07-29-2014 01:07 PM - edited 03-07-2019 08:13 PM
In the event that I have a pair of HSRP routers that also act as DHCP servers, what is the best way to avoid an IP address conflict? I don't want the Active Router to give out an IP, fail and then have the Standby (now the Active) give out the same IP again to different device.
I am not aware of HSRP doing any kind of DHCP binding synchronization. My first though is to give each router half of the DHCP range. But this raises two concerns for me:
1. If the range on the Active is used up, will the Standby start to respond to DHCP discoveries?
2. In the DHCP configuration, when I use the network command I will use (for example) network 192.168.1.0 255.255.255.128 on the Active and network 192.168.1.128 255.255.255.128 on the Standby.
Won't this incorrectly give the hosts a /25 subnet masks? The LAN IP is just 192.168.1.1/24 - which is excluded of course, along with the Standby router and HSRP IP. From a quick CLI context sensitive help search it looks like the subnet prefix-length command might get around this but I'm not sure...
Solved! Go to Solution.
07-30-2014 07:13 AM
On each HSRP router you wouldnt necessarily have to give out a /25 mask. But could exclude half the range, i.e dhcp excluded-address 192.168.1.1 192.168.1.127 & exclude the opposite range on the standby HSRP router. OR as a better solution you could just not use DHCP on the HSRP routers & have a 3rd device or Server handing out DHCP addresses. HSRP is designed so that they default gateway failover is transparent to all devices for the subnet.
07-30-2014 07:13 AM
On each HSRP router you wouldnt necessarily have to give out a /25 mask. But could exclude half the range, i.e dhcp excluded-address 192.168.1.1 192.168.1.127 & exclude the opposite range on the standby HSRP router. OR as a better solution you could just not use DHCP on the HSRP routers & have a 3rd device or Server handing out DHCP addresses. HSRP is designed so that they default gateway failover is transparent to all devices for the subnet.
08-09-2014 05:38 PM
Yeah that makes sense. Much simpler and smarter way to split the range as well.
Unfortunately the scenario doesn't allow me to use seperate DNS servers. I have used a EEM script that clears the DHCP bindings if HSRP fails over. Not ideal but I will see how it goes.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide