Re: [Kea-users] KEA sends valid-lifetime = 0
Oh wow - I failed to notice that those two addresses were the same address in what Veronique sent. On Fri, Dec 2, 2022 at 1:15 PM Silvester van der Leer wrote: > Silvester van der Leer > 7:13 PM (0 minutes ago) > to Darren > Hi, > > I've opened the issue at gitlab and contacted veronique since the issue we > encounter is similar. > > In this case both IA_ADDR's IP's are the same, one with correct lifetime, > and one with zero lifetime, which may cause the client to glitch (which > happens in my case) > > > On Fri, Dec 2, 2022 at 3:35 PM Darren Ankney > wrote: > >> https://www.rfc-editor.org/rfc/rfc3315#section-22.6 >> >> "In a message sent by a server to a client, the client MUST use the >> values in the preferred and valid lifetime fields for the preferred >> and valid lifetimes." >> >> I believe that the server is telling the client to not use the address >> with the 0 length lifetime and instead use the other address. Have a >> look at the client messages and see if both IPs are listed or perhaps >> only the IP that the server is sending 0 for is listed in the IANA. >> >> On Fri, Dec 2, 2022 at 9:27 AM Veronique Lefebure >> wrote: >> > >> > For people who would encounter the same issue, see >> https://gitlab.isc.org/isc-projects/kea/-/issues/2660 >> > >> > From: Kea-users on behalf of >> Veronique Lefebure >> > Sent: Thursday, January 27, 2022 3:31 PM >> > To: kea-users@lists.isc.org >> > Subject: [Kea-users] KEA sends valid-lifetime = 0 >> > >> > >> > Hi, >> > >> > For the following query: >> > >> > 16:24:15.730401 IP6 (hlim 1, next-header UDP (17) payload length: 143) >> > cs-lab11-kea.dhcpv6-client > ff02::1:2.dhcpv6-server: >> > [bad udp cksum 0xc2bb -> 0xa8e1!] >> > dhcp6 renew (xid=50bedb >> > (client-ID type 4) >> > (server-ID hwaddr/time type 1 time 692127779 00259074ca68) >> > (option-request DNS-server DNS-search-list DNS-server DNS-search-list >> client-ID) >> > (elapsed-time 0) (Client-FQDN) >> > (IA_NA IAID:795336567 T1:3600 T2:5400(IA_ADDR ::101:1 pltime:7200 >> vltime:7500)) >> > ) >> > >> > I have observed a case where KEA dhcp6 returns the following: >> > >> > 16:24:16.359170 IP6 (hlim 64, next-header UDP (17) payload length: 171) >> > gateway.dhcpv6-server > cs-lab11-kea.dhcpv6-client: >> > [udp sum ok] >> > dhcp6 reply (xid=50bedb >> > (client-ID type 4) >> > (server-ID hwaddr/time type 1 time 692127779 00259074ca68) >> > (IA_NA IAID:795336567 T1:40 T2:100 >> > (IA_ADDR ::101:1 pltime:120 vltime:120) >> > (IA_ADDR ::101:1 pltime:0 vltime:0)) >> > (DNS-search-list cern.ch.) (Client-FQDN)) >> > >> > Where there are 2 IA_ADDR, the second one having a vltime of 0. >> > >> > Any idea how that can happen ? >> > >> > wireshark shows this: >> > >> > [...] >> > Message type: Reply (7) >> > Transaction ID: 0x52a6e8 >> > Client Identifier >> > Server Identifier >> > Identity Association for Non-temporary Address >> > Option: Identity Association for Non-temporary Address (3) >> > Length: 68 >> > xxx >> > IAID: 2f67df77 >> > T1: 40 >> > T2: 100 >> > IA Address >> > Option: IA Address (5) >> > Length: 24 >> > Value: 101000100780078 >> > IPv6 address: 2001:1458:202:1d5::101:1 (::101:1) >> > Preferred lifetime: 120 >> > Valid lifetime: 120 >> > IA Address >> > Option: IA Address (5) >> > Length: 24 >> > Value: 1010001 >> > IPv6 address: 2001:1458:202:1d5::101:1 (::101:1) >> > Preferred lifetime: 0 >> > Valid lifetime: 0 >> > Domain Search List >> > Fully Qualified Domain Name >> > >> > Thanks, >> > Veronique >> > -- >> > ISC funds the development of this software