[155495] in North American Network Operators' Group
Re: Does anyone use anycast DHCP service?
daemon@ATHENA.MIT.EDU (Leo Bicknell)
Mon Aug 13 08:31:02 2012
Date: Mon, 13 Aug 2012 05:29:53 -0700
From: Leo Bicknell <bicknell@ufp.org>
To: NANOG <nanog@nanog.org>
Mail-Followup-To: NANOG <nanog@nanog.org>
In-Reply-To: <BAY170-W1270872B3DA5B5C158FB7F198B00@phx.gbl>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--oyUTqETQ0mS9luUI
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
In a message written on Mon, Aug 13, 2012 at 08:51:09AM +0000, Joe wrote:
> We are considering setup reduant DHCP server clusers by using anycast.
I already see people pointing out problems with Anycast here, but
no one pointing out the best available solution.
Assuming your DHCP servers are properly clustered, simply have your
routers relay all requests to both servers. Here's instructions
on setting up ISC DHCPD for redundant (pooled) servers:
http://www.madboa.com/geek/dhcp-failover/
Then configure your routers to send to both DHCP servers with
multiple helper-address lines:
interface Gig0/0
ip helper-address 10.0.0.1
ip helper-address 10.128.0.1
The way this work is when a box comes up the router sends DHCP
requests to both servers. The DHCP server that reponds first will
be used by the client, which will complete negotiation with that
server via unicast. The two DHCP servers will then synchronize
their pools.
Works great, no single point of failure, no anycast.
--=20
Leo Bicknell - bicknell@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
--oyUTqETQ0mS9luUI
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)
iQIVAwUBUCjzQLN3O8aJIdTMAQI+dQ//b2qR25Oqndj1gg6eBKt5oyW/9wnuH0PF
GDen5PDYPzpTQEEBBNavAhrBB0k170TMk8t8o/ToaZKrd0/Jwx4zpjm24vU2z6R4
da97nUpFzDtJuxrdZZxePBQjMzT8A6CzMU8BdKUZ4uCzxEDGQGipjWn80DHdb7RV
rjGHOmsy3DtMoDXcdml4VWwHSBZlK4mdb7kX9IAASOTNFG/qbQlrKn+8PA+P3k+8
aoL30IlwyrrRWMUGBzeWfiZB/bKIdf1TrQfKQrLrmH2X7fnrGTWrSKdOOV+P/sOs
EBOiIeERpd2n92aQA1FkNy7yJT9hmR/YKTvioZo/7ERXEfj3VLGFStgp+Y/O1dOw
rAm7RVmaHo6z9GWSzD3H9aZQsd3LUiTisPxhD+Ctn4TW3zbXtBkZsZM1JRSQm0FR
0y0R0zPR3KlKmgPaYo4EVpddT02xk+IAmIDJLiHdgBJgIU4KY2dfKsFzO4sJkuqF
Y3O9pMosDorExIRk7FotzLQ0Wa/TrjamRYGquMM/TLga8X5XdxCjFlC6Qui3kkOx
VBIilyKpjJRqkq0U3SAd6KskWNpNQ9ZEtSMMAAO0OeA+wQqKTeVZq7Q4CclmvU9B
iJhxcay0iuqEKlehoCk0G2DUFc/ZMeCk3v03AUsDnFwmzglaEfrPXHkwafTnb6JO
l6jN+PkTvSg=
=rC0w
-----END PGP SIGNATURE-----
--oyUTqETQ0mS9luUI--
