How to use Split-Scopes in DHCP for a Robust Deployment
When should you configure Split Scopes in your DHCP deployment?
Split-scopes are intended for scenarios where you need some backup capability for DHCP when servicing a given subnet, but you don't want to deploy a DHCP server cluster. In this case, you can use 2 stand-alone DHCP servers to back each other up using split-scopes.
How do you setup Split Scopes?
Consider a DHCP scope with subnet-mask of 255.255.254.0 , which can support a range of 512 addresses. Say, you have around 300 clients on this subnet. The recommended way to setup a split-scope for this subnet is to have the majority of the available addresses configured on the primary DHCP Server A for that subnet. The remaining addresses are configured on the secondary DHCP Server B. The addresses used on A are then setup as an exclusion on Server B, and vice versa. Usually, the available addresses are split between the primary and the secondary servers through an 80-20 split.
Let's take an example: for a subnet 10.0.20.0/23, you would configure the same scope 10.0.20.0 to 10.0.21.255 on both the servers, A and B. However, on server A, you would configure 10.0.21.151 to 10.0.21.255 as an exclusion range on that scope. On server B, you would configure the other part of the address range (10.0.20.0 to 10.0.21.150) as the exclusion range. Thus there would be 407 address available for assignment on Server A, and 105 addresses available for assignment on Server B.
Note that you should ensure that the maximum number of clients you expect to have on that subnet doesn't exceed the number of addresses available for assignment on the primary server. If the /23 address range in this case is almost fully utilized, then you wouldn't have any spare capacity on Server B to service clients which need to renew when Server A is down.
How do Split Scopes work?
In the above example, a client would normally get its address lease from Server A. However, if server A were to be unavailable, the exclusion on server B would ensure that server B does not NAK the client's request to renew its address in the REBINDING state. If the client's lease expires before Server A has been restored, then it would start the DISCOVER process again. This time, it would get an address lease from Server B.
This gives the administrator some time to respond and restore Server A to the normal state.
Santosh Chandwani
Windows Enterprise Networking
[This posting is provided "AS IS" with no warranties, and confers no rights.]
Comments
Anonymous
June 15, 2007
How you can ensure that Server A is giving address instead of Server B ? If server B become almost full and Server A fail, a downtime will come quickly, no ?. Is it possible to add a delay in Server B to respond ?Anonymous
June 15, 2007
Good description of the setup, Thanks ! If the two DHCP servers are on the same subnet, is there a way do configure one of them as the primary (i.e. answers faster than the other) ? I guess it would be easy to add a "delay" (in ms) option in a scope properties.Anonymous
June 25, 2007
"How do Split Scopes work? In the above example, a client would normally get its address lease from Server A." I'm trying to figure out why "a client would normally get its address lease from Server A."? Is there further configuration that needs to be done to ensure that addresses are pulled from the primary DHCP server?Anonymous
July 31, 2007
In "Enterprise Design for DHCP" [1], three options are listed for adding fault tolerance to DHCP, but using distinct scopes without exclusion ranges is not listed. What advantage does using split scopes offer?
Anonymous
February 22, 2008
To add a delay, you can configure the secondary server with additional conflict detection attempts. (One is probably enough.) Not sure if this is the only way, but it seems to work!Anonymous
March 21, 2011
Why wouldn't you go for a 50/50 distribution?