How To Set Up DHCP Failover On Centos 5.

1
Submitted by topdog (Contact Author) (Forums) on Wed, 2008-06-2 !8"!#$ "" Cent%S & 'igh-
A(ai)abi)ity
How To Set Up DHCP Failover On Centos 5.1
*ersion !$0$0
Author" Andre+ Co)in ,issa -andre+ .at/ topdog .dot/ 0a .dot/ net1
2ast edited !830632008
Introduction
4his tutoria) +i)) +a)5 you through setting up 6'C7 8ai) o(er on Cent%S $! using the de8au)t 9SC
dhcp ser(er, this can easi)y be adapted to any other 2inu: distro out there$ ;ou +i)) most )i5e)y need
Fai)o(er in en(ironments +here net+or5 do+n time can not be to)erated$ <y home is running a 62=A
setup so 9 need my de(ices to be ab)e to obtain net+or5 parameters at a)) times$
Since 6'C7 and 6=S o8ten go hand in hand i +i)) be con8iguring a )oca) 6=S ser(er +hich a))o+s 8or
dynamic updates, such that hostnames +i)) be automatica))y updated to 6=S +hen e(er a )ease is
granted to a c)ient$
<y con8iguration +ith use the 8o))o+ing p)ease substitute to re8)ect your o+n net+or5$
6omain name - home$topdog-so8t+are$com
=et+or5 - !>2$!68$!$032#
6'C7 ser(ers - !>2$!68$!$2,!>2$!68$!$?
@ate+ay - !>2$!68$!$2#
6=S ser(ers - !>2$!68$!$2,!>2$!68$!$?

Install required Packaes
6'C7
A yum insta)) dhcp -y
6=S
A yum insta)) bind bind-chroot caching-nameser(er -y
=47
A yum insta)) ntp -y

Con!iuration
DHCP
Bac5up your origina) con8ig on the <aster !>2$!68$!$2"
A cp 3etc3dhcpd$con8 3etc3dhcpd$con8$orig
Cdit the 6'C7 con8iguration 3etc3dhcpd$con8 on the master !>2$!68$!$2 and add the 8o))o+ing, read the
comments to understand the options"
authoritative; # server is
authoritative
option domain-name "home.topdog-software.com"; # the domain name issued
option domain-name-servers 192.168.1.2,192.168.1.3; # name servers issued
option netios-name-servers 192.168.1.2; # netios servers
a!!ow ooting; # a!!ow for ooting over
the networ"
a!!ow ootp; # a!!ow for ooting
ne#t-server 192.168.1.2; # $%$& server for
ooting
fi!ename "p#e!inu#.'"; # "erne! for networ"
ooting
ddns-update-st(!e interim; # setup d(namic )*+
updates
ddns-updates on;
ddns-domainname "home.topdog-software.com"; # domain name for ))*+
updates
"e( rndc"e( ,
a!gorithm hmac-md-;
secret "##########"; # get from the
.etc.rndc."e( fi!e
/
0one home.topdog-software.com # forward 0one to update
,
primar( 121.'.'.1; # update on the !oca!
machine
"e( rndc"e(; # "e( to use for the
update
/
0one 1.168.192.in-addr.arpa # reverse 0one to update
,
primar( 121.'.'.1; # update on the !oca!
machine
"e( rndc"e(; # "e( for update
/
fai!over peer "home-net" , # fai! over
configuration
primar(; # $his is the primar(
address 192.168.1.2; # primar(s ip address
port 621;
peer address 192.168.1.3; # peer3s ip address
peer port 621;
ma#-response-de!a( 6';
ma#-unac"ed-updates 1';
mc!t 36'';
sp!it 128;
!oad a!ance ma# seconds 3;
/
sunet 192.168.1.' netmas" 2--.2--.2--.' # 0one to issue
addresses from
,
poo! ,
fai!over peer "home-net"; # poo! for dhcp !eases
with fai!over ootp not a!!owed
den( d(namic ootp c!ients;
option routers 192.168.1.2-2;
range 192.168.1.2- 192.168.1.-';
/
poo! , # accomodate our ootp
c!ients here no rep!ication and fai!over
option routers 192.168.1.2-2;
range 192.168.1.-1 192.168.1.--;
/
a!!ow un"nown-c!ients;
ignore c!ient-updates;
/
Bac5 up your origina) con8ig on the S)a(e !>2$!68$!$?"