with paid support >> subscriptions. Contact us at https://www.isc.org/contact/ for more >> information. >> > >> > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. >> > >> > Kea-users mailing list >> > Kea-users@lists.isc.org >> > https://lists.isc.org/mailman/listinfo/kea-users >> -- >> ISC funds the development of this software with paid support >> subscriptions. Contact us at https://www.isc.org/contact/ for more >> information. >> >> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. >> >> Kea-users mailing list >> Kea-users@lists.isc.org >> https://lists.isc.org/mailman/listinfo/kea-users >> > > > -- > And there was silence > -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
Re: [Kea-users] KEA sends valid-lifetime = 0
Silvester van der Leer 7:13 PM (0 minutes ago) to Darren Hi, I've opened the issue at gitlab and contacted veronique since the issue we encounter is similar. In this case both IA_ADDR's IP's are the same, one with correct lifetime, and one with zero lifetime, which may cause the client to glitch (which happens in my case) On Fri, Dec 2, 2022 at 3:35 PM Darren Ankney wrote: > https://www.rfc-editor.org/rfc/rfc3315#section-22.6 > > "In a message sent by a server to a client, the client MUST use the > values in the preferred and valid lifetime fields for the preferred > and valid lifetimes." > > I believe that the server is telling the client to not use the address > with the 0 length lifetime and instead use the other address. Have a > look at the client messages and see if both IPs are listed or perhaps > only the IP that the server is sending 0 for is listed in the IANA. > > On Fri, Dec 2, 2022 at 9:27 AM Veronique Lefebure > wrote: > > > > For people who would encounter the same issue, see > https://gitlab.isc.org/isc-projects/kea/-/issues/2660 > > > > From: Kea-users on behalf of > Veronique Lefebure > > Sent: Thursday, January 27, 2022 3:31 PM > > To: kea-users@lists.isc.org > > Subject: [Kea-users] KEA sends valid-lifetime = 0 > > > > > > Hi, > > > > For the following query: > > > > 16:24:15.730401 IP6 (hlim 1, next-header UDP (17) payload length: 143) > > cs-lab11-kea.dhcpv6-client > ff02::1:2.dhcpv6-server: > > [bad udp cksum 0xc2bb -> 0xa8e1!] > > dhcp6 renew (xid=50bedb > > (client-ID type 4) > > (server-ID hwaddr/time type 1 time 692127779 00259074ca68) > > (option-request DNS-server DNS-search-list DNS-server DNS-search-list > client-ID) > > (elapsed-time 0) (Client-FQDN) > > (IA_NA IAID:795336567 T1:3600 T2:5400(IA_ADDR ::101:1 pltime:7200 > vltime:7500)) > > ) > > > > I have observed a case where KEA dhcp6 returns the following: > > > > 16:24:16.359170 IP6 (hlim 64, next-header UDP (17) payload length: 171) > > gateway.dhcpv6-server > cs-lab11-kea.dhcpv6-client: > > [udp sum ok] > > dhcp6 reply (xid=50bedb > > (client-ID type 4) > > (server-ID hwaddr/time type 1 time 692127779 00259074ca68) > > (IA_NA IAID:795336567 T1:40 T2:100 > > (IA_ADDR ::101:1 pltime:120 vltime:120) > > (IA_ADDR ::101:1 pltime:0 vltime:0)) > > (DNS-search-list cern.ch.) (Client-FQDN)) > > > > Where there are 2 IA_ADDR, the second one having a vltime of 0. > > > > Any idea how that can happen ? > > > > wireshark shows this: > > > > [...] > > Message type: Reply (7) > > Transaction ID: 0x52a6e8 > > Client Identifier > > Server Identifier > > Identity Association for Non-temporary Address > > Option: Identity Association for Non-temporary Address (3) > > Length: 68 > > xxx > > IAID: 2f67df77 > > T1: 40 > > T2: 100 > > IA Address > > Option: IA Address (5) > > Length: 24 > > Value: 101000100780078 > > IPv6 