DHCP Failover in Windows Server 2012 and Windows Server 2012 R2

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello and welcome to this tech tip from will in this tech tip I will look at DHCP failover for Windows Server 2012 and Windows Server 2012 r2 I will start by explaining what DHCP failover is next I will provide an overview of DHCP failover and we'll look at the requirements for implementing it as well as the different methods of configuring it and later I will demonstrate how to set up and implement DHCP failover using two of my Windows Server 2012 r2 servers before I begin this tech tip it is important to note that this lesson is not aimed at beginners DHCP failover is an advanced feature for that reason it would be advantageous if you already have a relatively good understanding of DHCP and DHCP in Windows servers throughout this tech tip I will be using a lot of Windows DHCP terminology you will find this tech tip much easier to follow if you are already familiar with DHCP scopes leases exclusions reservations and DHCP options any exposure to DHCP in earlier versions of Windows Server will be very beneficial so let's get started the first question you probably have is what is DHCP failover DHCP failover is a brand new feature to Windows Server 2012 and Windows Server 2012 r2 DHCP failover in a nutshell is designed to make the DHCP service on your network highly available but what exactly do I mean when I say highly available the idea of high availability is to reduce downtime and keep the services on your network oh and running for as long as possible without any interruption high-availability is usually achieved by identifying and removing single points of failure from your infrastructure the most common way of eliminating single points of failure from your server infrastructure is to create what are called clusters when you set up a server cluster you will essentially have two or more servers perform the same task that is you would deploy two servers server one and server two you would then install some kind of application or service that can be clustered onto both servers next you will create the cluster when the cluster is in place if you were to make a change to the application on server one the changes you make will be replicated over to server two in other words the applications on both servers are synchronized with one another the benefits of this is that if one of the servers in the cluster were to fail the surviving server can continue to provide the service alone since it holds a fully synchronized up-to-date copy of the application as such the only way the application or service will be made unavailable is if the entire cluster were to fail Microsoft has worked very hard to ensure that the majority of their core networking services including Active Directory and DNS can be clustered and thus configured for high availability however until the release of Windows Server 2012 no such functionality existed for DHCP since high availability for DHCP is not available in Windows Server 2008 r2 and earlier releases of Windows network administrators were forced to use workarounds to achieve some sort of high-availability the most common workaround by far was known as split scope split scope is possibly the closest you can get to high availability for DHCP prior to Windows Server 2012 understand although split scope does have its advantages it is not a true high availability solution let me try to explain why split scope requires a minimum of two servers to work on both servers you would install a Windows server operating systems such as Windows Server 2008 r2 next you would install the DHCP server role when the DHCP server role is installed you can turn both of these servers into DHCP servers when you install the role a database is created locally on each server this database stores all of the DHCP configuration data for that server such as scopes IP address leases exclusions reservations and DHCP options the problem however is that there was no way of getting these databases to communicate with one another as such both databases were completely unaware of the others existence and believed that they were the only DHCP database on the network next the administrator would have to create a DHCP scope a scope is simply the range of IP addresses that are handed out by the DHCP server to clients computers when they join the network for instance if I were to create a scope of one ninety two dot one sixty eight dot one dot 101 two one ninety two dot one sixty eight dot one dot two hundred this would give me a total of one hundred I P addresses that can be a find two clients the question is where to place the scope do you create it on the first server or on the second server a common error made by a lot of inexperienced technicians is to create the same scope on both DHCP servers believing that if one of the servers were to fail the surviving server can continue to provide IP addresses to clients however this is totally incorrect remember prior to Windows Server 2012 the databases on the DHCP servers cannot communicate with one another if you create the same scope on different servers you essentially have two DHCP servers that are completely unaware of the others existence handing out the same IP addresses to different computers on the network on TCP IP networks every computer must have its own unique IP address if two computers on the same network are assigned the same IP address neither device can participate on the network the end result of this configuration is a complete collapse of network connectivity between your clients computers the only