DHCP vs Scripting in Linux
Hello, I’m hoping some of the more experienced in Linux can help me understand this.
We’re currently working on a DR solution. We have RedHat and SLES VMs that have static IPs in our data center and they need to be replicated to our DR site. We’re using Veeam, but it does not support re-ip of Linux hosts. All the Linux guys say, “Ok we’ll script it so that when we need to fail over in the DR we can run this script and re-ip the necessary machines.” This sounds all well and good to me, definitely a useful exercise to know how to do it and the SR Linux guy has written a Perl script that will need to be on each individual guest machine and a VIX API script to send out. So it works.
My thought though was, why not use DHCP? I’ve always set my servers to DHCP with MAC reservations. It seems to me that if the VMs have their MAC’s set to static I can put a reservation in. When we fail over the machines go out, find the DHCP, get the addy they need, and are good to go.
The SR Admin like the idea, but didn’t like the fact that we would have to set the Production machines as DHCP as well. Is there some reason that DHCP is inadequate for this or is this personal preference? I’m just trying to understand his thinking since he’s a Linux guy and the majority of my back ground has been in Windows.
We’re currently working on a DR solution. We have RedHat and SLES VMs that have static IPs in our data center and they need to be replicated to our DR site. We’re using Veeam, but it does not support re-ip of Linux hosts. All the Linux guys say, “Ok we’ll script it so that when we need to fail over in the DR we can run this script and re-ip the necessary machines.” This sounds all well and good to me, definitely a useful exercise to know how to do it and the SR Linux guy has written a Perl script that will need to be on each individual guest machine and a VIX API script to send out. So it works.
My thought though was, why not use DHCP? I’ve always set my servers to DHCP with MAC reservations. It seems to me that if the VMs have their MAC’s set to static I can put a reservation in. When we fail over the machines go out, find the DHCP, get the addy they need, and are good to go.
The SR Admin like the idea, but didn’t like the fact that we would have to set the Production machines as DHCP as well. Is there some reason that DHCP is inadequate for this or is this personal preference? I’m just trying to understand his thinking since he’s a Linux guy and the majority of my back ground has been in Windows.
Comments
-
vasyvasy Member Posts: 68 ■■■□□□□□□□Maybe he is concerned with some possible issues:
- dhcp server not working for some reason, like hw/sw problems, config problems, etc
- rogue dhcp server in your LAN
- dynamically assigned IPs for servers (even when bound to MAC) is generally a bad idea, think MAC-spoofing
- management overhead to provision MACs and IPs
- some other reason
My question is this: why are you forced to change the IPs for the servers, are the IPs public? -
apr911 Member Posts: 380 ■■■■□□□□□□DHCP lease time comes into play here...
Your VMs are going to come online in DR and get an address. When you failover they need a new different address than the one already assigned, you can update or add the IP as a reservation but the server needs to request an updated lease before it will take on the new IP address.
You could in theory set a really low lease time but then you are flooding your network with unnecessary DHCP requests.
Also, manually adding/changing DHCP reservations each time you failover is likely going to take longer than running any scripts... Especially if you have 1 master control script that is able to execute the scripts on all the boxes in short order.
Finally, if your servers run multiple IPs on each device, that could be problematic. I dont often see devices play well with multiple IPs assigned to a single interface via DHCP and even in those situations where it works perfectly, it can be an administrative PITA since you cant control individual IPs on the device (again DHCP lease times) like you could with sub-interfaces and static IPs.Currently Working On: Openstack
2020 Goals: AWS/Azure/GCP Certifications, F5 CSE Cloud, SCRUM, CISSP-ISSMP