Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

Moving DHCP Scope to new Member Server.

New Member
Posts: 3
2848     0

Hi All, 

I am looking to move some of my DHCP scopes from one FA group to another FA group, where one of the Member servers is the same, and the other is in a different DC.

 

I found KB articles on swapping out member servers, but they seem to be a "move everythign" scenario and not just move individual scopes, and hence they say you need to down the server in the Failover Association in order for a smooth transition..

 

Is there an easy/smooth way to just move a scope to a new FA group without imapcting things left on the existing FA group?

 

My thought was to change the FA balance so that all the leases would be given out by the server that is staying, but was unsure if just changing that slider would actually move existing leases, or just affect new leases, or worst case would it freak out the PC becuase the server it last got the leasse from won't answer anymore...   If that works, then I could just add the new member to the network, change the scope to a the new FA and then re-balance so that both servers are back to giving out leases...

 

Anyone done this before?   Will this work, or is there a better route?   My main concern is leaving a device trying to contact a DHCP server that won't answer and then it just giving up and going back to the 169.x.x.x address and dropping off the network..

 

Thanks.

-Stephen

Re: Moving DHCP Scope to new Member Server.

Expert
Posts: 185
2849     0

So, if I understand this correctly, you will end up with 3 DHCP servers? Two primaries sharing a common failover server (peer) in a star arrangement?

 

If so then this should be really easy. All you need to do is set up a second FA association with the new server and existing failover peer. Then you can use the CSV export tool to export all the networks and ranges. Edit the file and remove networks and ranges you don't want to touch, just leave the ones you want to migrate. On the networks you need to change the member assignments, replace the old server with the new one. Then on the ranges you need to change the name of the failover association to be the new one you just created.

 

Now import the CSV file using the override option and do a restart services.

 

The scopes will be removed off the old server and added to the new one, and the new server will sync all the leases from the failover peer. 

 

Well that's the theory anyway! ;-) I would try this out in the lab first because I can't remember if the leases are tied to a specific failover association name in the lease file, ie if the name of the association changes I'm not sure what happens to the leases - but they are also stored in the Infoblox database so they may just get dumped out to the new server when you do a restart services.

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE

Re: Moving DHCP Scope to new Member Server.

New Member
Posts: 3
2849     0

Thanks Paul, 

 

We will only have two DHCP servers per scope, I'm just trying to move a few of the scopes to a new Primary server, keeping the same secondary and the "new" FA already exists for other DHCP scopes.

 

I only have a handful, so I would probably just do these in the GUI instead of doing an export/modify/import.  (If that makes a difference)

 

I'm mainly concered about the impact on the PCs/IpPhones and if they are going to smoothly move to the new server/FA, or if I'll need to do a reboot or local release/renew to get them to be happy...

 

-Stephen

Re: Moving DHCP Scope to new Member Server.

Expert
Posts: 185
2849     0

Because you are using the same "secondary" all the clients should move over by themselves (provided they follow the RFCs). The new primary will sync up the leases from the secondary when you bring it up. If clients try and renew the lease at 50% to the old "primary", they won't get a response (if you've moved the scope), but they will pick it up when they do a broadcast at 7/8 of the lease time. The new "primary" will then respond. If they got a lease from the "secondary", then that will just renew as normal at 50% (remember the lease renewal at 50% is a unicast not broadcast).

 

If you are worried you can put the "secondary" into "partner down" mode whilst you are moving the scopes, but I'm not sure if that's really necessary as it should only take a few minutes to move the scopes. I might use partner-down if it's going to take several hours or days to complete the work.

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE
Showing results for 
Search instead for 
Did you mean: 

Recommended for You