How to Set Up DHCP Failover on Windows Server 2019

March 22, 2026
Tutorials
Comment off

Introduction to DHCP Failover on Windows Server 2019

DHCP Failover allows two Windows Server 2019 DHCP servers to share address assignment responsibility for a scope, providing high availability and load balancing for IP address leasing. Without failover, a single DHCP server failure means clients cannot renew leases or obtain new ones — which causes network connectivity loss once existing leases expire. Windows Server 2019 DHCP failover supports two modes: Hot Standby (one active server, one standby) and Load Balance (both servers active, sharing the address pool). This guide covers configuration, management, and troubleshooting of DHCP failover in both modes.

Prerequisites

You need two Windows Server 2019 systems, both with the DHCP Server role installed and both authorised in Active Directory. The DHCP scope to be protected must already exist on the primary server. Both servers must be able to communicate with each other on TCP port 647 (DHCP failover protocol).

# On both servers: install DHCP role
Install-WindowsFeature -Name DHCP -IncludeManagementTools

# Authorise both DHCP servers in AD (run from a domain admin account)
Add-DhcpServerInDC -DnsName "dhcp1.corp.example.com" -IPAddress 192.168.1.10
Add-DhcpServerInDC -DnsName "dhcp2.corp.example.com" -IPAddress 192.168.1.11

# Verify authorisation
Get-DhcpServerInDC

# On primary: create a test scope if one doesn't exist
Add-DhcpServerv4Scope `
    -Name "Corporate LAN" `
    -StartRange 192.168.100.1 `
    -EndRange 192.168.100.254 `
    -SubnetMask 255.255.255.0 `
    -LeaseDuration "8.00:00:00" `
    -State Active

Configure DHCP Failover — Load Balance Mode

In Load Balance mode, both servers respond to client requests, each handling a percentage of the address pool. The default split is 50/50 but can be adjusted. This mode provides both redundancy and horizontal scaling for large DHCP environments.

# On the primary DHCP server, configure failover for the scope
Add-DhcpServerv4Failover `
    -Name "LAN-Failover" `
    -PartnerServer "dhcp2.corp.example.com" `
    -ScopeId "192.168.100.0" `
    -Mode LoadBalance `
    -LoadBalancePercent 50 `
    -MaxClientLeadTime "01:00:00" `
    -AutoStateTransition $true `
    -StateSwitchInterval "01:00:00"

The MaxClientLeadTime (MCLT) parameter is critical — it defines the maximum time one partner can extend a lease without the other partner’s knowledge during a communication interruption. A value of 1 hour means that during a failover event, the standby server will wait up to 1 hour before taking over, ensuring it doesn’t assign addresses the partner may have already granted. The StateSwitchInterval controls how long the failover relationship waits in the COMMUNICATION INTERRUPTED state before auto-switching to PARTNER DOWN state.

# Verify failover configuration
Get-DhcpServerv4Failover

# Check failover state
Get-DhcpServerv4Failover | Select-Object Name, PartnerServer, Mode, State, ServerRole | Format-Table

Configure DHCP Failover — Hot Standby Mode

In Hot Standby mode, the primary server handles all leases during normal operation. The standby server only responds when the primary becomes unavailable. A percentage of addresses (the reserve percentage) is reserved on the standby server exclusively for use during failover.

# Configure hot standby failover (primary server runs this command)
Add-DhcpServerv4Failover `
    -Name "LAN-HotStandby" `
    -PartnerServer "dhcp2.corp.example.com" `
    -ScopeId "192.168.100.0" `
    -Mode HotStandby `
    -ReservePercent 20 `
    -MaxClientLeadTime "01:00:00" `
    -AutoStateTransition $true `
    -StateSwitchInterval "01:00:00"

The ReservePercent of 20 means 20% of the address pool is held back on the standby server and only used when the standby takes over. Ensure your pool has enough addresses that 20% reservation still leaves adequate capacity on the primary during normal operation.

