Tag Archive for failover

DHCP Failover in Windows Server 2012

April 4, 2014 DHCP No comments

dhcp

DHCP Failover Overview

DHCP failover in Windows Server 2012 enables administrators to deploy a highly resilient DHCP service to support a large enterprise without the challenges of setting up Failover Clustering. The main points to remember are…

  • Provide DHCP service availability at all times on the enterprise network.
  • If a DHCP server is no longer reachable, the DHCP client is able to extend the lease on its current IP address by contacting another DHCP server on the enterprise network.
  • DHCP failover is not supported for more than two DHCP servers. The failover relationship is always comprised of two DHCP servers.
  • For DHCP failover to function correctly, time must be kept synchronized between the two servers in a failover relationship. Time synchronization can be maintained by deployment of the Network Time Protocol (NTP) or any alternate mechanism. When the failover configuration wizard is run, it will compare the current time on the servers being configured for failover. If the time difference between the servers is greater than one minute, the failover setup process will halt with a critical error instructing the administrator to synchronize the time on the servers

The DHCP server failover feature provides the ability to have two DHCP servers provide IP addresses and option configuration to the same subnet or scope, providing for continuous availability of DHCP service to clients. The two DHCP servers replicate lease information between them, allowing one server to assume responsibility for servicing of clients for the entire subnet when the other server is unavailable. It is also possible to configure failover in a load-balancing configuration with client requests distributed between the two servers in a failover relationship.

DHCP failover in Windows Server 2012 provides support for a maximum of two DHCP servers, and the failover relationship is limited to IPv4 scopes and subnets. Network nodes using Internet Protocol version 6 (IPv6) typically determine their own IPv6 address using stateless IP auto configuration. In this mode, the DHCP server delivers only the DHCP option configuration, and the server does not maintain any lease state information. A high availability deployment for stateless DHCPv6 is possible by simply setting up two servers with identical option configuration. Even in a stateful DHCPv6 deployment, the scopes do not run under high address utilization, which makes split scope a viable solution for high availability.

DHCP Failover Architecture

You can have 2 modes of DHCP Failover

  • Hot Standby
  • Load Sharing

Hot standby mode

In hot standby mode, 2 servers operate in a failover relationship where an active server is responsible got leasing IP addresses and configuration information to all clients in a scope or subnet. The secondary server assumes this responsibility if there primary server becomes unavailable. A server is primary or secondary in the context of a subnet. For instance, a server that has the role of a primary for a given subnet could be a secondary server for another subnet

Hot standby mode of operation is best suited to deployments where a central office or data center server acts as a standby backup server to a server at a remote site, which is local to the DHCP clients (ex: hub and spoke deployment). In such deployments, it is undesirable to have a remote standby server service any clients unless the local DHCP server becomes unavailable. The figure below is an example of a hub and spoke deployment

Load Sharing Mode

In a load sharing mode deployment, which is the default mode of operation, the two servers simultaneously serve IP addresses and options to clients on a given subnet. The client requests are load balanced and shared between the two servers.

The load sharing mode of operation is best suited to deployments where both servers in a failover relationship are located at the same physical site. Both servers respond to DHCP client requests based on the load distribution ratio configured by the administrator

DHCP1

Instructions

  • First of all we need to install DHCP on the first of the two DHCP Servers
  • Open Server Manager and click Add Roles and Features

DHCP2

  • Select Installation Type > Choose Role based or Feature based installation

DHCP3

  • Select Destination Server

DHCP4

  • Select Server Role

DHCP5

  • Select Features

DHCP6

  • Click Next on the Select Features Page

DHCP7

  • Click Next on the DHCP Server Page

DHCP8

  • Click Next and Install

DHCP9

  • Once finished click Complete Configuration

DHCP10

  • Before DHCP can be used as a Failover partner, it must be authorised in Active Directory
  • On the Post Installation Task screen click Next

DHCP11

  • On the Authorisation screen, add your DHCP User or use the Administrator

DHCP12

  • Click Commit and check the results

DHCP13

  •  Now you need to do exactly the same steps on your second DHCP Server
  • Go to the first DHCP Server and on the Server Manager menu bar, click Tools and then click DHCP. THE DHCP console opens.
  • In the DHCP console tree, navigate to IPv4. Right-click IPv4 and then click New Scope. The New Scope Wizard opens.

DHCP14

  • Click Next and then type a name for the new scope next to Name DACMT Scope

DHCP15

  • Click Next and then in IP Address Range, type 10.1.1.247 next to Start IP address, type 10.0.0.249 next to End IP address, and type 24 next to Length. The value of Subnet mask will change automatically to 255.255.255.0

DHCP16

  • Click Next, and then don’t add anything in Add Exclusions and Delay.

DHCP17

  • Click Next and then in Lease Duration under Limited to enter 0 Days, 0 Hours, and 2 Minutes. This very short lease duration will simplify the DHCP failover demonstration.

DHCP18

  • Click Next to DHCP Options

DHCP19

  • Add in your Router name and click Add

DHCP21

  • In Domain Name and DNS Servers, verify that the Parent domain is dacmt.local and 10.1.1.160 is listed as the only DNS server. (Check your own Domain and DNS Server here!)

DHCP22

  • Ignore WINS Servers for now

DHCP23

  • Select yes to activate the Scope now

DHCP24

  • In the DHCP console tree, right-click dhcp2.contoso.com, and then click Authorize.
  • Refresh the view in the DHCP console and verify that your DHCP Server is authorized and that the Scope is active.

DHCP25

  • Next we are ready to configure Failover
  • On your second DHCP Server where you have activated and specified the scope, right click the scope and select Configure Failover

DHCP26

  • The Failover wizard will open. Click Next

DHCP27

  • Specify the partner server you want to use. Click Add

DHCP28

  • The next screen is the Create a Failover Relationship and this is where we have the different modes. (Load Balance or Hot Standby)
  • I am going to choose Load Balanced for now

DHCP30

  • Type a shared secret for this failover relationship next to Shared Secret
  • Change the value next to Maximum Client Lead Time to 0 hours and 1 minute
  • The Maximum Client Lead Time (MCLT) is additional time provided to a DHCP client after expiration of a DHCP lease. The MCLT is transmitted from the primary to the secondary server in the CONNECT message, and is the maximum amount of time that one server can extend a lease for a client beyond the time known by the partner server.
  • In a production environment, you should use a longer MCLT, such as 1 hour.
  • So we should now look like the below screen

DHCP31

  • Click Next and review the settings

DHCP32

  • Check everything ran successfully in the box which pops up below

DHCP33

  • On your first DHCP Server, refresh the DHCP console and verify that the same DHCP scope configuration that is present on the second DHCP Server is now present on here

DHCP34

  • Voila, you have now set up one of the modes of DHCP Failover 🙂

Configure Explicit Failover to conform with VMware Best Practice

January 26, 2013 Objective 2 Networking No comments

dilbert

Best Practices

  • When configuring load balancing on the physical switch, some switches require that both interfaces be sourced to the same switch. Check with your vendor, but ideally, you should separate pNIC connections on separate switches just like you do with separate buses for a network team
  • When a failover or fallback event occurs, the delay may sever communication. To speed up the process of bringing the port online, you may want to enable portfast on your pSwitch uplinks to the ESXi host. Portfast avoids the unnecessary negotiation that takes place when a port tries to determine what it is connected to on the other end
  • Separate VM traffic and infrastructure traffic (vMotion, NFS, iSCSI)
  • Use separate pNICs and vSwitches where possible
  • VLANs can be used to isolate traffic(both from a broadcast and security perspective)
  • When using NIC teams use pNICs from separate buses (ie don’t have a team comprising two pNICs on the same PCI card – use one onboard adapter and one from an expansion card)
  • Keep FT logging on a separate pNIC and vSwitch(ideally 10GB)
  • Use dedicated network infrastructure (physical switches etc) for storage (iSCSI and NFS)
  • Use consistent port names on VLANs for virtual machine networks on all ESXi hosts
  • Every physical network adapter connected to the same vSphere standard switch or vSphere distributed switch should also be connected to the same physical network.
  • Configure all VMkernel network adapters to the same MTU. When several VMkernel network adapters are connected to vSphere distributed switches but have different MTUs configured, you might experience network connectivity problems
  • Under NIC Teaming > Network Failover Detection, Do not set to beacon probing if using route based on IP-hash
  • Notify Switches, this should be set to No if you are using Microsoft NLB in Unicast Mode
  • The Failback setting must be set to No if using IP based storage.  This is because if the link were to go up and down quickly it could have a negative impact on iSCSI traffic performance. Best practice is to leave this set to yes if not

Testing Microsoft Failover Clustering on VMware Workstation 8 or ESXi4/5 Standalone

November 12, 2012 Clustering, Microsoft Failover Clustering, VMware No comments

VMware Workstation and vSphere ESXi (Free Version) are the ultimate flexible tools for testing out solutions such as Microsoft Failover Clustering. I wanted to test this out myself before implementing this on a live VMware environment so I have posted some instructions on how to set this up step by step.