solution to this problem is to split the scope in two and create a different scope on each DHCP server hence the name split scope for instance on one DHCP server I could create a scope of one ninety two dot one sixty eight dot one dot 101 two one ninety two dot one sixty eight dot one dot one fifty and on the other a scope of one ninety two dot one sixty eight dot one dot one fifty-one to one ninety two dot one sixty eight dot one dot two hundred the end result is two scopes each containing 50 IP addresses on different DHCP servers this is of course just a demonstration you can make the scopes any size you choose and they do not have to be evenly split with split scope implemented if one of the DHCP servers were to fail you can rest assured that only a portion of your entire scope is taken down and that the surviving DHCP server is still capable of serving IP addresses of course depending on the size of your network and how you have chosen to split your scope you could in some cases find that there aren't enough IP addresses to go around this is why split scope is not considered a high availability solution with Windows Server 2012 and Windows Server 2012 r2 Microsoft has made improvements to DHCP by introducing DHCP failover a brand-new feature that makes DHCP a highly available service so what exactly are the requirements for DHCP failover DHCP failover requires two servers to work both of which must be running either Windows Server 2012 or Windows Server 2012 r2 it is worth noting that the operating systems used on the two servers do not have to be identical you could for instance have one server running Windows Server 2012 and the other Windows Server 2012 r2 however Microsoft does recommend that you match the operating systems if possible next both servers will require the DHCP server role to be installed furthermore both servers will require a static IP address it is possible to implement DHCP failover in either a workgroup or a domain environment however it is fair to say that due to the costs of implementing DHCP failover it is far more likely to be found in domain environments as such all demonstrations of DHCP failover that I will perform in this lesson we'll be done in a domain environment next if you are using Windows Firewall DHCP failover requires that TCP port 647 be open on both servers to listen for failover messages finally DHCP failover requires that the clocks on your DHCP servers be synchronized to within one minute of one another if the times on your servers are allowed to drift further apart than this DHCP failover will not work now that we are familiar with the requirements how exactly does DHCP failover work to implement DHCP failover you must deploy two servers running either Windows Server 2012 or Windows Server 2012 r2 both servers must have a network interface card with a static IP address and must have the DHCP server role installed just like earlier versions of Windows Server when you install the role a database is created locally on each server any DHCP configurations you make will be stored in the server's local database however this time rather than create two smaller scopes one on each server you will instead create a single scope on one of the DHCP servers for instance let's take my earlier scope of one ninety two dot one sixty eight dot one dot 101 two one ninety two dot one sixty eight dot one dot two hundred rather than split the scope in two I will create it's hole on my first DHCP server this may seem a little odd but bear with me there is a method to the madness it is also worth noting that dhcp failover only works on ipv4 scopes you cannot configure DHCP failover for ipv6 scopes once the scope has been created the next step is to create what is called a failover relationship between the two servers a failover relationship in a nutshell connects the two DHCP databases together each of the DHCP servers participating in the failover relationship are called partners when the failover relationship is established I am able to replicate the scope I created earlier with the other DHCP server when replication occurs absolutely everything configured within that scope such as the leases exclusions reservations and DHCP options is synchronized with the partner server it is worth noting at this point that you can have multiple scopes added to a single failover relationship if you wanted the end result is two DHCP servers that both contain an identical copy of the DHCP scope in their local database from this point on when a change is made to DHCP such as a client computer leasing an IP address this change is updated on both partner servers since the two partners will replicate periodically if one of the servers were to fail the surviving DHCP server can continue servicing clients alone since it has its own up-to-date copy of the database one important point I would like to make is that a failover relation ship can only have two partners you cannot add more than two servers to any failover relationship that's being said it is possible for a single DHCP server to have multiple failover relationships with different DHCP servers for instance let's say I were to add a third DHCP server to my network since I already have two partners in the current failover relationship I cannot add this server to the relationship however I could instead create a completely separate scope on my new server and then create a new failover relationship with one of my existing servers you can have up to 31 failover relationships on a single DHCP server just remember there can only be two partners in any failover relationship now that we know how DHCP