Server 2012 R2 to modify failover-enabled scope settings.
  • DHCP clients must be able to communicate with both DHCP failover partner servers, either directly or using a DHCP relay.

 

Click here to go to Part 2