A cp 3etc3dhcpd$con8 3etc3dhcpd$con8$orig
Cdit the 6'C7 con8iguration 3etc3dhcpd$con8 on the s)a(e !>2$!68$!$? and add the 8o))o+ing, read the
comments to understand the options"
authoritative; # server is
authoritative
option domain-name "home.topdog-software.com"; # the domain name issued
option domain-name-servers 192.168.1.2,192.168.1.3; # name servers issued
option netios-name-servers 192.168.1.2; # netios servers
a!!ow ooting; # a!!ow for ooting over
the networ"
a!!ow ootp; # a!!ow for ooting
ne#t-server 192.168.1.2; # $%$& server for
ooting
fi!ename "p#e!inu#.'"; # "erne! for networ"
ooting
ddns-update-st(!e interim; # setup d(namic )*+
updates
ddns-updates on;
ddns-domainname "home.topdog-software.com"; # domain name for ))*+
updates
"e( rndc"e( ,
a!gorithm hmac-md-;
secret "##########"; # get from the
.etc.rndc."e( fi!e on the master
/
0one home.topdog-software.com # forward 0one to update
,
primar( 192.168.1.2; # update on the !oca!
machine
"e( rndc"e(; # "e( to use for the
update
/
0one 1.168.192.in-addr.arpa # reverse 0one to update
,
primar( 192.168.1.2; # update on the !oca!
machine
"e( rndc"e(; # "e( for update
/
fai!over peer "home-net" , # fai! over
configuration
secondar(; # $his is the secondar(
address 192.168.1.3; # our ip address
port 621;
peer address 192.168.1.2; # primar(3s ip address
peer port 621;
ma#-response-de!a( 6';
ma#-unac"ed-updates 1';
mc!t 36'';
!oad a!ance ma# seconds 3;
/
sunet 192.168.1.' netmas" 2--.2--.2--.' # 0one to issue
addresses from
,
poo! ,
fai!over peer "home-net"; # poo! for dhcp !eases
with fai!over ootp not a!!owed
den( d(namic ootp c!ients;
option routers 192.168.1.2-2;
range 192.168.1.2- 192.168.1.-';
/
poo! , # accomodate our ootp
c!ients here no rep!ication and fai!over
option routers 192.168.1.2-2;
range 192.168.1.-1 192.168.1.--;
/
a!!ow un"nown-c!ients;
ignore c!ient-updates;
/

D"S
Bac5 up the the Bind con8iguration on the master"
A cp 3(ar3named3chroot3etc3named$caching-nameser(er$con8 3(ar3named3chroot3etc3named$caching-
nameser(er$con8$orig
Cdit the con8iguration to re8)ect the con8ig be)o+$
options ,
director( ".var.named";
dump-fi!e ".var.named.data.cache4dump.d";
statistics-fi!e ".var.named.data.named4stats.t#t";
memstatistics-fi!e ".var.named.data.named4mem4stats.t#t";
5uer(-source port -3;
5uer(-source-v6 port -3;
a!!ow-5uer( , !oca!host; !oca!nets; /;
/;
inc!ude ".etc.rndc."e(";
inc!ude ".etc.named.rfc1912.0ones";
0one "home.topdog-software.com" ,
t(pe master;
fi!e "data.home.topdog-software.com.hosts";
a!!ow-transfer , 192.168.1.3; /;
a!!ow-update , "e( "rndc"e("; /;
a!!ow-5uer( , an(; /;
/;
0one "1.168.192.in-addr.arpa" ,
t(pe master;
fi!e "data.1.168.192.in-addr.arpa.hosts";
a!!ow-transfer , 192.168.1.3; /;
a!!ow-update , "e( "rndc"e("; /;
a!!ow-5uer( , an(; /;
/;
Bac5 up the the Bind con8iguration on the s)a(e"
A cp 3(ar3named3chroot3etc3named$caching-nameser(er$con8 3(ar3named3chroot3etc3named$caching-
nameser(er$con8$orig
Cdit the con8iguration to re8)ect the con8ig be)o+$
options ,
director( ".var.named";
dump-fi!e ".var.named.data.cache4dump.d";
statistics-fi!e ".var.named.data.named4stats.t#t";
memstatistics-fi!e ".var.named.data.named4mem4stats.t#t";
5uer(-source port -3;
5uer(-source-v6 port -3;
a!!ow-5uer( , !oca!host; !oca!nets; /;
/;
inc!ude ".etc.rndc."e(";
inc!ude ".etc.named.rfc1912.0ones";
0one "home.topdog-software.com" ,
t(pe s!ave;
masters , 192.168.1.2; /;
fi!e "data.home.topdog-software.com.hosts";
/;
0one "1.168.192.in-addr.arpa" ,
t(pe s!ave;
masters , 192.168.1.2; /;
fi!e "data.1.168.192.in-addr.arpa.hosts";
/;
Create the 0one 8i)es on the master
3(ar3named3chroot3(ar3named3data3home$topdog-so8t+are$com$hosts
6789:9* .
6$$; 382''
home.topdog-software.com 9* +7< ns1.home.topdog-software.com.
andrew.topdog.0a.net. =
2''8'61629 ; seria!
1'8'' ; refresh =3 hours>
36'' ; retr( =1 hour>
6'28'' ; e#pire =1 wee">
382'' ; minimum =1' hours 2' minutes>
>
*+ ns1.home.topdog-software.com.
*+ ns2.home.topdog-software.com.
ns1 9* < 192.168.1.2
ns2 9* < 192.168.1.3
3(ar3named3chroot3(ar3named3data3!$!68$!>2$in-addr$arpa$hosts
6789:9* .
6$$; 382'' ; 1' hours 2' minutes
1.168.192.in-addr.arpa 9* +7< ns1.home.topdog-software.com.
andrew.topdog.0a.net. =
2''8'61622 ; seria!
1'8'' ; refresh =3 hours>
36'' ; retr( =1 hour>
6'28'' ; e#pire =1 wee">
382'' ; minimum =1' hours 2' minutes>
>
*+ ns1.home.topdog-software.com.
*+ ns2.home.topdog-software.com.
2 9* &$8 ns1.home.topdog-software.com.
3 9* &$8 ns2.home.topdog-software.com.