address: 2001:1458:202:1d5::101:1 (::101:1) > > Preferred lifetime: 120 > > Valid lifetime: 120 > > IA Address > > Option: IA Address (5) > > Length: 24 > > Value: 1010001 > > IPv6 address: 2001:1458:202:1d5::101:1 (::101:1) > > Preferred lifetime: 0 > > Valid lifetime: 0 > > Domain Search List > > Fully Qualified Domain Name > > > > Thanks, > > Veronique > > -- > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > > > Kea-users mailing list > > Kea-users@lists.isc.org > > https://lists.isc.org/mailman/listinfo/kea-users > -- > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > Kea-users mailing list > Kea-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/kea-users > -- And there was silence -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
Re: [Kea-users] KEA sends valid-lifetime = 0
https://www.rfc-editor.org/rfc/rfc3315#section-22.6 "In a message sent by a server to a client, the client MUST use the values in the preferred and valid lifetime fields for the preferred and valid lifetimes." I believe that the server is telling the client to not use the address with the 0 length lifetime and instead use the other address. Have a look at the client messages and see if both IPs are listed or perhaps only the IP that the server is sending 0 for is listed in the IANA. On Fri, Dec 2, 2022 at 9:27 AM Veronique Lefebure wrote: > > For people who would encounter the same issue, see > https://gitlab.isc.org/isc-projects/kea/-/issues/2660 > > From: Kea-users on behalf of Veronique > Lefebure > Sent: Thursday, January 27, 2022 3:31 PM > To: kea-users@lists.isc.org > Subject: [Kea-users] KEA sends valid-lifetime = 0 > > > Hi, > > For the following query: > > 16:24:15.730401 IP6 (hlim 1, next-header UDP (17) payload length: 143) > cs-lab11-kea.dhcpv6-client > ff02::1:2.dhcpv6-server: > [bad udp cksum 0xc2bb -> 0xa8e1!] > dhcp6 renew (xid=50bedb > (client-ID type 4) > (server-ID hwaddr/time type 1 time 692127779 00259074ca68) > (option-request DNS-server DNS-search-list DNS-server DNS-search-list > client-ID) > (elapsed-time 0) (Client-FQDN) > (IA_NA IAID:795336567 T1:3600 T2:5400(IA_ADDR ::101:1 pltime:7200 > vltime:7500)) > ) > > I have observed a case where KEA dhcp6 returns the following: > > 16:24:16.359170 IP6 (hlim 64, next-header UDP (17) payload length: 171) > gateway.dhcpv6-server > cs-lab11-kea.dhcpv6-client: > [udp sum ok] > dhcp6 reply (xid=50bedb > (client-ID type 4) > (server-ID hwaddr/time type 1 time 692127779 00259074ca68) > (IA_NA IAID:795336567 T1:40 T2:100 > (IA_ADDR ::101:1 pltime:120 vltime:120) > (IA_ADDR ::101:1 pltime:0 vltime:0)) > (DNS-search-list cern.ch.) (Client-FQDN)) > > Where there are 2 IA_ADDR, the second one having a vltime of 0. > > Any idea how that can happen ? > > wireshark shows this: > > [...] > Message type: Reply (7) > Transaction ID: 0x52a6e8 > Client Identifier > Server Identifier > Identity Association for Non-temporary Address > Option: Identity Association for Non-temporary Address (3) > Length: 68 > xxx > IAID: 2f67df77 > T1: 40 > T2: 100 > IA Address > Option: IA Address (5) > Length: 24 > Value: 101000100780078 > IPv6 address: 2001:1458:202:1d5::101:1 (::101:1) > Preferred lifetime: 120 > Valid lifetime: 120 > IA Address > Option: IA Address (5) > Length: 24 > Value: 1010001 > IPv6 address: 2001:1458:202:1d5::101:1 (::101:1) > Preferred lifetime: 0 > Valid lifetime: 0 > Domain Search List > Fully Qualified Domain Name > > Thanks, > Veronique > -- > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > Kea-users mailing list > Kea-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/kea-users -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