Pre-Requisites

Note: This test environment should not be what you use in a Production environment. It is to give you a way of being able to work and play with Windows Clustering

Note: Failover Clustering feature is available with Windows Server 2008/R2 Enterprise/Data Center editions. You don’t have this feature with the Standard edition of Windows Server 2008/R2.

Note: You also need a form of Shared Storage (FC or iSCSI) There are very good free solutions by Solarwinds and Freenas as per the links below you can download and use for testing

Note: To use the native disk support included in failover clustering, use basic disks, not dynamic disks and format as NTFS

  • VMware Workstation 8 (If you are a VCP 4 or 5, you will have a free VMware Workstation license)
  • Setup 1 Windows 2008 R2 Domain Controller Virtual Machine with Active Directory Services and a Domain
  • Setup 1 x Windows Server 2008 R2 Virtual Machine for Node 1 of the Windows Cluster with 2 NICs
  • Setup 1 x Windows Server 2008 R2 Virtual Machine for Node 2 of the Windows Cluster with 2 NICs
  • 1 x Freenas Virtual Machine (Free Storage Virtual Machine in ISO format) We will not be using this in this demo but it is also a very good free solution for creating Shared Storage for Testing
  • http://www.freenas.org/
  • 1 x Free Starwind ISCSI SAN edition (Requires a corporate email registration) This is what we will be using in this demo (Version 6.0.4837)
  • http://www.starwindsoftware.com/starwind-free

Instructions

  • Make sure all Virtual Machine are joined to the domain
  • Make sure all Virtual Machines are fully updated and patched with the latest S/W updates
  • On the first network adapter rename this as Public and on the second adapter, rename this as Private or MSCS Heartbeat
  • On the first network adapter, add the static IP address, Subnet Mask, Gateway and DNS
  • On the second network adapter, just add the IP Address and Subnet Mask
  • Go back to the original screen and untick the following boxes
  • Clear the Client for Microsoft Networks
  • Clear the File and Printer Sharing
  • Clear QOS Packet Scheduler
  • Clear Link Layer Toplogy checkboxes

Link Layer

  • Click Properties on Internet Protocol Version 4 (TCP/IPv4)

  • Click the DNS tab and clear the Register this Connection’s Addresses in DNS

DNS

  • Select the WINS tab and clear the Enable LMHOSTS Lookup checkbox

LMHOSTS

  • After you configured the IP addresses on every network adapter verify the order in which they are accessed. Go to Network Connections click Advanced > Advanced Settings and make sure that your LAN connection is the first one. If not click the up or down arrow to move the connection on top of the list. This is the network clients will use to connect to the services offered by the cluster.

BINDING

  • Make sure you note down all IP Addresses as you go along. This is always handy
  • Disable the Domain Firewall on both Windows Servers
  • At this point, you can choose whether to use Freenas or Starwind. I will be continuing with Starwind but you can follow the Freenas instructions as per below link if you are more familiar with this
  • http://www.sysprobs.com/nas-vmware-workstation-iscsi-target
  • Install the Starwind Software on your Domain Controller
  • Highlight Starwind Server and select Add Host which will be the DC
  • Click General and Connect
  • Put in root and the Password is starwind
  • Go to Registration – Load License which you should have saved from your download
  • Select Devices in the left and Pane, right click and Add a new device to the target. The wizard opens as below. Select Virtual Hard Disk

