From: Leo Bicknell <bicknell () ufp org>
Assuming your DHCP servers are properly clustered, simply have your routers relay all requests to both servers. Here's instructions on setting up ISC DHCPD for redundant (pooled) servers: http://www.madboa.com/geek/dhcp-failover/ .. Works great, no single point of failure, no anycast.
It may very well work *most* of the time, or during controlled failover, but it looks pretty creaky to me. Some thoughts: 1) No third-party "witness" service for the cluster, making split-brain scenarios a very real possibility. 2) Multi-master databases are quite challenging in practice. This one appears to rely on timestamps from the system clock for conflict detection, which has been shown to be unreliable time and again in the application space. 3) There are single points of failure. You've traded hardware as a single point of failure for "bug-free implementation of clustering code on both DHCP servers" as a single point of failure. In general, software is far less reliable than hardware. I think it would be far more reliable to simply have two independent DHCP servers with mutually exclusive address ranges, and have one system be secondary and "delay" its responses by 2s so it always "loses" when the primary is up and running well. Yes, you lose the ability for clients to get the same IP during a lease refresh if the primary is down, but that is a small price to pay for simplicity and robustness. -- RPM