failover works the next topic to discuss is DHCP failover modes when you create a failover relationship between the two DHCP servers you will have to choose a mode that determines how it works the first mode which is also the default is load balancing mode with load balancing mode both parts and the servers in the failover relationship will work together to assign IP addresses to clients that is when a client computer boots up and requests an IP address it can obtain an IP address from either one of the partner servers if you opt for load balancing mode windows will by default distributes the workload between the partners evenly on a 50/50 ratio that is each partner will be responsible for 50% of the IP addresses in the scope and client computers will contact the DHCP servers in turn in other words the first client will contact the first DHCP server and the second client will contact the second DHCP server the third clients will contact the first server and the fourth client the second server so on and so forth of course you are free to amend the 50/50 ratio so that one partner receives the bulk of the workload if you wish let's take a closer look at how load balancing mode works imagine that you have two DHCP servers with a failover relationship the failover mode is load balancing mode with a 50/50 workload distribution as long as both partners are available they will operate in what is called the normal state when a client's computer is first switched on it will attempt to locate a DHCP server by sending out a broadcast called a DHCP discover packet this packet is sent to both DHCP servers in this example the first DHCP server will respond to the client by sending a DHCP offer package offering an IP address the client will accept the offer by sending back a DHCP request packet finally the DHCP server will lease the IP address to the client in a special packet called a DHCP ACK to ensure that the second DHCP server is aware of this lease the first DHCP server will then send a binding update packet to its partner to acknowledge that it has received the update DHCP server too will respond with a binding update acknowledgment packet the two servers are now repla I did since the workload is distributed on a 50/50 basis when the next client computer comes along it will be DHCP server two that responds and the process is repeated this remains the case as long as both parts and a servers remain up and running so what happens if one of the DHCP servers were to fail let's say that DHCP server one has failed when DHCP server two next attempts to contact DHCP server one it will not get a reply when this happens DHCP server two will drop the connection and will enter what is called the connection interrupted State at this point DHCP server two will start handling all of the lease requests from clients whilst at regular intervals attempting to re-establish its connection with DHCP server one whilst in the connection interrupted State if a client needs to renew its IP address lease it will send a DHCP request packet to DHCP server two and DHCP server two will respond with a DHCP ack packet renewing the lease however if a new client computer were to join the network DHCP server two will lease out one of the IP addresses that it is responsible for it cannot lease IP addresses that DHCP server one is usually responsible for since it does not have control of the entire range so when will DHCP server to assume control of the entire range when DHCP server two enters the connection interrupted State a countdown is started called the state switchover interval the state switchover interval dictates the amount of time which must pass before the server transitions from the connection interrupted state to the part in a down state the length of the state switchover interval can be configured by the administrator when the server enters the parts in a down state another countdown starts called the maximum client lead time again the length of this can be configured by an administrator when the maximum client lead time expires DHCP server too will assume control of the entire IP address range including the IP addresses that DHCP one was initially responsible for when DHCP server one comes back online it will re-establish its connection with DHCP server two when the connection is re-established both servers will return to the normal state immediately the server will request all updates to DHCP that it is not aware of by sending an update request packet to its partner upon receiving this packet DHCP server two will respond with an update done packet containing all the changes the two servers are once again replicated and will resume the 50/50 workload distribution the second mode is hot standby mode hot standby mode is in many ways the opposite to load balancing mode with hot standby mode one of the parts and a servers is dubbed the active server whilst the second partner is known as the standby server the active server is by itself solely responsible for leasing IP addresses to clients in other words every clients computer that requires an IP address will contact the active server in short the active server is doing the work when the active server gives out an IP address it will update the standby server by replicating the changes understand the standby server is merely meant as a backup in case the active server fails that is if the active server were to fail the standby server will assume responsibility for DHCP until the active server comes back online that's being said although the active server is the only server leasing IP addresses it does not have control of all the IP addresses in