Condividi tramite


Migrating existing DHCP Server deployment to Windows Server 2012 DHCP Failover

Introduction

This article provides information on how to migrate an existing DHCP server deployment on Windows Server 2008 or Windows Server 2008 R2 to Windows Server 2012 DHCP Failover.

DHCP Failover feature requires two Windows Server 2012 on which the DHCP role is installed. To migrate from an existing DHCP server deployment to use DHCP Failover in Windows Server 2012 is a four step process-

  1. Install DHCP Server role on 2 Windows Server 2012 computers.
  2. Export DHCP server configuration from existing server.
  3. Import all DHCP server configuration on the Windows Server 2012 DHCP server intended to be the primary server in the failover relationship.
  4. Import only server-level configuration on the Windows Server 2012 DHCP server intended to be the failover partner server.
  5. Configure DHCP failover from the intended primary server.
  6. Update DHCP relay agents with IP addresses of the DHCP failover servers

Export DHCP server configuration and leases

Windows Server 2012 has new DHCP server PowerShell cmdlets which include export/import based on PowerShell. To export the DHCP server configuration, scopes and leases from a Windows Server 2008 or Windows Server 2008 R2 DHCP server (say named win2k8r2-dhcp.corp.contoso.com), run the below command from the new Windows Server 2012 powershell console.

Export-DhcpServer –ComputerName win2k8r2-dhcp.corp.contoso.com -Leases -File C:exportdhcpexp.xml -verbose

In case one doesn’t wish to export lease information, leave out the –Leases switch from the command.

Since PowerShell provides remoting functionality, this command when run from Windows 8 client (with DHCP RSAT installed) or Windows Server 2012 computer with the -ComputerName switch being that of a Windows Server 2008 or Windows Server 2008 R2 computer running DHCP server, would be able to export and fetch all data from the remote server successfully.

After running this command successfully, the DHCP server configuration on the source server, including server level configuration, scopes present on the server, and the associated configuration and leases will be exported to the file dhcpexp.xml.

Import DHCP server configuration and leases on Windows Server 2012

Using the DHCP server Windows PowerShell import, the DHCP server configuration can be now be imported on the Windows Server 2012 DHCP server (say named DHCP1.corp.contoso.com) using the following command:

Import-DhcpServer –ComputerName DHCP1.corp.contoso.com -Leases –File C:exportdhcpexp.xml -BackupPath C:dhcpbackup -Verbose

If you wish to migrate specific scopes (e.g. 10.1.1.0, 10.1.2.0) to the Windows Server 2012 DHCP server instead of migrating all the scopes, you can use the following import command:

Import-DhcpServer –ComputerName DHCP1.corp.contoso.com -Leases –File C:exportdhcpexp.xml -BackupPath C:dhcpbackup -Verbose –ScopeId 10.1.1.0, 10.1.2.0

The above mentioned import command should be run only on the Windows Server 2012 DHCP server (DHCP1) which is intended to be the primary server for the failover relationship.

When a failover relationships is set up between two Windows Server 2012 DHCP servers (DHCP1 and DHCP2), the failover setup wizard (or cmdlet) replicates the scopes and associated configuration on the second server (DHCP2). Hence, the scopes are not required to be imported on the second server (DHCP2).

However the failover setup wizard (or cmdlet), does not replicate server level configuration to the second DHCP server.  If there is a server level configuration present on the existing DHCP server deployment, which include:

  • Vendor or User classes other than those which are built-in.
  • Option definitions other than those which are built-in
  • Server level option values
  • MAC address based filters
  • Conflict detection attempt (if set to something other than the default)

These server level configuration options must be imported on the second DHCP server (DHCP2). To import only server level configuration on the partner server DHCP2, use the following command:

Import-DhcpServer –ComputerName DHCP2.corp.contoso.com –File C:exportdhcpexp.xml –ServerConfigOnly –verbose –BackupPath C:dhcpbackup

The switch –ServerConfigOnly achieves the desired objective of just importing the server-level settings.

After having migrated all server-level and scope settings on the primary server and migrated only server-level settings on the partner server, one can now configure a DHCP Failover relationship between the two servers. Refer to the links at the end of this post to understand more about deploying DHCP Failover.

