Re: [Kea-users] DHCPv4 - respond to option 108 without allocating leases

2024-05-22 Thread Peter Davies 

Hi lexi,
   This option is not sent if the client does not request it in its 
parameter

request list.

Adding "always-send": true" to the option data will tell Kea to send the 
option

anyway;  I am unsure how the client would handle this.

    "option-data": [
    {
    "name": "v6-only-preferred",
    "always-send": true",
    "data": "300"
    }
    ]

Kind Regards Peter


On 22/05/2024 07.30, Lexi Winter wrote:

 "option-data": [
 {
 "name": "v6-only-preferred",
     "data": "300"
 }
 ]


--
Peter Davies
Support Engineer
Internet Systems Corporation
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] High memory utilization for Kea server / Stork agent

2024-05-14 Thread Peter Davies 

Hi Marek,

   It would be better if you sent this to the Stork Users mailing list 
- stork-us...@lists.isc.org


/Peter

On 13/05/2024 20.11, Marek Hajduczenia wrote:


Dear colleagues,

I have been observing very high memory utilization for Kea VMs. In ~4 
days, the memory utilization has grown from ~2 GB to close to 8GB for 
no good reason.


I seem to be running multiple copies of processes for some reason, 
with stork-agent likely being the primary culprit, and Kea DHCP 
servers being likely the second culprit. I have the very same 
situation on both lab nodes. I have to restart the server / stork 
agent periodically to eliminate the memory bloat.


634 stork-age  20   0 1866M 26240 15824 S  0.0  0.3  7:35.77 
/usr/bin/stork-agent


709 stork-age  20   0 1866M 26240 15824 S  0.0  0.3  0:18.34 
/usr/bin/stork-agent


710 stork-age  20   0 1866M 26240 15824 S  0.0  0.3  0:34.27 
/usr/bin/stork-agent


711 stork-age  20   0 1866M 26240 15824 S  0.0  0.3  0:00.00 
/usr/bin/stork-agent


713 stork-age  20   0 1866M 26240 15824 S  0.0  0.3  0:00.01 
/usr/bin/stork-agent


727 stork-age  20   0 1866M 26240 15824 S  0.0  0.3  0:00.00 
/usr/bin/stork-agent


740 stork-age  20   0 1866M 26240 15824 S  0.0  0.3  1:29.63 
/usr/bin/stork-agent


894 stork-age  20   0 1866M 26240 15824 S  0.0  0.3  1:24.96 
/usr/bin/stork-agent


1921 stork-age  20   0 1866M 26240 15824 S  0.0  0.3 1:29.49 
/usr/bin/stork-agent


15986 stork-age  20   0 1866M 26240 15824 S  0.0  0.3 0:53.26 
/usr/bin/stork-agent


   1340 _kea   20   0  507M 23864 16784 S  0.0  0.3  4:54.19 
/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf


   1341 _kea   20   0  507M 23864 16784 S  0.0  0.3  0:00.00 
/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf


   1342 _kea   20   0  507M 23864 16784 S  0.0  0.3  0:00.00 
/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf


   1343 _kea   20   0  507M 23864 16784 S  0.0  0.3  0:00.00 
/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf


   1344 _kea   20   0  507M 23864 16784 S  0.0  0.3  0:00.00 
/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf


   1352 _kea   20   0  507M 23864 16784 S  0.0  0.3  0:05.43 
/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf


   1353 _kea   20   0  507M 23864 16784 S  0.0  0.3  0:05.49 
/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf


   1354 _kea   20   0  507M 23864 16784 S  0.0  0.3  0:08.22 
/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf


   1355 _kea   20   0  507M 23864 16784 S  0.0  0.3  0:08.25 
/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf


  20544 _kea   20   0  507M 23864 16784 S  0.0  0.3  0:00.00 
/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf


  20545 _kea   20   0  507M 23864 16784 S  0.0  0.3  0:00.00 
/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf


    679 root   20   0  107M 20736 12596 S  0.0  0.3  0:00.04 
/usr/bin/python3 
/usr/share/unattended-upgrades/unattended-upgrade-shutdown 
--wait-for-signal


    732 root   20   0  107M 20736 12596 S  0.0  0.3  0:00.00 
/usr/bin/python3 
/usr/share/unattended-upgrades/unattended-upgrade-shutdown 
--wait-for-signal


   1889 _kea   20   0  507M 19292 14552 S  0.0  0.2  3:05.41 
/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf


   1890 _kea   20   0  507M 19292 14552 S  0.0  0.2  0:00.00 
/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf


   1891 _kea   20   0  507M 19292 14552 S  0.0  0.2  0:00.00 
/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf


   1892 _kea   20   0  507M 19292 14552 S  0.0  0.2  0:00.00 
/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf


   1893 _kea   20   0  507M 19292 14552 S  0.0  0.2  0:00.00 
/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf


   1897 _kea   20   0  507M 19292 14552 S  0.0  0.2  0:05.47 
/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf


   1898 _kea   20   0  507M 19292 14552 S  0.0  0.2  0:05.15 
/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf


   1899 _kea   20   0  507M 19292 14552 S  0.0  0.2  0:10.02 
/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf


   1900 _kea   20   0  507M 19292 14552 S  0.0  0.2  0:09.95 
/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf


  20586 _kea   20   0  507M 19292 14552 S  0.0  0.2  0:00.09 
/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf


 20587 _kea   20   0  507M 19292 14552 S  0.0  0.2  0:00.08 
/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf


Regards

Marek



--
Peter Davies
Support Engineer
Internet Systems Corporation
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] vendor class for Meraki AP

2024-05-14 Thread Peter Davies 

Hi CS,

Kea sees the vendor ID and automatically creates the VENDOR_CLASS_MERAKI 
class, which is associated with this client.


The problem is that are for some reasonno available leases for this 
client on subnet-id 3.


It is not possible to give a better explanation based on the data 
presented here.


Kind Regards Peter

On 13/05/2024 22.33, CS wrote:
I am trying to migrate onto a kea server however I think I am 
stymied by vendor classes/options and my lack of understanding of the 
concept. On the server I am logging the following:


2024-05-10 05:18:35.064 WARN  [kea-dhcp4.alloc-engine/1184246] 
ALLOC_ENGINE_V4_ALLOC_FAIL_SUBNET [hwtype=1 xx:xx:xx:xx:xx:xx], 
cid=[xx:xx:xx:xx:xx:xx:xx], tid=0x58cf5641: failed to allocate an IPv4 
lease in the subnet xx.xx.xx.xx/xx, subnet-id 3, shared network (none)
2024-05-10 05:18:35.064 WARN  [kea-dhcp4.alloc-engine/1184246] 
ALLOC_ENGINE_V4_ALLOC_FAIL_NO_POOLS [hwtype=1 xx:xx:xx:xx:xx:xx], 
cid=[xx:xx:xx:xx:xx:xx], tid=0x58cf5641: no pools were available for 
the address allocation
2024-05-10 05:18:35.064 WARN  [kea-dhcp4.alloc-engine/1184246] 
ALLOC_ENGINE_V4_ALLOC_FAIL_CLASSES [hwtype=1 xx:xx:xx:xx:xx:xx], 
cid=[xx:xx:xx:xx:xx:xx], tid=0x58cf5641: Failed to allocate an IPv4 
address for client with classes: ALL, HA_kea1.org.org 
<http://HA_kea1.org.org>, VENDOR_CLASS_MERAKI, UNKNOWN


Since I have pools defined with all their IP addresses available, I 
assume this is because I need to define a vendor class for the meraki 
access points that are DORA but I can't seem to craft the 
configuration that can move this forward. Probably because . When I 
look at our old windows DHCP server I have the following reference but 
I am still stuck.



  MERAKI_AP_CLASS
  Vendor
  0x4d4552414b49


Any thoughts, advice, direction? Working my way through 
https://kea.readthedocs.io/en/latest/arm/classify.htmlbut I'm not sure 
I fully understand the vendor options concept of all this...especially 
in resolving my isseu.


CS, cs.temp.m...@gmail.com


--
Peter Davies
Support Engineer
Internet Systems Corporation
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] How to compile ISC KEA as shared object lib

2024-04-19 Thread Peter Davies 

Hi Anil,
  I have no idea how you would go about doing this.
However, the run script hooks library may be useful if you need Kea to 
send data

to external processes.

See: 
https://kea.readthedocs.io/en/kea-2.4.1/arm/hooks.html#libdhcp-run-script-so-run-script-support-for-external-hook-scripts


Kind Regards Peter


On 20/04/2024 06.49, Anil kumar wrote:

Hi All,

1. Would it be possible to compile KEA as a shared object and link it 
to my process ?


2. I would like book keep and track all the clients as part of hook 
callbacks so that once address is assigned would want to updated Linux 
IP Routes tables and IP neighbor tables ?


Any suggestions and guidance from the community is highly appreciated.

With Regards
Anil Kumar S N


--
Peter Davies
Support Engineer
Internet Systems Corporation
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] migrating from DHCPd to Kea

2024-04-18 Thread Peter Davies 

Hi Brendan,
   Logging is needed to troubleshoot in any meaningful way.
Regarding host reservations, there are no fast rules; it is intended to 
be as

flexible as possible. Having globals and subnet reservations is common.

The only thing we advise against is using global reservations to 
associate IP

addresses with clients; this may lead to clients receiving unusable leases.
Global reservations can be used to associate client classes etc..

Kind Regards Peter


On 17/04/2024 17.14, Brendan Kearney wrote:

Peter,

thanks for the insight.  it will take me a bit to get the env setup 
for verbose logging, but will share the logs once they are generated.  
regarding the reservations, are there best practices around global vs 
subnet based reservations.  i have read 
https://kea.readthedocs.io/en/kea-2.4.1/arm/dhcp4-srv.html#global-reservations-in-dhcpv4, 
and understand why the capability for both exist, but are there 
general "rules of the road" around this subject?  in cases where i 
classify, but do not specify a reserved IP, i could see the global 
reservation being appropriate.  in cases where a reserved IP is 
assigned, what pros and cons are there around where the reservation is 
defined?  in my case, i have  call outs 
for many of the config stanzas, to help organize the different 
capabilities of Kea, and thats why i have all the reservations set 
globally.  its based out of convenience and clarity, but doesnt mean 
i'm right/wrong or following best practices.


thanks for the help and effort,

brendan

On 4/17/24 5:49 AM, Peter Davies wrote:

Hi Brendan,
   It is not possible to see any details from this logging.

You should check your haproxy configuration, Kea cannot continue 
processing

requests if it is unable to connect to the lease database.

I suggest that you temporarily enable Severity DEBUG and debuglevel 
99 so you

can see requests and how Kea is processing them.

 As all your reservations are global, you should define
 "reservations-global": true,"
 the default is false.

 All pools are guarded by client classes. The client may not be 
associated with

 any of these classes.

/Peter



--
Peter Davies
Support Engineer
Internet Systems Corporation

--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] migrating from DHCPd to Kea

2024-04-17 Thread Peter Davies 

Hi Brendan,
   It is not possible to see any details from this logging.

You should check your haproxy configuration, Kea cannot continue processing
requests if it is unable to connect to the lease database.

I suggest that you temporarily enable Severity DEBUG and debuglevel 99 
so you

can see requests and how Kea is processing them.

 As all your reservations are global, you should define
 "reservations-global": true,"
 the default is false.

 All pools are guarded by client classes. The client may not be 
associated with

 any of these classes.

/Peter


--
Peter Davies
Support Engineer
Internet Systems Corporation

--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Kea-dhcp4-server service failed after debian update

2024-04-16 Thread Peter Davies 

Hi Fabio,
  If you are building Kea from source, you will need to rebuild the 
binaries if any dependencies are updated.


Kind Regards Peter

On 16/04/2024 13.24, Fabio Snozzi wrote:


Hi Peter

We use:

2.4.1-git

tarball

linked with:

log4cplus 2.0.8

OpenSSL 3.0.11 19 Sep 2023

database:

Memfile backend 3.0

On Debian Bookworm

Best

Fabio

-

Fabio Snozzi
University of Zurich
Department of Molecular Life Sciences
Department of Quantitative Biomedicine
Winterthurerstrasse 190
CH-8057 Zurich
Switzerland

IT Services
Office Y32-F-01
Phone +41 44 6354812

fabio.sno...@mls.uzh.ch <mailto:fabio.sno...@mls.uzh.ch>

*From:*Kea-users  *On Behalf Of 
*Peter Davies

*Sent:* Dienstag, 16. April 2024 13:15
*To:* kea-users@lists.isc.org
*Subject:* Re: [Kea-users] Kea-dhcp4-server service failed after 
debian update


Hi Fabio,

   What version of Kea are you running?

kea-dhcp4 -W

/Peter

On 15/04/2024 08.31, Fabio Snozzi wrote:

Hello

since about 2 months we have the problem, that as soon as we
update our system with one of the following packages, the
kea-dhcp4-server service failes to start.

bsdutils amd64 1:2.38.1-5+deb12u1

libmariadb3 amd64 1:10.11.6-0+deb12u1

error in log:

/usr/sbin/kea-dhcp4: undefined symbol:
_ZN3isc4dhcp13MySqlLeaseMgr12getDBVersionB5cxx11Ev (demangeled =>
misc::dhcp::MySqlLeaseMgr::getDBVersion[abi:cxx11]() )

Best

Fabio

-

Fabio Snozzi
University of Zurich
Department of Molecular Life Sciences
Department of Quantitative Biomedicine
Winterthurerstrasse 190
CH-8057 Zurich
Switzerland

IT Services
Office Y32-F-01
Phone +41 44 6354812

fabio.sno...@mls.uzh.ch <mailto:fabio.sno...@mls.uzh.ch>



--
Peter Davies
Support Engineer
Internet Systems Corporation


--
Peter Davies
Support Engineer
Internet Systems Corporation
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] migrating from DHCPd to Kea

2024-04-16 Thread Peter Davies 

Hi Brendan,
   Kea will not be able to grant leases if it cannot contact its lease 
database.

Your configuration file and logging would be helpful.