the range by default the active server is given responsibility for 95% of the IP addresses meanwhile the standby server is given charge of the remaining 5% this is called a reserve percentage of course it is possible to amend the reserve percentage if you wish to better understand hot standby mode let's take a closer look at how it works let's consider the same two DHCP servers with a failover relationship only this time the failover mode is hot standby mode DHCP server 1 is the active server which means that by default it has control of 95% of the IP addresses DHCP server 2 is the standby server with a reserved percentage of 5% since both servers are available they are both in the normal state when a client computer is powered on it will attempt to locate a DHCP server by sending out its usual broadcast packet as it is a broadcast the packet is sent to both DHCP servers however since the failover relationship is in hot standby mode and since DHCP server one is the active server it is the only one to respond DHCP server one will send a DHCP offer packet offering the client an IP address the client will accept the offer and send back its usual DHCP request packet finally the active server will lease the IP address to the client using a DHCP app packet even though the standby server is not actually leasing IP addresses it is still informed of the lease is made by the active server in case it has to take over after completing a lease the active server will send a binding update package to the standby server the standby server will acknowledge receipt of this packet by replying with a binding update acknowledgment packet the two servers are now replicated now let's consider what happens if the active server were to fail when the standby server next attempt to contact the active server it will not get a reply when this happens the standby server will drop the connection and will enter the connection interrupted State after entering the connection interrupted State the standby server will become the active server since the HCP server too is now the active server it will start to handle all these requests from clients it will also at regular intervals attempt to re-establish its connection with DHCP server one whilst in the connection interrupted State if a client needs to renew its IP address lease it will send a DHCP request packet to DHCP server - and DHCP server - will respond with a DHCP ACK packet renewing the lease however if a new client computer were to join the network DHCP server - will lease out one of the IP addresses from its reserve percentage it cannot lease IP addresses that DHCP server one is usually responsible for since it does not have control of the entire range so when will DHCP server to assume control of the entire range when DHCP server - enters the connection interrupted state the state switch over interval again starts to count down when the state switch over interval countdown completes the server transitions from the connection interrupted State to the partner down state whilst in the partner down state the maximum clients lead time begins its countdown when the maximum client lead time expires DHCP server - will assume control of the entire IP address range including the IP addresses that DHCP server one was responsible for when DHCP server one comes back online it will re-establish its connection with DHCP server - when the connection is re-established both servers will return to the normal state DHCP server one will once again become the active server and DHCP server two will return to its original standby mode immediately DHCP server one will request any updates to DHCP that it is not aware of by sending an update request packet to DHCP server two upon receiving this packet the HCP server too will respond with an update done packet which contains all the updates the two servers are once again replicated now that we know what DHCP failover is how to implement it and how it works I will now demonstrate how to setup and configure DHCP failover to show you how DHCP failover works I will in my lab environment use two Windows Server 2012 r2 servers named server 1 and server 2 as per the requirements for DHCP failover I will configure both servers with a static IP address of one ninety two dot one sixty eight dot one dot one and one ninety two dot one sixty eight dot one dot two and a subnet mask of 255 dot 255 dot 255 dot 0 I will also deploy to Windows 8.1 pro client computers named client 1 and client two both clients will be configured to use DHCP to obtain their IP addresses all of these computers will be connected using Ethernet cables and a switch since DHCP failover is most commonly used in a domain infrastructure I have already installed the Active Directory and DNS roles onto both of my servers I have also promoted both servers to domain controllers and added both clients to the domain which is named tech tips from will dot co dot UK I will start the lab by installing the DHCP server role onto both servers I will then create a scope and configure a failover relationship without further ado I will now change over to my server one computer as you can see the host name for this is server one and it's static IP address is one ninety two dot one sixty eight dot one dot one first I will open server manager in the top left corner you can see that the Active Directory and DNS roles are already installed on this server DHCP is not yet installed if it were it would be listed here to install the DHCP server role click manage and select add roles and features from the drop-down list this will open the add roles and features wizard from