Loading
OpenLDAP Everywhere Reloaded, Part I
One last note on the DHCP failover protocol: if you have more devices on one subnet than 50% of the overall amount available in the pool range, seriously consider re-engineering your network before implementing DHCP failover.
The protocol inherently relies on having an excess of free addresses
to allocate, even after the pool range is cut in half by split
128;.
The maximum amount of available IP addresses for DHCP in a C Class subnet most of the time is 253 (255 addresses, minus 1 address for broadcast, minus 1 address for the router).
If you have more than 126 devices within one failover subnet, either split it into more subnets (for example, one subnet for each floor of the building), or use a larger subnet than C Class. Configure the subnet declaration in /etc/dhcpd.conf to increase its pool range accordingly. It will save you problems later on.
Now that the DHCP servers are configured with failover pools, the final thing to do is configure the 192.168.3.0/24 and 192.168.4.0/24 to forward DHCP client broadcasts through the LAN/WAN to 192.168.1.10 and 192.168.2.10.
This is done on router03.example.com with IP Helper addresses. On linux03.example.com, it's done with ISC's DHCP Relay Agent.
Assume router03.example.com is a Cisco Catalyst Multi-layer
Switch. Configure IP Helper addresses by entering privileged mode
(run the enable command). Using the ip
helper-address command,
apply the two DHCP server IP addresses to the router interface that has
the 192.168.3.1/24 address. On the Catalyst 3750G in my lab, this is
interface "vlan20". The commands are applied like so:
router03#show running-config
Building configuration...
--- output suppressed ---
interface Vlan20
description linuxjournal_vlan
ip address 192.168.3.1 255.255.255.0
end
--- output suppressed ---
router03#configure terminal
router03(config)#interface vlan 20
router03(config-if)#ip helper-address 192.168.1.10
router03(config-if)#ip helper-address 192.168.2.10
router03(config-if)#end
router03#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
0 bytes copied in 8.715 secs (0 bytes/sec)
router03#show running-config interface vlan 20
Building configuration...
Current configuration : 154 bytes
!
interface Vlan20
description linuxjournal_vlan
ip address 192.168.3.1 255.255.255.0
ip helper-address 192.168.1.10
ip helper-address 192.168.2.10
end
router03#
On linux03.example.com, you need to install the isc-debian-relay package. Once it's installed, it will ask for the "multiple server names be provided as a space-separated list". Enter "linux01.example.com linux02.example.com", or if this host isn't configured to resolve from our DNS server pair, "192.168.1.10 192.168.2.10". It will ask on which interface to listen. If you have no preference, leave it blank and press Enter. It will ask you to specify additional options, but you simply can press Enter.
If you make a mistake, you can reconfigure by running the command
dpkg-reconfigure isc-dhcp-relay or modify the
SERVERS variable in
/etc/default/isc-dhcp-relay.
Your DHCP clients now should be able to contact either DHCP server.
In Part II of this series, I'll explain how to configure OpenLDAP on the two Linux servers and start to populate the directory with data.
Resources
Example configuration files for this article: ftp://ftp.linuxjournal.com/pub/lj/listings/issue216/11148.tgz
Debian GNU/Linux: http://www.debian.org/distrib
Download Debian 6.0.2.1: http://cdimage.debian.org/debian-cd/6.0.2.1
Manual Page for ntp.conf(5): http://linux.die.net/man/5/ntp.conf
Manual Page for named.conf(5): http://linux.die.net/man/5/named.conf
Manual Page for dhcpd.conf(5): http://linux.die.net/man/5/dhcpd.conf
Manual Page for dhcp-options(5): http://linux.die.net/man/5/dhcp-options
ISC dhcp-users Mailing List: https://lists.isc.org/mailman/listinfo/dhcp-users
Cisco IOS 12.3 T Command Reference for Idle through IP local-proxy-arp
(includes ip helper-address): http://www.cisco.com/en/US/docs/ios/12_3t/ip_addr/command/reference/ip1_i1gt.html
- « first
- ‹ previous
- 1
- 2
- 3
- 4
______________________
Stewart Walters is a Solutions Architect with more than 15 years' experience in the Information Technology industry. Amongst other industry certifications, he is a Senior Level Linux Professional (LPIC-3).
White Paper
Fabric-Based Computing Enables Optimized Hyperscale Data Centers
Today’s modular x86 servers are compute-centric, designed as a least common denominator to support a wide range of IT workloads. Those generic, virtualized IT workloads have much different resource optimization requirements than hyperscale and cloud applications. They have resulted in a “one size fits all” enterprise IT architecture that is not optimized for a specific set of IT workloads, and especially not emerging hyperscale workloads, such as web applications, big data, and object storage. In this report, you will learn how shifting the focus from traditional compute-centric IT architectures to an innovative disaggregated fabric-based architecture can optimize and scale your data center.
Sponsored by AMD
White Paper
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy
Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6
Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.
Learn more about catching the bad guy in this free white paper.
Sponsored by DLT Solutions
Free Webinar: Linux Backup and Recovery
Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.
In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.
- Using Salt Stack and Vagrant for Drupal Development
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- New Products
- Validate an E-Mail Address with PHP, the Right Way
- Drupal Is a Framework: Why Everyone Needs to Understand This
- A Topic for Discussion - Open Source Feature-Richness?
- The Pari Package On Linux
- New Products
- Home, My Backup Data Center
- New Products
- This is the easiest tutorial
3 hours 49 min ago - Ahh, the Koolaid.
9 hours 27 min ago - git-annex assistant
15 hours 27 min ago - direct cable connection
15 hours 49 min ago - Agreed on AirDroid. With my
16 hours 14 sec ago - I just learned this
16 hours 4 min ago - enterprise
16 hours 34 min ago - not living upto the mobile revolution
19 hours 25 min ago - Deceptive Advertising and
20 hours 1 min ago - Let\'s declare that you have
20 hours 2 min ago
Poll
Comments
Reply to comment | Linux Journal
Undeniably imagine that that you said. Your favourite justification appeared to
be at the net the simplest factor to have in mind of.
I say to you, I certainly get annoyed even as people consider issues that they plainly
do not recognise about. You controlled to hit the nail upon the highest
as well as outlined out the entire thing with no need side
effect , other folks can take a signal. Will likely
be again to get more. Thank you