RE: W2k3 DHCP redundancy / high availability

[Raper, Jonathan - Eagle]

Ok, guys - I hear ya - I'll split them up. Thanks for the feedback.

I had so many new vlans and associated DHCP pools that creating them manually 
would have driven me batty, so I actually did create almost all of my scopes 
from scratch by importing them. I don't recall having to modify any of them 
after the fact (other than some minor changes in the GUI, so I wasn't sure how 
it would work to change them.

If I remember correctly, don't I have to essentially pull the scope out and put 
the new one in, along with its associated exclusions?

Thanks,

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: Sean Martin [mailto:seanmarti...@gmail.com]
Sent: Friday, September 10, 2010 2:26 PM
To: NT System Admin Issues
Subject: Re: W2k3 DHCP redundancy / high availability

+1

Although I've never created scopes from scratch using netsh, I use it to script 
changes to our scopes. Works well.
On Fri, Sep 10, 2010 at 10:14 AM, Kurt Buff 
mailto:kurt.b...@gmail.com>> wrote:
netsh should do all he wants.

On Thu, Sep 9, 2010 at 15:38, Brian Desmond 
mailto:br...@briandesmond.com>> wrote:
> Can you just script setting up the 80/20 rule on the scopes? I think there
> is a dhcpcmd.exe ...
>
>
>
> Thanks,
>
> Brian Desmond
>
> br...@briandesmond.com<mailto:br...@briandesmond.com>
>
>
>
> c - 312.731.3132
>
>
>
>
>
> From: Raper, Jonathan - Eagle 
> [mailto:jra...@eaglemds.com<mailto:jra...@eaglemds.com>]
> Sent: Thursday, September 09, 2010 2:55 PM
> To: NT System Admin Issues
> Subject: W2k3 DHCP redundancy / high availability
>
>
>
> Ok, here goes...
>
>
>
> Present environment - pure Windows 2003 AD, with two DCs. One is virtual
> (vmware esx 3.5), 2003 Enterprise Edition. The other is physical, 2003
> Standard Edition (not sure why - I didn't set it up). Virtual DC is running
> DHCP for our entire organization, and would be a pain to go through and
> setup split scopes (many sites, multiple vlans per site, and thus, multiple
> DHCP scopes for each site.) A year ago, we were using Cisco devices at each
> remote site to handle DHCP for each subnet. We performed a major network
> overhaul and had to centralize, so here we are.
>
>
>
> I've now been tasked with building redundancy for our DHCP services. Moving
> to Server 2008 is not an option right now. We MAY be able to upgrade the
> 2003 Standard server to 2003 Enterprise, but that isn't a given just yet.
>
>
>
> Issues...
>
>
>
> Can't cluster, because of the Std Edition OS, (but even then, how would that
> impact AD & DNS?)
>
> Can't backup from Primary and restore to Secondary, again, because of
> different OS (M$ says, "not supported" to backup from Enterprise and try to
> restore to Standard)
>
> As mentioned, split scopes would be a major admin pain (it wouldn't be so
> bad if we had 2008, since there is a wizard in 2008, but I digress)
>
>
>
> So, the way I see it, I have a couple of options...
>
>
>
> Setup "secondary" as a "hot spare" but disable the DHCP service unless and
> until the primary becomes available. Use netsh dhcp server export
> c:\dhcpdatabase.txt all on a daily basis to ensure a valid "backup" of the
> primary, and copy that file over to the secondary as part of one scheduled
> task.
>
>
>
> -or-
>
>
>
> Setup secondary, authorize it, configure it, turn it on, (hear me out here)
> and setup IP Address Conflict Resolution at the server level on both
> servers, and let them "work it out" on their own. I realize that I wouldn't
> have any lease synchronization, and that there is a slight risk of duplicate
> IP, but I can't imagine there would be much. My WAN links are solid. Also,
> any scope or option changes made on the primary would have to be duplicated
> on the secondary...administrative overhead yes, but still less than dealing
> with split scope, IMO. Even then, couldn't I just export from the primary
> after I've made changes and then import to the secondary? I know lease
> information is contained in the exported file...trying to decide whether or
> not that would be good or bad... if it wouldn't be a problem, why not take it
> a step further and schedule an export/import from the primary to the
> secondary?
>
>
>
> What am I missing?
>
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com<mailto:jra...@eaglemds.com>
&g

Re: W2k3 DHCP redundancy / high availability

[Sean Martin]

+1

Although I've never created scopes from scratch using netsh, I use it to
script changes to our scopes. Works well.