here simply next your way through the wizard until you arrive at the select server roles screen from the list of server roles tick the check box for DHCP server if you receive a prompt to add further features required for DHCP server just click the add features button once complete next your way through the wizard until you arrive at the confirm installation selections page personally I like to take the restarts the destination server automatically if required check box when installing roles or features whether or not you tick this check box is up to you when you are ready to continue click the install button it should take no more than a couple of minutes to install the role once the installation is complete you will be notified if I close out of the wizard and return to server manager you can see that the DHCP server role is now listed proving that it is installed now that the role is installed the next step is to authorize the DHCP server in Active Directory until the DHCP server is authorized it cannot issue IP addresses notice in the top right corner of server manager I have an amber warning symbol if I click on this symbol you can see that I still have to complete some post deployment configurations to do this I will click the complete DHCP configuration link this will open the DHCP post install configuration wizard to authorize the DHCP server click Next and then commit after a short wait I will receive confirmation that the DHCP server is authorized and that the post install tasks are done so I will close the post install configuration wizard although I have used server manager to install and authorize DHCP it is also possible to do this using Windows PowerShell since DHCP failover requires two servers to work I will now change over to my server to computer to demonstrate how to install DHCP using PowerShell as per the diagram I showed you earlier you can see that this is my server to server which has a static IP address of one ninety two dot one sixty eight dot one dot two if I open server manager you can see that once again only Active Directory and DNS are currently installed to install DHCP on this server I will open a Windows PowerShell prompt since I am using Windows Server 2012 r2 I will issue the command --let add windows feature if you are using Windows Server 2012 you will have to use the install windows feature commandlets instead next I will add the name switch and DHCP followed by the include management tools switch which will ensure that the DHCP management console is installed along with the role finally I will add the restart switch this will ensure that the server is rebooted if necessary when I run the command the installation will start this should take no more than a couple of minutes to complete once the role is installed you will be notified I will now close Windows PowerShell and reopen server manager sure enough you can see that the DHCP role is now installed but there is still the matter of authorizing the server to do this I will reopen Windows PowerShell and will run the command Lert add DHCP server in DC followed by the name of this DHCP server which in my case is server to and followed by the IP address of this server which is one ninety two dot one sixty eight dot one dot two when I run the command the server will be authorized the DHCP server role is now installed onto both server one and server 2 the next step is to create a scope a scope is simply the range of IP addresses that DHCP servers will give out to client computers in my case I will create a scope of one ninety two dot one sixty eight dot one dot 101 to one ninety two dot one sixty eight dot one dot two hundred a total of one hundred I P addresses since the scope will be configured for failover it really does not matter which DHCP server you create the scope on I will now change back to my server one computer to create the scope scopes are traditionally created in the DEA CP management console to get there first open server manager then select tools and DHCP from the drop-down list this will open the DHCP management console in the left pane you can see this DHCP server server one tech tips from Wilco dot uk' listed if I expand the server I can create either an ipv4 or ipv6 scope remember DHCP failover can only be configured for ipv4 scopes to create a scope right click on ipv4 and select new scope from the drop down list this opens the new scope wizard from here click the next button for DHCP in Windows a scope has to be given a name to identify it for now I will simply call this scope one optionally you can also add a description when finished click the next button next you have to create an IP address range the IP address range is essentially the pool of IP addresses that can be assigned to client computers to create an IP address range you have to enter a start IP address and an end IP address understand that all IP addresses in between the start and end IP addresses are also included in the scope for instance if I enter a start IP address of one ninety two dot one sixty eight dot one dot 101 and an end IP address of one ninety two dot one sixty eight dot one dot 200 this will give me a total of one hundred I P addresses in my scope further down you can also set up the subnet mask that will be assigned to all clients computers along with their IP address by default Windows will attempt to assign a subnet mask of 255 dot 255 dot 255 dot zero since this is only a small lab environment I will leave this on the default on very large networks though you may wish to change this when you are ready to continue click the next button the next screen allows you to