Hi Libor, As you noted, this is because the server doesn't receive the option 82 data in subsequent renews. You may be able to force clients to always use the relay-agent on your router or whatever is doing the relay. Otherwise, there isn't much you can do. The Kea server can't classify a client based on information that doesn't exist. From the message you provided where it fails to select a subnet it seems that you are using the classification to control access to a subnet in some way. Kea won't even get as far as looking for a lease, if it can't find a subnet for the client. If you can't alter your relay-agent's behavior (with some, it is possible to mask the server address from the client such that the client thinks the relay is the server), then you may have to rethink your strategy.
Thank you, Darren Ankney On Thu, Mar 28, 2024 at 1:41 PM <brazda.li...@seznam.cz> wrote: > > Hi, I am trying to start kea dhcp with client classification using option 82 > through dhcp relay server. > > When client tries to do renew of ip address, tries to prolongate his lease, > kea response with NAK. > The problem is that when client makes simple dhcp discover, the packet goes > broadcast through the router, router acts like dhcp relay and relays packet > to dhcp server kea with added option 82. > But when client makes dhcp renewal-packet goes unicast directly to dhcp > server without option 82. As I understand, this causes kea to response with > NAK, because packet doesn't match to subnet rule criteria. In the logs I see > message "ailed to select a subnet for incoming packet, src 100.64.1.1, type > DHCPREQUEST" > > Is there a way to configure kea to accept renewal requests if lease already > exists and mac address of a client corresponds to stores lease? > > Full log - https://pastebin.com/yviEFneL > Full config - https://pastebin.com/2DxfQKb6 > > Thanks for any advice > > Libor > -- > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > Kea-users mailing list > Kea-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/kea-users -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