On Fri, Sep 10, 2010 at 10:14 AM, Kurt Buff  wrote:

> netsh should do all he wants.
>
> On Thu, Sep 9, 2010 at 15:38, Brian Desmond 
> wrote:
> > Can you just script setting up the 80/20 rule on the scopes? I think
> there
> > is a dhcpcmd.exe …
> >
> >
> >
> > Thanks,
> >
> > Brian Desmond
> >
> > br...@briandesmond.com
> >
> >
> >
> > c - 312.731.3132
> >
> >
> >
> >
> >
> > From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
> > Sent: Thursday, September 09, 2010 2:55 PM
>  > To: NT System Admin Issues
> > Subject: W2k3 DHCP redundancy / high availability
> >
> >
> >
> > Ok, here goes…
> >
> >
> >
> > Present environment - pure Windows 2003 AD, with two DCs. One is virtual
> > (vmware esx 3.5), 2003 Enterprise Edition. The other is physical, 2003
> > Standard Edition (not sure why – I didn’t set it up). Virtual DC is
> running
> > DHCP for our entire organization, and would be a pain to go through and
> > setup split scopes (many sites, multiple vlans per site, and thus,
> multiple
> > DHCP scopes for each site.) A year ago, we were using Cisco devices at
> each
> > remote site to handle DHCP for each subnet. We performed a major network
> > overhaul and had to centralize, so here we are.
> >
> >
> >
> > I’ve now been tasked with building redundancy for our DHCP services.
> Moving
> > to Server 2008 is not an option right now. We MAY be able to upgrade the
> > 2003 Standard server to 2003 Enterprise, but that isn’t a given just yet.
> >
> >
> >
> > Issues…
> >
> >
> >
> > Can’t cluster, because of the Std Edition OS, (but even then, how would
> that
> > impact AD & DNS?)
> >
> > Can’t backup from Primary and restore to Secondary, again, because of
> > different OS (M$ says, “not supported” to backup from Enterprise and try
> to
> > restore to Standard)
> >
> > As mentioned, split scopes would be a major admin pain (it wouldn’t be so
> > bad if we had 2008, since there is a wizard in 2008, but I digress)
> >
> >
> >
> > So, the way I see it, I have a couple of options…
> >
> >
> >
> > Setup “secondary” as a “hot spare” but disable the DHCP service unless
> and
> > until the primary becomes available. Use netsh dhcp server export
> > c:\dhcpdatabase.txt all on a daily basis to ensure a valid “backup” of
> the
> > primary, and copy that file over to the secondary as part of one
> scheduled
> > task.
> >
> >
> >
> > -or-
> >
> >
> >
> > Setup secondary, authorize it, configure it, turn it on, (hear me out
> here)
> > and setup IP Address Conflict Resolution at the server level on both
> > servers, and let them “work it out” on their own. I realize that I
> wouldn’t
> > have any lease synchronization, and that there is a slight risk of
> duplicate
> > IP, but I can’t imagine there would be much. My WAN links are solid.
> Also,
> > any scope or option changes made on the primary would have to be
> duplicated
> > on the secondary…administrative overhead yes, but still less than dealing
> > with split scope, IMO. Even then, couldn’t I just export from the primary
> > after I’ve made changes and then import to the secondary? I know lease
> > information is contained in the exported file…trying to decide whether or
> > not that would be good or bad… if it wouldn’t be a problem, why not take
> it
> > a step further and schedule an export/import from the primary to the
> > secondary?
> >
> >
> >
> > What am I missing?
> >
> >
> >
> > Jonathan L. Raper, A+, MCSA, MCSE
> > Technology Coordinator
> > Eagle Physicians & Associates, PA
> > jra...@eaglemds.com
> > www.eaglemds.com
> >
> >
> >
> >
> >
> > 
> >
> > Any medical information contained in this electronic message is
> CONFIDENTIAL
> > and privileged. It is unlawful for unauthorized persons to view, copy,
> > disclose, or disseminate CONFIDENTIAL information. This electronic
> message
> > may contain information that is confidential and/or legally privileged.
> It
> > is intended only for the use of the individual(s) and/or entity named as
> > recipients in the message. If you are not an intended recipient of this
> > message, please notify the sender immediately and delete this material
> from
> > your computer. Do not deliver, distribute or copy this message, and do
> not
> > disclose its contents or take any action in reliance on the information
> that
> > it contains.
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
> >
> > ---
> > To manage subscriptions click here:
> > http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
> >
>  > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
> >
> > ---
> > To manage subscriptions clic

Re: W2k3 DHCP redundancy / high availability

[Kurt Buff]

netsh should do all he wants.

