Best practice for network configuration
Lennart Sorensen
lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org
Tue Jun 28 14:45:42 UTC 2011
On Tue, Jun 28, 2011 at 10:03:06AM -0400, William Muriithi wrote:
> Hmm, good idea. I still do not like the set up one bit and has too
> many potential problem for negligible convenience. Think about it.
>
> When we use DHCP, you still have to map the IP address to a MAC on
> each and every server you deploy, else the server may randomly change
> their IP leading to an outage. So, all this involve is moving the
> necessary change from the deployment server to DHCP, not doing away
> with change. Worse, when you have two or three DHCP servers, you now
> need to make 3 changes for every server deployment, in effect
> increasing configurations needed. That sound counter intuitive to me.
If you have 1000 servers, and you need to update the DNS settings,
being able to do it on DHCP is a lot less work than doing the same to
1000 servers. And if you can't figure out how to setup a system to send
the same config to two or three dhcp servers, then you shouldn't really
be running servers in general I suspect. That's a trivial problem.
Using DHCP is one way to clearly know which IP is on which MAC and hence
which server. Yeah you could keep track of it and really try hard to make
sure you never made a mistake configuring all those servers manually.
DHCP has the advantage that your database is the configuration rather
than just a log of what the configuration should be.
> On change dispatch, it also sound like a REALLY REALLY BAD idea. In
> fact, if I have 150 servers and plans to change the IP through DHCP, I
> would write and sign my resignation letter first. Think of all the
> application configurations that are likely to be bound to a specific
> IP. I have seen a good number of them in the few years I have been
> administrator. I will give you an example, if you have a server that
> uses ISCSI, check the ISCSI configuration. Chances are it has an IP
> dependence, and that will not be taken care of by DHCP. So with 150
> servers, you are guaranteed to have lots of things that will stop
> working. Worse, you can not easily figure what is wrong, as you
> introduced 150 changes with a single keyboard strike. That mean, you
> are likely to have a couple of rough days and lots of people breathing
> on your neck. Not something I would opt for to save myself 3 lines of
> changes
I think there are setups where DHCP does make sense, and then there are
setups where it doesn't. Certainly if you are running multiple IPs per
server and running apache and such on multiple IPs (https for example)
then DHCP is clearly not an option.
--
Len Sorensen
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list