[136281] in North American Network Operators' Group
Re: DHCP server fail-over and accounting
daemon@ATHENA.MIT.EDU (John Adams)
Wed Feb 2 04:38:54 2011
In-Reply-To: <BAY157-w394ED913E45AD494C0D23198E40@phx.gbl>
Date: Wed, 2 Feb 2011 01:38:48 -0800
From: John Adams <jna@retina.net>
To: Joe <sj_hznm@hotmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
2011/2/1 Joe <sj_hznm@hotmail.com>:
>
> hi,
>
> =A0 =A0we plan to implement DHCP server farm in our network. =A0 Currentl=
y , there are there =A0problems burning my head. could anybody
You're making this way, way too complicated.
Run two DHCP servers. Allocate two different netblocks to each server.
For Example, if your network is a /24, allocate a couple of /26's.
Both will answer on a request.
The client will ack to whatever address it decides to accept. Full redundan=
cy.
> =A0 =A0 =A0 To our experience, this needs to set up =A0DHCP =A0server on =
two sites and syncronize their content in real time.
> =A0 =A0 =A0Beside this , =A0we hope =A0there should be as less modificati=
on as possible =A0on edge router when one DHCP =A0server is down.
> =A0 =A0 =A0should anycast architecture helpful ? =A0 or should we just se=
t up two dhcp servers on two sites and =A0sync. with ISC DHCPD?
Don't even bother with the syncing, and anycast is the wrong protocol here.
> =A02. How to set up accouting and authentication with DHCP?
That's the wrong place to do it. 802.1X is better here, or PPPOE/ACLs
that need RADIUS auth to get past.
> 3. =A0Someone said PPPOE is not good for customer looking for long time o=
nline , =A0DHCP is an good option. =A0But, to my understanding
That's funny, because many major ISPs (like telcos) have done this for year=
s.
-j
