Fault tolerance, RFC 1542, and more
Last month, I talked about how Dynamic Host Configuration Protocol (DHCP)
works. For those just joining us, DHCP simplifies setting up workstations on
TCP/IP. You just set up a Windows NT Server machine as a DHCP server, tell it
about your network, and your NT server can hand out unique IP addresses to each
PC on your network, greatly simplifying IP setup. The server assigns these
addresses for a limited time, so DHCP clients (PCs that get IP addresses from
DHCP servers) lease their addresses.
DHCP is a terrific facility, with a few quirks. However, if you understand
them, you can work around them.
A New Lease
When learning DHCP, you wonder what happens when the
lease runs out. Well, you're supposed to stop using the IP address. But the
lease is not likely to run out. When it's half over, the DHCP client begins
renegotiating the IP lease by sending a DHCP request to the server that issued
the expiring IP address.
The DHCP server responds with a DHCP ACK. It contains all the
information--domain name, DNS server, etc.--that the original DHCP ACK had. This
information lets you change the Domain Name System (DNS) server, Windows
Internet Name Service (WINS) server, subnet mask, and the like, and the new
information will periodically be updated at the clients (you can specify a
period, but it can be no more than 50% of the lease time).
Well, you can change the information in theory. Sometimes DHCP ACK
doesn't work. Suppose you renew the lease, but the server doesn't transfer new
information to the workstations. Your best bet is to open a command line and
type ipconfig/release and then ipconfig /renew. (No, I don't know why it doesn't
always work, but I can show you Network Monitor captures where it doesn't, and
these captures led me to the release/renew technique.)
Now, if the DHCP ACK doesn't appear, the DHCP client keeps resending the
DHCP request every two minutes until the IP lease is 87.5 percent expired.
(Don't you wonder where Microsoft gets these numbers?) Then the client goes back
to the drawing board, broadcasting DHCP discover messages (requests for an IP
address) until someone responds. If the lease expires, the client will stop
using the IP address, disabling the TCP/IP protocol on that workstation.
Fault Tolerance
That possibility leads me to wonder about fault
tolerance. Can a backup DHCP server hand out IP addresses if the primary goes
down? Not really, unfortunately. On the same subnet, you absolutely cannot run
two DHCP servers that assign addresses from the same range.
However, on the same subnet, you can have two DHCP servers that
assign addresses from different ranges. Suppose you have a C network,
200.100.100.0, and DHCP will give out addresses 200.100.100.20 through 200.
100.100.120. You can run two DHCP servers on the subnet and let one distribute
addresses .20 through .90 while letting the other pass out .91 through .120.
Notice that you create two scopes (ranges of IP addresses on a
subnet) that do not overlap. If they overlap, you run into trouble, because you
have no way to make two DHCP servers coordinate which addresses to give out.
Telling both servers to assign addresses in the entire .20 through .120 range
and to talk to each other to make sure they don't give out the same address to
two clients would be nice. But that's not possible--yet (probably, Cairo, the
version of NT that will likely appear in 1998 will let you). So, you can create
two DHCP servers on a subnet and give them scopes that don't overlap. If one
DHCP server is down when a workstation needs a lease, another one (you hope!)
has an address to spare.
What happens if two machines get the same IP address? DHCP avoids that.
Right after a DHCP client gets an IP lease, it tests the lease by trying to send
a message to the address. A response means the DHCP server gave the client an
address that someone else is using. The client's response is to tell the user
that it received a duplicate IP address, and then to stop using TCP/IP. This
approach has always seemed odd to me--why not negotiate further with the DHCP
server to get an acceptable address?
Previous
Register