Configurations like the DHCP relay agents for all the subnets/scopes being migrated need to be configured with IP addresses of the two Windows Server 2012 DHCP servers in the failover relationship so that the DHCP client messages are relayed by the relay agent to both the DHCP servers. Please refer the documentation of your DHCP relay agent for details on how to update the DHCP relay agent with IP addresses of the DHCP servers.

Conclusion

We hope this blog post eases migration of existing DHCP Server deployments to the new Windows Server 2012 DHCP server and enables deployment of DHCP Failover. As always, your feedback and comments are most appreciated.

Team DHCP

Comments

  • Anonymous
    January 01, 2003
    The comment has been removed

  • Anonymous
    January 01, 2003
    Its recommended that you migrate and retain the leases on the new server. The new server will automatically delete the leases if they expiry. You need not delete them. Migrating and retaining leases will avoid the problem of duplicate IPs on the network.

  • Anonymous
    January 01, 2003
    Hi Bart
    For export command you do not need to stop any server. The DHCP Server from which you are exporting the data can be running.
    Similarly while importing the data you do not need to stop the DHCP server to which you are importing the data to.
    Thanks

  • Anonymous
    January 01, 2003
    Hello Sven,Yes - when the link between the data centers goes down both the DHCP Failover servers will move into COMMUNICATION INTERRUPTED state. Both the servers will continue to service the clients assuming the clients have not lost connectivity to the data centers.

  • Anonymous
    January 01, 2003
    This is sick! So Simple!

  • Anonymous
    January 01, 2003
    Thanks Rusty for sharing your deployment information. From your description, I am not sure if you need a large number of failover relationships. In a single failover relationships, you can have MULTIPLE scopes. In fact, there is no upper bound on the number of scopes in a single failover relationship - we have tested till 10,000 scopes in a single failover relationship. Does that help or did I misunderstand your deployment need still.

  • Anonymous
    January 01, 2003
    Hi JR, I am unable to understand the question very clearly. If you are saying, all the currently leased IP addresses need to be released/expired before performing the migration, it is definitely not required since the steps mentioned above will migrate active leases from the source server to destination server. Let us know if this did not answer your question.

  • Anonymous
    January 01, 2003
    Hi Anker, You can use the script at the following location to migrate from split scope to DHCP failover
    http://gallery.technet.microsoft.com/scriptcenter/Migrate-Split-Scope-to-9791ddcd

  • Anonymous
    January 01, 2003
    Hello dtg, DHCP PowerShell cmdlets cannot be used with Windows Server 2003 R2. It is only supported for Windows Server 2008 and above. However, you do not need to go thru a 2 stage process, you can use netsh export/import to migrate from 2003 R2 to 2012R2 directly without the intermediate step of migrating to 2008/2008R2.

  • Anonymous
    January 01, 2003
    Hi Mike, Usage example - -ComputerName mycomputer.mytestdomain.com You don't need the angle brackets. Will get the example in the blog corrected.

  • Anonymous
    January 01, 2003
    Hi Hans, You should definitely avoid having both DHCP servers authorized and servicing clients at the same time since that could lead to duplicate IP address situation leading to bad addresses on the DHCP server. You can do the following sequence of steps - Remove the binding of the new DHCP server. This will ensure that clients are not serviced by this DHCP server. Even when the binding is removed, you can perform import/export on this DHCP server. Authorize the new DHCP server Remove authorization for the old DHCP server Enable the binding of the new DHCP server. Now the new DHCP server will start servicing the clients. Thanks.

  • Anonymous
    January 01, 2003
    Hi Martin,Yes. Deactivates as well as active scopes can be migrated together.I noticed that you mentioned migration from WS 2003. The PowerShell cmdlets including Export mentioned in this blog is supported for WS 2008 onwards. For migrating from WS 2003, you can use netsh export/import or Windows Server Migration tool.

  • Anonymous
    January 01, 2003
    Hello Opie, You can build the new DHCP servers using some new IP addresses. When you turn off the old DHCP servers, you can change the IP addresses of the new servers and assign the old IP addresses to them. However, if you are deploying failover configuration, and your number of DHCP servers is increasing, then you will require additional IP addresses for your DHCP servers and will have to update your relay agents with these  additional IP addresses.

