Kea is what you want, I think... https://www.isc.org/kea/
For HA: https://kea.readthedocs.io/en/latest/arm/hooks.html#supported-configurations On Tue, Feb 11, 2025 at 6:23 PM Adam Moffett <dmmoff...@gmail.com> wrote: > We have two DHCP servers per market and they run VRRP. VRRP gives you an > active/standby setup. Configurations have to be synchronized of course, > but I'd say this is the simplest way. > > To have any kind of active/active setup the DHCP servers would have to > share the same lease database. I believe ISC had a way to do that where > they would send messages to update each other, but I haven't looked into > this in awhile so I may be hallucinating that. > > -Adam > > > ------------------------------ > *From:* AF <af-boun...@af.afmug.com> on behalf of Jesse DuPont < > jesse.dup...@celeritycorp.net> > *Sent:* Tuesday, February 11, 2025 5:29 PM > *To:* AnimalFarm Microwave Users Group <af@af.afmug.com> > *Subject:* Re: [AFMUG] DHCP Fail over > > What will you be using for your DHCP "concentrator" (for lack of a better > term); that is, what will be the gateway device(s)? It seems you'd be > better served by having a pair of routers running VRRP or some other > cluster prototol, then having redundant DHCP servers that the > concentrators/gateways relay to simultaneously (both of which check with > RADIUS for auth and assignment for statics). The two DHCP servers can be > configured active/active or active/backup and they'll both serve the same > blocks (based on what RADIUS tells them to provide). ISC DHCP did this > "okay", but KEA DHCP (ISC's replacement) does it really well. The two > gateways using VRRP would appear like a single device and have a single IP. > Depending on the routers, sometimes "state" (like current ARP resolutions) > are sync'd between both routers, sometimes the failover router has to just > re-ARP for everything; not the end of the world. > > You can simplify all this by using an actual BNG for your DHCP side (and > your PPPoE, for that matter). Something like NetElastic's or IP Infusion's > BNG can do all this. > > On 2/11/25 3:12 PM, Mark - Myakka Technologies via AF wrote: > > We currently run 3 PPPoE servers using an OSPF concentrator and radius to > manage the IP addresses. With this setup, it doesn't matter which IP lands > on which PPPoE server. OSFP handles it. > > We now need to do something similar with DHCP. I've been messing around with > /32's and Option 121, but just can not get a stable solution. I'm now > thinking about plan B. Similar general setup we use on the PPPoE side. Lets > say we go with 3 DHCP servers connected to an OSPF concentrator. I would > have to set my DHCP network on all 3 servers to something like 192.168.0.0/23 > for about 512 address total. Server one will do a GW of 192.168.0.1, Server > two will do a GW of 192.168.0.2, server 3 will do a GW of 192.168.0.3. When > a client connects they will randomly connect to one of the 3 servers and > receive an IP address from radius. My current thoughts are > > 1. Each server will have a /32 address not the /23. IP address on server 1 > will be 192.168.0.1/32. > 2. OSFP will only announce the /32 address of the server to the concentrator. > 3. I will have to use the DHCP script option to insert and delete the clients > ip address as a /32 in OSPF on the server to update the concentrator. > > The one issue I see off the bat is when a client reboots. If the client > reboots and moves from server 1 to server 3, I now have two servers with the > same IP address. I think I can deal with that by using a short lease time. > > > Thoughts? I'm still digging around looking for other (better) options of > having DHCP fail-over. The one option that will not work is reserving a > block of IPs per server. We have several customers that are using static > IPs, so they need to be accessible from all 3 servers. > > > -- > > Thanks, > Mark mailto:m...@mailmt.com <m...@mailmt.com> > > Myakka Communicationswww.Myakka.com > > Serving Manatee and Sarasota Counties with High-Speed Internet for over 20 > years > > > > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com >
-- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
