In previous versions of DNS/DHCP Server software, an xHA pair serving DHCP would
provide service to clients from its Virtual IP address (VIP). With VLAN support in DNS/DHCP Server, each node in an xHA pair now has a static Private IP Address (PIP)
that might confuse DHCP clients as to the source IP of DHCP service. In the event of xHA
failover, only the Virtual IP address will migrate to the new Active node (initially the
Passive node) and not the Private IP address. The new Active node will have a different
Private IP address, so clients won't know if the source of the DHCP packet is the VIP or the
PIP and will be unable to send unicast packets back to the DHCP server. That is, DHCP Renew
and DHCP Release requests won't reach the DHCP server.
- If you have configured DHCP service with xHA, you must set the Server Identifier DHCP
Service option for the Virtual IP address on the service interface (eth0, VLAN interface,
bond0) to ensure that the IP address sent to clients from this interface properly
indicates the Virtual IP address of the xHA pair as the DHCP server.Note: Setting the Server Identifier DHCP Service option is a necessary requirement due to the behavior of DHCP on interfaces with multiple IP addresses. For additional information, refer to DHCP with multiple IP service addresses.
- In addition, you must also update your firewall rules to include the Private IP
addresses from both nodes in the xHA pair and the VIP. This will allow packets from the
private IPs plus the VIP to reach the client.Note:
- To find the VIP and xHA Private addresses of the nodes in an xHA pair, navigate to Servers>xHA pair>Service Configuration>Interfaces in the Address Manager user interface, or run the show interfaces command from the DNS/DHCP Server Administration Console. Customers using Dedicated Management must ensure to also include the Private IP addresses on the Management interface (eth2) of each node in their updated firewall rules.
- As a best practice, BlueCat advises all customers running multiple IP addresses on any interface to use the Server Identifier DHCP Service option to ensure proper communication with DHCP clients.
- Alternately, you could also serve DHCP from a VLAN interface configured with a single IP address (this IP must be unique and shouldn't be the same as the VIP or PIP). Since VLAN interfaces migrate between nodes during xHA failover, DHCP clients would still be able to communicate with the IP address configured on a specific VLAN. However, if you have assigned multiple IP addresses to that VLAN interface, you must set the Server Identifier DHCP server option to let clients identify the source IP of DHCP service.
To set the Server Identifier DHCP Service option:
- Navigate to the necessary DHCP range in Address Manager and select the Deployment options tab.
- Select .
- Under General, select the option and set its parameters:
- Name—select Server Identifier (18).
- IPv4 address—enter one of the IPv4 addresses assigned to the server.
- On the Servers tab, select the servers or server group to which
the option applies:
- All servers—applies the deployment option to all servers in the configuration.
- Server group—applies the deployment option to a specific
server group in the configuration. Select a server group from the drop-down list.Attention: You cannot configure DHCP deployment options on a multi-primary server group.
- Server—applies the deployment option to a specific server in
the configuration. Select a server from the drop-down list.Attention: You cannot configure DHCP deployment options on servers that are part of a multi-primary server group.
Note: You can't override deployment options set at the configuration level from the server group level if the deployment option is applied to a specific server within a server group. - On the Change control tab, enter a change control comment if required.
- Select Create or Create and add another.
- Deploy DHCP to enact the changes.