Configuring DHCP Failover on Windows Server: A Step-by-Step Guide
When DHCP goes down, business grinds to a halt. No IP address means no internet, no file shares, no email, nothing. For IT admins running Windows Server, DHCP failover is a straightforward way to add resilience without jumping through hoops.
In this guide, we’ll walk through how to configure DHCP failover on Windows Server. We’ll cover both the hot standby and load balancing modes, along with pre-setup checks, firewall rules, DNS considerations, PowerShell automation, and how to verify that it’s actually working.
This post assumes you’re already running DHCP on at least one Windows Server 2016, 2019, or 2022 box and have a second server available to share the load.
What is DHCP Failover?
DHCP failover is a feature that allows two DHCP servers to share lease information and client state, ensuring high availability. If one server goes offline, the other continues to lease addresses without interruption.
There are two modes:
- Load Balance Mode: Both servers actively issue leases.
- Hot Standby Mode: One server is active, and the other takes over if it fails.
Prerequisites
Make sure you have:
- Two Windows Servers (2012 or later) with the DHCP role installed.
- Both servers authorised in Active Directory as DHCP servers.
- A shared scope (same subnet) defined on the primary server.
- Admin credentials on both systems.
- Firewall ports open (UDP 67, 68 and TCP 647).
Step 1: Install and Authorise DHCP on Both Servers
- Install DHCP Role
- Server Manager > Add roles and features > Select DHCP Server.
- Restart if prompted.
- Authorise the DHCP Server
- Open DHCP Console.
- Right-click the server name > Authorize.
- Refresh after a few seconds.
Step 2: Create a DHCP Scope
On your primary DHCP server:
- Right-click IPv4 > New Scope.
- Set a name, IP range (e.g., 192.168.10.100 – 192.168.10.200), and exclusions.
- Configure DNS and gateway options.
- Finish and activate the scope.
Step 3: Configure DHCP Failover
- Right-click the DHCP scope > Configure Failover.
- Select the scope(s) to share.
- Enter the partner server’s hostname/IP.
- Choose mode:
- Load Balance: both servers issue leases.
- Hot Standby: secondary is on standby.
- Set shared secret, MCLT, and load balance percentage if needed.
- Finish the wizard.
Step 4: Verify the Relationship
- Expand IPv4 > Failover in the DHCP console.
- Ensure the relationship status is “Normal.”
- Confirm scopes are synced on the secondary server.
Step 5: Test It – Command Prompt
- Stop DHCP on the primary server:
Stop-Service dhcpserver - On a client:
ipconfig /release ipconfig /renew - Check if the secondary server issues the lease.
PowerShell Automation (Optional)
Create a failover relationship via PowerShell:
Add-DhcpServerv4Failover -Name "Failover01" -PartnerServer "DHCP2" -ScopeId 192.168.10.0 -SharedSecret "SecretPass" -Mode LoadBalanceTo check the relationship:
Get-DhcpServerv4Failover
Firewall and Network Considerations
- Ensure TCP 647 is open between servers.
- Confirm DNS name resolution works.
- Both servers should be time-synced via NTP.
Troubleshooting Tips
- Scopes not syncing? Check AD authorisation and DNS.
- Event ID 20291? Typically network/firewall related.
- Partner unreachable? Test with
Test-Connectionor use Event Viewer for details.
Summary
DHCP failover is one of those hidden gems in Windows Server, easy to set up, yet incredibly valuable in preventing network outages. Whether you choose load balancing for everyday resilience or hot standby for DR scenarios, it’s a powerful way to keep things running smoothly.
This guide goes beyond the basics, covering not just GUI setup but PowerShell automation, firewall checks, testing strategies, and troubleshooting. Got questions or want a similar guide for DNS, Intune, or SharePoint? Get in touch, we’re happy to help.
External Sources
Share this:
Discover more from System Plus
Subscribe to get the latest posts sent to your email.