  • Anonymous
    January 01, 2003
    The comment has been removed

  • Anonymous
    January 01, 2003
    Thanks for the reply, I checked the DHCP documentation that the scopes should not be de-activated unless they are being deleted for good so my question is...can they co-exist while i am migrating ? meaning the scope x is disabled on w2003 while same scope x is enabled on new w2012r2 server ? Thanks Martin

  • Anonymous
    January 01, 2003
    Thanks Joe for the feedback. Could you please share specifics on aspects that you are looking for from an enterprise perspective.

  • Anonymous
    January 01, 2003
    Yes, David. That is a supported deployment.

  • Anonymous
    January 01, 2003
    Opie, In addition to what we said above - Regarding your comment - "I saw in the documentation that building the servers requires registering their names/IP in AD, so I'm wondering if there might be a technical barrier to doing this." You need to do this step (authorizing the DHCP server in AD) to get the DHCP server to start servicing clients. You can complete migration of the configuration/provisioning of the DHCP servers without this. Then, after you have changed the IP address of the DHCP server to the old IP address, you can authorize it in AD to get it start servicing clients.

  • Anonymous
    January 01, 2003
    Lewis, Import-DhcpServer will merge the configurations as long as there is no conflict. The conflict situations could be:

  • the target server already has a value for an option and the import file contains a different value for the same option.
  • the scope being imported already exists on the target DHCP server In such cases of conflict, the Import-DhcpServer will retain the configuration on the target DHCP server and log a warning to the console reporting the conflict. For the case of scope already existing, you can use the -OverWrite switch to overwrite the scope on the target DHCP server. Suggest to use the -Verbose swtich to get the detailed logging from this cmdlet.
  • Anonymous
    January 01, 2003
    Marc,
    - to perform export/import you do not need the DHCP servers to be in authorized state.
    - you can authorize the DHCP servers even when the bindings are removed.
    - you will be able to test DHCP failover state changes with the bindings removed. But the servers will not be taking any client traffic since there are no bindings.

  • Anonymous
    September 16, 2012
    aboutu time MS catches up with world but this attempt is still not an enterpise solution - MS once again behind the market leaders in IPAM

  • Anonymous
    September 19, 2012
    The comment has been removed

  • Anonymous
    September 19, 2012
    Am I typing out the FQDN in the <brackets> after the -ComputerName switch?  Or does the FQDN go in place of "ComputerName" ?

  • Anonymous
    January 14, 2013
    Thanks team for wonderful article. Do we have here a migration from single server to 2012 load balance dhcp server? This will be perfect :)

  • Anonymous
    March 06, 2013
    Hi, Great article thank you v much. Quick q - If you are consolidating numerous DHCP Scopes from server 2008, into 2 server 2012 boxes setup in a failover.... when you export the configs from the old dhcp servers & import them 1-by-1 into server 2012, does it MERGE the configs, or overwrite with each import? Thanks! -Lewis

  • Anonymous
    March 08, 2013
    We have over 200 subnets.  I'm not the router admin, but I think updating all the relay agents could be quite a large task for us.  It would be easier to build the DHCP servers and then turn off the old ones and assign the IP addresses of the old DHCP servers to our new Windows 2012 DHCP servers.  Then we wouldn't have to update all of the relay agents.  Is this possible?  I saw in the documentation that building the servers requires registering their names/IP in AD, so I'm wondering if there might be a technical barrier to doing this.  Also, I would like to have the new boxes built before the cutover instead of turning off the old ones and then bringing up the new ones without DHCP installed on their old IPs and building everything then. If this can't be done, that's OK - we'll just have to do it the way you recommend by updating all of the relay agents.  I was just hoping there might be a faster way for us.

  • Anonymous
    May 17, 2013
    Hey, I got a question on the timing of turning off the old DHCP and authorizing the new DHCP server. My old server is running, I export the config and import it on the new not-yet-AD-authorized DHCP. Now I turn off the old one and then authorize the new one? Or do I first authorize the new one and then turn off the old one? We got about 50 clients so it shouldn't really matter, but I'd like to avoid any mishappenings. Thanks, Hans

  • Anonymous
    May 24, 2013
    The other thing I found is needed to release the existing IP, what would the best route to do without released/renew/reboot the machine? Should I just wait until the lease is over? no problem migrating the IP/Leases Thank, JR

  • Anonymous
    June 24, 2013
    May want to consider enabling "conflict detection attempts" when migrating from one dhcp server to another.  DHCPSERVERNAME -> ipv4 <- right click  properties -> select advanced, put in 1 or 2.  Should be done on all dhcp servers that need it enabled.  This will make sure the IP being assigned is not in use.   Thanks MSFT for the LB/FO feature.  