On Thu, Sep 9, 2010 at 15:38, Brian Desmond  wrote:
> Can you just script setting up the 80/20 rule on the scopes? I think there
> is a dhcpcmd.exe …
>
>
>
> Thanks,
>
> Brian Desmond
>
> br...@briandesmond.com
>
>
>
> c - 312.731.3132
>
>
>
>
>
> From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
> Sent: Thursday, September 09, 2010 2:55 PM
> To: NT System Admin Issues
> Subject: W2k3 DHCP redundancy / high availability
>
>
>
> Ok, here goes…
>
>
>
> Present environment - pure Windows 2003 AD, with two DCs. One is virtual
> (vmware esx 3.5), 2003 Enterprise Edition. The other is physical, 2003
> Standard Edition (not sure why – I didn’t set it up). Virtual DC is running
> DHCP for our entire organization, and would be a pain to go through and
> setup split scopes (many sites, multiple vlans per site, and thus, multiple
> DHCP scopes for each site.) A year ago, we were using Cisco devices at each
> remote site to handle DHCP for each subnet. We performed a major network
> overhaul and had to centralize, so here we are.
>
>
>
> I’ve now been tasked with building redundancy for our DHCP services. Moving
> to Server 2008 is not an option right now. We MAY be able to upgrade the
> 2003 Standard server to 2003 Enterprise, but that isn’t a given just yet.
>
>
>
> Issues…
>
>
>
> Can’t cluster, because of the Std Edition OS, (but even then, how would that
> impact AD & DNS?)
>
> Can’t backup from Primary and restore to Secondary, again, because of
> different OS (M$ says, “not supported” to backup from Enterprise and try to
> restore to Standard)
>
> As mentioned, split scopes would be a major admin pain (it wouldn’t be so
> bad if we had 2008, since there is a wizard in 2008, but I digress)
>
>
>
> So, the way I see it, I have a couple of options…
>
>
>
> Setup “secondary” as a “hot spare” but disable the DHCP service unless and
> until the primary becomes available. Use netsh dhcp server export
> c:\dhcpdatabase.txt all on a daily basis to ensure a valid “backup” of the
> primary, and copy that file over to the secondary as part of one scheduled
> task.
>
>
>
> -or-
>
>
>
> Setup secondary, authorize it, configure it, turn it on, (hear me out here)
> and setup IP Address Conflict Resolution at the server level on both
> servers, and let them “work it out” on their own. I realize that I wouldn’t
> have any lease synchronization, and that there is a slight risk of duplicate
> IP, but I can’t imagine there would be much. My WAN links are solid. Also,
> any scope or option changes made on the primary would have to be duplicated
> on the secondary…administrative overhead yes, but still less than dealing
> with split scope, IMO. Even then, couldn’t I just export from the primary
> after I’ve made changes and then import to the secondary? I know lease
> information is contained in the exported file…trying to decide whether or
> not that would be good or bad… if it wouldn’t be a problem, why not take it
> a step further and schedule an export/import from the primary to the
> secondary?
>
>
>
> What am I missing?
>
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
>
>
>
> 
>
> Any medical information contained in this electronic message is CONFIDENTIAL
> and privileged. It is unlawful for unauthorized persons to view, copy,
> disclose, or disseminate CONFIDENTIAL information. This electronic message
> may contain information that is confidential and/or legally privileged. It
> is intended only for the use of the individual(s) and/or entity named as
> recipients in the message. If you are not an intended recipient of this
> message, please notify the sender immediately and delete this material from
> your computer. Do not deliver, distribute or copy this message, and do not
> disclose its contents or take any action in reliance on the information that
> it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: W2k3 DHCP redundancy / high availability

[Don Guyer]

"Setup "secondary" as a "hot spare" but disable the DHCP service unless
and until the primary becomes available. Use netsh dhcp server export
c:\dhcpdatabase.txt all on a daily basis to ensure a valid "backup" of
the primary, and copy that file over to the secondary as part of one
scheduled task."

 

This is kinda what we do currently. We have 2 other AD Controllers in
the same Site as our DHCP server that we would just configure DHCP on
and restore the backup to it.

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com <mailto:don.gu...@prufoxroach.com> 

 

From: Fergal O'Connell [mailto:foconn...@curamsoftware.com] 
Sent: Friday, September 10, 2010 9:51 AM
To: NT System Admin Issues
Subject: RE: W2k3 DHCP redundancy / high availability

 

What is the lease time on your DHCP server?

 

You might want to change this to say 2-3 days which will enable you to
fix the original problem if there is one.

 

 

From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: 09 September 2010 22:55
To: NT System Admin Issues
Subject: W2k3 DHCP redundancy / high availability

 

Ok, here goes...

 

Present environment - pure Windows 2003 AD, with two DCs. One is virtual
(vmware esx 3.5), 2003 Enterprise Edition. The other is physical, 2003
Standard Edition (not sure why - I didn't set it up). Virtual DC is
running DHCP for our entire organization, and would be a pain to go
through and setup split scopes (many sites, multiple vlans per site, and
thus, multiple DHCP scopes for each site.) A year ago, we were using
Cisco devices at each remote site to handle DHCP for each subnet. We
performed a major network overhaul and had to centralize, so here we
are.

 

I've now been tasked with building redundancy for our DHCP services.
Moving to Server 2008 is not an option right now. We MAY be able to
upgrade the 2003 Standard server to 2003 Enterprise, but that isn't a
given just yet.

 

Issues...

 

Can't cluster, because of the Std Edition OS, (but even then, how would
that impact AD & DNS?)

Can't backup from Primary and restore to Secondary, again, because of
different OS (M$ says, "not supported" to backup from Enterprise and try
to restore to Standard)

As mentioned, split scopes would be a major admin pain (it wouldn't be
so bad if we had 2008, since there is a wizard in 2008, but I digress)

 

So, the way I see it, I have a couple of options...

 

Setup "secondary" as a "hot spare" but disable the DHCP service unless
and until the primary becomes available. Use netsh dhcp server export
c:\dhcpdatabase.txt all on a daily basis to ensure a valid "backup" of
the primary, and copy that file over to the secondary as part of one
scheduled task.

 

-or-

 

Setup secondary, authorize it, configure it, turn it on, (hear me out
here) and setup IP Address Conflict Resolution at the server level on
both servers, and let them "work it out" on their own. I realize that I
wouldn't have any lease synchronization, and that there is a slight risk
of duplicate IP, but I can't imagine there would be much. My WAN links
are solid. Also, any scope or option changes made on the primary would
have to be duplicated on the secondary...administrative overhead yes,
but still less than dealing with split scope, IMO. Even then, couldn't I
just export from the primary after I've made changes and then import to
the secondary? I know lease information is contained in the exported
file...trying to decide whether or not that would be good or bad... if
it wouldn't be a problem, why not take it a step further and schedule an
export/import from the primary to the secondary?