Also, setting  the "authoritative" to true will force Kea to always 
reject INIT-REBOOT requests from unknown clients

/Peter

On 16/04/2024 18.16, Brendan Kearney wrote:


list members,

i am trying to migrate to Kea and have 2 HA+MT instances stood up.  
when i start relaying dhcp requests to Kea, i get bunch of failed 
attempts to obtain leases on the clients, which i believe is due to 
the clients not having active leases from Kea.  i am wondering if 
there is a means to have the clients get new assigned leases without 
having to jump through hoops like reboots.


as an aside, i also find the below error in my logs, which seems to 
indicate a malformed database query.


ERROR [kea-dhcp4.database.139901550986944] DATABASE_MYSQL_FATAL_ERROR 
Unrecoverable MySQL error occurred: unable to execute for address, hwaddr, client_id, valid_lifetime, expire, subnet_id, 
fqdn_fwd, fqdn_rev, hostname, state, user_context, relay_id, 
remote_id, pool_id FROM lease4 WHERE client_id = ?>, reason: Lost 
connection to server during query (error code: 2013).


the select, if pasted into any mariadb client, fails since the "?" is 
not proper syntax.  i dont know if the behavior i am seeing with the 
clients not getting new leases and the database error above are 
related or if there are a couple of issues to be worked through.


what info should i provide, to understand where i have issues to 
address?  i am running Kea 2.4.0 on fedora 38.


thanks in advance,

brendan


--
Peter Davies
Support Engineer
Internet Systems Corporation
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Kea-dhcp4-server service failed after debian update

2024-04-16 Thread Peter Davies 

Hi Fabio,

   What version of Kea are you running?

kea-dhcp4 -W

/Peter

On 15/04/2024 08.31, Fabio Snozzi wrote:


Hello

since about 2 months we have the problem, that as soon as we update 
our system with one of the following packages, the kea-dhcp4-server 
service failes to start.


bsdutils amd64 1:2.38.1-5+deb12u1

libmariadb3 amd64 1:10.11.6-0+deb12u1

error in log:

/usr/sbin/kea-dhcp4: undefined symbol: 
_ZN3isc4dhcp13MySqlLeaseMgr12getDBVersionB5cxx11Ev (demangeled => 
misc::dhcp::MySqlLeaseMgr::getDBVersion[abi:cxx11]() )


Best

Fabio

-

Fabio Snozzi
University of Zurich
Department of Molecular Life Sciences
Department of Quantitative Biomedicine
Winterthurerstrasse 190
CH-8057 Zurich
Switzerland

IT Services
Office Y32-F-01
Phone +41 44 6354812

fabio.sno...@mls.uzh.ch <mailto:fabio.sno...@mls.uzh.ch>



--
Peter Davies
Support Engineer
Internet Systems Corporation
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] DHCP NAK through relay option 82

2024-04-05 Thread Peter Davies 

Hi Jeff,
   Regarding "circuit-id" based host reservations, the "circuit-id" is 
used solely

to find the reservation.

Lease data will contain the identifier(s) used by the client, either the 
hw-addr
or a DUID; therefore, renews and other unicast traffic will not be 
affected by

missing RAI options.

Kind Regards Peter

On 04/04/2024 16.07, Jeff Kletsky wrote:

"relay": { "ip-address": "10.11.12.13" },


--
Peter Davies
Support Engineer
Internet Systems Corporation

--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] DHCP NAK through relay option 82

2024-04-04 Thread Peter Davies 

Hi Jeff,
  As you have discovered, classes based on option 82 values will only 
match relayed traffic.
Therefore, all things being equal, Kea will not be able to select a 
subnet for renewing clients.
Have you considered using host reservations with "circuit-id" as the 
identifier?


Kind Regards Peter

On 03/04/2024 21.09, Jeff Kletsky wrote:


I had hoped that someone would post a better "solution" than what I've 
been using.


My topology is a Cisco SG-series switch in Level 3 mode that is 
supplying DHCP (v4) relay to a dedicated subnet with the Kea hosts.


With the caveat that I have not tested this approach for robustness 
under attack, what I do is check to see if the request appears to be a 
valid REBIND and then select a client class based on either the VLAN 
from the circuit ID or that it appears to be a directly sent rebind.


I don't recall how I decided that Kea would select the proper subnet 
on these direct rebind requests. I am probably relying on undocumented 
behavior. I recall not performing a match against the IP range for a 
given VLAN as I didn't want to have to keep the subnet information in 
sync across different files.


If anyone can improve on this, I'd appreciate the feedback.

Jeff


// Renew prefers to go direct to the issuing server
// so there is no circuit identifier or topology
//
// Kea doesn't check the existing leases and its
// KNOWN selector appears to be related to the client
// having a reservation.
//
// Select based on it being a Request (renew) packet
// that went direct with matching Ip addresses

{
    "name": "is_request",
    "test": "option[53].hex == 0x3"
},

{
    "name": "is_direct",
    "test": "pkt4.giaddr == 0.0.0.0"
},

{
    "name": "addresses_match",
    "test": "pkt4.ciaddr == pkt.src"
},

{
    "name": "is_direct_rebind",
    "test": "member('is_request') and member('is_direct') and 
member('addresses_match')"

},

// Try just the combination of relay circuit check or rebind

{
    "name": "VLAN_84",
    "test": "member('circuit_84') or member('is_direct_rebind')"
},

[continues for other VLANs in use]



On 3/28/24 10:40 AM, brazda.li...@seznam.cz wrote:
Hi, I am trying to start kea dhcp with client classification using 
option 82 through dhcp relay server.


When client tries to do renew of ip address, tries to prolongate his 
lease, kea response with NAK.
The problem is that when client makes simple dhcp discover, the 
packet goes broadcast through the router, router acts like dhcp relay 
and relays packet to dhcp server kea with added option 82.
But when client makes dhcp renewal-packet goes unicast directly to 
dhcp server without option 82. As I understand, this causes kea to 
response with NAK, because packet doesn't match to subnet rule 
criteria. In the logs I see message "ailed to select a subnet for 
incoming packet, src 100.64.1.1, type DHCPREQUEST"


Is there a way to configure kea to accept renewal requests if lease 
already exists and mac address of a client corresponds to stores lease?


Full log - https://pastebin.com/yviEFneL
Full config - https://pastebin.com/2DxfQKb6

Thanks for any advice

Libor




--
Peter Davies
Support Engineer
Internet Systems Corporation
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Multiple-Storage Extension

2023-12-24 Thread Peter Davies 
Hi Carsten,
   The reference to multiple-storage extensions refers to the ability to define 
more than one host reservation database.
 
The "hosts-database": {}; statement contains the definition of one database,

The "hosts-databases": []; statement can contain more than one "host-database" 
definitions

Kind Regards and Seasonal Greetings, Peter
- Original Message -
From: "Kea-users@lists.isc.org" 
To: "Kea-users@lists.isc.org" 
Sent: Wednesday, 20 December, 2023 10:21:17
Subject: [Kea-users] Multiple-Storage Extension

Hi,

the Kea documentation mentions briefly a "multiple-storage extension". But 
I cannot find further documentation of this extension. Is there more to be 
discovered?

Greetings

Carsten Strotmann
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] multiple MACs to same IP

2023-10-11 Thread Peter Davies 

Hi -m
  That sounds like a sensible idea.

I've created a gitlab feature request #3108, 
"ALLOC_ENGINE_V4_ALLOC_ERROR message update."

for this.
see: https://gitlab.isc.org/isc-projects/kea/-/issues/3108

Kind Regards Peter


On 10/10/2023 16.36, Matt Zagrabelny wrote:

Hi Peter!

On Mon, Oct 9, 2023 at 11:47 PM Peter Davies  wrote:

Hi -m,
    You can use the "ip-reservations-unique": false,
See:

https://kea.readthedocs.io/en/kea-2.4.0/arm/dhcp4-srv.html#multiple-reservations-for-the-same-ip


Perfect! Thank you for the assist.

Would the developers want to possibly give a hint to admins about that 
config option instead of, or in addition to:


error during attempt to allocate an IPv4 address: multiple records 
were found in the database where only one was expected for query 
get_host_subid_addr


Maybe:

error during attempt to allocate an IPv4 address: multiple records 
were found in the database where only one was expected for query 
get_host_subid_addr. Perhaps you want to set ip-reservations-unique to 
false.


Just an idea.

Thanks again for the help!

-m


--
Peter Davies
Support Engineer
Internet Systems Corporation
pet...@isc.org
001 650-423-1460
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] migration questions

2023-10-10 Thread Peter Davies 

Hi Daniel,
    You are correct; the Keama tool comments out statements it cannot 
process
so that any unexpected changes made will be visible and so they may be 
manually

processed if necessary.

There are no 'if/then/else' statements in Kea. There is, however, 
conditional

syntax and other useful functions.
See: 
https://kea.readthedocs.io/en/kea-2.4.0/arm/classify.html#using-expressions-in-classification


You are welcome to send suitably anonymised snippets of config that 
keama cannot process.


Kind Regards Peter

On 10/10/2023 09.51, Daniel Braniss wrote:

hi Peter


On 10 Oct 2023, at 09:40, Peter Davies  wrote:

Hi Daniel,
  The "domain-name-servers" option expects a list of IP addresses. 
Kea does not

 resolve domain names as dhcpd did.
 See: 
https://kea.readthedocs.io/en/kea-2.4.0/arm/dhcp4-srv.html#standard-dhcpv4-options



i got it, forgot that KEA want IP and not names.



 If you need to see the text, you could manually change the format to 
hexstring, i.e.:

  "data": "'fr-06:/vol/system/share/conf'"

 I've added Gitlab feature request #51, "Text to hexstring" for you.
 see: https://gitlab.isc.org/isc-projects/keama/-/issues/51



so when the option is text in isc-dhcp, it MUST be string and in hex? 
if so it’s not
really user friendly :-), I don’t have the ascii table in my head :-) 
so yes, all this

is handled by scripts, but …

a question:
I see that the if/then/else is commented out,
meaning I should check it and if im ok whit it just uncomment it?
I still have to learn the new syntax :-(

thanks
danny


 Kind Regards Peter


On 10/10/2023 07.41, Daniel Braniss wrote:

Hi,
first, as a very old user of isc dhcp, my compliments on KEA!

our dhcpd.conf is about 32K lines, and after some minor tweaks 
managed to run keama
without errors (it seems ISC-DHCP is a bit less strict than keama 
(strange since they share code))

these are some of the oddities:

this one seems harmless but …
original isc-dhcp:

subnet 132.65.192.0 netmask 255.255.252.0 {
option domain-name "cs.huji.ac.il <http://cs.huji.ac.il/>";
option domain-name-servers nsa,sa1,shuldig;
option routers 132.65.192.1;
}

becomes:
     {
   "id": 1,
   "subnet": "132.65.233.0/24",
   "option-data": [
 {
   "space": "dhcp4",
   "name": "domain-name",
   "code": 15,
   "data": "cs.huji.ac.il <http://cs.huji.ac.il/>"
 },
 {
   "space": "dhcp4",
   "name": "domain-name-servers",
   "code": 6,
//  "original-data": "nsa,sa1,shuldig”,  <- ?
   "data": "nsa, sa1, shuldig”              <- ??
 },
 {
   "space": "dhcp4",
   "name": "routers",
   "code": 3,
   "data": "132.65.224.1"
 }
   ]
 },

this one is a bit strange:
original isc-dhcp:

option FBSD.conf-path code 5 = text;

becomes:
   "option-def": [
...
 {
   "space": "FBSD",
   "name": "conf-path",
   "code": 5,
   "type": "string"
     },

so far so good, but then

…

         {
   "space": "FBSD",
   "name": "conf-path",
   "code": 5,
   "csv-format": false,
//  "original-data": "fr-06:/vol/system/share/conf",
   "data": 
"66722d30363a2f766f6c2f73797374656d2f73686172652f636f6e66"

     },

the string becomes hex?

have some more odd issues, but for later.

thanks

danny



--
Peter Davies
Support Engineer
Internet Systems Corporation
pet...@isc.org
001 650-423-1460
--
ISC funds the development of this software with paid support 
subscriptions. Contact us at https://www.isc.org/contact/ for more 
information.


To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users



--
Peter Davies
Support Engineer
Internet Systems Corporation
pet...@isc.org
001 650-423-1460
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] migration questions

2023-10-10 Thread Peter Davies 

Hi Daniel,
  The "domain-name-servers" option expects a list of IP addresses. Kea 
does not

 resolve domain names as dhcpd did.
 See: 
https://kea.readthedocs.io/en/kea-2.4.0/arm/dhcp4-srv.html#standard-dhcpv4-options



 If you need to see the text, you could manually change the format to 
hexstring, i.e.:

  "data": "'fr-06:/vol/system/share/conf'"

 I've added Gitlab feature request #51, "Text to hexstring" for you.
 see: https://gitlab.isc.org/isc-projects/keama/-/issues/51

 Kind Regards Peter


On 10/10/2023 07.41, Daniel Braniss wrote:

Hi,
first, as a very old user of isc dhcp, my compliments on KEA!

our dhcpd.conf is about 32K lines, and after some minor tweaks managed 
to run keama
without errors (it seems ISC-DHCP is a bit less strict than keama 
(strange since they share code))

these are some of the oddities:

this one seems harmless but …
original isc-dhcp:

subnet 132.65.192.0 netmask 255.255.252.0 {
option domain-name "cs.huji.ac.il <http://cs.huji.ac.il>";
option domain-name-servers nsa,sa1,shuldig;
option routers 132.65.192.1;
}

becomes:
     {
   "id": 1,
   "subnet": "132.65.233.0/24",
   "option-data": [
 {
   "space": "dhcp4",
   "name": "domain-name",
   "code": 15,
   "data": "cs.huji.ac.il <http://cs.huji.ac.il>"
 },
 {
   "space": "dhcp4",
   "name": "domain-name-servers",
   "code": 6,
//  "original-data": "nsa,sa1,shuldig”,  <- ?
   "data": "nsa, sa1, shuldig”          <- ??
 },
 {
   "space": "dhcp4",
   "name": "routers",
   "code": 3,
   "data": "132.65.224.1"
 }
   ]
 },

this one is a bit strange:
original isc-dhcp:

option FBSD.conf-path code 5 = text;

becomes:
   "option-def": [
...
     {
   "space": "FBSD",
   "name": "conf-path",
   "code": 5,
   "type": "string"
     },

so far so good, but then

…

         {
   "space": "FBSD",
   "name": "conf-path",
   "code": 5,
   "csv-format": false,
//  "original-data": "fr-06:/vol/system/share/conf",
   "data": 
"66722d30363a2f766f6c2f73797374656d2f73686172652f636f6e66"

 },

the string becomes hex?

have some more odd issues, but for later.

thanks

danny



--
Peter Davies
Support Engineer
Internet Systems Corporation
pet...@isc.org
001 650-423-1460
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] multiple MACs to same IP

2023-10-09 Thread Peter Davies 

Hi -m,
   You can use the "ip-reservations-unique": false,
See:
https://kea.readthedocs.io/en/kea-2.4.0/arm/dhcp4-srv.html#multiple-reservations-for-the-same-ip

/Peter

On 10/10/2023 02.41, Matt Zagrabelny via Kea-users wrote:

Greetings,

I'm migrating from ISC DHCPD to Kea.

I have a laptop on my network that I want to get the same IP address 
if it is connected via wifi or if it is plugged in to hard-wired 
ethernet. This was possible in ISC DHCPD.


In Kea I have database entries:

# select * from hosts_human where hostname  ~ 'zirconium';
    hostname    │    mac_address    │  ip_address
╪═══╪═══
 zirconium-wlo1 │ bc:17:b8:cb:8b:94 │ 192.168.0.226
 zirconium-eno1 │ 0c:37:96:1f:04:ef │ 192.168.0.226
(2 rows)

..but I get errors from the server:

Oct 09 19:21:07 zed kea-dhcp4[5515]: INFO  DHCP4_LEASE_ADVERT 
[hwtype=1 bc:17:b8:cb:8b:94], cid=[01:bc:17:b8:cb:8b:94], 
tid=0x2c7fc3e4: lease 192.168.0.226 will be advertised
Oct 09 19:21:07 zed kea-dhcp4[5515]: ERROR ALLOC_ENGINE_V4_ALLOC_ERROR 
[hwtype=1 bc:17:b8:cb:8b:94], cid=[01:bc:17:b8:cb:8b:94], 
tid=0x2c7fc3e4: error during attempt to allocate an IPv4 address: 
multiple records were found in the database where only one was 
expected for query get_host_subid_addr


Am I missing something to allow this particular configuration?

Or is it not possible in Kea (to do what was possible in ISC DHCPD)?

Thanks for any help!

-m


--
Peter Davies
Support Engineer
Internet Systems Corporation

--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] running isc-kea in different netns

2023-07-27 Thread Peter Davies 
Hi Abdallah, 
I'm afraid I don't know, but if the plugin can be configured to send DHCP 
traffic 
to a Kea server, I guess it should. 

I suggest performing a suitable test. 

Kind Regards Peter 


From: "Khebchi Abdallah"  
To: "Peter Davies"  
Sent: Thursday, 27 July, 2023 17:23:34 
Subject: Re: [Kea-users] running isc-kea in different netns 

thank you peter for responding i will test it , by any chance do you know if 
kea compatible with strongswan DHCP plugin ? thanks and have a nice day 

Le jeu. 27 juil. 2023 à 16:20, Peter Davies < [ mailto:pet...@isc.org | 
pet...@isc.org ] > a écrit : 



Hi Abdallah, 
The following client class should match the string. 

"client-classes" [ 
{ 
"name": "rabah-class", 
"test": "substring(option[61].hex,-9,all) == '@ [ http://test1.io/ | test1.io ] 
'" 
} 
] 

Kind Regards Peter 


From: "Khebchi Abdallah" < [ mailto:a.kheb...@esi-sba.dz | a.kheb...@esi-sba.dz 
] > 
To: "Peter Davies" < [ mailto:pet...@isc.org | pet...@isc.org ] > 
Sent: Thursday, 27 July, 2023 14:35:12 
Subject: Re: [Kea-users] running isc-kea in different netns 

version 2.2 well i think its a config problem i checked with nmap discover 
script and the server responded with offer 
in other hand i want to do equivalent of (match if option dhcp-client-id in 
isc-dhcp) in the kea config any hints how to do that ?? 
like i want to do the following isc config in kea 
class "rabah-class" { match if option dhcp-client-identifier ~~ ".*@ [ 
http://test1.io/ | test1.io ] $"; } 

Le jeu. 27 juil. 2023 à 11:59, Peter Davies < [ mailto:pet...@isc.org | 
pet...@isc.org ] > a écrit : 

BQ_BEGIN

Hi Abdallah , 
What version of Kea are you running? 
What does your configuration file look like? 
What does the Kea log report? 

Kind Regards Peter 


From: "Khebchi Abdallah" < [ mailto:a.kheb...@esi-sba.dz | a.kheb...@esi-sba.dz 
] > 
To: " [ mailto:Kea-users@lists.isc.org | Kea-users@lists.isc.org ] " < [ 
mailto:Kea-users@lists.isc.org | Kea-users@lists.isc.org ] > 
Sent: Wednesday, 26 July, 2023 20:47:33 
Subject: [Kea-users] running isc-kea in different netns 

Hello i am having a problem running the kea-dhcp-server into a different netns 
than the root 
any solutions for this problem ? 
command i used : sudo ip netns exec netns1 /usr/sbin/kea-dhcp4 -d -c 
/etc/netns/netns1/kea/namla-kea.conf 


-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at [ https://www.isc.org/contact/ | https://www.isc.org/contact/ ] 
for more information. 

To unsubscribe visit [ https://lists.isc.org/mailman/listinfo/kea-users | 
https://lists.isc.org/mailman/listinfo/kea-users ] . 

Kea-users mailing list 
[ mailto:Kea-users@lists.isc.org | Kea-users@lists.isc.org ] 
[ https://lists.isc.org/mailman/listinfo/kea-users | 
https://lists.isc.org/mailman/listinfo/kea-users ] 
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at [ https://www.isc.org/contact/ | https://www.isc.org/contact/ ] 
for more information. 

To unsubscribe visit [ https://lists.isc.org/mailman/listinfo/kea-users | 
https://lists.isc.org/mailman/listinfo/kea-users ] . 

Kea-users mailing list 
[ mailto:Kea-users@lists.isc.org | Kea-users@lists.isc.org ] 
[ https://lists.isc.org/mailman/listinfo/kea-users | 
https://lists.isc.org/mailman/listinfo/kea-users ] 




BQ_END


-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] running isc-kea in different netns

2023-07-27 Thread Peter Davies 
Hi Abdallah, 
The following client class should match the string. 

"client-classes" [ 
{ 
"name": "rabah-class", 
"test": "substring(option[61].hex,-9,all) == '@test1.io'" 
} 
] 

Kind Regards Peter 


From: "Khebchi Abdallah"  
To: "Peter Davies"  
Sent: Thursday, 27 July, 2023 14:35:12 
Subject: Re: [Kea-users] running isc-kea in different netns 

version 2.2 well i think its a config problem i checked with nmap discover 
script and the server responded with offer 
in other hand i want to do equivalent of (match if option dhcp-client-id in 
isc-dhcp) in the kea config any hints how to do that ?? 
like i want to do the following isc config in kea 
class "rabah-class" { match if option dhcp-client-identifier ~~ ".*@ [ 
http://test1.io/ | test1.io ] $"; } 

Le jeu. 27 juil. 2023 à 11:59, Peter Davies < [ mailto:pet...@isc.org | 
pet...@isc.org ] > a écrit : 



Hi Abdallah , 
What version of Kea are you running? 
What does your configuration file look like? 
What does the Kea log report? 

Kind Regards Peter 


From: "Khebchi Abdallah" < [ mailto:a.kheb...@esi-sba.dz | a.kheb...@esi-sba.dz 
] > 
To: " [ mailto:Kea-users@lists.isc.org | Kea-users@lists.isc.org ] " < [ 
mailto:Kea-users@lists.isc.org | Kea-users@lists.isc.org ] > 
Sent: Wednesday, 26 July, 2023 20:47:33 
Subject: [Kea-users] running isc-kea in different netns 

Hello i am having a problem running the kea-dhcp-server into a different netns 
than the root 
any solutions for this problem ? 
command i used : sudo ip netns exec netns1 /usr/sbin/kea-dhcp4 -d -c 
/etc/netns/netns1/kea/namla-kea.conf 


-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at [ https://www.isc.org/contact/ | https://www.isc.org/contact/ ] 
for more information. 

To unsubscribe visit [ https://lists.isc.org/mailman/listinfo/kea-users | 
https://lists.isc.org/mailman/listinfo/kea-users ] . 

Kea-users mailing list 
[ mailto:Kea-users@lists.isc.org | Kea-users@lists.isc.org ] 
[ https://lists.isc.org/mailman/listinfo/kea-users | 
https://lists.isc.org/mailman/listinfo/kea-users ] 
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at [ https://www.isc.org/contact/ | https://www.isc.org/contact/ ] 
for more information. 

To unsubscribe visit [ https://lists.isc.org/mailman/listinfo/kea-users | 
https://lists.isc.org/mailman/listinfo/kea-users ] . 

Kea-users mailing list 
[ mailto:Kea-users@lists.isc.org | Kea-users@lists.isc.org ] 
[ https://lists.isc.org/mailman/listinfo/kea-users | 
https://lists.isc.org/mailman/listinfo/kea-users ] 




-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] running isc-kea in different netns

2023-07-27 Thread Peter Davies 
Hi Abdallah , 
What version of Kea are you running? 
What does your configuration file look like? 
What does the Kea log report? 

Kind Regards Peter 


From: "Khebchi Abdallah"  
To: "Kea-users@lists.isc.org"  
Sent: Wednesday, 26 July, 2023 20:47:33 
Subject: [Kea-users] running isc-kea in different netns 

Hello i am having a problem running the kea-dhcp-server into a different netns 
than the root 
any solutions for this problem ? 
command i used : sudo ip netns exec netns1 /usr/sbin/kea-dhcp4 -d -c 
/etc/netns/netns1/kea/namla-kea.conf 


-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information. 

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. 

Kea-users mailing list 
Kea-users@lists.isc.org 
https://lists.isc.org/mailman/listinfo/kea-users 
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

[Kea-users] Kea 2.4.0, a new stable production release of Kea, is now available

2023-07-05 Thread Peter Davies 
Hello Kea-users subscribers: 

Usually, we don't duplicate posts sent to the kea-announce list on kea-users, 
but the debut of a new stable release branch doesn't occur that often, so we 
hope you'll forgive us this time. We'll go back to our usual practice of 
confining the announcements to the announcement list as the new branch 
progresses, but just in case anyone here is NOT also subscribed to that 
list, you can join it by going to:

https://lists.isc.org/mailman/listinfo/kea-announce

ISC Support
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] COMMAND_SOCKET_WRITE_FAIL

2023-06-15 Thread Peter Davies 
Hi Shobhith 
You echo the command to /opt/tcpwave/timsdhcp/kea4-ctrl-socket 

But according to your Kea configuration 
socket-name": "/opt/dhcp/dhcp/kea4-ctrl-socket" 

If this is a typo you may find extra info in your Kea log file 

Kind Regards Peter 
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Kea HA issue with terminating connection

2023-06-13 Thread Peter Davies 
Hi Sebastian,
 Apart from the value of "this-server-name", the configuration on both 
servers ought be identical.
Could you check that this is so?

Kind Regards Peter 

-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Dropping the packets in load balancing

2023-05-16 Thread Peter Davies 
Hi Kraishak, 
Looking at your log file, it appears that "Server A" only saw one unacked 
client, so it didn't transform to a partner-down state. I see several 
HA_COMMUNICATION_INTERRUPTED_CLIENT4 messages 
but only one 
HA_COMMUNICATION_INTERRUPTED_CLIENT4_UNACKED message. 

2023-05-15 16:07:30.127 INFO [kea-dhcp4.ha-hooks/32411.139751579436800] 
HA_COMMUNICATION_INTERRUPTED_CLIENT4_UNACKED [hwtype=1 34:98:b5:dc:1f:99], 
cid=[no info], tid=0x4be21c7f: partner server failed to respond, 1 clients 
unacked so far, 13 clients left before transitioning to the partner-down state 

Your configuration contains the following statement: 
"max-unacked-clients": 13 
The "max-ack-delay" parameter has a default value of 1 ms. 
I suggest you check that your traffic generator correctly increments the "secs" 
field and to modify your HA settings appropriately. 

>From the Kea ARM: 

HA_COMMUNICATION_INTERRUPTED_CLIENT4 
%1: new client attempting to get a lease from the partner 
This informational message is issued when the surviving server observes a DHCP 
packet sent to the partner with which the communication is interrupted. The 
the client whose packet is observed is not yet considered “unacked” because the 
secs field value does not exceed the configured threshold specified with 
max-ack-delay. 

HA_COMMUNICATION_INTERRUPTED_CLIENT4_UNACKED 
%1: partner server failed to respond, %2 clients unacked so far, %3 clients 
left before transitioning to the partner-down state 
This informational message is issued when the surviving server determines that 
its partner failed to respond to the DHCP query and that this client is 
considered 
to not be served by the partner. The surviving server counts such clients, and 
if 
the number of such clients exceeds the max-unacked-clients threshold, the 
server 
will transition to the partner-down state. The first argument contains client 
identification information. The second argument specifies the number of clients 
to which the server has failed to respond. The third argument specifies the 
number 
of additional clients, which, if not provisioned, will cause the server to 
transition 
to the partner-down state. 

Kind Regards Peter 
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Dropping the packets in load balancing

2023-05-11 Thread Peter Davies 
Hi Kraishak 
In addition to Darren's excellent suggestion to enable debug logging, you 
write that the number of "max-unacked-clients" reached 14 during your testing. 
I wonder if this could be because Kea was waiting for the next "ha-heartbeat" 
before transitioning. 

Could you retry your test and wait until the next failed "ha-heartbeat" 
command? 

There is an open Kea GitLab issue that describes this situation. 
"partner-down state transition when max-unacked-clients reached" 
https://gitlab.isc.org/isc-projects/kea/-/issues/2592 

Also, check that your testing software correctly updates the "secs" field in 
retries. 

Kind Regards Peter 

-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Dropping the packets in load balancing

2023-05-10 Thread Peter Davies 
Hi Kraishak, 
Why would you want to stop the secondary HA server? What 
are you trying to achieve? 

In answer to your questions: 
1/2) When a HA server loses its connection to its partner, it starts a "failure 
detection" process. When the value of max-unacked-clients is not "0", the 
server 
uses the values of the "max-ack-delay" and "max-unacked-clients" to discover if 
it should take over processing its partner's clients' requests. 
Your settings are: 
"max-ack-delay": 1, 
"max-unacked-clients": 13 

This means that after communication has been interrupted for 
"max-response-delay" 
(1 milisecs), the primary will start the "failure detections" process. The 
process will wait until it has "seen" 13 DHCP packets that have a "secs" field 
with a value of 1 or greater before starting to process the partners' 
client 
requests. 

see: 
https://kea.readthedocs.io/en/kea-2.3.7/arm/hooks.html#load-balancing-configuration
 

3) There are commands to manipulate the state the servers are in. See the 
"host- 
ha-maintenance" commands at: 
https://kea.readthedocs.io/en/kea-2.3.7/arm/hooks.html#control-commands-for-high-availability
 

But why would you want to do this? Supposing you want all client requests to be 
processed by 
one server and have the secondary active only when the primary is unavailable. 
In that case, 
you should consider using the "hot-standby" HA configuration. 

Kind Regards Peter 
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Dropping the packets in load balancing

2023-05-10 Thread Peter Davies 
Hi Kraishak, 
This behaviour is expected when HA is configured in "load-balancing" mode. 

Under normal operations, the two Kea servers divide the clients between them. 

The server decides which clients they need to respond to based on a hash of the 
client identifier; this is often the client's Mac address. The split is 50/50. 

Kind Regards Peter 


From: "Kraishak Mahtha"  
To: "Kea-users@lists.isc.org"  
Sent: Wednesday, 10 May, 2023 08:45:08 
Subject: [Kea-users] Dropping the packets in load balancing 

Hi all, 
I have configured the kea-HA in load-balancing mode, and I am testing the flow 
by hitting the discover packets only to the primary server using my lease test 
tool but I see a few of the packets get dropped or have not been seen. 

When I see the log I see as: 
HA_BUFFER4_RECEIVE_NOT_FOR_US [hwtype=1 82:ff:ff:00:00:01], 
cid=[01:82:ff:ff:00:00:01], tid=0x29652559: dropping query to be processed by 
another server 

I have a few doubts about this 
1)I have only 10 active leases in the given scope range and we still have so 
many free leases then why does the server drop the query and hand it over to 
its peer? 
2)Do we need to add any parameters in the config file to make the kea-DHCP 
primary to forcefully check its all free available IPs? 

Thanks in advance 
Kraishak 


Attached are my kea-dhcp configs of primary and failover 

-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information. 

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. 

Kea-users mailing list 
Kea-users@lists.isc.org 
https://lists.isc.org/mailman/listinfo/kea-users 
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] kea 2.0.3 dhcp4 HA not working

2023-04-20 Thread Peter Davies 

Hi -
   Thanks for the log files.

There isn't much to comment on here. Your HA configuration appears to be 
working.
HA Heartbeat commands are being sent and received correctly in both 
directions.
There are some HA warnings but they were generated on kea-1 before kea-2 
was up

and running, and on kea-2 after kea-1 had been shut down.

What I don't see is any dhcp traffic.

I suggest you let the servers run for a while and see what happens. If 
you can't

use live DHCP traffic you can use "perfdhcp" or "dhclient" to generate some.

For the secondary to start processing DHCPDISCOVERs the  HA parameters
"max-unacked-clients" and "max-ack-delay" are considered as well as the 
status of the primary.

The default value for the "max-ack-delay" parameter is 1 milliseconds.
The default value of the  "max-unacked-clients"  parameter is 10.
see: 
https://kea.readthedocs.io/en/kea-2.0.3/arm/hooks.html#load-balancing-configuration


When you have your configuration working,  I  suggest you also consider 
enabling multi-threading.
see: 
https://kea.readthedocs.io/en/kea-2.2.0/arm/dhcp4-srv.html#multi-threading-settings


With multi-threading enabled, you can enable multi-threaded HA.
see: 
https://kea.readthedocs.io/en/kea-2.2.0/arm/hooks.html#multi-threaded-configuration-ha-mt


Multi-threaded HA creates a direct HA connection between the HA servers 
and does

not go through the control agent.

Kind Regards Peter


On 20/04/2023 19.13, vom513 wrote:

FYI - I sent the below to the list with the 4 attachments but it’s awaiting 
moderator approval (total size was a bit above the limit).  If it doesn’t come 
through I will post these up somewhere http accessible.


On Apr 20, 2023, at 12:28 PM, Peter Davies  wrote:

Hi -

   You have appended the kea-dhcp4 log from kea-2; it would be interesting to 
see the kea-dhcp4 and kea-ctrl-agent logs from kea-1 for the same time period.

Do you think you could supply these?

So I enabled DEBUG@99 on kea-1/2, dhcp4/ca.  So 4 files total attached.  After a 
fresh restart of all daemons, after a bit, I did a "systemctl stop 
isc-kea-dhcp4-server isc-kea-ctrl-agent” on kea-1.

Hopefully this will provide some clues as to what’s going on.  Let me know if 
you need more/different info.  And also thanks for helping with this so far.



The last double quote in "memfile” is not a legal char.


I think this was from email formatting.  For good measure I replaced this 
character on both machines config files.


--
Peter Davies
Support Engineer
Internet Systems Corporation

--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] kea 2.0.3 dhcp4 HA not working

2023-04-20 Thread Peter Davies 

Hi -

   You have appended the kea-dhcp4 log from kea-2; it would be 
interesting to see the kea-dhcp4 and kea-ctrl-agent logs from kea-1 for 
the same time period.


Do you think you could supply these?


The last double quote in "memfile” is not a legal char.

Kind Regards Peter

On 20/04/2023 16.48, vom513 wrote:

On Apr 20, 2023, at 3:14 AM, Peter Davies  wrote:

Hi -
It will be difficult to see what is happening at the log level you have 
configured.
I suggest you change the log level to DEBUG and the severity level to 99.

Sending this logging to a file would also be helpful, (remove the logging 
"pattern"
definitionbto enable the default logging format)

I pared down logging to top level only - DEBUG @ 99.  Also logged to a file in 
/tmp (file attached).


Issue https://gitlab.isc.org/isc-projects/kea/-/issues/1364 ; this issue was 
addressed
in Kea 1.9.0. So I don't think it applies here.

NB there is an illegal character in the lease-database definition:
 "type": "memfile”,


Not sure what this means, could be a formatting issue with my original email ? 
“-t” seems to validate the config fine:

root@kea-1:/home/vom# kea-dhcp4 -t /etc/kea/kea-dhcp4.conf
2023-04-20 10:20:19.008 INFO  [kea-dhcp4.hosts/5105.139906886188672] 
HOSTS_BACKENDS_REGISTERED the following host backend types are available: mysql 
postgresql  2023-04-20 10:20:19.008 INFO  
[kea-dhcp4.dhcpsrv/5105.139906886188672] DHCPSRV_CFGMGR_ADD_IFACE listening on 
interface ens224
2023-04-20 10:20:19.008 INFO  [kea-dhcp4.dhcpsrv/5105.139906886188672] 
DHCPSRV_CFGMGR_SOCKET_TYPE_DEFAULT "dhcp-socket-type" not specified , using 
default socket type raw
2023-04-20 10:20:19.009 INFO  [kea-dhcp4.hooks/5105.139906886188672] 
HOOKS_LIBRARY_CLOSED hooks library 
/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so successfully closed
2023-04-20 10:20:19.009 INFO  [kea-dhcp4.hooks/5105.139906886188672] 
HOOKS_LIBRARY_CLOSED hooks library 
/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_stat_cmds.so successfully closed
2023-04-20 10:20:19.011 INFO  [kea-dhcp4.hooks/5105.139906886188672] 
HOOKS_LIBRARY_CLOSED hooks library 
/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so successfully closed
2023-04-20 10:20:19.011 INFO  [kea-dhcp4.dhcpsrv/5105.139906886188672] 
DHCPSRV_CFGMGR_NEW_SUBNET4 a new subnet has been added to configuration: 
10.0.123.0/24 with params: t1=43200, t2=75600, valid-lifetime=86400



--
Peter Davies
Support Engineer
Internet Systems Corporation

--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] kea 2.0.3 dhcp4 HA not working

2023-04-20 Thread Peter Davies 

Hi -
   It will be difficult to see what is happening at the log level you 
have configured.

I suggest you change the log level to DEBUG and the severity level to 99.

Sending this logging to a file would also be helpful, (remove the 
logging "pattern"

definitionbto enable the default logging format).

Issue https://gitlab.isc.org/isc-projects/kea/-/issues/1364 ; this issue 
was addressed

in Kea 1.9.0. So I don't think it applies here.

NB there is an illegal character in the lease-database definition:
    "type": "memfile”,

Kind Regards Peter

--
Peter Davies
Support Engineer
Internet Systems Corporation

--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] IPv6 Address Selection from Pool

2023-04-20 Thread Peter Davies 

Hi Jeff,
   The development/experimental branch Kea 2.3.6 introduces an 
"iterative" and
a "random" address allocator. These may be defined at "global", "shared 
network"

and "subnet" levels.

See 
https://kea.readthedocs.io/en/kea-2.3.6/arm/dhcp6-srv.html#address-allocation-strategies-in-dhcpv6


This functionality will be included in the next stable release Kea 2.4.0

Kind Regards Peter


On 20/04/2023 06.33, Jeff Kletsky wrote:
I'm working on a long-overdue IPv6 rollout here and have gotten to the 
point where I've got clients on one VLAN successfully requesting and 
receiving leases from a "trivial" single pool and managing a single 
reservation. Kea 2.2.0, FreeBSD 13.1


I was surprised that the leases seem to be handed out sequentially. I 
had thought that one of the touted advantages of IPv6 is sparse host 
density, making net scanning more challenging for rogue actors. 
Packing 16 hosts into the first 16 addresses of the pool seemed 
counter enough to that to have me wonder if I have missed a 
configuration option somehow.


Sole subnet6 declaration:

    "subnet6": [
    {
    "subnet" : "fd8a:::000b::/64",

    "interface": "vif2",

    "pools": [ { "pool": "fd8a:::000b:0::/80" } ],

    "option-data": [
    ],

    "reservations": [
    {
        "hw-address": "11:22:33:aa:bb:cc",
        "hostname": "named-host.example.com",
        "ip-addresses": [ "fd8a:::b:1111:222::444" ]
    }
    ]
    }
    ],


Is there some setting, parameter, or technique to get the lease 
assignments from the pool to be broadly distributed?


Thanks!

Jeff








--
Peter Davies
Support Engineer
Internet Systems Corporation

--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] CIDR or range notation in relay lists when using shared-networks?

2023-02-21 Thread Peter Davies 

Hi Klaus,

   I don't think I understand your use case, but Kea's 
"relay.ip-addresses" list can contain as may IP addresses as you wish.


If you do not wish to fill your configuration file up with long lists of 
IP addresses you can use include files, as:


    "relay":  ,

Kind Regards Peter

On 22/02/2023 03.44, Klaus Steden wrote:


Hi there,

In some of our environments, we deal with DHCP relays, and their 
addresses seem to proliferate faster than we can update our configs, 
which leads to delays with DHCP service.


However, they have reserved an entire /21 for relay IPs, and ideally, 
I would like to be able to add that entire network as a relay instead 
of what I'm currently doing, which is adding individual IPs when I 
notice them reported in the log.


Is this even possible? The examples in the Kea documentation only 
mention single addresses, but for big networks with lots of relays 
like ours, it would be very helpful to be able to just add an entire 
range of IPs and have Kea figure it out automatically.


thanks,
Klaus


--
Peter Davies

--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Problems setting up HA

2022-11-09 Thread Peter Davies 

Hi Tan,
  I strongly advise you to read the Kea ARM for a description of the 
different

HA modes and example configurations.

see: 
https://kea.readthedocs.io/en/kea-2.3.2/arm/hooks.html#ha-high-availability-outage-resilience-for-kea-servers


Kind Regards Peter


On 09/11/2022 15.15, perl-list wrote:

On Wed, Nov 9, 2022 at 12:38 PM perl-list < [ mailto:perl-l...@network1.net |
perl-l...@network1.net ] > wrote:

The other one is still receiving the packets, it just isn't doing anything with
them unless it becomes the active device (assuming you chose hot-standby mode)

I configured load-balancing mode :S

Something isn't correct then.  I've never configured the load-balancing mode so 
I couldn't say what to look for specifically other than something general like:

1) make sure that both servers are configured in the same HA mode: 
load-balancing
2) Make sure that both servers are receiving the DHCP traffic (you can check 
with tcpdump to be completely sure)


You can perform load testing with perfdhcp: [
https://kea.readthedocs.io/en/kea-2.2.0/man/perfdhcp.8.html |
https://kea.readthedocs.io/en/kea-2.2.0/man/perfdhcp.8.html ]

trying to install this conflicts with isc-kea-common...

you can install it on a different machine (in fact you should - not sure you 
can test from the same machine).


As far as checking functionality of HA, I am not sure... I guess you could shut
down the primary and see what happens? I have done that, but it won't
immediately switch. It will wait until a certain number of clients are trying
to obtain a lease and then switch.

stopped dhcp service in server1 and server2 did nothing but complaining about
the heartbeat...

That is a tunable parameter, however.

Is "max-unacked-clients" ?

yes - that is the parameter.


--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Problems setting up HA

2022-11-09 Thread Peter Davies 

Hi Tan,
   Does the "control-socket" definition in your kea-dhcp4 configuration 
match

the "control-socket" definition in the /etc/kea-ctrl-agent.conf file?

/Peter
On 09/11/2022 11.22, perl-list wrote:

Are you running the control agent?  Mine shown below is for dhcp6, but i'm sure 
the config is similar.

$ /usr/sbin/kea-ctrl-agent -c /etc/kea-ctrl-agent.conf

$ cat /etc/kea-ctrl-agent.conf
{
 "Control-agent": {
 "http-host": "10.0.0.1",
 "http-port": 8000,
 "control-sockets": {
 "dhcp6": {
 "socket-type": "unix",
 "socket-name": "/tmp/kea6-ctrl-socket"
 }
 }
 }
}

- Original Message -

From: "Tan Mientras" 
To: "kea-users" 
Sent: Wednesday, November 9, 2022 2:39:44 AM
Subject: [Kea-users] Problems setting up HA
Hi
I'm having issues setting up the HA.
Once the servers are running the complain with:
Nov 9 08:29:59 vmdhcp01 kea-dhcp4[170994]: INFO DHCP4_STARTED Kea DHCPv4 server
version 2.3.2 started
Nov 9 08:30:10 vmdhcp01 kea-dhcp4[170994]: WARN
HA_HEARTBEAT_COMMUNICATIONS_FAILED failed to send heartbeat to vmdhcp02 ( [
http://192.168.120.253:8000/ | http://192.168.120.253:8000/ ] ): Connection
refused
Nov 9 08:30:10 vmdhcp01 kea-dhcp4[170994]: WARN HA_COMMUNICATION_INTERRUPTED
communication with vmdhcp02 is interrupted
Nov 9 08:30:10 vmdhcp01 kea-dhcp4[170994]: INFO HA_STATE_TRANSITION server
transitions from WAITING to PARTNER-DOWN state, partner state is UNDEFINED
Nov 9 08:30:10 vmdhcp01 kea-dhcp4[170994]: INFO HA_LEASE_UPDATES_DISABLED lease
updates will not be sent to the partner while in PARTNER-DOWN state
Nov 9 08:30:10 vmdhcp01 kea-dhcp4[170994]: INFO HA_LOCAL_DHCP_ENABLE local DHCP
service is enabled while the vmdhcp01 is in the PARTNER-DOWN state
vmdhcp01 and vmdhcp02 have similar configuration (except this-server-name):
"hooks-libraries":[
{
"library":"/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so",
"parameters":{
"high-availability": [{
"this-server-name": "vmdhcp01",
"mode": "load-balancing",
"heartbeat-delay": 1,
"max-response-delay": 1,
"max-ack-delay": 5000,
"max-unacked-clients": 0,
"delayed-updates-limit": 100,
"peers": [{
"name": "vmdhcp01",
"url": " [ http://192.168.120.254:8000/ | http://192.168.120.254:8000/ ] ",
"role": "primary",
"auto-failover": true
}, {
"name": "vmdhcp02",
"url": " [ http://192.168.120.253:8000/ | http://192.168.120.253:8000/ ] ",
"role": "secondary",
"auto-failover": true
}]
}]
}
}
],
Anyone can help me?
--
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users


--

--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Multiple Subnets on same VLAN

2022-11-09 Thread Peter Davies 

Hi Kris,

 Have you tried the following type configuration?

"shared-networks": [
   {
   "name": "SharedPop1",
   "relay": { "ip-addresses": ["10.255.0.1"] },
   "subnet4": [ {   // VLAN 1113 -  Node
    "subnet": "10.0.0.0/24",
    "pools": [ { "pool": "10.0.0.4 – 10.0.0.254" } ],
    "option-data": [ { "name": "routers", "data": 
"10.0.0.1" } ] },

    { // VLAN 1113 - Node 2nd Subnet
    "subnet": "10.0.1.0/24",
    "pools": [ { "pool": "10.0.1.4 – 10.0.1.254" } ],
    "option-data": [ { "name": "routers", "data": 
"10.0.1.1" } ] } ]

 },
   "name": "SharedPop2",
   "relay": { "ip-addresses": ["10.255.0.2"] },
   "subnet4": [ {   // VLAN 1113 -  Node
    "subnet": "10.0.2.0/24",
    "pools": [ { "pool": "10.0.2.4 – 10.0.2.254" } ],
    "option-data": [ { "name": "routers", "data": 
"10.0.2.1" } ] },

    { // VLAN 1113 - Node 2nd Subnet
    "subnet": "10.0.3.0/24",
    "pools": [ { "pool": "10.0.3.4 – 10.0.3.254" } ],
    "option-data": [ { "name": "routers", "data": 
"10.0.3.1" } ] } ]

 },
   "name": "SharedPop3",
   "relay": { "ip-addresses": ["10.255.0.3"] },
   "subnet4": [ {   // VLAN 1113 -  Node
    "subnet": "10.0.4.0/24",
    "pools": [ { "pool": "10.0.4.4 – 10.0.4.254" } ],
    "option-data": [ { "name": "routers", "data": 
"10.0.4.1" } ] },

    { // VLAN 1113 - Node 2nd Subnet
    "subnet": "10.0.5.0/24",
    "pools": [ { "pool": "10.0.5.4 – 10.0.5.254" } ],
    "option-data": [ { "name": "routers", "data": 
"10.0.5.1" } ] } ]

 }
   ],


Kind Regards Peter

On 31/10/2022 20.28, Kris Emsoff wrote:


    "shared-networks": [

  {

    "name": "SharedPop",

    "relay": { "ip-addresses": ["X.X.X.1"] },

  "subnet4": [

//    {


--
Peter Davies
Support Engineer
Internet Systems Corporation
pet...@isc.org
001 650-423-1460
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

[Kea-users] Kea 2.2.0, a new stable production release of Kea, is now available

2022-07-27 Thread Peter Davies 

Hello Kea-users subscribers:
Usually we don't duplicate posts that are sent to the kea-announce list on
kea-users but the debut of a new stable release branch doesn't occur 
that often
so we hope you'll forgive us this time. We'll go back to our usual 
practice of

confining the announcements to the announcement list as the new branch
progresses, but just in case anyone here is NOT also subscribed to that 
list,

you can join it by going to:
https://lists.isc.org/mailman/listinfo/kea-announce
Peter Davies ISC Support-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Including other config files

2022-06-14 Thread Peter Davies 
Hi Jason,
   From the Kea "Administrator Reference Manual"
5.1.1 JSON Syntax
...
File inclusion: JSON files can include other JSON files by using a statement of 
the form .

see: https://kea.readthedocs.io/en/latest/arm/config.html#json-syntax
/Peter

Sent from Outlook

From: Kea-users  on behalf of Jason Bailey 

Sent: 14 June 2022 02:38
To: kea-users@lists.isc.org 
Subject: [Kea-users] Including other config files

I apologize if this is a stupid question but how do I include other 
configuration files into the main Kea config file?

I'm trying to replace an old ISC DHCP server with a Kea server, and the 
existing config is large (spread across many files).  I'd prefer to maintain a 
similar config file paradigm with the new Kea server.
*Confidentiality Notice* This email message may contain legally privileged 
and/or confidential information. If you are not the intended recipient(s), you 
are hereby notified that any dissemination, distribution or copying of this 
email message is strictly prohibited. If you have received this email in error, 
please immediately notify the sender and delete this email message from your 
computer.
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] KEA and pxeboot

2022-02-26 Thread Peter Davies 
Hi Stephen,
This client appears to be directly connected with the server’s eth0 
interface.
Is 192.168.100.100  an appropriate address for this interface and is 
dhcp-socket-type “raw”?

Kind Regard Peter

From: Stephen Berg, Code 7309 via Kea-users
Sent: Saturday, 26 February 2022 14.21
To: kea-users@lists.isc.org
Subject: Re: [Kea-users] KEA and pxeboot

Can someone weigh in on why this host reservation is not working?  Basic
dhcp works but when I add the next-server and boot-file-name to pxeboot
it fails. I get the two errors in the log that I'm running in debug
level currently.
{
 "ip-address": "192.168.100.100",
 "hostname": "server1",
 "hw-address": "aa:bb:cc:dd:ee:ff",
 "next-server": "192.168.100.1",
 "boot-file-name": "pxelinux.0"
  },

2022-02-26 07:09:26.875 DEBUG [kea-dhcp4.packets/13158.140019375193408]
DHCP4_SUBNET_SELECTION_FAILED [hwtype=1 aa:bb:cc:dd:ee:ff],
cid=[01:aa:bb:cc:dd:ee:ff], tid=0x396c44b0: failed to select subnet for
the client
2022-02-26 07:09:26.875 DEBUG
[kea-dhcp4.bad-packets/13158.140019375193408] DHCP4_PACKET_DROP_0002
[hwtype=1 aa:bb:cc:dd:ee:ff], cid=[01:aa:bb:cc:dd:ee:ff],
tid=0x396c44b0, from interface eth0: no suitable subnet configured for a
direct client

The client system never gets an IP and of course never starts into the
pxeboot process.

On 2/23/2022 9:17 AM, Stephen Berg, Code 7309 via Kea-users wrote:
> Where can I find documentation on setting up pxebooting to do linux
> installs?  I'm running kea-1.8.0-2 on Rocky Linux 8.5.  I want to be
> able to pxeboot different OS's like centos 7.x, rocky 8.x and future
> releases.  The tftp-server is installed and setup, syslinux packages
> are installed.  I've got just a couple clients defined in dhcp as
> reserved leases and added next-server and filename options for one but
> when I boot the network from that client it never seems to get to the
> pxelinux.0 or the defined kernel in the "pxelinux.cfg/01-macaddress"
> file.
>
> I figure I'm probably missing some setup in the kea-dhcp4.conf file
> but can't find what the missing parts might be.
>
> My old setup is centos 6, dhcp-4.1.1.  I'd add the next-server and
> filename lines for a particular host reservation then use pxeboot to
> setup the pxelinux.cfg file and that would have kernel parameters to
> boot the installer and read a kickstart file.  Right now I can get the
> new system to boot from the network, it gets an IP from kea but then
> fails to find the tftp file to boot from.
>
>

--
Stephen Berg, IT Specialist, Ocean Sciences Division, Code 7309
Naval Research Laboratory
W:   (228) 688-5738
DSN: (312) 823-5738
C:   (228) 365-0162
Email: stephen.b...@nrlssc.navy.mil  <- (Preferred contact)
Flank Speed: stephen.p.berg@us.navy.mil

-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] IPv6 High Availability hooks library not accepting ipv6 address in square brackets for peers?

2022-02-25 Thread Peter Davies 
Hi Dan,

   You don't mention  what version of Kea you are running,  but I think this 
may be a known issue. One which was fixed in release 2.1.2


see https://gitlab.isc.org/isc-projects/kea/-/issues/2264 "error parsing url 
with ipv6 address"


Kind Regard Peter


Sent from Outlook

From: Kea-users  on behalf of Dan Oachs 

Sent: 25 February 2022 22:36
To: kea-users@lists.isc.org 
Subject: [Kea-users] IPv6 High Availability hooks library not accepting ipv6 
address in square brackets for peers?

I currently have ipv6 dhcp working great with high availability and am trying 
to set up a pair of dhcpv6 servers.  However when I try to configure the hook 
with ipv6 addresses in square brackets as mentioned in the documentation, I get 
this error

HA_CONFIGURATION_FAILED failed to configure High Availability hooks library: 
bad url 'http://[2001:db8::1]:8080/': Failed to convert string to address 
'[2001:db8::1]': Invalid argument for server

The line in my configuration looks like this...
{"name": "servername","basic-auth-user": "usernamehere","basic-auth-password": 
"passwordhere","url": "http://[2001:db8::1]:8080/","role": "primary"}

Do I have the configuration wrong, or is there a bug here?  Hopefully I am 
missing something simple.

Thanks,
  Dan Oachs

-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Question

2022-01-14 Thread Peter Davies 
Hi Jordan,
   I believe all current kea packages on cloudsmith.io are compiled with 
'--with-mysql'

From: https://kb.isc.org/docs/isc-kea-packages :

  We provide the following types of packages:

  RPMs for RHEL, CentOS, Fedora
  debs for Debian and ubuntu
  apk for Alpine

Kind Regards Peter

Sent from Outlook

From: Kea-users  on behalf of Jordan Tinsley 

Sent: 05 January 2022 16:33
To: kea-users@lists.isc.org 
Subject: [Kea-users] Question

Just to make sure.  I have been trying to compile Kea 2.0.1 on Centos 7
and I keep getting an error regarding the MySQL dependencies even
thought I have installed all MySQL packages including libraries and also
tried the --with-mysql="mypath".

You cannot use MySQL with the pre-built packages for OSs, correct?  Or
did I overlook something in the documentation?

Thanks!


___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Kea logging if request invalid

2022-01-06 Thread Peter Davies 
Hi Joe,
   You could try something like:
...
[ { "name": "kea-dhcp4",
"output_options": [
{ "output": "/var/log/kea/kea-dhcp6.log",
"flush": true }],
"severity": "INFO"},
  { "name": "kea-dhcp6.bad-packets",
"output_options": [
{ "output": "/var/log/kea/kea-dhcp6-bad-packet.log",
"flush": true }],
"severity": "DEBUG",
"debuglevel": 99 }
]
...

Change the value of  "debuglevel" as appropriate.

/Peter

Sent from Outlook

From: Kea-users  on behalf of Joe Botha 

Sent: 05 January 2022 18:45
To: kea-users@lists.isc.org 
Subject: [Kea-users] Kea logging if request invalid

Hi!

We're running Kea 2.0.1 on Debian 11.

We ran into an issue where a DHCPv6 request comes in but
nothing gets logged.

When enabling debugging, it said something like: "unable
to parse the opaque data tuple, the buffer length is 12,
but the tuple length is 3072" - so we set a compatibility
flag and things worked again.

My question is: in what state can I leave the logging -
non-debug mode, where I can spot something in the logs if
a DHCP packet is rejected / dropped?

--
Swimmingly,
 Joe

swimgeek.com/blog  +27 82 562 6167  instagram.com/joe.swimgeek
  "...all progress depends on the unreasonable man.”



___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Lease affinity of released leases

2021-11-11 Thread Peter Davies 

Hi Johannes,

 One of Kea's built-in classes is the "DROP" class. Packets associated with 
this class are, as the name suggests, dropped.

You can test for dhcpv4 DHCPRELEASE packets with "test": "pkt4.msgtype == 7"

Which gives the following:

   "client-classes": [

   {

   "name": "DROP",

   "test": "pkt4.msgtype == 7"

   }

   ]

   or for dhcpv6

  "client-classes": [

   {

   "name": "DROP",

   "test": "pkt6.msgtype == 8”

   }

   ]

 /Peter




From: Johannes Midgren 
Sent: 10 November 2021 23:38
To: Peter Davies 
Cc: egor.gri...@orange.com ; kea-users@lists.isc.org 

Subject: Re: [Kea-users] Lease affinity of released leases


Hi Johannes,
   If you don't want to define host reservations you can give the client very 
long lease times and get Kea to drop   DHCPRELEASE packet

/Peter

Hi Peter, Thanks for your reply!

Do you know of an easy way to drop the DHCP Release package with KEA using only 
configuration, or would it require writing a hooks library as was suggested in 
another reply? I can't find anything in the docs about such a feature.
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Lease affinity of released leases

2021-11-10 Thread Peter Davies 
Hi Johannes,
   If you don't want to define host reservations you can give the client very 
long lease times and get Kea to drop   DHCPRELEASE packet

/Peter



From: Kea-users  on behalf of Johannes Midgren 

Sent: 10 November 2021 15:14
To: egor.gri...@orange.com 
Cc: kea-users@lists.isc.org 
Subject: Re: [Kea-users] Lease affinity of released leases

Yes, a reservation does solve the basic problem, but not my particular use 
case. One thing that I like to use KEA for is to automate "onboarding" of new 
hosts (physical, VMs or containers). To be able to make a reservation I would 
first have to get hold of the MAC address (or client ID), which is a bit 
cumbersome, and then the reservation is done outside of the pool range in my 
setup, which makes the host change IP address. What I'm trying to achieve is 
that the host name I set and that is forwarded to KEA through the Client FQDN 
option is registered with my DNS so that I can access the host using the name.

Den ons 10 nov. 2021 kl 14:52 skrev 
mailto:egor.gri...@orange.com>>:

Maybe a host reservation is a solution?



From: Kea-users 
mailto:kea-users-boun...@lists.isc.org>> On 
Behalf Of Johannes Midgren
Sent: Wednesday, 10 November 2021 15:47
To: kea-users@lists.isc.org
Subject: [Kea-users] Lease affinity of released leases



TLDR: How do I make KEA offer the same IP to a host that is rebooted and that 
releases its IP address while shutting down?



I have recently started to use KEA on my home network. I love the fact that I 
can control its configuration through Ansible and all the possibilities the 
REST API gives, so I'm very glad that I found the project!



One thing that I still have not been able to get the way I prefer it though, is 
to have lease affinity in all cases. That is, I would like for a client to 
always get the same IP address when it reconnects (as long as it's still 
available of course). I have read the chapter about Lease Expiration (and 
Affinity) in the manual and I'm not sure the case I'm looking for is covered. 
The manual talks about expired leases, but I would like to have affinity also 
in the case that the lease has been released rather than expired. Using a 
packet sniffer I can see that clients tend to properly release the DHCP lease 
when being rebooted and when it gets online again it does a DHCP Discover and 
is offered a new IP address by the KEA DHCP4 server.



Does anyone know if KEA is supposed to (or rather can be made to) work the way 
I intend it to or if lease affinity by design is only supposed to work for 
expired, thus not released, leases? (Or maybe something is wrong with my setup 
and this should actually work?)



The problem I have is that cached DNS entries make hosts unavailable for some 
time after they are restarted - they are "sought for" by their old IP. I guess 
I can mitigate the issue by setting a very low TTL in my DNS configuration, but 
I would prefer to let KEA hold leases for a long time and reuse them instead. 
Another way would of course be to make reservations for all hosts where this 
matters, but that prevents the automation that I try to use KEA for.



I have been playing with the expired-leases-processing configuration for the 
DHCP4 server, and I currently have this:



   "expired-leases-processing": {
   "flush-reclaimed-timer-wait-time": 300,
   "hold-reclaimed-time": 604800,
   "max-reclaim-leases": 100,
   "max-reclaim-time": 250,
   "reclaim-timer-wait-time": 180,
   "unwarned-reclaim-cycles": 5
   },

I'm running KEA 1.8 (installed from CloudSmith repos) on CentOS Stream 8. I use 
the memfile lease-database, have DHCP-DDNS setup and I use the HA hook (with 
one primary, one standby and one backup host).

_

Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce 
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou 
falsifie. Merci.

This message and its attachments may contain confidential or privileged 
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete 
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.
Thank you.

___
ISC funds the development of this software with paid support subscriptions. 
Contact us at

Re: [Kea-users] HA with dhcp6

2021-11-08 Thread Peter Davies 
Hi Christian,
   Do you load the "lease_cmds" hooks library in both the kea-dhcp4 and 
kea-dhcp4 configurations?
/Peter



From: Kea-users  on behalf of BÖSCH Christian 

Sent: 08 November 2021 09:34
To: kea-users@lists.isc.org 
Subject: [Kea-users] HA with dhcp6


Hi,



I'm testing HA with kea 2.0 which is working well with IPv4, but with IPv6 
there are these errors on the secondary node:



2021-11-08 09:29:05.265 ERROR [kea-dhcp6.ha-hooks/84963.0x801c12000] 
HA_LEASES_SYNC_FAILED failed to synchronize leases with kea1 
(http://10.0.30.111:8000/): 'lease6-get-page' command not supported., error 
code 2

2021-11-08 09:29:05.267 ERROR [kea-dhcp6.ha-hooks/84963.0x801c12000] 
HA_SYNC_FAILED lease database synchronization with kea1 failed: 
'lease6-get-page' command not supported., error code 2



The config which is identical to IPv4 is as follows:



"hooks-libraries": [

{

"library": "/usr/local/lib/kea/hooks/libdhcp_ha.so",

"parameters": {

"high-availability": [{

"this-server-name": "kea2",

"mode": "load-balancing",

"heartbeat-delay": 1,

"max-response-delay": 1,

"max-ack-delay": 5000,

"max-unacked-clients": 5,

"delayed-updates-limit": 100,

"peers": [{

"name": "kea1",

"url": "http://10.0.30.111:8000/;,

"role": "primary",

"basic-auth-user": "foo",

"basic-auth-password": "bar",

"auto-failover": true

}, {

"name": "kea2",

"url": "http://10.0.30.112:8000/;,

"role": "secondary",

"basic-auth-user": "foo",

"basic-auth-password": "bar",

"auto-failover": true

}]

}]

}

}],



Thanks in advance for any tips.

Christian




___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Kea monitoring possibilities

2021-11-03 Thread Peter Davies 
Hi again Egor,

  You might also want to check out "Stork" which a Kea and BIND 9 dashboard 
from ISC.

Stork contains a prometheus exporter.

For more details see https://stork.isc.org and http://stork.readthedocs.io

Here is a link showing the DORAS charted with grafana from data exported to 
prometheus.

 https://gitlab.isc.org/isc-projects/stork/-/wikis/Screenshots#grafana
[https://gitlab.isc.org/uploads/-/system/project/avatar/87/stork-square-200px.png]<https://gitlab.isc.org/isc-projects/stork/-/wikis/Screenshots#grafana>
Screenshots · Wiki · ISC Open Source Projects / stork · 
GitLab<https://gitlab.isc.org/isc-projects/stork/-/wikis/Screenshots#grafana>
Stork is a dashboard for BIND 9 and Kea DHCP. It is under active development, 
with monthly releases. The initial priority is to provide monitoring and 
troubleshooting support
gitlab.isc.org


Kind Regards Peter




From: egor.gri...@orange.com 
Sent: 03 November 2021 10:25
To: Peter Davies ; kea-users 

Subject: RE: Kea monitoring possibilities


8.8. Statistics in the DHCPv4 Server

Sorry, missed that



From: Kea-users  On Behalf Of Peter Davies
Sent: Wednesday, 03 November 2021 11:19
To: Egor GRIJUC ; kea-users 
Subject: Re: [Kea-users] Kea monitoring possibilities



Hi Egor,

  You can use the "statistic-get" api call, see : 
https://kea.readthedocs.io/en/kea-2.0.0/arm/stats.html#commands-for-manipulating-statistics

also:

https://kea.readthedocs.io/en/kea-2.0.0/arm/dhcp4-srv.html#statistics-in-the-dhcpv4-server

https://kea.readthedocs.io/en/kea-2.0.0/arm/dhcp6-srv.html#statistics-in-the-dhcpv6-server

Kind Regards Peter









From: Kea-users 
mailto:kea-users-boun...@lists.isc.org>> on 
behalf of egor.gri...@orange.com<mailto:egor.gri...@orange.com> 
mailto:egor.gri...@orange.com>>
Sent: 03 November 2021 09:43
To: kea-users mailto:kea-users@lists.isc.org>>
Subject: [Kea-users] Kea monitoring possibilities



Hello.

Is there a way to grab information from kea about DORA process?

For example how many discovers received, how many offers was sent, how many 
requests was received and how many ACK was sent from KEA.

Same question for SARR process in IPv6.

I went through documentation and didn’t found such information.

Even in API reference. I found a way how to fetch subnets information and 
calculate subnet utilization, but nothing regarding to DORA or SARR process 
counters.



Regards!

_



Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce 
message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou 
falsifie. Merci.



This message and its attachments may contain confidential or privileged 
information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete 
this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.

Thank you.

_

Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce 
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou 
falsifie. Merci.

This message and its attachments may contain confidential or privileged 
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete 
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.
Thank you.

___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] ddns rev. zones and required client class

2021-11-03 Thread Peter Davies 
Hi again Christian,

 In reply to 2), try adding the following to the subnet definition:

"client-class": "reservation",



NB: "reservation" is perhaps not the best choice of name for a client class.



Kind Regards Peter


From: Kea-users  on behalf of Peter Davies 

Sent: 03 November 2021 10:12
To: BÖSCH Christian ; kea-users@lists.isc.org 

Subject: Re: [Kea-users] ddns rev. zones and required client class

Hi Christian,
  DNS updates are performed by the kea-dhcp-ddns (aka d2) process on receipt a 
"Name Change Request" (NCR).
You would need to change the ip address in the NCR sent from Kea to enable sort 
of behaviour.
The behavioral parameters for ddns in kea-dhcp4 configuration are:
• ddns-send-updates
• ddns-override-no-update
• ddns-override-client-update
• ddns-replace-client-name
• ddns-generated-prefix
• ddns-qualifying-suffix
• ddns-update-on-renew
• ddns-use-conflict-resolution
• hostname-char-set
• hostname-char-replacement

There does not appear to be a parameter that could be used to change the IP 
address in an NCR.

Kind Regards Peter




From: Kea-users  on behalf of BÖSCH Christian 

Sent: 02 November 2021 14:54
To: kea-users@lists.isc.org 
Subject: [Kea-users] ddns rev. zones and required client class


Hi,



I want to migrate from isc to kea and I've kea 2.0 installed. I have 2 
questions about this:



1.

I have consolidated the ddns rev. zones and have set in isc's config:

  ddns-rev-domainname "128-191.21.172.in-addr.arpa.";

Is there not this option in kea to explicit specify a custom rev. zone?



2.

I'm trying that only hosts with reservations get a lease and have configured 
the following below.

One way with all known clients, and the other with the assigned client-class to 
the reservation.

But if I test in both cases with a client without reservation it also gets an 
IP address.

Am I doing something wrong here?





"reservations": [

  {

"hw-address": "11:22:33:44:55:66",

"client-classes": [ "reservation" ],

"hostname": "test-host"

  }

],

"client-classes": [

{

"name": "all-with-reservation",

"test": "member('KNOWN')",

"only-if-required": true

},

{

"name": "reservation",

"only-if-required": true

}

],

"subnet4": [

  {

"id": 151,

"subnet": "172.21.151.0/24",

"pools": [ { "pool": "172.21.151.5-172.21.151.254" } ],

// all known

"require-client-classes": [ "all-with-reservation"],

// class assigned to reservation

//"require-client-classes": [ "reservation"],

}





Thanks,

Christian
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Kea monitoring possibilities

2021-11-03 Thread Peter Davies 
Hi Egor,

  You can use the "statistic-get" api call, see : 
https://kea.readthedocs.io/en/kea-2.0.0/arm/stats.html#commands-for-manipulating-statistics

also:

https://kea.readthedocs.io/en/kea-2.0.0/arm/dhcp4-srv.html#statistics-in-the-dhcpv4-server

https://kea.readthedocs.io/en/kea-2.0.0/arm/dhcp6-srv.html#statistics-in-the-dhcpv6-server

Kind Regards Peter





From: Kea-users  on behalf of 
egor.gri...@orange.com 
Sent: 03 November 2021 09:43
To: kea-users 
Subject: [Kea-users] Kea monitoring possibilities


Hello.

Is there a way to grab information from kea about DORA process?

For example how many discovers received, how many offers was sent, how many 
requests was received and how many ACK was sent from KEA.

Same question for SARR process in IPv6.

I went through documentation and didn’t found such information.

Even in API reference. I found a way how to fetch subnets information and 
calculate subnet utilization, but nothing regarding to DORA or SARR process 
counters.



Regards!

_

Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce 
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou 
falsifie. Merci.

This message and its attachments may contain confidential or privileged 
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete 
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.
Thank you.

___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] ddns rev. zones and required client class

2021-11-03 Thread Peter Davies 
Hi Christian,
  DNS updates are performed by the kea-dhcp-ddns (aka d2) process on receipt a 
"Name Change Request" (NCR).
You would need to change the ip address in the NCR sent from Kea to enable sort 
of behaviour.
The behavioral parameters for ddns in kea-dhcp4 configuration are:
• ddns-send-updates
• ddns-override-no-update
• ddns-override-client-update
• ddns-replace-client-name
• ddns-generated-prefix
• ddns-qualifying-suffix
• ddns-update-on-renew
• ddns-use-conflict-resolution
• hostname-char-set
• hostname-char-replacement

There does not appear to be a parameter that could be used to change the IP 
address in an NCR.

Kind Regards Peter




From: Kea-users  on behalf of BÖSCH Christian 

Sent: 02 November 2021 14:54
To: kea-users@lists.isc.org 
Subject: [Kea-users] ddns rev. zones and required client class


Hi,



I want to migrate from isc to kea and I've kea 2.0 installed. I have 2 
questions about this:



1.

I have consolidated the ddns rev. zones and have set in isc's config:

  ddns-rev-domainname "128-191.21.172.in-addr.arpa.";

Is there not this option in kea to explicit specify a custom rev. zone?



2.

I'm trying that only hosts with reservations get a lease and have configured 
the following below.

One way with all known clients, and the other with the assigned client-class to 
the reservation.

But if I test in both cases with a client without reservation it also gets an 
IP address.

Am I doing something wrong here?





"reservations": [

  {

"hw-address": "11:22:33:44:55:66",

"client-classes": [ "reservation" ],

"hostname": "test-host"

  }

],

"client-classes": [

{

"name": "all-with-reservation",

"test": "member('KNOWN')",

"only-if-required": true

},

{

"name": "reservation",

"only-if-required": true

}

],

"subnet4": [

  {

"id": 151,

"subnet": "172.21.151.0/24",

"pools": [ { "pool": "172.21.151.5-172.21.151.254" } ],

// all known

"require-client-classes": [ "all-with-reservation"],

// class assigned to reservation

//"require-client-classes": [ "reservation"],

}





Thanks,

Christian
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Host reservation via Kea control agent API

2021-10-05 Thread Peter Davies 
Hi Allan,
According the Kea Arm : 
https://kea.readthedocs.io/en/kea-2.0.0/arm/hooks.html#host-cmds-host-commands

"Currently this library is only available to ISC customers with a paid support 
contract"

For more details see: https://www.isc.org/contact/

Kind Regards Peter

Sent from Mail for Windows

From: Allan Tinker
Sent: Tuesday, 5 October 2021 20.16
To: kea-users@lists.isc.org
Subject: [Kea-users] Host reservation via Kea control agent API

Im trying to add a host reservation via the kea-ctrl-agent API.

This is the data Im sending to the API as a POST:

{
"command": "reservation-add",
"arguments": {
"reservation": {
"subnet-id": 2,
"hw-address": "4c:e1:73:43:78:3e",
"ip-address": "172.16.132.16"
}
}
}

And the response Im getting is:

[
{
"result": 1,
"text": "Host database not available, cannot add host."
}
]

Using MySQL, built database via kea-admin
The database is working for lease information and logs.

In kea-dhcp4.conf I have the hosts hooks loaded,
In kea-ctrl-agent.conf I have the hosts hooks loaded.

Here is what my configs look like:

Kea-dhcp4.conf:

"Dhcp4": {
"interfaces-config": {
"interfaces": ["ens224"]
},

"control-socket": {
"socket-type": "unix",
"socket-name": "/tmp/kea4-ctrl.sock"
},

"lease-database": {
 "type": "mysql",
 "name": "DHCP",
 "user": “dummyuser",
 "password": “dummypass",
 "host": "localhost",
 "port": 3306
},

"hosts-database": {
 "type": "mysql",
 "name": "DHCP",
 "user": "root",
 "password": “dummyuser",
 "host": “dummypass",
 "port": 3306,
 "readonly": false
 },
…


"hooks-libraries": [
{
"library": "/usr/local/lib/kea/hooks/libdhcp_host_cmds.so"
},
{
"library": "/usr/local/lib/kea/hooks/libdhcp_lease_cmds.so"
},
{
"library": "/usr/local/lib/kea/hooks/libdhcp_flex_id.so",
"parameters": {
"identifier-expression": "relay4[1].hex",
"replace-client-id": true
}
},
…




Kea-ctrl-agent.conf:

"Control-agent": {
"http-host": "172.16.132.2",
"http-port": 8033,
"cert-required": false,
"authentication": {
"type": "basic",
"realm": "kea-control-agent",
"clients": [
{
"user": “dummyuser",
"password": “dummypass"
}]
},


"dhcp4": {
"socket-type": "unix",
"socket-name": "/tmp/kea4-ctrl.sock"
},
"dhcp6": {
"socket-type": "unix",
"socket-name": "/tmp/kea6-ctrl-socket"
},
"d2": {
"socket-type": "unix",
"socket-name": "/tmp/kea-ddns-ctrl-socket"
}
},

"hooks-libraries": [
  {
"library": "/usr/local/lib/kea/hooks/libdhcp_host_cmds.so"
  },
],
…




This ones got me confused for sure..

- Allan

___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Example for ifelse in host reservation or class

2021-07-20 Thread Peter Davies 
Hi Veronique,

"client-classes" within a reservation definition can only contain a list of 
classes:


Can you explain what you are trying to achieve here? There may be another way 
of accomplishing it.


Kind Regards Peter

>From "Kea Configuration File Syntax (BNF)":

reservation_client_classes ::= "client-classes" ":" list_strings

list_strings ::= "[" list_strings_content "]"


Sent from Outlook

From: Kea-users  on behalf of Veronique 
Lefebure 
Sent: 20 July 2021 15:45
To: Kea-users@lists.isc.org 
Subject: [Kea-users] Example for ifelse in host reservation or class


Hi,

Is there a way to use ifelse in a host reservation ?

We would like something like

"reservations": [ { "hw-address": "xx:xx:xx:xx:xx:fa", "ip-address": 
"yy.yy.yy.121", "hostname": "lab-client", "client-classes": [ " ifelse ( 
substring(option[vendor-class-identifier].text, 0, 9) == 'PXEClient' , 
'Desktop', none) " ] },

But the above does not work: KEA interprets the whole string "ifelse ( 
substring(option[vendor-class-identifier].text, 0, 9) == 'PXEClient' , 
'Desktop', none) " as being the client-class name itself.

Alternatively we could use "ifelse" in the client-class definition but none of 
the combinations we have tried works: we always get a syntax error reported by 
the validation of the json configuration file.

What we need is the equivalent of what we have in DHCPD:

group { # Desktop Clients if substring (option vendor-class-identifier, 0, 9) = 
"PXEClient" { option vendor-class-identifier "PXEClient"; option 
dhcp-server-identifier aims.xxx; next-server aims.xxx; } host client1 { 
hardware ethernet xx:xx:xx:xx:xx:fa; option host-name "lab-client"; 
fixed-address yy.yy.yy.121; } 

}

Thanks,

Veronique
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] DDNS remains off - DDNS: disabled

2021-05-17 Thread Peter Davies 
Hi There,
   To get ddns working you need to do three things:
1 Configure Connectivity Parameters
2 Configure Behavioral Parameters
see 8.2.18 DDNS for DHCPv4 
https://kea.readthedocs.io/en/kea-1.8.2/arm/dhcp4-srv.html#ddns-for-dhcpv4
3. Configure the kea-dhcp-ddns, daemon
see https://kea.readthedocs.io/en/kea-1.8.2/arm/ddns.html#the-dhcp-ddns-server

Looking at your config snippet you have no connectivity parameters?
The Kea ARM contains the following example:
"Dhcp4": {
"dhcp-ddns": {
// Connectivity parameters
"enable-updates": false,
"server-ip": "127.0.0.1",
"server-port":53001,
"sender-ip":"",
"sender-port":0,
"max-queue-size":1024,
"ncr-protocol":"UDP",
"ncr-format":"JSON"
},
// Behavioral parameters (global)
"ddns-send-updates": true,
"ddns-override-no-update": false,
"ddns-override-client-update": false,
"ddns-replace-client-name": "never",
"ddns-generated-prefix": "myhost",
"ddns-qualifying-suffix": "",
"ddns-update-on-renew": false,
"ddns-use-conflict-resolution": true,
"hostname-char-set": "",
"hostname-char-replacement": ""
...
}


Kind Regards Peter


Sent from Outlook

From: Kea-users  on behalf of M. 

Sent: 16 May 2021 13:10
To: Kea-users@lists.isc.org 
Subject: [Kea-users] DDNS remains off - DDNS: disabled

Hi there!


do I need something else to enable DDNS? The log shows "DDNS: disabled".
"ddns-send-updates" have to be used -
https://readthedocs.org/projects/kea/downloads/pdf/latest/ table 8 p.
138 lists "ddns-send-update" (without "s") - using the version w/o "s"
results in complaints in the log. Is this a feature?




kea-dhcp4.conf:

{

 "Dhcp4": {

 "interfaces-config": {
 "interfaces": [ "enp1s0" ],
 "dhcp-socket-type": "raw"
 },

 "control-socket": {
 "socket-type": "unix",
 "socket-name": "/tmp/kea-dhcp4-ctrl.sock"
 },

 "lease-database": {
 "lfc-interval": 3600,
 "name": "/var/lib/kea/kea-leases4.csv",
 "persist": true,
 "type": "memfile"
 },

 "ddns-send-updates": true,
 "ddns-override-no-update": true,
 "ddns-override-client-update": true,
 "hostname-char-set": "[^A-Za-z0-9-]",
 "hostname-char-replacement": "x",
...



2021-05-16 12:34:54.783 INFO [kea-dhcp4.commands/3730.140310172542400]
COMMAND_ACCEPTOR_START Starting to accept connections via unix domain
socket bound to /tmp/kea-dhcp4-ctrl.sock
2021-05-16 12:34:54.783 INFO [kea-dhcp4.dhcp4/3730.140310172542400]
DHCP4_CONFIG_COMPLETE DHCPv4 server has completed configuration: added
IPv4 subnets: 4; DDNS: disabled
2021-05-16 12:34:54.784 INFO [kea-dhcp4.dhcpsrv/3730.140310172542400]
DHCPSRV_MEMFILE_DB opening memory file lease database: lfc-interval=3600
name=/var/lib/kea/kea-leases4.csv persist=true type=memfile universe=4
2021-05-16 12:34:54.784 INFO [kea-dhcp4.dhcpsrv/3730.140310172542400]
DHCPSRV_MEMFILE_LEASE_FILE_LOAD loading leases from file
/var/lib/kea/kea-leases4.csv
2021-05-16 12:34:54.785 INFO [kea-dhcp4.dhcpsrv/3730.140310172542400]
DHCPSRV_MEMFILE_LFC_SETUP setting up the Lease File Cleanup interval to
3600 sec
2021-05-16 12:34:54.786 WARN [kea-dhcp4.dhcp4/3730.140310172542400]
DHCP4_MULTI_THREADING_INFO enabled: no, number of threads: 0, queue size: 0
2021-05-16 12:34:54.787 INFO [kea-dhcp4.dhcp4/3730.140310172542400]
DHCP4_STARTED Kea DHCPv4 server version 1.9.4 started



___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Multiple Config File

2021-05-17 Thread Peter Davies 
Hi Onur,
   What does your config file look like?
Something like the following should do what you are looking for:


  "subnet4":  ,

Kind Regards Peter

Sent from Outlook

From: Kea-users  on behalf of Onur GURSOY 

Sent: 17 May 2021 08:15
To: kea-users@lists.isc.org 
Subject: [Kea-users] Multiple Config File

Hello Everyone,

i saw that we can use multiple config file via , in the 
document.

But i couldn't use it.
Kea says : invalid character ?. Even i remove this char("?"), kea says : 
invalid character: <

How can i use multiple file in kea.
I want to define dhcp4 subnets in another file.

Many thanks,
With best regards
--
Onur GÜRSOY
R Engineer in Embedded Systems
Master Student at Gebze Institute Of Technology
Department Of Electronic Engineering
GSM : 0(545) 764 7653
e-mail: onurgursoyg...@gmail.com
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Need Help and solution

2021-04-17 Thread Peter Davies 
Hi Makhdoom,
  If you configure the dhcp4 logging to a higher level, such as:


"loggers": [

{

"name": "kea-dhcp4",

"output_options": [

{

"output": "/var/log/kea-dhcp4.log",

"flush": true

}],

"severity": "DEBUG",

"debuglevel": 99

}]



You might be able to see what the cause is.

/Peter


Sent from Outlook

From: Kea-users  on behalf of Makhdoom Naeem 

Sent: 17 April 2021 15:03
To: kea-users@lists.isc.org 
Subject: [Kea-users] Need Help and solution

Hi all,
According to the following configuration, Client has not been received IP 
address against hardware address.
# The whole configuration starts here.
{
# DHCPv4 specific configuration starts here.
"Dhcp4": {

"interfaces-config": {
"interfaces": [ "enp10s0" ],
"dhcp-socket-type": "raw"
},
"valid-lifetime": 4000,
"renew-timer": 1000,
"rebind-timer": 2000,
"host-reservation-identifiers": [
"hw-address"
],
"subnet4": [{
   "subnet": "192.168.100.0/24",
   //"reservations-global": true,
   //"reservations-in-subnet": true,
   //"reservations-out-of-pool": false,
   "pools": [ { "pool": "192.168.100.121-192.168.100.130" } ]
}],
"reservations": [{
   "hw-address": "34:17:EB:66:A4:9D",
   "ip-address": "192.162.100.125"
}],
   # Now loggers are inside the DHCPv4 object.
   "loggers": [{
"name": "*",
"severity": "DEBUG"
}]
# DHCPv4 configuration ends with the next line
}

# The whole configuration structure ends here.
}

I have found no error in configuration. Please guide me.

Best Regards
--
Makhdoom Muhammad Naeem
Assistant Professor
Department of Electrical Engineering
NFC Institute of Engineering and Technology
Multan
Phone # +92619220012, Ext 2289
Email: makhdoomna...@gmail.com
makhdoomna...@nfciet.edu.pk

  _

Note:

1. The email and any files transmitted with it will be confidential and
intended solely for the use of the individual or entity to which they
will be addressed.
2. If you are not the named addressee, you should not disseminate,
distribute or copy the e-mail. If you are not the intended recipient,
you are notified that disclosing, copying, distributing, or taking any
action in reliance on the contents of the information is strictly
prohibited. Any unauthorized reproduction of the message may result in
legal and disciplinary action.
3. NFC IET shall not be liable for improper or incomplete or
delayed transmission of the message. NFC IET will not accept
liability for any errors or omissions in the contents of the message,
which arise as a result of email transmission.
4. NFC IET does not guarantee that the integrity of the email
has been maintained or that that communication will be free of viruses,
interceptions, or interference. Although NFC IET will take
reasonable precautions to ensure that no viruses will be present in the
mail, NFC IET cannot accept responsibility for any loss or
damage arising from the use of the email or attachments.
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Does kea support relay?

2021-04-13 Thread Peter Davies 
Hi Grace,
   Kea contains dhcp servers for IPv4 and IPv6.
It does not contain a dhcp relay agent or a dhcp client.

Kind Regards Peter

Sent from Outlook

From: Kea-users  on behalf of Yu, Mingli 

Sent: 13 April 2021 08:22
To: kea-users@lists.isc.org 
Subject: [Kea-users] Does kea support relay?

Hi Expert,

I use kea 1.8.2 and don't find any code related to dhcp relay agent
function, does kea provide dhcp relay agent function?

Any hint is welcomed.

Thanks,
Grace
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Need Solution

2021-04-12 Thread Peter Davies 
Hi Makhdoom,

   It appears that the configure script is not in your current directory.

I have a couple of questions:

Are you trying to install Kea from the source tarball or have you installed it 
already from a package?

Could you explain the step you have taken to get where you are now?


Kind Regard Peter



Sent from Outlook

From: Kea-users  on behalf of Makhdoom Naeem 

Sent: 12 April 2021 16:38
To: kea-users@lists.isc.org 
Subject: [Kea-users] Need Solution

Hi, I need a solution to the following error.

/Desktop/kea$ ./configure --prefix='/usr'
bash: ./configure: No such file or directory

Best Regards
--
Makhdoom Muhammad Naeem
Assistant Professor
Department of Electrical Engineering
NFC Institute of Engineering and Technology
Multan
Phone # +92619220012, Ext 2289
Email: makhdoomna...@gmail.com
makhdoomna...@nfciet.edu.pk

  _

Note:

1. The email and any files transmitted with it will be confidential and
intended solely for the use of the individual or entity to which they
will be addressed.
2. If you are not the named addressee, you should not disseminate,
distribute or copy the e-mail. If you are not the intended recipient,
you are notified that disclosing, copying, distributing, or taking any
action in reliance on the contents of the information is strictly
prohibited. Any unauthorized reproduction of the message may result in
legal and disciplinary action.
3. NFC IET shall not be liable for improper or incomplete or
delayed transmission of the message. NFC IET will not accept
liability for any errors or omissions in the contents of the message,
which arise as a result of email transmission.
4. NFC IET does not guarantee that the integrity of the email
has been maintained or that that communication will be free of viruses,
interceptions, or interference. Although NFC IET will take
reasonable precautions to ensure that no viruses will be present in the
mail, NFC IET cannot accept responsibility for any loss or
damage arising from the use of the email or attachments.
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Need guidance

2021-04-11 Thread Peter Davies 
H i Makhdoom,

   "man keacrtl" will show you how to use the "keacrtl" command.

How to configure "keactrl" can be found in the Kea Administrators Reference 
Manual

at: https://kea.readthedocs.io/en/kea-1.8.2/


NB: the use of "keacrtl" precludes the use of other service managers such as 
systemd.


Kind Regards Peter


On 11/04/2021 18:53, Makhdoom Naeem wrote:
Hi,

How to run keactrl command. Please give example keactrl command.

  _

Note:

1. The email and any files transmitted with it will be confidential and
intended solely for the use of the individual or entity to which they
will be addressed.
2. If you are not the named addressee, you should not disseminate,
distribute or copy the e-mail. If you are not the intended recipient,
you are notified that disclosing, copying, distributing, or taking any
action in reliance on the contents of the information is strictly
prohibited. Any unauthorized reproduction of the message may result in
legal and disciplinary action.
3. NFC IET shall not be liable for improper or incomplete or
delayed transmission of the message. NFC IET will not accept
liability for any errors or omissions in the contents of the message,
which arise as a result of email transmission.
4. NFC IET does not guarantee that the integrity of the email
has been maintained or that that communication will be free of viruses,
interceptions, or interference. Although NFC IET will take
reasonable precautions to ensure that no viruses will be present in the
mail, NFC IET cannot accept responsibility for any loss or
damage arising from the use of the email or attachments.


___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Need help to install kea dhcp4 in ubuntu.

2021-04-04 Thread Peter Davies 
Hi Makhdoom,
   If you wish to download and build the Kea software from source it is 
available at :  https://www.isc.org/download/
Instructions for compiling and configuring are included in the Kea Arm,  which 
is found at : https://kea.readthedocs.io/en/kea-1.8.2/
If you wish to install from ISC's  precompiled open source packages there is 
article explaining how this may be done here : 
https://kb.isc.org/docs/isc-kea-packages
see under Deb Repositories

Kind Regards Peter


Sent from Outlook

From: Kea-users  on behalf of Makhdoom Naeem 

Sent: 04 April 2021 14:08
To: kea-users@lists.isc.org 
Subject: [Kea-users] Need help to install kea dhcp4 in ubuntu.

Hi,

I want to install kea dhcp4 server in ubuntu. Please guide me in this regard.

regards

  _

Note:

1. The email and any files transmitted with it will be confidential and
intended solely for the use of the individual or entity to which they
will be addressed.
2. If you are not the named addressee, you should not disseminate,
distribute or copy the e-mail. If you are not the intended recipient,
you are notified that disclosing, copying, distributing, or taking any
action in reliance on the contents of the information is strictly
prohibited. Any unauthorized reproduction of the message may result in
legal and disciplinary action.
3. NFC IET shall not be liable for improper or incomplete or
delayed transmission of the message. NFC IET will not accept
liability for any errors or omissions in the contents of the message,
which arise as a result of email transmission.
4. NFC IET does not guarantee that the integrity of the email
has been maintained or that that communication will be free of viruses,
interceptions, or interference. Although NFC IET will take
reasonable precautions to ensure that no viruses will be present in the
mail, NFC IET cannot accept responsibility for any loss or
damage arising from the use of the email or attachments.
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Moving to implementing shared-networks

2020-11-14 Thread Peter Davies 
Hi Tim,
   I notice that you are using "subnet id"s in the "shared network" example 
whereas in your non "shared network example there appears to be no "subnet id"s.
Also the "subnet id"s returned in "stat-lease4-get" call don't seem to match 
your config?
If you are seeing relayed "offers" being sent from Kea but no "requests" being 
received then either

  1.  The offers are not getting through to the client
  2.  The requests from the client are not get back to Kea
  3.  The client doesn't like the offer and does not send a request or it has 
received an offer from some other source that it requests. If the reason is 
that the client for some reason does not like the offer then you should be 
seeing multiple discoveries from the client

Clients that already have leases should be unicasting renewal requests directly 
to Kea.

/Peter

Sent from Outlook

From: Kea-users  on behalf of Tim Požár 

Sent: 14 November 2020 02:05
To: Kea-users@lists.isc.org 
Subject: [Kea-users] Moving to implementing shared-networks

I am working with a small ISP that got a /22 of v4 space and is using
kea 1.6.2 in HA mode on two VMs.  From the /22 they use a /23 for DHCP
customers.  The rest is for statics, loopbacks, etc.

The servers are sitting behind a Juniper MX104 using subscriber services
so the stanard, get a dhcp packet with a particular DHCP Agent info of
double tag, start to build the demux interface, look the customer up in
Radius and assign them an IP address via DHCP and finish the demux
interface on the last DHCP ACK.

They have nearly exhausted the /23 so they would like to add another
small prefix (/26) to get them another 60 addresses or so to tied them
over until the can pick up another /22 or so to move their dhcp
customers too.

Working REDACTED config...
---
{
 "Dhcp4": {
 "interfaces-config": {
 "interfaces": [ "eth0", "eth1", "eth2" ]
 },
[...]
 "valid-lifetime": 4000,
 "renew-timer": 1000,
 "rebind-timer": 2000,
 "reservation-mode": "disabled",
 "control-socket": {
 "socket-type": "unix",
 "socket-name": "/tmp/kea-dhcp4-ctrl.sock"
 },
 "lease-database": {
 "type": "memfile",
 "persist": true,
 "name": "/var/lib/kea/kea-leases4.csv",
 "lfc-interval": 3600
 },
[...]
 "option-data": [
 {
 "name": "domain-name-servers",
 "data": "9.9.9.9, 8.8.8.8"
 }
 ],
[...]
 // For a list of available hook libraries, see
https://gitlab.isc.org/isc-projects/kea/wikis/Hooks-available
 "hooks-libraries": [
 {
 "library": "/usr/lib64/kea/hooks/libdhcp_ha.so",
 "parameters": {
 "high-availability": [
 {
 "this-server-name": "dhcp01",
 "mode": "load-balancing",
 "peers": [
 {
 "name": "dhcp01",
 "url": "http://10.1.9.2:8080/;,
 "role": "primary"
 },
 {
 "name": "dhcp02",
 "url": "http://10.1.9.3:8080/;,
 "role": "secondary"
 }
 ]
 }
 ]
 }
 }
 ],
 "subnet4": [
 {
 // "name": "Networks",
 "option-data": [
 {
 "data": "1.2.3.1",
 "name": "routers"
 }
 ],
 "pools": [{"pool": "1.2.3.2 - 1.2.4.254"}],
 "reservations": [],
 "subnet": "1.2.3.0/23",
 "relay": {
 "ip-addresses": [ "1.2.3.1","1.2.5.1" ]
 }
 },
[...]

I moved the subnet4 stanza for the 1.2.3.1/23 pool to a shared-network
stanza and added a new /26 that looks like:
[...]
 "shared-networks": [
 {
 "name": "BNG-Users1",
 "relay": {
 "ip-addresses": [ "1.2.3.1","1.2.5.1" ]
  },
 "subnet4": [
 {
 // "name": "Customer Network Prefix #2",
 "option-data": [
 {
 "data": "1.2.5.1",
 "name": "routers"
 }
 ],
 "pools": [{"pool": "1.2.5.2 - 1.2.5.62"}],

Re: [Kea-users] New IP address after each reboot

2020-10-19 Thread Peter Davies 
Hi Anton,

   Have you considered dropping the DHCPRELEASE packets instead?

You can read how this could be done in Gitlab #606 "Drop packets in DROP class" 
at https://gitlab.isc.org/isc-projects/kea/-/issues/606


Please refer to the Kea Arm for a discussion on the "DROP" class.


Kind Regards Peter



From: Kea-users  on behalf of Anton Starikov 

Sent: 18 October 2020 19:02
To: kea-users@lists.isc.org 
Subject: [Kea-users] New IP address after each reboot


Good afternoon!

Sorry for my english.



There is a problem with Kea Dhcp4 1.6.3 (1.8 is the same).

After each reboot, the client (Ubuntu, Arch) gets a new ip address from 
KeaDhcp. As I understand it, this is due to the fact that Kea, after receiving 
DHCPRELEASE from the client, does not immediately release the address (although 
it adds a line with expire = 0 to the lease-database), but does it after a 
while.

As an experiment, I limited the address pool to two ip. And with each reboot 
(interval ~ 20 seconds), the client received different addresses in a circle.

Previously, Mikrotik was used as DHCP, there was no such problem. The client 
rebooted and, if the address was still free, he received it back.

Is there any way to force Kea to immediately release such addresses?



I tried to change the settings described in the documentation in section "10. 
Lease Expiration", it didn't help.









{

  "Dhcp4": {

"loggers": [

{

"name": "kea-dhcp4",

"output_options": [

{

"output": "/var/log/kea-debug.log",

"maxver": 8,

"maxsize": 204800,

"flush": true,

"pattern": "%d{%j %H:%M:%S.%q} %c %m\n"

}

],

"severity": "DEBUG",

"debuglevel": 99

},

{

"name": "kea-dhcp4.commands",

"output_options": [

{

"output": "syslog"

}

],

"severity": "DEBUG",

"debuglevel": 99

},

{

"name": "kea-dhcp4.http",

"output_options": [

{

"output": "syslog"

}

],

"severity": "DEBUG",

"debuglevel": 99

},

{

"name": "kea-dhcp4.callouts",

"output_options": [

{

"output": "syslog"

}

],

"severity": "DEBUG",

"debuglevel": 99

}],

"authoritative": false,

"boot-file-name": "",

"calculate-tee-times": true,

"client-classes": [

  {

"boot-file-name": "",

"name": "pxe",

"next-server": "10.0.0.12",

"only-if-required": true,

"option-data": [

  {

"always-send": false,

"code": 66,

"csv-format": true,

"data": "10.0.0.12",

"name": "tftp-server-name",

"space": "dhcp4"

  },

  {

"always-send": false,

"code": 67,

"csv-format": true,

"data": "grldr",

"name": "boot-file-name",

"space": "dhcp4"

  }

],

"option-def": [ ],

"server-hostname": "",

"test": "member('ALL')"

  },

  {

"boot-file-name": "",

"name": "voip",

"next-server": "10.0.0.10",

"only-if-required": true,

"option-data": [

  {

"always-send": false,

"code": 66,

"csv-format": true,

"data": "10.0.0.10",

"name": "tftp-server-name",

"space": "dhcp4"

  },

  {

"always-send": false,

"code": 67,

"csv-format": true,

"data": "grldr1",

"name": "boot-file-name",

"space": "dhcp4"

  }

],

"option-def": [ ],

"server-hostname": "",

"test": "member('ALL')"

  }

],

"control-socket": {

  "socket-name": "/tmp/kea-dhcp4-ctrl.sock",

  "socket-type": "unix"

},

"decline-probation-period": 86400,

"dhcp-ddns": {

  "enable-updates": false,

  "generated-prefix": "myhost",

  "max-queue-size": 1024,

  "ncr-format": "JSON",

  "ncr-protocol": "UDP",

  "override-client-update": false,

  "override-no-update": false,

  "qualifying-suffix": "",

  "replace-client-name": "never",

  "sender-ip": "0.0.0.0",

  "sender-port": 0,

  "server-ip": "127.0.0.1",

  "server-port": 53001

},

"dhcp-queue-control": {

  "capacity": 500,

  "enable-queue": false,

  "queue-type": "kea-ring4"

},

"dhcp4o6-port": 0,

"echo-client-id": true,