Configuring DHCP failover and load balancing

The basic installation and configuration of a single DHCP server, as shown in the two previous recipes, is straightforward. However, a single DHCP server represents a single point of failure. A standard solution to this shortcoming is to implement DHCP Failover and Load Balancing. Microsoft added this to DHCP with Windows 2012. This feature, and indeed DHCP, is still provided with Server 2019.

Getting ready

This recipe requires two servers, with one server (DC1) set up with a working and configured DHCP scope. You achieved this by using the Configuring and authorizing a DHCP server and Configure DHCP scopes recipes. This recipe needs a second server (in this case, DC2.Reskit.Org).

How to do it...

  1. Install the DHCP server feature on DC2:
    $FHT = @{
      Name         = 'DHCP','RSAT-DHCP'
      ComputerName = 'DC2.Reskit.Org'
    }
    Install-WindowsFeature @FHT
  2. Let DHCP know it's all configured on DC2:
    $IPHT = @{
      Path   = 'HKLM:\SOFTWARE\Microsoft\ServerManager\Roles\12'
      Name   = 'ConfigurationState'
      Value  = 2
    }
    Set-ItemProperty @IPHT
  3. Authorize the DHCP server in AD and view the results:
    Add-DhcpServerInDC -DnsName DC2.Reskit.Org
  4. View the DHCP servers that are authorized in the domain:
    Get-DhcpServerInDC
  5. Configure DHCP failover and load balancing between DC1 and DC2:
    $FHT= @{
      ComputerName       = 'DC1.Reskit.Org'
      PartnerServer      = 'DC2.Reskit.Org'
      Name               = 'DC1-DC2'
      ScopeID            = '10.10.10.0'
      LoadBalancePercent = 60
      SharedSecret       = 'j3RryIsG0d!'
      Force              = $true
    }
    Add-DhcpServerv4Failover @FHT
  6. Get active leases in the scope (from both servers):
    'DC1', 'DC2' |
        ForEach-Object {Get-DhcpServerv4Scope -ComputerName $_}
  7. Now, get server statistics from both servers:
    'DC1', 'DC2' |
    ForEach-Object {
        Get-DhcpServerv4ScopeStatistics -ComputerName $_}

How it works...

In step 1, you added the DHCP server feature to DC2.Reskit.org, which looks like this:

In step 2, you set a registry key to indicate to Windows that DHCP is fully configured. In step 3, you authorized this DHCP server in the AD. There is no output from either of these two steps.

In step 4, you viewed details about the authorized DHCP servers in the Reskit.Org domain, which looks like this:

In step 5, you configured DC1 and DC2 to be in a failover and load-balancing state. This step produces no output.

In step 6, you viewed the active leases on each DHCP server, which looks like this:

There's more

In step 2, you set a registry key on the DHCP server that indicates that the DHCP server service is fully installed. If you install DHCP using the Server Manager (GUI), this step is performed automatically.

With step 3, you authorized this DHCP server in Active Directory. Without this step, the DHCP service on DC2 would never start up fully. This is intended to ensure that only authorized DHCP servers can hand out DHCP addresses. In step 4, you viewed the authorized servers in the domain.

In step 5, you set up DC2 as a failover and load-balancing DHCP server (with DC1 as the other partner in the relationship). As you can see in step 6, both DHCP servers are synchronized (with 3 addresses used and 47 free).