[124038] in North American Network Operators' Group
Re: ISC DHCP server failover
daemon@ATHENA.MIT.EDU (Leo Bicknell)
Sat Mar 20 16:25:52 2010
Date: Sat, 20 Mar 2010 13:25:20 -0700
From: Leo Bicknell <bicknell@ufp.org>
To: nanog@nanog.org
Mail-Followup-To: nanog@nanog.org
In-Reply-To: <4BA4125C.2090309@tiedyenetworks.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--jI8keyz6grp/JLjh
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
In a message written on Fri, Mar 19, 2010 at 05:10:04PM -0700, Mike wrote:
> I am certainly not prepared to develop proof of concept code or go the=20
> full route of developing such a server myself, however, I belive firmly=
=20
> that a failover implementation in dhcp could be designed as a=20
> counterpoint to the current implementation that is reliable, simple,=20
> scalable and requiring no special procedures once a 'break' occurs. The=
=20
> method used by isc-dhcpd, I think, creates the problem of the potential=
=20
> for unreliable failover because it's not designed for the 'right'=20
> problem. But there are example implementations - such as vrrp/carp -=20
> that would form the basis of trustworthy dhcp failover protocol. Your=20
[snip technical bits]
Your method might work good where there is a LAN segment with two
DHCP servers on it, and I'm sure that's how some people operate.
However your method doesn't cover a much more common, and difficult
case.
Consider a DHCP server in Chicago and one in New York, performing
DHCP for clients in Chicago, Cleveland, Pittsburg, Buffalo, Albany,
and New York. When the network is broken, Chicago may still need
to serve Cleveland and Pittsburg, and New York may need to serve
Buffalo and Albany, and yet Chicago and New York cannot communicate
during that time. Also, you want to be sure when they come back
together there are no conflicts, for instance maybe Rodchester can
reach both Chicago and New York while those two cannot talk to each
other.
LAN discovery does not work for servers 1000 miles apart. All-or
nothing failure doesn't work, when each server may see part of the
clients.
I do think the DHCP failover protocol was perhaps over-engineered
which I think is the jist of your post, but unfortunately unlike
VRRP it's not always two things on the same local LAN. Perhaps
there is a market for DHCP redundancy "lite" where it only handles the
case of two servers on the same LAN, I dunno.
--=20
Leo Bicknell - bicknell@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
--jI8keyz6grp/JLjh
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.13 (FreeBSD)
iQIVAwUBS6UvMLN3O8aJIdTMAQI4Kw//R3v73vrP0+yC5FiGAYvTBg2dWbhet+m8
dFRb9GHpwO6P9I3cNfXS9nGvcVFr6vZ6vWOyi1MvJGAz8dYdjGiCZexDIK76i7VI
wv3NFyAXOU3gVRvT/+3WzczL7nxPArRZ1gJM5vDaOv27gI3/yreDAgODQtFSxH+Y
0SsFIEXJgnkicJ9Ramb1XhKMjjLRV8wmWkARiDaPe68JnOfZkpbsPjCfCozhENQO
YjXtDHy/sfboRMD3lfTrMaxby5THu4QaytZfB6/of1oN3V1rsAcZ7oP72e4KZLAf
ORuooBGhcjAQIN9bfuy7+h7wQlHXyVKWLH2zPvkNqI5MnySMkVY0Res9/zE/Adkl
uFdBNNQcYxnfUSHXFCp4nAqgrsuzbTJaoB5h0Slm0nbEXYJ0OrvgaYhUQo2NbM4U
Y3LqM+CG/gaFkQOllKN0OnZm92aQ1uEzcx1Kj+yNbLiUFc6FZTnR5FUN2G3Reetj
bOoBxATL34tOub7L1LEqjhsvYl6en1/c7Ll4gi7wzfvtgbJoXg+YxCJZ/xDFEcR9
vLakcZ/TqAhhkZoJVPOIb60IRdGhSZJVfVr1fo8jnhpQGR4bQn1d9/SKzGnz1AxN
MJ+haYkJjVsL2sTr3fSoEP7S5XeUAy2dGkvNr889B8L84mfSh9IejSRNWrDaRQfB
jcDk4aKP1+M=
=E3GR
-----END PGP SIGNATURE-----
--jI8keyz6grp/JLjh--