 

What am I missing?

 

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com mailto:%20jra...@eaglemds.com> 
www.eaglemds.com http://www.eaglemds.com/>  

 

 



Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the individual(s)
and/or entity named as recipients in the message. If you are not an
intended recipient of this message, please notify the sender immediately
and delete this material from your computer. Do not deliver, distribute
or copy this message, and do not disclose its contents or take any
action in reliance on the information that it contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VI

RE: W2k3 DHCP redundancy / high availability

[Fergal O'Connell]

What is the lease time on your DHCP server?

You might want to change this to say 2-3 days which will enable you to fix the 
original problem if there is one.


From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: 09 September 2010 22:55
To: NT System Admin Issues
Subject: W2k3 DHCP redundancy / high availability

Ok, here goes...

Present environment - pure Windows 2003 AD, with two DCs. One is virtual 
(vmware esx 3.5), 2003 Enterprise Edition. The other is physical, 2003 Standard 
Edition (not sure why - I didn't set it up). Virtual DC is running DHCP for our 
entire organization, and would be a pain to go through and setup split scopes 
(many sites, multiple vlans per site, and thus, multiple DHCP scopes for each 
site.) A year ago, we were using Cisco devices at each remote site to handle 
DHCP for each subnet. We performed a major network overhaul and had to 
centralize, so here we are.

I've now been tasked with building redundancy for our DHCP services. Moving to 
Server 2008 is not an option right now. We MAY be able to upgrade the 2003 
Standard server to 2003 Enterprise, but that isn't a given just yet.

Issues...

Can't cluster, because of the Std Edition OS, (but even then, how would that 
impact AD & DNS?)
Can't backup from Primary and restore to Secondary, again, because of different 
OS (M$ says, "not supported" to backup from Enterprise and try to restore to 
Standard)
As mentioned, split scopes would be a major admin pain (it wouldn't be so bad 
if we had 2008, since there is a wizard in 2008, but I digress)

So, the way I see it, I have a couple of options...

Setup "secondary" as a "hot spare" but disable the DHCP service unless and 
until the primary becomes available. Use netsh dhcp server export 
c:\dhcpdatabase.txt all on a daily basis to ensure a valid "backup" of the 
primary, and copy that file over to the secondary as part of one scheduled task.

-or-

Setup secondary, authorize it, configure it, turn it on, (hear me out here) and 
setup IP Address Conflict Resolution at the server level on both servers, and 
let them "work it out" on their own. I realize that I wouldn't have any lease 
synchronization, and that there is a slight risk of duplicate IP, but I can't 
imagine there would be much. My WAN links are solid. Also, any scope or option 
changes made on the primary would have to be duplicated on the 
secondary...administrative overhead yes, but still less than dealing with split 
scope, IMO. Even then, couldn't I just export from the primary after I've made 
changes and then import to the secondary? I know lease information is contained 
in the exported file...trying to decide whether or not that would be good or 
bad... if it wouldn't be a problem, why not take it a step further and schedule 
an export/import from the primary to the secondary?

What am I missing?


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>



Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized. If you are not the intended recipient, any disclosure,
copying, distribution or any action taken or omitted to be taken in reliance
on it, is prohibited and may be unlawful. If you are not the intended
addressee please contact the sender and dispose of this e-mail. Thank you.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: W2k3 DHCP redundancy / high availability

[Brian Desmond]

It wouldn't be all that hard to do the breaking up of scopes I think. You 
already have to statically define start and end values, so, it wouldn't be too 
hard to calculate the number of usable addresses and then whack twenty percent 
off that and calculate the new end address.

You're right they might have moved the DHCP stuff to netsh but I don't remember 
offhand.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132



-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Thursday, September 09, 2010 4:31 PM
To: NT System Admin Issues
Subject: Re: W2k3 DHCP redundancy / high availability

Thanks Brian, but I thought that was an NT4 utility...it isn't part of the 2003 
resource kit. I know I can dump the config using netsh dhcpand then upload 
config that way, but it would be ugly and painful, unless there is a tool that 
will bust up the scopes for me...

Jonathan L. Raper, MCSE

Thumb-typed from my HTC Incredible (and yes, it really is) Droid. Please excuse 
brevity & any misspellings.

- Reply message -
From: "Brian Desmond" 
Date: Thu, Sep 9, 2010 6:38 pm
Subject: W2k3 DHCP redundancy / high availability
To: "NT System Admin Issues" 

Can you just script setting up the 80/20 rule on the scopes? I think there is a 
dhcpcmd.exe ...

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132


From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Thursday, September 09, 2010 2:55 PM
To: NT System Admin Issues
Subject: W2k3 DHCP redundancy / high availability

Ok, here goes...

Present environment - pure Windows 2003 AD, with two DCs. One is virtual 
(vmware esx 3.5), 2003 Enterprise Edition. The other is physical, 2003 Standard 
Edition (not sure why - I didn't set it up). Virtual DC is running DHCP for our 
entire organization, and would be a pain to go through and setup split scopes 
(many sites, multiple vlans per site, and thus, multiple DHCP scopes for each 
site.) A year ago, we were using Cisco devices at each remote site to handle 
DHCP for each subnet. We performed a major network overhaul and had to 
centralize, so here we are.

I've now been tasked with building redundancy for our DHCP services. Moving to 
Server 2008 is not an option right now. We MAY be able to upgrade the 2003 
Standard server to 2003 Enterprise, but that isn't a given just yet.

Issues...

Can't cluster, because of the Std Edition OS, (but even then, how would that 
impact AD & DNS?) Can't backup from Primary and restore to Secondary, again, 
because of different OS (M$ says, "not supported" to backup from Enterprise and 
try to restore to Standard) As mentioned, split scopes would be a major admin 
pain (it wouldn't be so bad if we had 2008, since there is a wizard in 2008, 
but I digress)

So, the way I see it, I have a couple of options...

Setup "secondary" as a "hot spare" but disable the DHCP service unless and 
until the primary becomes available. Use netsh dhcp server export 
c:\dhcpdatabase.txt all on a daily basis to ensure a valid "backup" of the 
primary, and copy that file over to the secondary as part of one scheduled task.

-or-

Setup secondary, authorize it, configure it, turn it on, (hear me out here) and 
setup IP Address Conflict Resolution at the server level on both servers, and 
let them "work it out" on their own. I realize that I wouldn't have any lease 
synchronization, and that there is a slight risk of duplicate IP, but I can't 
imagine there would be much. My WAN links are solid. Also, any scope or option 
changes made on the primary would have to be duplicated on the 
secondary...administrative overhead yes, but still less than dealing with split 
scope, IMO. Even then, couldn't I just export from the primary after I've made 
changes and then import to the secondary? I know lease information is contained 
in the exported file...trying to decide whether or not that would be good or 
bad... if it wouldn't be a problem, why not take it a step further and schedule 
an export/import from the primary to the secondary?

What am I missing?


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>



Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this ma

Re: W2k3 DHCP redundancy / high availability

[Raper, Jonathan - Eagle]

Thanks Brian, but I thought that was an NT4 utility...it isn't part of the 2003 
resource kit. I know I can dump the config using netsh dhcpand then upload 
config that way, but it would be ugly and painful, unless there is a tool that 
will bust up the scopes for me...

Jonathan L. Raper, MCSE

Thumb-typed from my HTC Incredible (and yes, it really is) Droid. Please excuse 
brevity & any misspellings.

- Reply message -
From: "Brian Desmond" 
Date: Thu, Sep 9, 2010 6:38 pm
Subject: W2k3 DHCP redundancy / high availability
To: "NT System Admin Issues" 

Can you just script setting up the 80/20 rule on the scopes? I think there is a 
dhcpcmd.exe …

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132


From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Thursday, September 09, 2010 2:55 PM
To: NT System Admin Issues
Subject: W2k3 DHCP redundancy / high availability

Ok, here goes…

Present environment - pure Windows 2003 AD, with two DCs. One is virtual 
(vmware esx 3.5), 2003 Enterprise Edition. The other is physical, 2003 Standard 
Edition (not sure why – I didn’t set it up). Virtual DC is running DHCP for our 
entire organization, and would be a pain to go through and setup split scopes 
(many sites, multiple vlans per site, and thus, multiple DHCP scopes for each 
site.) A year ago, we were using Cisco devices at each remote site to handle 
DHCP for each subnet. We performed a major network overhaul and had to 
centralize, so here we are.

I’ve now been tasked with building redundancy for our DHCP services. Moving to 
Server 2008 is not an option right now. We MAY be able to upgrade the 2003 
Standard server to 2003 Enterprise, but that isn’t a given just yet.

Issues…

Can’t cluster, because of the Std Edition OS, (but even then, how would that 
impact AD & DNS?)
Can’t backup from Primary and restore to Secondary, again, because of different 
OS (M$ says, “not supported” to backup from Enterprise and try to restore to 
Standard)
As mentioned, split scopes would be a major admin pain (it wouldn’t be so bad 
if we had 2008, since there is a wizard in 2008, but I digress)

So, the way I see it, I have a couple of options…

Setup “secondary” as a “hot spare” but disable the DHCP service unless and 
until the primary becomes available. Use netsh dhcp server export 
c:\dhcpdatabase.txt all on a daily basis to ensure a valid “backup” of the 
primary, and copy that file over to the secondary as part of one scheduled task.

-or-

Setup secondary, authorize it, configure it, turn it on, (hear me out here) and 
setup IP Address Conflict Resolution at the server level on both servers, and 
let them “work it out” on their own. I realize that I wouldn’t have any lease 
synchronization, and that there is a slight risk of duplicate IP, but I can’t 
imagine there would be much. My WAN links are solid. Also, any scope or option 
changes made on the primary would have to be duplicated on the 
secondary…administrative overhead yes, but still less than dealing with split 
scope, IMO. Even then, couldn’t I just export from the primary after I’ve made 
changes and then import to the secondary? I know lease information is contained 
in the exported file…trying to decide whether or not that would be good or bad… 
if it wouldn’t be a problem, why not take it a step further and schedule an 
export/import from the primary to the secondary?

What am I missing?