  • Anonymous
    August 12, 2013
    Help!! I'm following the steps listed to import DHCP from 2K8R2 to WK12, but the import is failing on importing the active leases. The server config and the reservations are all pulled in OK on to the new server however, importing the active leases is failing. Each attempt to import an active lease fails with: Import-DhcpServer : Failed to add IP address lease for 10.3.37.230 on server newdhcpserver.mycompany.localnet. : There are no more endpoints available from the endpoint mapper. (1753)    + CategoryInfo          : NotSpecified: (10.3.37.254:root/Microsoft/...cpServerv4Lease) [Import-DhcpServer], CimEx   ception    + FullyQualifiedErrorId : WIN32 1753,Import-DhcpServer can anyone assist with this??? Thanks

  • Anonymous
    November 22, 2013
    is not recognized as the name of a cmdlet....

  • Anonymous
    November 25, 2013
    Well, could you please mention what cmdlet are you referring to. All the cmdlets referred in the blog are part of Windows Server 2012. If you are using on Windows 8 client, you will need to install RSAT (Remote Server Administration Kit)

  • Anonymous
    December 10, 2013
    Dear Team DHCP Thank you very much for such valued article, However I have a quick question.. When I'm done Export and Importing the backup of old dhcp server and ready  to Authorize the new DHCP server , do I have to authorize the fail-over (secondary) dhcp server as well ? Thanks !!!

  • Anonymous
    December 10, 2013
    CITS, Glad to know that you found the article useful. Yes - you need to authorize both the DHCP failover servers individually. Another things you need to do is configure the DHCP relays/IP helpers to forward DHCP packets to both the DHCP failover servers.

  • Anonymous
    December 11, 2013
    Gr8, I'm planning to do the migration this weekend, thanks a lot for your quick reply.

  • Anonymous
    January 03, 2014
    Pingback from ???????????????? ???? ???????? ?????????? ???????????? ???????????? ???????? ( Windows Server Migration Tool )

  • Anonymous
    January 03, 2014
    Pingback from ???????????????? ???? ???????? ?????????? ???????????? ???????????? ???????? ( Windows Server Migration Tool )

  • Anonymous
    January 17, 2014
    The comment has been removed

  • Anonymous
    February 07, 2014
    Can I have two DHCP servers local and one remote as part of the failover?

  • Anonymous
    February 24, 2014
    A DHCP patch fix for Windows Server 2012 has been released for the following issues recently
    1) The

  • Anonymous
    March 20, 2014
    Hi Team,
    Great Article.
    What about if we have 2 2k8 dhcp servers with the 80:20 scoping. How can I get the scopes and leases from the old "number 2" dhcp server ?

    /anker

  • Anonymous
    May 08, 2014
    Excellent Job! Very easy and simple commands to migrate from 2008 - 2012. Completed in only a few minutes.

  • Anonymous
    June 12, 2014
    can the script be used to migrate from 2003r2? Its not a massive problem if it can't as I was going to migrate to w2k8r2 so I already have 2 w2k8r2 VM's configured for dhcp. So I could use netsh to migrate from w2k3r2 to w2k8r2 first and then run the script to pull everything in to w2k12r2. Bit of a two stage process but at least I can test it first as I'm using VM's

  • Anonymous
    June 16, 2014
    Are both the 2008 R2 and 2012 R2 DHCP running at the same time for the export and import? Or does the DHCPServer need to be stopped?

  • Anonymous
    December 22, 2014
    I found this article extremely easy to follow, and very helpful. Thanks for posting it.

  • Anonymous
    January 02, 2015
    Great instructions !!! Made my life easy

  • Anonymous
    January 03, 2015
    this artcile is really helpful!!! good job done teamdhcp

  • Anonymous
    January 16, 2015
    Here is yet another tangent thought totally not related to any other of my blog posts! Maybe some day

  • Anonymous
    April 16, 2015
    The comment has been removed

  • Anonymous
    August 05, 2015
    DHCP PowerShell in Windows Server 2012, in addition to providing cmdlets for DHCP server management,