Prerequisites for xHA - BlueCat Integrity - 9.4.0

Address Manager Administration Guide

Locale
English
Product name
BlueCat Integrity
Version
9.4.0
Before you create an xHA pair in Address Manager, make sure to complete these prerequisites:
  • You must have at least two connected and managed DNS/DHCP Servers in the configuration running software version 9.2.0 or greater.
  • DNS/DHCP Servers must be either two physical appliances or two virtual machines. Mixed xHA pairs of appliance and VM are NOT supported.
  • Both DNS/DHCP Servers must be at the same software version before creating an xHA pair.
  • Both DNS/DHCP Servers must be configured with NTP before creating an xHA pair to ensure that the xHA setup process correctly configures the DNS/DHCP Servers.
  • Both DNS/DHCP Servers must be of the same profile, such as two DNS/DHCP Server 60 or two DNS/DHCP Server 100 profiles.
  • In order to create an xHA pair with the Active node on which the dedicated management interface enabled, the dedicated management interface on the Passive node must be enabled.
  • The Active and Passive nodes must be on the same network.
  • Additional IP addresses are not supported on DNS/DHCP Servers operating in an xHA pair.
  • xHA with IPv4 only: no IPv6 addresses must be present on either the Active or Passive nodes.
  • xHA with IPv6 only: no IPv4 addresses must be present on either the Active or Passive nodes.
  • xHA with IPv4 and IPv6: both the Active and Passive Nodes must be configured with only one IPv4 services address and only one IPv6 services address.
  • The servers for the xHA pair must not be associated with a deployment schedule. For information on viewing the servers in a deployment schedule, refer to Deployment schedules.
  • The server intended for the passive role must not be associated with a deployment role. For instructions on how to view the deployment roles assigned to a server, refer to Viewing deployment roles.
  • Remove any old certificates and create identical time settings on both servers.
  • Attention:
    • To avoid split-brain scenarios (where both servers are active or passive at the same time), the use of xHA backbone communication is mandatory.
    • When configuring the xHA backbone on DNS/DHCP Servers, ensure that the IP addresses of the xHA interfaces (eth1) are on a different subnet than any other interfaces (such as services/management interfaces) and non-routable IPs. In addition, if the DNS/DHCP Servers are not connected by a direct ethernet xHA backbone connection, the xHA interfaces should be separated onto a different LAN segment to prevent the xHA interfaces from receiving layer-2 broadcast traffic intended for other interfaces. This can be achieved by separate VLANs for each interface, private networks (for virtual appliances), or separate physical switches.
    • If you are currently using the xHA/eth1 ports for another purpose, you can reset and then reconfigure them for xHA communication, but you can't use the eth1 ports for xHA communication and for their previous purpose.
    • If you are upgrading from an earlier version of DNS/DHCP Server software, you must delete each eth1 port to reset it. Previous versions of DNS/DHCP Server software didn't support eth1, and eth1 isn't reset automatically.
Attention:
  • If you are currently using the xHA/eth1 ports for another purpose, you can reset and then reconfigure them for xHA communication, but you can't use the eth1 ports for xHA communication and for their previous purpose.
  • If you are running an xHA pair with xHA Backbone communication configured over switches or WAN, make sure to configure the IP address of eth1 on a different subnet than eth0 and eth2.
  • If you are upgrading from a previous version of DNS/DHCP Server software that didn't support eth1, you must delete each eth1 port to reset it.
  • Don't try to configure half-duplex communication. If you try to configure half-duplex, DNS/DHCP Server prevents you from saving the setting and an error message appears. For more information about duplex settings contact https://care.bluecatnetworks.com.
  • You can't use xHA with Anycast; they're mutually exclusive.
  • You must set the Server Identifier DHCP Service option if serving DHCP from xHA pairs configured with VLAN interfaces. For details, refer to DHCP with VLAN and xHA.