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>



Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com

Re: W2k3 DHCP redundancy / high availability

[Andrew S. Baker]

On different occasions, in different settings, I've done both of the things
you're suggesting here (plus the one you are afraid of.  )

It all depends on your recovery time.  Your first option requires manual
intervention for failover.

Your second option is a little messy on all but the smallest of networks.

I'm actually using a combo of both of these options on the home network
currently  (fully overlapping scopes with conflict resolution PLUS weekly
backups of the scope to each local machine, copied to a central location)

Whichever of the two options you go for, should be a stopgap.  You really
want to go down the path that Brian and James have advocated.


*ASB *(My XeeSM Profile) 
*Exploiting Technology for Business Advantage...*
* *
On Thu, Sep 9, 2010 at 5:55 PM, Raper, Jonathan - Eagle  wrote:

>  Ok, here goes…
>
>
>
> Present environment - pure Windows 2003 AD, with two DCs. One is virtual
> (vmware esx 3.5), 2003 Enterprise Edition. The other is physical, 2003
> Standard Edition (not sure why – I didn’t set it up). Virtual DC is running
> DHCP for our entire organization, and would be a pain to go through and
> setup split scopes (many sites, multiple vlans per site, and thus, multiple
> DHCP scopes for each site.) A year ago, we were using Cisco devices at each
> remote site to handle DHCP for each subnet. We performed a major network
> overhaul and had to centralize, so here we are.
>
>
>
> I’ve now been tasked with building redundancy for our DHCP services. Moving
> to Server 2008 is not an option right now. We MAY be able to upgrade the
> 2003 Standard server to 2003 Enterprise, but that isn’t a given just yet.
>
>
>
> Issues…
>
>
>
> Can’t cluster, because of the Std Edition OS, (but even then, how would
> that impact AD & DNS?)
>
> Can’t backup from Primary and restore to Secondary, again, because of
> different OS (M$ says, “not supported” to backup from Enterprise and try to
> restore to Standard)
>
> As mentioned, split scopes would be a major admin pain (it wouldn’t be so
> bad if we had 2008, since there is a wizard in 2008, but I digress)
>
>
>
> So, the way I see it, I have a couple of options…
>
>
>
> Setup “secondary” as a “hot spare” but disable the DHCP service unless and
> until the primary becomes available. Use *netsh dhcp server export
> c:\dhcpdatabase.txt all *on a daily basis to ensure a valid “backup” of
> the primary, and copy that file over to the secondary as part of one
> scheduled task.
>
>
>
> -or-
>
>
>
> Setup secondary, authorize it, configure it, turn it on, (hear me out here)
> and setup IP Address Conflict Resolution at the server level on both
> servers, and let them “work it out” on their own. I realize that I wouldn’t
> have any lease synchronization, and that there is a slight risk of duplicate
> IP, but I can’t imagine there would be much. My WAN links are solid. Also,
> any scope or option changes made on the primary would have to be duplicated
> on the secondary…administrative overhead yes, but still less than dealing
> with split scope, IMO. Even then, couldn’t I just export from the primary
> after I’ve made changes and then import to the secondary? I know lease
> information is contained in the exported file…trying to decide whether or
> not that would be good or bad… if it wouldn’t be a problem, why not take it
> a step further and schedule an export/import from the primary to the
> secondary?
>
>
>
> What am I missing?
>
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA*
> *jra...@eaglemds.com*
> *www.eaglemds.com
>
>
>
> --
> Any medical information contained in this electronic message is
> CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
> view, copy, disclose, or disseminate CONFIDENTIAL information. This
> electronic message may contain information that is confidential and/or
> legally privileged. It is intended only for the use of the individual(s)
> and/or entity named as recipients in the message. If you are not an intended
> recipient of this message, please notify the sender immediately and delete
> this material from your computer. Do not deliver, distribute or copy this
> message, and do not disclose its contents or take any action in reliance on
> the information that it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body:

RE: W2k3 DHCP redundancy / high availability

[Brian Desmond]

Can you just script setting up the 80/20 rule on the scopes? I think there is a 
dhcpcmd.exe ...

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132


From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Thursday, September 09, 2010 2:55 PM
To: NT System Admin Issues
Subject: W2k3 DHCP redundancy / high availability

Ok, here goes...

Present environment - pure Windows 2003 AD, with two DCs. One is virtual 
(vmware esx 3.5), 2003 Enterprise Edition. The other is physical, 2003 Standard 
Edition (not sure why - I didn't set it up). Virtual DC is running DHCP for our 
entire organization, and would be a pain to go through and setup split scopes 
(many sites, multiple vlans per site, and thus, multiple DHCP scopes for each 
site.) A year ago, we were using Cisco devices at each remote site to handle 
DHCP for each subnet. We performed a major network overhaul and had to 
centralize, so here we are.

I've now been tasked with building redundancy for our DHCP services. Moving to 
Server 2008 is not an option right now. We MAY be able to upgrade the 2003 
Standard server to 2003 Enterprise, but that isn't a given just yet.

Issues...

Can't cluster, because of the Std Edition OS, (but even then, how would that 
impact AD & DNS?)
Can't backup from Primary and restore to Secondary, again, because of different 
OS (M$ says, "not supported" to backup from Enterprise and try to restore to 
Standard)
As mentioned, split scopes would be a major admin pain (it wouldn't be so bad 
if we had 2008, since there is a wizard in 2008, but I digress)

So, the way I see it, I have a couple of options...

