On Tue, 2 Oct 2012, Aaron Hall wrote:
We're considering ways to provide redundant DHCP to maintain service
should our (physical) server go down suddenly. We're using isc-dhcpd on
RHEL. One server handles all of campus, and it's not breaking a sweat.
Our first thought was ISC's failover, but it doesn't seem well-suited
for us. We have a large and complex DHCP config (many subnets, many
static hosts), and failover doesn't keep the configs in sync. Further,
the config changes near-constantly during the day. Our wireless network
registration system (NetReg 1.3) stuffs new registrations into the DHCP
config (via an included file). We also have concerns about how
IP pool-sharing works, but that's secondary.
How do other shops provide redundant DHCP service when the built-in
isc-dhcpd failover isn't appropriate?
We've planned a fairly hacky solution, but I really hope it's an
already-solved problem. Our plan is to:
* Maintain the backup server as a hot-spare, with dhcpd configured but
not running. It won't run the registration software, just dhcpd to
maintain service to existing clients.
* Whenever a registration event causes the master dhcpd to restart, copy
that config and the leases DB to the backup server. There's already a
cron job that checks every minute for new registrations and restarts
dhcpd if so; we'd hook into that. (The details of this are tricky --
what happens, say, if the master server dies in the middle of a copy?
We can surmount that, but still.)
* Should the master server go down, we'd sanity-check the config on the
backup, and turn on dhcpd. This could be a manual or automatic
process.
You have a couple of different issues.
1. static configs that you update via an include file
either put these configs on shared storage, or make the tools that manage
this file replicate it to the backup box
2. the dynamic pools.
you can put the leases file on shared storage so that the second box will
have the same info when it starts.
or you can create separate non-overlapping pools for the two servers, so
that it doesn't matter what one machine issues out as the other machine
can just ignore it and issue it's own addresses.
Shared storage is very nice, and solves a lot of headaches. However you
have to figure out what your shared storage is going to be, and if
something happens that scribbles on your shares storage, it breaks both
systems.
as for warrying about a master server dieing in the middle of a copy,
write the copied file to a new filename and rename it over the old
version. rsync does this by default, so as long as you could tolorate some
files getting copied but not others as a worst case, rsync will prevent
you from having a partially copied file.
With failover like heartbeat (http://linuxha.org) you can have it perform
any checks that you want at startup time, it's just a framework that calls
scripts to make the changes, so it's easy to customize.
David Lang
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