Re: [Kea-users] KEA sends valid-lifetime = 0
For people who would encounter the same issue, see https://gitlab.isc.org/isc-projects/kea/-/issues/2660 From: Kea-users on behalf of Veronique Lefebure Sent: Thursday, January 27, 2022 3:31 PM To: kea-users@lists.isc.org Subject: [Kea-users] KEA sends valid-lifetime = 0 Hi, For the following query: 16:24:15.730401 IP6 (hlim 1, next-header UDP (17) payload length: 143) cs-lab11-kea.dhcpv6-client > ff02::1:2.dhcpv6-server: [bad udp cksum 0xc2bb -> 0xa8e1!] dhcp6 renew (xid=50bedb (client-ID type 4) (server-ID hwaddr/time type 1 time 692127779 00259074ca68) (option-request DNS-server DNS-search-list DNS-server DNS-search-list client-ID) (elapsed-time 0) (Client-FQDN) (IA_NA IAID:795336567 T1:3600 T2:5400(IA_ADDR ::101:1 pltime:7200 vltime:7500)) ) I have observed a case where KEA dhcp6 returns the following: 16:24:16.359170 IP6 (hlim 64, next-header UDP (17) payload length: 171) gateway.dhcpv6-server > cs-lab11-kea.dhcpv6-client: [udp sum ok] dhcp6 reply (xid=50bedb (client-ID type 4) (server-ID hwaddr/time type 1 time 692127779 00259074ca68) (IA_NA IAID:795336567 T1:40 T2:100 (IA_ADDR ::101:1 pltime:120 vltime:120) (IA_ADDR ::101:1 pltime:0 vltime:0)) (DNS-search-list cern.ch.) (Client-FQDN)) Where there are 2 IA_ADDR, the second one having a vltime of 0. Any idea how that can happen ? wireshark shows this: [...] Message type: Reply (7) Transaction ID: 0x52a6e8 Client Identifier Server Identifier Identity Association for Non-temporary Address Option: Identity Association for Non-temporary Address (3) Length: 68 xxx IAID: 2f67df77 T1: 40 T2: 100 IA Address Option: IA Address (5) Length: 24 Value: 101000100780078 IPv6 address: 2001:1458:202:1d5::101:1 (::101:1) Preferred lifetime: 120 Valid lifetime: 120 IA Address Option: IA Address (5) Length: 24 Value: 1010001 IPv6 address: 2001:1458:202:1d5::101:1 (::101:1) Preferred lifetime: 0 Valid lifetime: 0 Domain Search List Fully Qualified Domain Name Thanks, Veronique -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
Re: [Kea-users] BOOTP clients
Hi Veronique, No, I didn't apply to any hook library yet, Will check it. Thanks for your guidance. On Fri, Dec 2, 2022 at 3:10 PM Veronique Lefebure < veronique.lefeb...@cern.ch> wrote: > Hi, > Have you loaded the bootp hooks-libraries ? > Cheers, > Veronique > -- > *From:* Kea-users on behalf of Kraishak > Mahtha > *Sent:* Friday, December 2, 2022 10:37 AM > *To:* kea-users@lists.isc.org > *Subject:* [Kea-users] BOOTP clients > > Hi, I am using the kea 2.2.0 version > > I am unable to get a lease for the bootp clients and getting an > error message like > 2022-12-02 09:34:56.035 DEBUG [kea-dhcp4.bad-packets/8880.140634536294592] > DHCP4_PACKET_DROP_0009 [hwtype=1 11:1f:f1:00:00:01], cid=[no info], > tid=0x12596530: Option 53 missing (no DHCP message type), is this a BOOTP > packet? > > So, do we have any other alternative way of handling this? > > Any help would be appreciated > Thanks in advance > Kraishak > > -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
Re: [Kea-users] Ping timeout and one lease per client
