(true) failover with isc-dhcpd

true failover

Example

primary

ddns-update-style none;
option domain-name "example.net";
option domain-name-servers ns1.example.net, ns2.example.net;
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
failover peer "dhcp-failover" {
  primary;
  address 10.131.188.150;
  port 647;
  peer address 10.135.68.18;
  peer port 647;
  max-response-delay 30;
  max-unacked-updates 10;
  load balance max seconds 3;
  mclt 1800;
  split 128;
}
subnet 10.131.171.0 netmask 255.255.255.0 {
}
subnet 10.131.188.128 netmask 255.255.255.128 {
}
subnet 10.135.30.192 netmask 255.255.255.240 {
  option subnet-mask 255.255.255.240;
  option broadcast-address 10.135.30.207;
  option routers 10.135.30.193;
  pool {
    failover peer "dhcp-failover";
    max-lease-time 1800; # 30 minutes
    range 10.135.30.196 10.135.30.199;
    deny dynamic bootp clients;
  }
}

secondary

ddns-update-style none;
option domain-name "example.net";
option domain-name-servers ns1.example.net, ns2.example.net;
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
failover peer "dhcp-failover" {
  secondary;
  address 10.135.68.18;
  port 647;
  peer address 10.131.188.150;
  peer port 647;
  max-response-delay 30;
  max-unacked-updates 10;
  load balance max seconds 3;
}
subnet 10.135.72.0 netmask 255.255.254.0 {
}
subnet 10.135.68.0 netmask 255.255.255.0 {
}
subnet 10.135.30.192 netmask 255.255.255.240 {
  option subnet-mask 255.255.255.240;
  option broadcast-address 10.135.30.207;
  option routers 10.135.30.193;
  pool {
    failover peer "dhcp-failover";
    max-lease-time 1800; # 30 minutes
    range 10.135.30.196 10.135.30.199;
    deny dynamic bootp clients;
  }
}

disjunct ranges

Works but possible race condition and unbalnced leases

overlapping ranges

Works if clients answers ping requests, because a dhcpd pings a IP bevor it offers this IP to be sure it is not occupied.