diff options
| author | Robert Göhler <github@ghlr.de> | 2025-01-13 21:04:42 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-01-13 21:04:42 +0100 |
| commit | fe7ce68b4fd41eef92e15ac4607c6fbccf99d47a (patch) | |
| tree | 9e30b12d08437eb85b90f0123dbe87088223e2b6 | |
| parent | c7b570098dd0251f05c07cfed94afe5715a6f82d (diff) | |
| parent | de55569fbb268642791f20cbd2ad79f2c6fbcd4e (diff) | |
| download | vyos-documentation-fe7ce68b4fd41eef92e15ac4607c6fbccf99d47a.tar.gz vyos-documentation-fe7ce68b4fd41eef92e15ac4607c6fbccf99d47a.zip | |
Merge pull request #1586 from 0lzi/dhcp-server_failover
updated dhcp-server documentation for sagitta
| -rw-r--r-- | docs/configuration/service/dhcp-server.rst | 42 |
1 files changed, 29 insertions, 13 deletions
diff --git a/docs/configuration/service/dhcp-server.rst b/docs/configuration/service/dhcp-server.rst index 45555336..a02f60d1 100644 --- a/docs/configuration/service/dhcp-server.rst +++ b/docs/configuration/service/dhcp-server.rst @@ -170,28 +170,44 @@ Individual Client Subnet Enable DHCP failover configuration for this address pool. -Failover --------- +High Availability +----------------- + +VyOS provides High Availability support for DHCP server. DHCP High +Availability can act in two different modes: + +* **Active-active**: both DHCP servers will respond to DHCP requests. If + ``mode`` is not defined, this is the default behavior. + +* **Active-passive**: only ``primary`` server will respond to DHCP requests. + If this server goes offline, then ``secondary`` server will take place. + +DHCP High Availability must be configured explicitly by the following +statements on both servers: + +.. cfgcmd:: set service dhcp-server high-availability mode [active-active + | active-passive] -VyOS provides support for DHCP failover. DHCP failover must be configured -explicitly by the following statements. + Define operation mode of High Availability feature. Default value if command + is not specified is `active-active` -.. cfgcmd:: set service dhcp-server failover source-address <address> +.. cfgcmd:: set service dhcp-server high-availability source-address <address> - Local IP `<address>` used when communicating to the failover peer. + Local IP `<address>` used when communicating to the HA peer. -.. cfgcmd:: set service dhcp-server failover remote <address> +.. cfgcmd:: set service dhcp-server high-availability remote <address> - Remote peer IP `<address>` of the second DHCP server in this failover + Remote peer IP `<address>` of the second DHCP server in this HA cluster. -.. cfgcmd:: set service dhcp-server failover name <name> +.. cfgcmd:: set service dhcp-server high-availability name <name> A generic `<name>` referencing this sync service. .. note:: `<name>` must be identical on both sides! -.. cfgcmd:: set service dhcp-server failover status <primary | secondary> +.. cfgcmd:: set service dhcp-server high-availability status <primary + | secondary> The primary and secondary statements determines whether the server is primary or secondary. @@ -200,12 +216,12 @@ explicitly by the following statements. their lease tables in sync, they must be able to reach each other on TCP port 647. If you have firewall rules in effect, adjust them accordingly. - .. hint:: The dialogue between failover partners is neither encrypted nor + .. hint:: The dialogue between HA partners is neither encrypted nor authenticated. Since most DHCP servers exist within an organisation's own secure Intranet, this would be an unnecessary overhead. However, if you - have DHCP failover peers whose communications traverse insecure networks, + have DHCP HA peers whose communications traverse insecure networks, then we recommend that you consider the use of VPN tunneling between them - to ensure that the failover partnership is immune to disruption + to ensure that the HA partnership is immune to disruption (accidental or otherwise) via third parties. Static mappings |