LAN on 2 locations with weak link - how to set up fallback DHCP+RADIUS if there's a disconnect between the locations?

Question

The site concerned is small and it's long, thin and winding, without consent to drill holes. There's an area affected by this, which has a couple of file servers, and 2 sporadically used PCs. To be honest its not essential that there is a 2nd link to this area - it wouldn't be harmful if the WAN was down there for a while, it's only sporadically used.

The more likely problem if that area is disconnected (switch fail/cable unplug?) is that the machines internal to that area lose DHCP and RADIUS, which are run within the main part of the LAN. If that happens, then they'll revert to default non-LAN IPs when their leases expire, so they'll lose contact with each other, even though connected. I could allocate them all hard-wired DHCP settings, but that's not sensible practice. What I'd like to do is set up a local DHCP/RADIUS box in that area, which is synced to the main one and which things can fall back on, for the duration of any disconnect. But I'm not sure the correct way to design such a thing, not having needed it before now.

For info, the LAN equipment comprises Netgear managed switches (GS724T v3 and similar), Windows 8.1 PCs, and FreeBSD servers. The main router is pfSense. Currently running Unbound for local resolution, dhcpd, and setting up freeradius 3 shortly.

Update : info related to Andy's answer

The areas are on the same subnet, so when the 2 networks are linked, that would mean 2 dchpds active. Although I suppose I could change the two to different subnets, or block one daemon using pf rules. It's also not clear that their lease caches/records would sync.

One option that occurs to me, could be a cron task that tests every 10 sec if the main services are pingable - if no, start local running fallback service, if yes then stop local service if running. (Precision timing isn't essential). But that's a bit of a kludge.

Answer 1

You can deploy a separate subnet with a local DHCP server (e.g. another pfsense box) in this area. DHCP will never go down, and you can set up static or dynamic routes to point traffic into and out of this subnet. If the link goes down, traffic just gets dropped at either end.

I have not used freeradius, but it looks like you can set up a server that caches another server. I do not know what this is used for (e.g. reliability vs. load sharing) or what happens if the cache looses connection, but it is worth a look. End of the day, you need some type of clone/mirror/cache server.

Answer 2

For radius, you should be able to run a primary and fallback server - the.method you use to sync them will, of-course vary snd you may have unmatched start/stop/accounting packets depending on how they are used.

Running 2 DHCP servers, while not ideal, may be possible if you define non-conflicting ranges and/or match IP addresses to MAC addresses. This epild not be a best practice though.

If the site uses WIFI to connect areas have you looked at changing to a different frequency band or looked at ethernet over powerline? If the connection is "dodgy" ethernet, and you cant pull a new cable in place of the old one, can you trst and swap pairs (you only need 2 pairs for 100 megabit), and/or can you run QoS to better msnage the bsndwidth?