  • Click Next and Select Image File Device

  • Click Next and Create new Virtual Disk

  • Select the radio button at the end of the New Virtual Disk Location

  • The below window will open

  • Create a new folder called StarwindStorage

  • Type in the first name quorum.img so it all looks like the bottom

  • Edit the size to what you want

  • Next

  • Next

  • Next, type an alias name > Next

  • Next

  • Finish

  • Do the exact procedure above for SQLData
  • Do the exact procedure above for SQLLogs
  • Do the exact procedure above for MSDTC
  • You need to add MSDTC to every Windows Cluster you build. It ensures operations requiring enlisting resources such as COM+ can work in a cluster. It is recommended that you configure MSDTC on a different disk to everything
  • The Quorum Database contains all the configuration information for the cluster
  • Go on to your first Windows Server
  • Click Start > Administration Tools > iSCSI Initiator. If you get the message below, just click Yes

  • Click the Discovery Tab > Add Portal
  • Add the Domain Controller as a Target Portal
  • Click the Targets Tab and you will see the 4 disks there
  • Login to each disk clicking Automatically Restore this Connection
  • Go to Computer Management > Click Disk Management
  • Make all 4 disks online and initialized
  • Right click on each select create Simple Volume
  • Go to the second Windows Server
  • Click Start > Administration Tools > iSCSI Initiator
  • Click the Discovery Tab > Add Portal
  • Add the Domain Controller as a Target Portal
  • Click the Targets Tab and you will see the 4 disks there
  • Login to each disk clicking Automatically Restore this Connection
  • Go to Computer Management > Click Disk Management
  • Don’t bring the disks online, don’t do anything else to the disks on the second server
  • Go back to the first Windows Server
  • Select Server Manager > Add Features > Failover Clustering
  • Go back to the second Windows Server
  • Select Server Manager > Add Features > Failover Clustering

  • Once installed on the second server, go back to the first Windows Server
  • To open Failover Clustering, click on Start > Administrative Tools > Failover Cluster Manager

  •  Click on Validate a configuration under management.
  • When you click on Validate a Configuration, you will need to browse and add the Cluster nodes, these are the 2 Windows servers that will be part of the cluster, then click Next
  • Select Run all tests and click Next

  • Click Next
  • Review the validation report, as your configuration might have few issues with it and needs to be addresses before setting up your cluster

  • Your  configuration is now validated and you are ready to setup your cluster.
  • Click on the second option, Create a Cluster, the wizard will launch, read it and then click Next

  • You need to add the names of the servers you want to have in the cluster

  • After the servers are selected, you need to type a Cluster name and IP for your Cluster
  • Put this cluster name and IP in your DNS server

  •  Next
  • Next
  • Finish
  • Open Failover Cluster Manager and you will see your nodes and setting inside the MMC. Here you can configure your cluster, add new nodes, remove nodes, add more disk storage and any other administration
  • If you want to install SQL Server clustering, we will need to install a MSDTC Service
  • Go to Services and Applications – right click and select “Configure a service or application

  • Select the DTC and click next
  • On the Client Access Point page, enter a Name and an IP address to be used by the DTC, and then click Next.
  • Put the DTC Name and IP Address in your DNS Server

  • If you find that it has taken the wrong disk for your Quorum Disk, you will need to do the following
  • Right click on the cluster and select More Actions
  • Configure Cluster Quorum Settings
  • Click Next
  • On the next Page – Select Quorum Configuration
  • Keep Node and Disk Majority

  • On Configure the Storage Witness, select the drive that should have been the Quorum drive
  • Now you should be completely set up for Windows Clustering. Have a look through all the settings to familiarise yourself with everything.

Next Post

My next post will contain Instructions on on how to setup SQL Server clustering. You should have this environment set up first before following on with installing SQL Server.

YouTube Videos

These videos are extremely useful as quidance to this process

http://www.youtube.com/watch?v=7onR2BjTVr8&feature=relmfu

http://www.youtube.com/watch?v=iJy-OBHtMZE&feature=relmfu

http://www.youtube.com/watch?v=noJp_Npt7UM&feature=relmfu

http://www.youtube.com/watch?v=a27bp_Hvz7U&feature=relmfu

http://www.youtube.com/watch?v=B2u2l-3jO7M&feature=relmfu

http://www.youtube.com/watch?v=TPtcdbbnGFA&feature=relmfu

http://www.youtube.com/watch?v=GNihwqv8SwE&feature=relmfu

http://www.youtube.com/watch?v=0i4YGr0QxKg&feature=relmfu

http://www.youtube.com/watch?v=2xsKvSTaVgA&feature=relmfu

http://www.youtube.com/watch?v=Erx1esoTNfc&feature=relmfu