configure exclusions for your scope an exclusion is an IP address that falls within the IP address range you defined on the previous screen that you do not want DHCP to hand out in other words the IP address is excluded and will not be assigned to clients for instance if I wanted to ensure that the IP address 192 dot 168 dot one dot 101 which falls within my scope is not assigned to clients I can add this as an exclusion in my case the end result is that out of the 100 IP addresses in my scope only 99 of them can now be leased when you are ready to continue click the next button next we can configure the lease duration the lease duration is the amount of time a client computer can keep the IP address it has leased before it needs to be renewed the default lease duration for DHCP in Windows is 8 days however you can change this if you wish for now I will leave this on the default and will click the next button on the next screen DHCP will ask whether or not you wish to can bigger dhcp options dhcp options allow you to configure additional tcp/ip parameters that will also be assigned to clients such as a default gateway and which dns servers to use although these options can be configured manually later on i personally like to do it whilst creating the scope so i will select the yes i want to configure these options now radio button and will then click the next button the first DHCP option is the default gateway the default gateway is essentially the router that allows this network to communicate with other networks in a lot of cases the default gateway will be the router that connects your network to the internet if you do not supply a default gateway your client computers will have no way of communicating with computers outside of your network in highly secure environments you may wish to leave this blank to supply a default gateway simply enter the IP address of the router which in my case is one ninety two dot one sixty eight dot one dot two fifty four click the Add button and then click the next button next you have the option to add a domain name and DNS servers these options are intended to help your clients with name resolution the parent domain is essentially the domain name that your clients will use in my case this is tech tips from Wilco dot uk' further down you can specify the DNS servers that clients will use for name resolution on your network the DNS service you add here will be used to resolve computer host names on your network into IP addresses since my server 1 and server 2 servers both have the DNS role installed they can both be used for name resolution notice that DHCP has detected that this server server 1 is a DNS server and has already added its IP address since it is a good practice to have two DNS servers for fault tolerance I will add server 2 as an alternative DNS server and will attempt to resolve it notice that DHCP has correctly resolved the IP address of server 2 into one ninety two dot one sixty eight dot one dot two which if you recall is server twos static IP address so I will add this to the list of DNS servers and click the next button the next option is to add a wins server wings is another service that is used for name resolution however it is considered a legacy technology and over the years has become increasingly deprecated wings is used to resolve NetBIOS names into IP addresses with NetBIOS names generally used less and less nowadays wins is only required if you are running some sort of legacy operating system or application on your network that requires it since DNS is widely favored over wins for name resolution most modern networks will have no need whatsoever for a win server nonetheless you can add the IP address of your wins server if you have one since I have no wing server on my lab network I will leave this blank and will click the next button on the next screen you will be asked whether or not you wish to activate the scope understand until the scope is activated it cannot be used and DHCP will lease no IP addresses until it is activated you can think of a scope which hasn't been activated as essentially disabled of course you can activate and deactivate scopes manually at any time since I am ready to use my scope I will select the yes I want to activate this scope now radio button and will then click the next button to complete the new scope wizard I will click the finish button in the left pane notice that my scope scope one has appeared listed if I select the address pool option you can see my IP address range as well as the IP address I chose to exclude from the range further down in the scope options I can see the additional options I configured including the default gateway and the DNS servers the scope is now created activated and is ready to use now that we have our scope on server one the next step is to create the failover relationship between server 1 and server 2 when the failover relationship is established I will add the scope I just created to the failover relationship in order to replicate it to both partners so I will now change back to my server 1 computer to demonstrate how to create the failover relationship to create a failover relationship between two DHCP servers in the left pane right-click on the scope you wish to add to the failover relationship and select configure failover from the drop-down list this will open the configure failover wizard on the first page of the wizard you are asked to choose which scopes to add to the failover relationship remember any scope added to the failover relationship is essentially made highly available by default windows will attempt to add all