Windows server

How to Configure DHCP Failover on Windows Server

By Terry J. Morgan

Redundancy is essential to deal with planned and unplanned outages, and this includes having redundant Dynamic Host Configuration Protocol (DHCP) servers to allow uninterrupted dynamic IP address assignment.

For those working in Windows environments, there are currently two options for configuring redundant DHCP servers: a failover scenario with one primary server paired with another in hot standby; and a load balancing scenario in which two DHCP servers actively handle client requests.

Hot-standby mode uses a primary server that provides DHCP services for all clients within a particular IP address range (scope) and a standby server that takes over only when the primary server is unavailable for a Configurable period in the set up.

This option is ideal for scenarios where the standby DHCP server is in a different physical location from the primary server, reducing the risk of both failing at the same time due to power failure or hardware failure . The standby machine can also be a virtual machine running on separate hardware and powered by a different power source.

Load balancing mode also uses two servers, but both are active all the time and share the handling of DHCP requests.

Server requirements

To configure either option in a Windows environment, servers must meet two criteria:

  • Both servers must have the DHCP role enabled and configured through Windows Server Manager or PowerShell. In most cases there will already be an active DHCP server in the network, so setting up a second machine with the DHCP role enabled should be allowed. To do this, connect to the second server using the Microsoft Management Console (MMC) DHCP snap-in, right-click the server object and select “Allow”.
  • For the relationship to work, the settings for both servers must be set to handle the same IP address ranges and have the same scope/server options. If they do not match, the failover relationship cannot be established. The easiest way to do this is to copy these details from server to server with a backup to the existing DHCP server and a restore to the new one. To export from the existing DHCP server you want to back up, connect to it using the MMC snap-in, expand the server object, right-click on the server name and select “Backup” , then select the save location in the browse dialog box that appears.

To establish the failover relationship, reconnect to the original DHCP server using the DHCP MMC snap-in, expand the server object, right-click the “IPv4” icon or a specific scope and select “Configure Failover”. (When configuring failover on the “IPv4” icon rather than an individual scope, multiple scopes can be added to the failover relationship at the same time.) In the dialog that appears, select the scopes for which you want to create a failover relationship. for, or check “Select all” in the “Available staves” section to select all available staves. Click “Next” and specify the server you want to create the relationship with by typing the fully qualified domain name (FQDN) of the other server or by searching for it in Active Directory using the “Add Server” button.

Setting failover properties requires some configuration. Some settings apply to both load balancing and auto-standby modes; others only apply to one or the other. Settings for both modes include:

  • Relationship Name: By default, the relationship name will be the two server names appended in the format server1-server2, but these can be changed to be more descriptive if needed.
  • Maximum Client Timeout (MCLT): This sets the maximum amount of time either server can extend a DHCP lease beyond what the partner server already knows. Microsoft recommends that the MCLT be set to one minute.
  • State Failover Interval: Sets the amount of time one of the servers is unavailable before it transitions to idle partner state. The default setting is 60 minutes during which the standby server will take full responsibility for the extent of the failover until its partner changes state again.
  • Enable Message Authentication: This is an optional feature that allows a shared secret for both servers to prove to each other that they are who they say they are. If this setting is checked, a shared secret must be provided that will use Secure Hash Algorithm 2 (SHA-2).

For load balancing mode only:

  • Load Balance Percentage: This sets the percentages of the number of DHCP requests that will be serviced by each server.

For auto standby mode only:

  • Hot Standby Configuration: This parameter has two parts. The first is the role of the partner server which should be set to “Standby” if configuring from the main server. The second “Addresses Reserved for Backup Server” is the percentage of each scope reserved for the backup server to be used in case the primary server is unavailable. The default is 5%. Note that when the primary server is unavailable, the standby server will continue to renew the IP address of existing leases for the duration designated by the MCLT parameter. It will only use the reserved backup addresses for new DHCP lease requests until the main server is back online or designated as “Partner Down”.

Once these parameters are set, a summary dialog and a final progress dialog indicate whether the relationship was created successfully. If not, make sure all scopes and scope/server options are present on both DHCP servers, then run them again.

Synchronization and replication with new scopes

Any changes to the scopes specified in these relationships are not synchronized or replicated automatically. This must be done by returning to the DHCP MMC snap-in, right-clicking the scope on the main server, and choosing “Replicate Scope”. Or it can be done via PowerShell using this command:

Invoke-DHCPServerv4FailoverReplication -computername DHCP-server.example.com

A new scope created on one server after the server relationship is established will not automatically be created on the other server. This requires the same steps as when setting up the original relationship, but there is a time-saving option. Select the existing failover relationship in the wizard by checking “reuse existing failover relationships configured with this server (if any)”. This appears in the first wizard dialog box.

Finally, networks typically include a DHCP relay (often the function of a master switch) that points to the active DHCP server for VLANs and subnets. After configuring failover server relationships, be sure to add the second server’s static IP address to the DHCP relay list so that network traffic is sent to it when failover is needed. This applies differently depending on the location of the relay and its configuration, but the failover should be tested after it is configured and the relay updated.

Join the Network World communities on Facebook and LinkedIn to comment on the topics that matter to you.

Copyright © 2022 IDG Communications, Inc.

Related posts:

  1. WatServ obtains an advanced specialization for the migration of Microsoft Windows Server and SQL Server to Microsoft Azure
  2. Marvell Technology: Do you have any chemistry? Windows Server 2022 and Marvell QLogic Fiber Channel
  3. Windows Server 2022 is here! – Virtualization review
  4. KB2757011 interrupts Remote Web Access in SBS / WHS11 – Fixed!
Terry J. Morgan
You might also like More from author

Comments are closed.