DHCP servers are one of the key elements of the network infrastructure. However, unlike DNS servers or domain controllers, before the release of Windows Server 2012, Windows Server didn’t have the integrated mechanisms for the DHCP role high availability and load balancing. Earlier the high availability task was solved by dividing the DHCP scope into two parts, each of which served its own server. But this approach had a lot of inconvenience, starting from the fact that all the settings needed to be duplicated between servers and ending with the fact that in case of a fault, a manual intervention would still be required.
How to Configure DHCP Load Balancing?
Starting from Windows Server 2012, the ability to create DHCP failover configurations has been added. In this article we will show you how to configure load balancing on a DHCP server running Windows Server 2016.
To ensure fault tolerance and load balancing, you need two servers with DHCP Server role installed. But before this, both servers need to assign the correct DNS names, static IP addresses and join the servers to the AD domain.
Install the DHCP Server role from the Server Manager console or using the PowerShell command:
Add-WindowsFeature DHCP –IncludeManagementTools
After installation, be sure to authorize a DHCP server in the Active Directory.
On one of the servers, add and configure a new IPv4 DHCP scope.
Then right-click on the root of the ipv4 or on a specific scope and select Configure Failover in the drop-down menu.
A wizard will appear prompting you to select the scopes for which you want to implement fault tolerance.
In the next step, you will be prompted to select a partner server. This can be any available DHCP server based on Windows Server 2016. In the domain network, you will see a list of authorized servers, or select the server using the Browse button.
It remains to choose the DHCP server operation mode, if necessary, correct some parameters and set a shared secret (the key phrase to create an encryption key).
Two failover modes are available for the DHCP server:
- Load Balance – two servers simultaneously issue IP addresses and options for clients in some subnet. Client requests to load balancing servers are distributed between two servers (you can set the desired percentage). This is the default operation mode.
- Hot standby – in this mode, the two servers operate in a fault-tolerant configuration, in which the active server is responsible for the IP addresses leasing and configuration information for all clients in the scope or subnet, while the secondary (standby) server takes over its functions if the primary server becomes unavailable. A server is considered primary or secondary in the context of an IP subnet.
Consider the available options:
- Maximum Client Lead Time – the time at which the partner server extends the lease of IP addresses to the clients of the second server if communication with it is lost;
- Load Balance Percent – sets the proportion of requests distributed between servers;
- State Switchover Interval – time after the loss of communication with the partner, when the server goes from the state of “connection lost” to the state “partner is disabled”;
- Enable Message Authentication – between servers, a secure communication channel is established using a passphrase.
In hot standby mode, the set of options is a little bit different:
- Role of Partner Server – allows you to select server roles. By default, the server on which the failover is configured becomes active, the partner is put into standby mode;
- Addresses reserved for standby server – part of the scope allocated to the standby server to serve new clients in the “lost connection” mode.
After selecting all the necessary settings, click Next. This is where the DHCP failover setup wizard is complete.
Only information about the issued IP addresses is replicated between partner servers; changes in the scope settings, including reservation, should be synchronized manually. To do this, in the DHCP console, click on the scope and select Replicate Failover Scopes.
Or you can start all scopes replication from the host1 using PowerShell:
Invoke-DhcpServerv4FailoverReplication -ComputerName host1.contoso.com
There is the following limitation in DHCP failover in Windows Server 2016: two DHCP servers per scope. You should remember and understand that the high availability of DHCP is implemented not on the basis of servers, but on the basis of scopes. If a single server contains multiple areas, then it can be a part of several high-availability configurations. In addition, the failover relationship for IPv6 scopes is not supported.