Synchronise Scopes After Failover Setup

After configuring failover, synchronise the scope configuration (options, reservations, exclusions) from the primary to the partner server. The failover mechanism replicates lease data automatically, but initial scope configuration must be manually synchronised:

# Replicate scope configuration to the partner server
Invoke-DhcpServerv4FailoverReplication `
    -Name "LAN-Failover" `
    -Force

# Or replicate all failover scopes at once
Invoke-DhcpServerv4FailoverReplication -Force

# Verify replication completed successfully
Get-DhcpServerv4Scope -ComputerName "dhcp2.corp.example.com" | 
    Select-Object ScopeId, Name, State | Format-Table

Add Additional Scopes to an Existing Failover Relationship

# Add a new scope to an existing failover relationship
Add-DhcpServerv4FailoverScope `
    -Name "LAN-Failover" `
    -ScopeId "192.168.200.0"

# Replicate the new scope to the partner
Invoke-DhcpServerv4FailoverReplication -Name "LAN-Failover" -Force

Monitoring DHCP Failover State

The failover relationship has several possible states. Understanding these states is critical for diagnosing problems:

# Check current failover state
Get-DhcpServerv4Failover | Format-List Name, PartnerServer, State, ServerRole

# States explained:
# NORMAL        - Both servers communicating, operating normally
# COMMUNICATION INTERRUPTED - Servers cannot reach each other
# PARTNER DOWN  - One server explicitly declared the other as down
# POTENTIAL CONFLICT - Both servers operating independently (dangerous)
# CONFLICT DONE - Conflict has been resolved
# RECOVER       - Server recovering after being offline
# RECOVER DONE  - Recovery complete, waiting for partner
# PAUSED        - Relationship paused by administrator

# If stuck in PARTNER DOWN, manually set state to force recovery
Set-DhcpServerv4FailoverRelationship `
    -Name "LAN-Failover" `
    -State Recover `
    -ComputerName "dhcp1.corp.example.com"

Configure Failover with Shared Secret Authentication

Protect the failover channel between DHCP servers with a shared secret to prevent rogue servers from joining the failover relationship:

# Add shared secret when creating the failover relationship
Add-DhcpServerv4Failover `
    -Name "SecureFailover" `
    -PartnerServer "dhcp2.corp.example.com" `
    -ScopeId "192.168.100.0" `
    -Mode LoadBalance `
    -LoadBalancePercent 50 `
    -SharedSecret "Str0ng$ecretKey2019!" `
    -MaxClientLeadTime "01:00:00"

# Update shared secret on an existing relationship
Set-DhcpServerv4Failover `
    -Name "LAN-Failover" `
    -SharedSecret "NewStr0ng$ecret2024!"

Remove and Rebuild a Failover Relationship

# Remove the failover relationship (does not delete the scope)
Remove-DhcpServerv4Failover -Name "LAN-Failover" -Force

# To remove from both servers simultaneously:
Remove-DhcpServerv4Failover -Name "LAN-Failover" -Force -ComputerName "dhcp1.corp.example.com"
Remove-DhcpServerv4Failover -Name "LAN-Failover" -Force -ComputerName "dhcp2.corp.example.com"

Firewall Configuration for DHCP Failover

# Allow DHCP failover protocol (TCP 647) between partner servers
New-NetFirewallRule `
    -DisplayName "DHCP Failover" `
    -Direction Inbound `
    -Protocol TCP `
    -LocalPort 647 `
    -RemoteAddress "192.168.1.11" `
    -Action Allow

# Verify DHCP firewall rules
Get-NetFirewallRule | Where-Object DisplayName -match "DHCP" | 
    Select-Object DisplayName, Enabled, Direction | Format-Table

Summary

DHCP Failover on Windows Server 2019 provides a native, built-in mechanism for DHCP high availability with no third-party software required. Load Balance mode distributes the workload across two active servers, while Hot Standby mode keeps a warm standby ready to take over immediately. The MCLT parameter ensures safe lease handover during communication failures, and shared secrets protect the failover channel from unauthorised participation. After initial setup, ongoing management involves monitoring failover state, synchronising scope changes, and periodically testing failover by simulating primary server failure.