Hi Darren, Thanks for the information, it looks like the hook library is limited to paid support. Thanks for sharing the reference. On Fri, Dec 2, 2022 at 3:57 PM Darren Ankney wrote: > I don't think there is an analog to the ping test, but there is a > "limits" library: > > > https://kea.readthedocs.io/en/kea-2.2.0/arm/hooks.html#limits-limits-to-manage-lease-allocation-and-packet-processing > > It is a hook library that does require a support subscription to > access, but there is a mechanism to limit leases per client. > > On Fri, Dec 2, 2022 at 12:42 AM Kraishak Mahtha > wrote: > > > > Hi All, > > > > I am migrating my ISC dhcp config to the kea-supported config during > this transition period I came to know that we don't have support for the > options ping timeout, one lease per client, and its equivalent options in > kea but this could be leading to duplicate IP and filling out the leases of > the pool when we have roaming clients(one lease per client), > > > > Tried to see if any other new parameter is equivalent to that but could > not find any such, Can someone please advise me if we have any such > equivalent parameter in kea? > > > > Thanks in Advance > > Kraishak > > -- > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > > > Kea-users mailing list > > Kea-users@lists.isc.org > > https://lists.isc.org/mailman/listinfo/kea-users > -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
Re: [Kea-users] Ping timeout and one lease per client
I don't think there is an analog to the ping test, but there is a "limits" library: https://kea.readthedocs.io/en/kea-2.2.0/arm/hooks.html#limits-limits-to-manage-lease-allocation-and-packet-processing It is a hook library that does require a support subscription to access, but there is a mechanism to limit leases per client. On Fri, Dec 2, 2022 at 12:42 AM Kraishak Mahtha wrote: > > Hi All, > > I am migrating my ISC dhcp config to the kea-supported config during this > transition period I came to know that we don't have support for the options > ping timeout, one lease per client, and its equivalent options in kea but > this could be leading to duplicate IP and filling out the leases of the pool > when we have roaming clients(one lease per client), > > Tried to see if any other new parameter is equivalent to that but could not > find any such, Can someone please advise me if we have any such equivalent > parameter in kea? > > Thanks in Advance > Kraishak > -- > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > Kea-users mailing list > Kea-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/kea-users -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
Re: [Kea-users] BOOTP clients
Hi, Have you loaded the bootp hooks-libraries ? Cheers, Veronique From: Kea-users on behalf of Kraishak Mahtha Sent: Friday, December 2, 2022 10:37 AM To: kea-users@lists.isc.org Subject: [Kea-users] BOOTP clients Hi, I am using the kea 2.2.0 version I am unable to get a lease for the bootp clients and getting an error message like 2022-12-02 09:34:56.035 DEBUG [kea-dhcp4.bad-packets/8880.140634536294592] DHCP4_PACKET_DROP_0009 [hwtype=1 11:1f:f1:00:00:01], cid=[no info], tid=0x12596530: Option 53 missing (no DHCP message type), is this a BOOTP packet? So, do we have any other alternative way of handling this? Any help would be appreciated Thanks in advance Kraishak -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
[Kea-users] BOOTP clients
Hi, I am using the kea 2.2.0 version I am unable to get a lease for the bootp clients and getting an error message like 2022-12-02 09:34:56.035 DEBUG [kea-dhcp4.bad-packets/8880.140634536294592] DHCP4_PACKET_DROP_0009 [hwtype=1 11:1f:f1:00:00:01], cid=[no info], tid=0x12596530: Option 53 missing (no DHCP message type), is this a BOOTP packet? So, do we have any other alternative way of handling this? Any help would be appreciated Thanks in advance Kraishak -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users