DHCP Redundancy Made Redundant?
REVIEW DATE: 05-JUL-2006
By VeriSign IIS Zone Staff
Dynamic Host Configuration Protocol (DHCP) is one of those critical infrastructure elements that often is taken for granted. But when things go wrong with DHCP, most organizations experience a support call barrage that makes administrators turn off their phones and pagers.

And too often, redundancy is not taken seriously, as when two servers are connected to the same switch or plugged into the same electrical circuit. True redundancy requires that they share no physical resources, and that they be kept in synch with one set to fail over to the other. The failover can't just mean that future requests go to server #2 when #1 goes out to lunch. Server #1 had lease information in it that server #2 should manage after the failover process completes. Finally, a process for bringing servers back up and new servers online must be defined as well.

Once you have a failover scheme in place, not only are you protected against hardware or software failure, but you can do dangerous things that you would have avoided in the past. For instance, you can apply security patches to one server, and take a little time to make sure that they work properly before applying them to the other.

Thus, it was that an attempt was made, many moons ago, to add support to the DHCP standard for server fail-over. As is often the case, vendors and open source solutions began to adopt the standard while it was being developed. But (as best as I can tell) they never actually finished defining the standard. It was supposed to complete in 2003, but it never happened.

Where does that leave us? Different vendor implementations of DHCP failover are different, and interoperability is not assured. This write-up on how to configure failover with ISC's DHCP (dhcpd), a program with no special proprietary interest, notes that even ISC recommends that all servers in a failover scheme run the same version of dhcpd!

In the proprietary world, it's even worse. It's likely that most vendors implement the standard-in-progress as best they can, but they often go further, creating the urge to make implementations incompatible with the standard. And we've not found any evidence of interoperability testing between implementations.

We're not sure why this standard fell off-track. Do you know what happened? Do your DHCP servers implement failover? Are you worried about interoperability issues? Let us know how these issues affect you in the Talkback area below.