We have a single DHCP server on our network.
I would like to add another or maybe two additional DHCP
servers (one being
the DC)
I am concerned (actually confused) about the scopes.Whether it
is a shared
pool, or individual ranges.
Can someone please point me in the right direction on how to
set up the
additional DHCP's and any other hints would be helpful.
Many thanks
Tony
For distributing scopes among multiple DHCP servers two well known
rules are available.
Google for (only the text before the =):
50/50 dhcp = (central setup)
and
80/20 dhcp = (local and remote setup)
You should make sure only one DHCP servers leases a certain IP address
otherwise you could get IP conflicts. DHCP Servers do
not share the DHCP db, only when clustered.
If one or more DHCP servers service the same set of clients you
should, if applicable:
(1) configure reservations on all those DHCP servers
(2) Distribute available addresses among the DHCP servers
(1)
if you have clients that use DHCP reservations and you also have
multiple DHCP servers that service those clients, you need
to configure the DHCP reservations on all DHCP servers that service
those clients as you want to make sure that independed of
the DHCP server the client gets its reserved IP address
(2)
Depending on the distribution factor as mentioned above you need to
make sure IP addresses are not leased more than once to
any other client. Let me give me an example....
Lets say you have a scope with the following AVAILABLE IP
addresses.... A B C D E F G H I J (from A to J) and you have server
DHCP1 and server DHCP2 as DHCP servers.
You have the following possibilities:
(A) configure the complete scope "A B C D E F G H I J" and enable it
on both DHCP servers DHCP1 and DHCP2 and enable conflict
detection so that each DHCP server first checks a certain IP address
has not been leased by the OTHER DHCP server. (This is
not a best practice and thus not recommended)
(B) configure the complete scope "A B C D E F G H I J" and enable it
on DHCP server DHCP1 and disable the scope on DHCP
server DHCP2 (and enable conflict on the DHCP server that is made the
servicing DHCP server while the other is not because it
is unavailable or so) (this will work but if the first DHCP server
becomes unavailable you need to enable conflict detection
on the other DHCP servers and enable all of its scopes manually)
(C) If you use the 50/50 rule (otherwise configure
accordingly),configure half of the scope "A B C D E" on the DHCP
server
DHCP1 and configure the other half on DHCP server DHCP2 "F G H I J"
and enable the scopes. Conflict detection is not needed
here. The problem with this is that if the client switches from DHCP
server the other DHCP server will issue a NACK because
the client if trying to renew an unknown IP address to that DHCP
server.
(D) configure the complete scope "A B C D E F G H I J" and enable it
on both DHCP servers DHCP1 and DHCP2.Conflict detection
is not needed here. If you use the 50/50 rule (otherwise configure
accordingly), on the first DHCP server DHCP1 exclude "A B
C D E" and on the second DHCP server DHCP2 exclude "F G H I J" If the
client switches from DHCP server the other DHCP server
will not issue a NACK because it knows of the IP address although
excluded (This is my preferred configuration and if also a
best practice)
Also remember:
If secure DDNS updates are done by the DHCP server on behalf of the
clients and more than 1 DHCP server services the same
clients make sure each DHCP server is able to update the records. For
this configure credentials on the DHCP server to
acchieve this.
If DHCP service is hosted on a DC, for security purposes you should
configure DHCP with additional credentials to register
records on behalf of the clients.
If it is a W2K DHCP server you can only use the command line to
configure credentials (NETSH DHCP...)
If it is a W2K3 DHCP server you can use the command line and the GUI
to configure credentials
For more info see:
*
http://www.microsoft.com/technet/pr...elp/d0e19b57-c368-46c2-b017-caf25ae150ec.mspx
*
http://www.jsifaq.com/SUBN/tip6900/rh6941.htm
*
http://www.microsoft.com/technet/pr...elp/179d4f6c-9482-4dac-8f03-74bd78b7d263.mspx