DHCP server fail-over and accounting
hi, we plan to implement DHCP server farm in our network. Currently , there are there problems burning my head. could anybody do some help? 1. How to set up DHCP server farm with high availability? It's required to set up DHCP server with 99.999% available. To our experience, this needs to set up DHCP server on two sites and syncronize their content in real time. Beside this , we hope there should be as less modification as possible on edge router when one DHCP server is down. should anycast architecture helpful ? or should we just set up two dhcp servers on two sites and sync. with ISC DHCPD? is there any other method for fail-over and high availability? 2. How to set up accouting and authentication with DHCP? Regulation and content based pricing is demanded. So, we plan to authenticate customer and accouting on their usage. In previous list post, someone said Juniper could do radius before DHCP. Does this mean Juniper could authenticate user with radius (username/password) before DHCP ? Is there anyway to collect user traffic under DHCP ? 3. Someone said PPPOE is not good for customer looking for long time online , DHCP is an good option. But, to my understanding DHCP is just good for those looking for easy-transfer to IPv6 , because pppoe could also make user on line as long as possible. Is there any reference on DHCP server consideration on 4-to-6 migration? Joe
2011/2/1 Joe <sj_hznm@hotmail.com>:
hi,
we plan to implement DHCP server farm in our network. Currently , there are there problems burning my head. could anybody
You're making this way, way too complicated. Run two DHCP servers. Allocate two different netblocks to each server. For Example, if your network is a /24, allocate a couple of /26's. Both will answer on a request. The client will ack to whatever address it decides to accept. Full redundancy.
To our experience, this needs to set up DHCP server on two sites and syncronize their content in real time. Beside this , we hope there should be as less modification as possible on edge router when one DHCP server is down. should anycast architecture helpful ? or should we just set up two dhcp servers on two sites and sync. with ISC DHCPD?
Don't even bother with the syncing, and anycast is the wrong protocol here.
2. How to set up accouting and authentication with DHCP?
That's the wrong place to do it. 802.1X is better here, or PPPOE/ACLs that need RADIUS auth to get past.
3. Someone said PPPOE is not good for customer looking for long time online , DHCP is an good option. But, to my understanding
That's funny, because many major ISPs (like telcos) have done this for years. -j
Hi, On Wed, Feb 2, 2011 at 10:38 AM, John Adams <jna@retina.net> wrote:
2011/2/1 Joe <sj_hznm@hotmail.com>:
hi,
we plan to implement DHCP server farm in our network. Currently ,
there are there problems burning my head. could anybody
You're making this way, way too complicated.
Run two DHCP servers. Allocate two different netblocks to each server. For Example, if your network is a /24, allocate a couple of /26's. Both will answer on a request. The client will ack to whatever address it decides to accept. Full redundancy.
Well, it also depends on the constraints: having such a configuration implies that every scope will have to be declared twice, as well as the DHCP options. Plus, if the server who issued the lease is down, the client will get a new DHCP lease - which maybe an issue for some people.
To our experience, this needs to set up DHCP server on two sites
and syncronize their content in real time.
Beside this , we hope there should be as less modification as
possible on edge router when one DHCP server is down.
should anycast architecture helpful ? or should we just set up two
dhcp servers on two sites and sync. with ISC DHCPD?
Don't even bother with the syncing, and anycast is the wrong protocol here.
Agree, anycast makes no sense. ISC DHCPd sync works well, provided you know it and configured it correctly.
participants (3)
-
Joe
-
John Adams
-
Nicolas CARTRON