scopes to the failover relationship to change this simply uncheck the select all checkbox this will allow you to pick and choose which scopes to add to the failover relationship since I only have one scope to choose I will leave the select all checkbox ticked and we'll click the next button on the next page you are asked to choose a part and a server with whom to establish a failover relationship remember you can only have two DHCP servers in any failover relationship to nominate a part in the server simply enter its hostname or fully qualified domain name into the partner server field in my case I will enter server 2 dot Tex from Wilco dot uk' if you are unsure of the host name for your part and a server you can click the add server button to browse the authorized DHCP servers on your network when you are ready to continue click the next button you are now ready to create the new failover relationship first you are required to give the failover relationship a name so that it can be identified you can do this on the relationship name field in my case I will name the failover relationship server one server two failover next you are required to choose a mode the mode you choose here will determine the behavior of the failover relationship from the drop-down you can choose either load-balanced or hot standby if you opt for load balance mode which is the default both of the partner servers will participate in leasing IP addresses to clients as such you must configure a load balance percentage for the local server and the partner server this is essentially how the DHCP workload is distributed between the parts and a servers by default the workload is split 50/50 between the partners of course you can change this if you wish alternatively if you choose hot standby mode you will have to choose which of the partners to make the active server and which to make the standby server by default the server you are working on server one in my case will become the active server and the partner server the standby server of course you can change this if you wish using the role of partner server drop-down list further down we also have the address is reserved for standby server setting this is a percentage of IP addresses from the range which are kept in reserve these IP addresses are for use by the standby server only should it have to take over by default this is set at 5% but can be changed if you wish personally I am a fan of load balancing mode so I will switch this back the next setting is the state switch over interval if you recall from earlier when a server loses communication with its partner it will change to the connection interrupted state the state switch over interval determines the amount of time in minutes the surviving server will remain in the connection interrupted state before changing to the part in a down state if this checkbox remains cleared the surviving server will remain in the connection interrupted state indefinitely until an administrator places it into the part in a down state manually why Microsoft set it this way I have no idea if I tick the checkbox I am able to choose the length of the state switch over interval personally I am a fan of setting this low to speed up the transition related to this we have the maximum client lead time setting the maximum client lead time setting determines the amount of time a server will remain in the pot in a down state when the maximum client lead time expires a server in the partner down state will assume that its partner isn't coming back online and will therefore assume control of the entire IP address range once again I am a fan of setting this low to speed up the failover next you have the option enable message authentication when this checkbox is ticked all communication between the two partner servers is encrypted if you are concerned with security on your network keep this option enabled if you opt to use this feature windows will prompt you to enter a shared secret this is essentially a password used by both partner servers to confirm the other's identity of course it is recommended to follow password best practices and make the shared secret complex when you are ready to continue click the next button to create the failover relationship click finish immediately DHCP will create the failover in shape to finish the wizard just click the close button the failover relationship has now been created assuming it was successful my scope should also be visible on my server to computer so I will now change over to server 2 and take a look if I open the DHCP management console expand my server to dot tech tips from will dock Co dot uk' server and expand ipv4 sure enough you can see my scope one scope proving that it has in fact been replicated from server 1 to view or change the failover relationship settings right click on ipv4 and select properties from the drop down list at the top of the ipv4 properties dialog box select the failover tab from here select the failover relationship and click the edit button notice that I can see the state of this server and the state of my partner server since both servers are booted and available they are reporting a status of normal further down I am able to change all of the settings I configured earlier including the failover mode for now though I will leave these settings as is and will cancel out of the properties screen DHCP failover has now been implemented to prove that the load balancing mode is working correctly I will now deploy my to Windows 8.1 pro client computers client 1 and client 2 since I have set the load balancing ratio on my service to 50/50 clients one