Setup "secondary" as a "hot spare" but disable the DHCP service unless and 
until the primary becomes available. Use netsh dhcp server export 
c:\dhcpdatabase.txt all on a daily basis to ensure a valid "backup" of the 
primary, and copy that file over to the secondary as part of one scheduled task.

-or-

Setup secondary, authorize it, configure it, turn it on, (hear me out here) and 
setup IP Address Conflict Resolution at the server level on both servers, and 
let them "work it out" on their own. I realize that I wouldn't have any lease 
synchronization, and that there is a slight risk of duplicate IP, but I can't 
imagine there would be much. My WAN links are solid. Also, any scope or option 
changes made on the primary would have to be duplicated on the 
secondary...administrative overhead yes, but still less than dealing with split 
scope, IMO. Even then, couldn't I just export from the primary after I've made 
changes and then import to the secondary? I know lease information is contained 
in the exported file...trying to decide whether or not that would be good or 
bad... if it wouldn't be a problem, why not take it a step further and schedule 
an export/import from the primary to the secondary?

What am I missing?


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>



Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: W2k3 DHCP redundancy / high availability

[James Hill]

I have to say that I think that splitting up the scopes is the best option but 
it requires the most work up front.  Less possible pain later though.

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Friday, 10 September 2010 8:29 AM
To: NT System Admin Issues
Subject: Re: W2k3 DHCP redundancy / high availability

Good question! Yes, actually, I have. Helper IP address config would be a snap 
to script across my network. If I ran with both servers hot, then it would be a 
permanent addition as opposed to a change.

Thanks for the reply,

Jonathan L. Raper, MCSE

Thumb-typed from my HTC Incredible (and yes, it really is) Droid. Please excuse 
brevity & any misspellings.

- Reply message -
From: "James Hill" 
Date: Thu, Sep 9, 2010 6:19 pm
Subject: W2k3 DHCP redundancy / high availability
To: "NT System Admin Issues" 

Have you considered the changes required on your site routers?  If you use your 
first option you will need some way to automate the change on the site routers 
to forward the dhcp requests to the other server.


From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Friday, 10 September 2010 7:55 AM
To: NT System Admin Issues
Subject: W2k3 DHCP redundancy / high availability

Ok, here goes...

Present environment - pure Windows 2003 AD, with two DCs. One is virtual 
(vmware esx 3.5), 2003 Enterprise Edition. The other is physical, 2003 Standard 
Edition (not sure why - I didn't set it up). Virtual DC is running DHCP for our 
entire organization, and would be a pain to go through and setup split scopes 
(many sites, multiple vlans per site, and thus, multiple DHCP scopes for each 
site.) A year ago, we were using Cisco devices at each remote site to handle 
DHCP for each subnet. We performed a major network overhaul and had to 
centralize, so here we are.

I've now been tasked with building redundancy for our DHCP services. Moving to 
Server 2008 is not an option right now. We MAY be able to upgrade the 2003 
Standard server to 2003 Enterprise, but that isn't a given just yet.

Issues...

Can't cluster, because of the Std Edition OS, (but even then, how would that 
impact AD & DNS?) Can't backup from Primary and restore to Secondary, again, 
because of different OS (M$ says, "not supported" to backup from Enterprise and 
try to restore to Standard) As mentioned, split scopes would be a major admin 
pain (it wouldn't be so bad if we had 2008, since there is a wizard in 2008, 
but I digress)

So, the way I see it, I have a couple of options...

Setup "secondary" as a "hot spare" but disable the DHCP service unless and 
until the primary becomes available. Use netsh dhcp server export 
c:\dhcpdatabase.txt all on a daily basis to ensure a valid "backup" of the 
primary, and copy that file over to the secondary as part of one scheduled task.

-or-

Setup secondary, authorize it, configure it, turn it on, (hear me out here) and 
setup IP Address Conflict Resolution at the server level on both servers, and 
let them "work it out" on their own. I realize that I wouldn't have any lease 
synchronization, and that there is a slight risk of duplicate IP, but I can't 
imagine there would be much. My WAN links are solid. Also, any scope or option 
changes made on the primary would have to be duplicated on the 
secondary...administrative overhead yes, but still less than dealing with split 
scope, IMO. Even then, couldn't I just export from the primary after I've made 
changes and then import to the secondary? I know lease information is contained 
in the exported file...trying to decide whether or not that would be good or 
bad... if it wouldn't be a problem, why not take it a step further and schedule 
an export/import from the primary to the secondary?

What am I missing?


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>



Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/B

Re: W2k3 DHCP redundancy / high availability

[Raper, Jonathan - Eagle]

Good question! Yes, actually, I have. Helper IP address config would be a snap 
to script across my network. If I ran with both servers hot, then it would be a 
permanent addition as opposed to a change.

Thanks for the reply,

Jonathan L. Raper, MCSE

Thumb-typed from my HTC Incredible (and yes, it really is) Droid. Please excuse 
brevity & any misspellings.

- Reply message -
From: "James Hill" 
Date: Thu, Sep 9, 2010 6:19 pm
Subject: W2k3 DHCP redundancy / high availability
To: "NT System Admin Issues" 

Have you considered the changes required on your site routers?  If you use your 
first option you will need some way to automate the change on the site routers 
to forward the dhcp requests to the other server.


