Solved: Re: Vishal,

Vishal Kolamkar · ‎06-26-2016

I have two sites which are configured with local dhcp client pool configuration on routers. I am now migrating these pools on dhcp server & then mapping those under interface with ip helper address x.x.x.x command. Below is my query
!

Which pool will be used if local pool & helper address are configured? Pool will be opted from server or locally allocated?

How to ensure local client pool is used as backup & address is always picked from dhcp relay server?

Peter Paluch · ‎06-26-2016

Vishal,

According to my experiments, if a router has a DHCP pool for a directly connected network, clients on that network will always be served from the local pool, even if the interface had ip helper-address configured.

Running two DHCP servers in an active/backup scenario is generally a difficult task. The main problem is the sharing of the lease database between these two routers. A backup DHCP server must know which IP addresses have already been leased by the active server, so that when the active server fails, the backup server can take over and avoid handing out IP addresses that have already been leased. The DHCP protocol itself does not have a standardized support for this - there are some draft documents but while they have become insanely complex, they do not seem to be widely supported.

If possible, I suggest you postpone the idea of an active/backup DHCP server.

Best regards,
Peter

View solution in original post

Vishal Kolamkar · ‎06-28-2016

Thanks Peter for useful information

View solution in original post

Peter Paluch · ‎06-26-2016

Vishal,

According to my experiments, if a router has a DHCP pool for a directly connected network, clients on that network will always be served from the local pool, even if the interface had ip helper-address configured.

Running two DHCP servers in an active/backup scenario is generally a difficult task. The main problem is the sharing of the lease database between these two routers. A backup DHCP server must know which IP addresses have already been leased by the active server, so that when the active server fails, the backup server can take over and avoid handing out IP addresses that have already been leased. The DHCP protocol itself does not have a standardized support for this - there are some draft documents but while they have become insanely complex, they do not seem to be widely supported.

If possible, I suggest you postpone the idea of an active/backup DHCP server.

Best regards,
Peter

Vishal Kolamkar · ‎06-28-2016

Thanks Peter for useful information

alfista16 · ‎05-24-2018

I just ran into a very similar issue:

interface Vlan10
ip address 172.16.10.1 255.255.255.0
ip helper-address 192.168.100.1
end

I have configured on a VLAN interface ip helper-address 192.168.100.1 while on the same VLAN i have connected another rogue DHCP server with IP = 172.16.10.254.

When I connect a DHCP client (PC) on that VLAN, usually the rogue DHCP replies much faster than the time that the switch needs to act as a relay agent and generate a unicast DHCP Discover to the legitimate DHCP server 192.168.100.1. As a result, the PC gets an IP address on the 172.16.10.0 subnet.

What happens here is actually a race condition. The switch receives the DHCP DISCOVER, which is a broadcast message, and lets this broadcast flow to the ports belonging to the same VLAN, but at the same time, the switch generates a unicast DHCP DIscover message and sends it to the helper DHCP server, i.e. the switch acts as the relay agent. How much more functional would this be, if the switch prevented the DHCP Discover from being broadcasted to the same VLAN and just generated a unicast DHCP Discover to the helper DHCP?

Dhcp Local Pool & Dhcp Helper Address