March 25, 2013

Implementing DHCP Server Failover

Much focused on using PowerShell to manage Windows Server 2012, so this show you some of the things you can do as an admin using PowerShell. Note that the target audience of the book is Windows intermediate-level admins who have several years of work experience but who might still be beginners when it comes to using PowerShell, so hoping that readers will find my book useful to learn how they can start using PowerShell to simplify and automate the administration of Windows servers in their environment.

This first excerpt is from Chapter 6 Network Administration and describes the new DHCP Server Failover capability included in the DHCP Server role in Windows Server 2012. I've also included one of the chapter's exercises, which shows how to implement DHCP Server Failover using PowerShell. Note that these book excerpts haven't finished going through the editorial review process yet, so they may change a bit in the published version.

Understanding DHCP failover

DHCP failover is a new approach to ensuring DHCP availability that is included in Windows Server 2012. With this approach, two DHCP servers can be configured to provide leases from the same pool of addresses. The two servers then replicate lease information between them, which enables one server to assume responsibility for providing leases to all clients on the subnet when the other server is unavailable. The result of implementing this approach is to ensure DHCP service availability at all times, which is a key requirement for enterprise networks.

The current implementation of DHCP failover in Windows Server 2012 has the following limitations:

  • It only supports using a maximum of two DHCP servers.
  • The failover relationship is limited to IPv4 scopes and subnets.

DHCP server failover can be implemented in two different configurations:

  • Load sharing mode Leases are issued from both servers equally, which ensures availability and provides load balancing for your DHCP services (this is the default DHCP server failover configuration).
  • Hot standby mode Leases are issued from the primary server until it fails, whereupon the lease data is automatically replicated to the secondary server which assumes the load.

Load sharing mode

A typical scenario for implementing the load sharing approach is when you want to have two DHCP servers at the same physical site. If the site has only a single subnet, then all you need to do is enable DHCP failover in its default configuration. If there are multiple subnets, deploy both DHCP servers in the same subnet, configure your routers as DHCP relay agents (or deploy additional DHCP relay agents in subnets), and enable DHCP server failover in its default configuration.

Hot standby mode

When implementing the hot standby mode approach, you can configure a DHCP server so that it acts as the primary server for one subnet and secondary server for other subnets. One scenario where this approach might be implemented is for organizations that have a central hub site (typically the data center at the head office) connected via WAN links to multiple remote branch office sites. Figure 6-1 shows an example of an organization that has DHCP servers deployed at each branch office and at the head office. Branch office servers are configured to lease addresses to clients at their branch offices, while the central server leases addresses to clients at the head office. Each branch office server has a failover relationship with the central server, with the branch office assuming the role as primary and the central server as secondary. That way, if a DHCP server fails at a branch office, the central server can take up the slack for the remote site. For example, the DHCP server at Branch Office A is the primary server for the scope 10.10.0.0/16 while the DHCP server at the Head Office is the secondary for that scope.


Implementing DHCP failover in hot standby mode in a hub and spoke site scenario.

Exercise 1: Implementing DHCP failover using Windows PowerShell

In this exercise you will ensure DHCP availability for clients in the corp.contoso.com domain by using Windows PowerShell to install the DHCP Server role on both servers, create a scope on SERVER1, and configure and verify DHCP failover.

  1. Log on to SERVER1, open Server Manager, select the All Servers page and make sure that both servers are displayed in the Servers tile. If SERVER2 is not displayed, add it to the server pool.
  2. Open a Windows PowerShell prompt and run the following command to install the DHCP Server role on both servers:
    Invoke-Command -ComputerName SERVER1,SERVER2 -ScriptBlock {Install-WindowsFeature `
    -Name DHCP -IncludeManagementTools -Restart}

    Note that although you specified the -Restart parameter, the servers did not restart after role installation because a restart was determined as being unnecessary.
  3. Authorize both DHCP servers in Active Directory by executing the following commands:
    Add-DhcpServerInDC -DnsName SERVER1
    Add-DhcpServerInDC -DnsName SERVER2
  4. Use the Get-DhcpServerInDC cmdlet to verify that the servers have been authorized in Active Directory.
  5. Create a new scope on SERVER1 and activate the scope by running the following command:
    Add-DhcpServerv4Scope -ComputerName SERVER1 -StartRange 10.10.0.50 `
    -EndRange 10.10.0.100 -Name "corp clients" -SubnetMask 255.255.0.0 -State Active
  6. Use the Get-DhcpServerv4Scope cmdlet to verify that the new scope has been created on SERVER1 and is active.
  7. Use Get-DhcpServerv4Scope -ComputerName SERVER2 to verify that SERVER 2 currently has no scopes on it.
  8. Run the following command to create a DHCP failover relationship in load balance mode between the two servers with SERVER 2 as the partner server and failover implemented for the newly created scope:
    Add-DhcpServerv4Failover -Name "SERVER1 to SERVER2" -ScopeId 10.10.0.0 `
    -PartnerServer SERVER2 -ComputerName SERVER1 -LoadBalancePercent 50 `
    -AutoStateTransition $true
  9. Use the Get-DhcpServerv4Failover cmdlet to view the properties of the new failover relationship.
  10. Use Get-DhcpServerv4Scope -ComputerName SERVER2 to verify that the scope has been replicated from SERVER1 to SERVER2.
  11. Turn on CLIENT1 and log on to the client computer.
  12. Open a command prompt and use the ipconfig command to view the current IP address of the computer. If the client computer is currently using an address in the APIPA range (169.254.x.y) then use ipconfig /renew to acquire an address from a DHCP server on your network. Verify that the address acquired comes from the scope you created earlier.
  13. Verify that the client computer's address is recorded as leased in the DHCP database of SERVER1 by executing the following command:
    Get-DhcpServerv4Lease -ComputerName SERVER1 -ScopeId 10.10.0.0
  14. Verify that the client computer's address is recorded as leased in the DHCP database of SERVER1 by executing the following command:
    Get-DhcpServerv4Lease -ComputerName SERVER1 -ScopeId 10.10.0.0

No comments:

Post a Comment