The role of the Dynamic Host Configuration Protocol, or DHCP, server is a simple yet critical one. DHCP provides the IP address configuration to workstations, laptops, phones and tablets connected to an organization's network. It may even provide IP address settings for some VMs, servers and network printers.
Examples of IP address settings include the following:
- IP address and corresponding subnet mask;
- default gateway, such as a router; and
- name resolution server IP addresses, such as DNS.
Many other configurations are possible, but these are the standard options.
The settings provided by DHCP are critical. The router address enables clients to communicate outside their local network. Name resolution converts easy-to-remember hostnames to difficult-to-remember IP addresses, enabling easier file sharing, web browsing, email communications and access to just about every other network service.
Initially, if the DHCP server fails, clients with existing leases maintain their addresses. By default, Windows leases are not renewed for eight days following the initial lease. That should give network admins sufficient time to fix the DHCP server. New clients, however, will not be able to lease addresses.
DHCP is essential, so how can network admins better protect it from going down?
See the article series below for a refresher on the DHCP lease generation process and configuration steps:
The importance of DHCP failover
DHCP services are critical enough to warrant fault tolerance. Before Windows Server 2012, such fault tolerance was relatively cumbersome to implement and maintain. The more recent Windows Server versions, however, include a straightforward way to manage DHCP redundancy.
These settings are not just for fault tolerance, but can also provide load balancing for large networks where the DHCP servers support many transient clients on multiple subnets. For some administrators, the ability to load balance DHCP services may be just as critical as high availability.
Define redundancy requirements
For larger DHCP implementations involving many clients, scopes, subnets and servers, be sure to develop a plan. Know which scopes benefit from DHCP failover; it may not be necessary to configure this feature for all of them. For example, lab and classroom scopes may not need this option.
DHCP failover requirements
The requirements for Windows-based DHCP failover are no different from a standard Windows DHCP deployment. Both servers must have the DHCP Server role installed, and an enterprise administrator must authorize the servers in Active Directory (AD).
To begin the process, create a new scope, or choose an existing one. If you create a new scope, walk through the configuration wizard to define the values for the scope name, IP address range, subnet mask, default gateway name resolution and lease duration.
Once the initial scope is created, you can configure failover or load-balancing options.
Note that either or both DHCP servers can be VMs. They just need the appropriate network membership.
Steps to configure DHCP failover
First, select a Windows Server system as the second DHCP server. Install the DHCP Server role on this device.
Next, return to the original DHCP server, right-click the scope you wish to configure for failover and select Configure Failover. The wizard walks you through the remaining settings. The DHCP service must also be running on both systems.
Here are the detailed steps.
Step 1. Select Configure Failover
Right-click the selected DHCP scope, and select Configure Failover from the context menu.
Step 2. Specify the partner server
In the Specify the partner server to use for failover box, type the server name, or use the Add Server button to browse to it in AD.
The wizard validates the configuration of the partner server.
Step 3. Create new failover relationship
Fill in the following values to configure a failover partnership (I have set some example values):
Relationship Name: DHCP-Server01-Server02
Mode: Hot standby
Enable Message Authentication: Check the box
Shared secret: abc123
For the Hot Standby Configuration mode, fill in the following values:
Mode: Hot standby
Hot Standby Configuration
Role of Partner Server: Standby
Addresses reserved for standby server: 10%
Step 4. Select Finish to complete configuration
The wizard displays a settings summary. Select Finish to complete the configuration.
Switch to the second DHCP server. In the DHCP console, note the scope has been replicated.
DHCP load-balancing configuration
The load-balancing settings are nearly the same. When configuring a load-balancing mode, instead of Hot standby in the Mode pulldown menu, select Load balance. Then, configure the following settings:
Mode for Load balance:
Load Balance Percentage
Local Server: 50%
Partner Server: 50%
The other settings remain the same as with failover mode. Define the appropriate load-balancing ratio. In the example, I set 50% of the addresses for each server.
Manage DHCP failover
Recall that DHCP logs information in Event Viewer. It also generates text-based logs at C:\Windows\System32\DHCP. These detailed logs display lease generation attempts and provide invaluable information on DHCP functionality. Be sure to check these logs if you suspect any DHCP-related issues.
The DHCP console displays current lease information in the Address Leases node. If you've configured your DHCP servers in load-balancing mode, use this node to see which server provided IP configurations to the various clients.
Test the configuration
Testing is a key part of disaster recovery planning, and DHCP failover is no different. Consider disabling one of your DHCP servers to ensure client devices can still lease IP address configurations within your mean time to recovery window.
DHCP servers provide essential information to client computers, and Windows Server offers a simple configuration that supports either fault tolerance or load balancing. Take the time to consider the DHCP scopes on your servers and identify those that will benefit from redundancy. Then, follow these steps to add to the reliability and performance of your AD environment.