"TP
=47 is reDuired because the t+o 6'C7 ser(ers need to be in sync 8or 8ai) o(er as +e)) as 66=S to ta5e
p)ace$ ;ou can run a 8u)) 8)edged =47 ser(er i8 you +ant, i +i)) on)y pro(ide you +ith instructions on
using cron to sync =47 to an e:terna) =47 ser(er e(ery hour$ ;ou need to do this on B%4' ser(ers$
create a 8i)e 3etc3cron$hour)y3timesync and add the 8o))o+ing"
#?.in.ash
#
ntpdate -s '.rhe!.poo!.ntp.org
ma5e the 8i)e e:ecutab)e and run it 8or the 8irst time"
A 3etc3cron$hour)y3timesync

Finall#
We)) +e are done, )etEs 8ire up the ser(ices and begin testing$
on the master"
A ser(ice named start
A ser(ice dhcpd start
on the s)a(e"
A ser(ice named start
A ser(ice dhcpd start
;ou shou)d see the 8o))o+ing in your )ogs on the master"
@un 16 13A-8A-6 "udusoft dhcpdA fai!over peer home-netA 9 move from recover to
startup
@un 16 13A-8A-6 "udusoft dhcpdA dhcpd startup succeeded
@un 16 13A-8A-6 "udusoft dhcpdA fai!over peer home-netA 9 move from startup to
recover
@un 16 13A-9A12 "udusoft dhcpdA fai!over peer home-netA peer moves from un"nown-
state to recover
@un 16 13A-9A12 "udusoft dhcpdA fai!over peer home-netA re5uesting fu!! update from
peer
@un 16 13A-9A12 "udusoft dhcpdA +ent update re5uest a!! message to home-net
@un 16 13A-9A12 "udusoft dhcpdA fai!over peer home-netA peer moves from recover to
recover
@un 16 13A-9A12 "udusoft dhcpdA fai!over peer home-netA re5uesting fu!! update from
peer
@un 16 13A-9A12 "udusoft dhcpdA Bpdate re5uest a!! from home-netA sending update
@un 16 13A-9A12 "udusoft dhcpdA fai!over peer home-netA peer update comp!eted.
@un 16 13A-9A12 "udusoft dhcpdA fai!over peer home-netA 9 move from recover to
recover-done
@un 16 13A-9A13 "udusoft dhcpdA +ent update done message to home-net
@un 16 13A-9A13 "udusoft dhcpdA fai!over peer home-netA peer moves from recover to
recover-done
@un 16 13A-9A13 "udusoft dhcpdA fai!over peer home-netA 9 move from recover-done to
norma!
@un 16 13A-9A13 "udusoft dhcpdA fai!over peer home-netA peer moves from recover-
done to norma!
@un 16 13A-9A12 "udusoft dhcpdA poo! 912e1' 192.168.1.22 tota! 26 free 2- ac"up
' !ts -12
@un 16 13A-9A12 "udusoft dhcpdA poo! 912e1' 192.168.1.22 tota! 26 free 2-
ac"up ' !ts 12
And on the s)a(e"
@un 16 13A-9A12 sha"a dhcpdA +ending on +oc"et.fa!!ac".fa!!ac"-net
@un 16 13A-9A12 sha"a dhcpdA fai!over peer home-netA 9 move from recover to startup
@un 16 13A-9A12 sha"a dhcpdA fai!over peer home-netA peer moves from un"nown-state
to recover
@un 16 13A-9A12 sha"a dhcpdA dhcpd startup succeeded
@un 16 13A-9A12 sha"a dhcpdA fai!over peer home-netA re5uesting fu!! update from
peer
@un 16 13A-9A12 sha"a dhcpdA fai!over peer home-netA 9 move from startup to recover
@un 16 13A-9A12 sha"a dhcpdA +ent update re5uest a!! message to home-net
@un 16 13A-9A12 sha"a dhcpdA +ent update done message to home-net
@un 16 13A-9A12 sha"a dhcpdA Bpdate re5uest a!! from home-netA nothing pending
@un 16 13A-9A12 sha"a dhcpdA fai!over peer home-netA peer moves from recover to
recover-done
@un 16 13A-9A12 sha"a dhcpdA fai!over peer home-netA peer update comp!eted.
@un 16 13A-9A12 sha"a dhcpdA fai!over peer home-netA 9 move from recover to
recover-done
@un 16 13A-9A12 sha"a dhcpdA fai!over peer home-netA peer moves from recover-done
to norma!
@un 16 13A-9A12 sha"a dhcpdA fai!over peer home-netA 9 move from recover-done to
norma!
@un 16 13A-9A12 sha"a dhcpdA poo! 9d18ad8 192.168.1.22 tota! 26 free 2- ac"up '
!ts 12
@un 16 13A-9A12 sha"a dhcpdA poo! responseA 12 !eases
Copyright F 2008 Andre+ Co)in ,issa
A)) Gights Geser(ed$