From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Friday, 10 September 2010 7:55 AM
To: NT System Admin Issues
Subject: W2k3 DHCP redundancy / high availability

Ok, here goes…

Present environment - pure Windows 2003 AD, with two DCs. One is virtual 
(vmware esx 3.5), 2003 Enterprise Edition. The other is physical, 2003 Standard 
Edition (not sure why – I didn’t set it up). Virtual DC is running DHCP for our 
entire organization, and would be a pain to go through and setup split scopes 
(many sites, multiple vlans per site, and thus, multiple DHCP scopes for each 
site.) A year ago, we were using Cisco devices at each remote site to handle 
DHCP for each subnet. We performed a major network overhaul and had to 
centralize, so here we are.

I’ve now been tasked with building redundancy for our DHCP services. Moving to 
Server 2008 is not an option right now. We MAY be able to upgrade the 2003 
Standard server to 2003 Enterprise, but that isn’t a given just yet.

Issues…

Can’t cluster, because of the Std Edition OS, (but even then, how would that 
impact AD & DNS?)
Can’t backup from Primary and restore to Secondary, again, because of different 
OS (M$ says, “not supported” to backup from Enterprise and try to restore to 
Standard)
As mentioned, split scopes would be a major admin pain (it wouldn’t be so bad 
if we had 2008, since there is a wizard in 2008, but I digress)

So, the way I see it, I have a couple of options…

Setup “secondary” as a “hot spare” but disable the DHCP service unless and 
until the primary becomes available. Use netsh dhcp server export 
c:\dhcpdatabase.txt all on a daily basis to ensure a valid “backup” of the 
primary, and copy that file over to the secondary as part of one scheduled task.

-or-

Setup secondary, authorize it, configure it, turn it on, (hear me out here) and 
setup IP Address Conflict Resolution at the server level on both servers, and 
let them “work it out” on their own. I realize that I wouldn’t have any lease 
synchronization, and that there is a slight risk of duplicate IP, but I can’t 
imagine there would be much. My WAN links are solid. Also, any scope or option 
changes made on the primary would have to be duplicated on the 
secondary…administrative overhead yes, but still less than dealing with split 
scope, IMO. Even then, couldn’t I just export from the primary after I’ve made 
changes and then import to the secondary? I know lease information is contained 
in the exported file…trying to decide whether or not that would be good or bad… 
if it wouldn’t be a problem, why not take it a step further and schedule an 
export/import from the primary to the secondary?

What am I missing?


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>



Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com

RE: W2k3 DHCP redundancy / high availability

[James Hill]

Have you considered the changes required on your site routers?  If you use your 
first option you will need some way to automate the change on the site routers 
to forward the dhcp requests to the other server.


From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Friday, 10 September 2010 7:55 AM
To: NT System Admin Issues
Subject: W2k3 DHCP redundancy / high availability

Ok, here goes...

Present environment - pure Windows 2003 AD, with two DCs. One is virtual 
(vmware esx 3.5), 2003 Enterprise Edition. The other is physical, 2003 Standard 
Edition (not sure why - I didn't set it up). Virtual DC is running DHCP for our 
entire organization, and would be a pain to go through and setup split scopes 
(many sites, multiple vlans per site, and thus, multiple DHCP scopes for each 
site.) A year ago, we were using Cisco devices at each remote site to handle 
DHCP for each subnet. We performed a major network overhaul and had to 
centralize, so here we are.

I've now been tasked with building redundancy for our DHCP services. Moving to 
Server 2008 is not an option right now. We MAY be able to upgrade the 2003 
Standard server to 2003 Enterprise, but that isn't a given just yet.

Issues...

Can't cluster, because of the Std Edition OS, (but even then, how would that 
impact AD & DNS?)
Can't backup from Primary and restore to Secondary, again, because of different 
OS (M$ says, "not supported" to backup from Enterprise and try to restore to 
Standard)
As mentioned, split scopes would be a major admin pain (it wouldn't be so bad 
if we had 2008, since there is a wizard in 2008, but I digress)

So, the way I see it, I have a couple of options...

Setup "secondary" as a "hot spare" but disable the DHCP service unless and 
until the primary becomes available. Use netsh dhcp server export 
c:\dhcpdatabase.txt all on a daily basis to ensure a valid "backup" of the 
primary, and copy that file over to the secondary as part of one scheduled task.

-or-

Setup secondary, authorize it, configure it, turn it on, (hear me out here) and 
setup IP Address Conflict Resolution at the server level on both servers, and 
let them "work it out" on their own. I realize that I wouldn't have any lease 
synchronization, and that there is a slight risk of duplicate IP, but I can't 
imagine there would be much. My WAN links are solid. Also, any scope or option 
changes made on the primary would have to be duplicated on the 
secondary...administrative overhead yes, but still less than dealing with split 
scope, IMO. Even then, couldn't I just export from the primary after I've made 
changes and then import to the secondary? I know lease information is contained 
in the exported file...trying to decide whether or not that would be good or 
bad... if it wouldn't be a problem, why not take it a step further and schedule 
an export/import from the primary to the secondary?

What am I missing?


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>



Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin