Freepbx High Availability Module and dhcpd


when using two server in high availability using the HA module, would i be able to use setup dhcpd on the servers. would the slave server give out IP addresses if it is not the master server?

If you added it as part of the cluster, then you could say ‘only run on one node’.

FreePBX HA uses the standard Linux-HA infrastructure, and there’s nothing stopping you adding to it using pacemaker.

There is also an explicit ‘spare’ drbd volume made for people to add stuff to, explicitly for things like that.

If you’re uncomfortable doing it yourself, you could buy a couple of hours of support and the support guys could help you out.

Thanks Rob, i will give it a try

In a previous deployment, I added dhcpd, ntpd, named into the cluster.

Agree with Rob, unless you know exactly exactly what your doing with a HA deployment, please use the FreePBX support team.

We run FreePBX HA and also DHCP. However I setup separate DHCP servers not on the FreePBX server. I setup multiple DHCP servers which run all the time, so if any DHCP server goes down, the other one will continue, its not very hard if your are reasonably confident with Centos (or what ever flavour of Linux you prefer) and dhcpd. The DHCP serves point the phones at the FreePBX cluster IP address to download their configs. We actually use the DHCP server for all our network devices eg PC,s etc as well as the phones.

I’m sorry but that is just plain absurd, more that one DHCP on one network is just bad practice, there are any number of reasons why but basically there is absolutely no guarantee as to which device will service a request on port 69, think about the consequences of a device randomly changing its IP address for WHATEVER reason . . .

Just add DHCP to your corosync/heartbeat managed services in exactly the same way that you do with your TFTPD service and move it’s cache files onto the “shared” device.

Sorry I would totally disagree with that being bad practice, in fact I’d say it was good practice.
Most of our devices, well over 1000 have a fixed ip address given out by the DHCP servers. We have one master file of MAC/IP addresses which is used to build the dhcp configuration files for both servers. The dhcp protocol and servers support multiple servers, check out
"failover peer" for further details on how the servers know the status of each other and cope when one goes down. For us if we had only one dhcp server and it went down it would be a major problem.

Setting a failover peer would be unnecessary in an HA situation where the service is clustered they both have the same address. If you have a blended network perhaps so, but only one would be responsive at any one time if the network is operational, if it is not you have bigger problems. Further, adding a third server is a real pain.

If your phones are on the same LAN as your desktops, look into segregating your devices into appropriate VLANS it will make your life easier and the phones work better and the DHCP problem just goes away. I always go the KISS method and it really is SS, but if it works for you . . .

Thank you everyone for your advice, I have a spare HP microserver so i set this us as a DHCP server instead of using the PBXs.

Well, although in my experience I have never seen a linux dhcp service die unexpectedly, surely you are defeating your concept of HA here.

Ouch. VoIP phones should run in there own vlan for reliable VoIP. Ditto. Then one can manage dhcp and auto provisioning via option 66 for most vendors easily.
Sure throwing in with data works, most of the time, but you will get intermittent dropouts to VoIP as your traffic comes up in the lan.

In a “blended” network, the initial job for your phones “OOTB” experience is to have your DHCPD serve a very minimal config file from your TFTPD on option 66 or 150 or whatever they default to (perhaps an FTP or HTTP server, it’s completely phone specific) to kickstart them to use VLAN 512 (or whatever, 512 is a Cisco preferred thing) This string of bytes often needs to be done conditionally on the first three octets of the MAC address if you use more than one brand, they will normally then reboot and get the NEXT server from the DHCPD on the VLAN, surprisingly you probably already have dnsmasq on your system, and it can do all that (DNS, DHCP (including NTP server) and TFTP) all in one package hence rationalizing and minimizing your corosync scripts , I suggest you don’t do the NTPD yourself due to the way it works and the insecurity of most NTP servers , just point them to a lower level stratum server. The same DNSMASQ server can equally serve on the untagged and the tagged LAN’s, as I said before KISS.


Of course many phones will use LLDP pr Avahi/mDNS if there is no DHCP available to find stuff, another reason to make sure your network is “server appropriate” with no dangling or extraneous services running, I would suggest you not use such services unless you KEWYAD :slight_smile:

Re number of DHCP servers you require, depends very much on your network and requirements. If just a few phones/devices then one server should be fine, As dicko says KISS.
Ours is a complex network with many VLANs and a quick checks shows about 7000 devices defined in DHCP with static IP addresses, hence 2 DHCP servers in different buildings well separated, we have had JCB’s cut through our buildings fibre links more then once.
I would certainly agree that use a VLAN for the phones, and make sure you set the priority,. QOS etc either on the phones (or switch rules) and make sure the switches, routers etc honour this. We do this throughout our networks and on the Internet facing firewall and router.
So far the voice/IPT etc has worked very well, even when some users try and max out our Internet connection with file transfers.