should lease its IP address from server one client two on the other hand should obtain its IP address from server too without further ado I will now boot up and change over to my client one computer as you can see I am now on my client 1 computer which is running Windows 8.1 pro to prove to you that this computer is configured for DHCP I will open the network and sharing center and will view my adapter settings as you can see I have just one network interface card installed in this computer if I open the properties for this adapter and view my ipv4 settings you can see that this network adapter is set to obtain an IP address automatically and to obtain DNS server addresses automatically confirming that this computer is indeed set up for DHCP I will now close the network and sharing center and return to my desktop next I will open a command prompt from here I will issue the command ipconfig /all for my Ethernet network adapter noticed that this computer has received an IP address of one ninety two dot one sixty eight dot one dot 102 if you recall from earlier I excluded the one ninety two dot one sixty eight dot one dot 101 IP address from my scope so that it would not be given out this explains why this computer has received the next available IP address in the range also notes that the subnet mask is 255 dot 255 dot 255 dot zero and that the lease period from being obtained to expiring totals eight days the default gateway is one ninety two dot one sixty eight dot one dot 254 and the DNS servers are one ninety two dot one sixty eight dot one dot one and one ninety two dot one sixty eight dot one dot to all exactly as I defined in my scope one particular setting I would like to point out is the DHCP server setting this is the computer from which clients one is leasing its IP address as you can see this is reported as one ninety two dot one sixty eight dot one dot one the IP address of my server one computer as expected client one has leased its IP address from server one as such I will now boot up my client two computer and we'll investigate where it has obtained its IP address from this is my client two computer the setup of this computer is practically the same as client one in the network and sharing center you can see that client two has just one network adapter which if I open its properties is also configured for DHCP I will now close all windows open a command prompt and issue ipconfig /all on the Ethernet network adapter you can see that client two has received a totally different IP address of one ninety two dot one sixty eight dot one dot one fifty-one once again the rest of the settings are as I defined in the scope however notice this time the DHCP server setting is different one ninety two dot one sixty eight dot one dot two the IP address of my server two computer proving that my DHCP servers truly are load balancing DHCP leases the final topic I would like to discuss in this tech tip is how to delete a DHCP failover relationship let's say that we now want to remove the failover relationship between server one and server to of course it goes without saying that if you do this DHCP failover is effectively removed and the two DHCP servers will no longer replicate scope changes with one another another point to bear in mind is that after you delete the relationship the scopes that have been added to the relationship are only retained on the server from which you deleted the relationship for instance if I were to log on to server 1 and delete the failover relationship the relationship will immediately go away server 1 and server 2 are now effectively two separate DHCP servers since I deleted the failover relationship on server 1 the scope is retained on server 1 but is removed from server 2 this makes perfect sense because if you recall having two DHCP servers on the same network configured with the same scope is a recipe for disaster I will now change over to my server 1 computer to delete the failover relationship failover relationships can be deleted from within the DHCP management console so I will start by opening the tool once in DHCP right click on ipv4 and select properties from the drop-down list next select the failover tab from the list of failover relationships select the relationship you want to remove and then click the delete button you will be prompted to confirm you want to delete the failover relationship and will be reminded that this will delete the Scopes on the partner server which in my case is server 2 to proceed with the deletion click the ok button the failover relationship has now been deleted no is that like I said the DHCP scope is still accessible on server one since this was the server from which I deleted the failover relationship the scope will however have been removed from server 2 this concludes this tech tip from Will I hope you have enjoyed this tech tip and found it informative if you'd like to see more Windows Server 2012 and Windows Server 2012 r2 training videos check out our youtube channel and remember to support our videos by liking them and by subscribing to our channel many thanks and we'll see you on the next tech tip

Info

Channel: techtipsfromwill

Views: 42,792

Rating: 5 out of 5

Keywords: Dynamic Host Configuration Protocol (Protocol), Failover, DHCP Failover, Windows Server 2012 (Operating System), Microsoft, DHCP Scope, Failover Relationship, DHCP Failover Relationship, IP address, Microsoft Windows (Operating System), Windows Server (Operating System), DHCP Redundancy, Failover for DHCP

Id: rPpKWttO7CQ

Channel Id: undefined

Length: 67min 10sec (4030 seconds)

Published: Wed Jan 28 2015