Hi Francis!
Thank you for the reply! I am running Ubuntu 22.04.2, kea 2.4.0, openssl
3.0.2
So far as log files go, I cannot. The DHCP4 hook for ha seems to be
throwing the error reported in systemctl when it is passed the parameters
and it never actually starts to log itself even on DEBUG 99.
CS
.commands/1393730] COMMAND_RECEIVED
Received command 'ha-heartbeat'
2023-12-26 20:59:43.811 INFO [kea-dhcp4.commands/1393730] COMMAND_RECEIVED
Received command 'ha-heartbeat'
2023-12-26 20:59:53.827 INFO [kea-dhcp4.commands/1393730] COMMAND_RECEIVED
Received command 'ha-heartbeat'
2023-12-26 21:0
Kea 2.4.0
On Wed, Dec 27, 2023, 03:18 Darren Ankney wrote:
> Hi,
>
> If I may ask, what version of Kea are you using? Some defaults have
> changed across versions.
>
> Thank you,
>
> Darren Ankney
>
> On Tue, Dec 26, 2023 at 4:31 PM CS wrote:
> >
-DOWN
2023-12-27 22:25:57.695 INFO [kea-dhcp4.ha-hooks/1434251]
HA_LEASE_UPDATES_DISABLED lease updates will not be sent to the partner
while in READY state
CS, cs.temp.m...@gmail.com
On Wed, 27 Dec 2023 at 11:22, Darren Ankney wrote:
> Hi,
>
> See attached four files:
>
>
telneting around it appears server1 can reach 8001 on itself but not 2.
server 2 can telnet 8001 on server 1 but not itself.
I see nothing logged that indicates a conflict tho and both of these
besides being on different subnets these servers are virtually identical
and firewall free.
CS
Me too, especially SELinux. But not in this case. apparmor is disabled as
far as I know.
I'm going to clone server1 into a server3 and see if the new server binds
to the port then and if one and three will HA effectively. Bit of a
sledgehammer approach but I'm at a loss too.
CS, cs.temp.m
ly outside the
scope of this mailing list. I'll follow up a new thread to see what info I
can take forward in my project if I must move-on to micetro support.
Thank you all for your help, especially you Mr Ankney.
CS, cs.temp.m...@gmail.com
On Thu, 28 Dec 2023 at 11:45, Darren Ankney wrote:
> I'
with the best error (Micetro just says: "Unable to
connect") and only asks for a hostname or ip address (refusing any
elaborations like https)
This sounds like a TLS 1.0-1.3 issue to me. Any idea what kea CA is looking
for?
CS, cs.temp.m...@gmail.com
--
ISC funds the development of thi
// the commands should still be sent via CA. The dedicated listener
// is specifically for HA updates only.
However, how to have a dedicated port for HA and a different one for CA
escapes me.
CS, cs.temp.m...@gmail.com
--
ISC funds the development of this software with paid support
Thanks for the help! Found the issues and solved it. On to further
problems! Will file with a new subject.
CS, cs.temp.m...@gmail.com
On Sat, 16 Dec 2023 at 07:50, Darren Ankney wrote:
> Hi,
>
> You can see logs in systemd with journalctl -xe ... the program also
> allows you
Hi all,
I have been combing through the docs and the larger internet for help but
I'm stuck. I am trying to add certs to my 2 HA kea servers but adding the
stanza just causes the daemon to fail to start with little explanation safe
for the hook failed. I feel pretty confident that my certs are
8000 --auth-user keauser
--auth-password "bad password" --service dhcp4 list-commands
Failed to run:
makes me think otherwise. Nothing gets logged to the CA or DHCP4 verbose
logs either. Just refuses the connection... am I missing something simple?
CS, cs.temp.m...@gmail.com
--
"DNS:$myserver,IP:x.x.x.1"
sign_endpoint ca1_cert
rm "$mybase/ca1_cert.csr"
dhcp1_cert=dhcp1_cert
create_endpoint "$dhcp1_cert" dhcp1_key.pem "$myserver"
"DNS:$myserver,IP:x.x.x.1"
sign_endpoint "$dhcp1_cert"
rm "$mybase/$dhcp1_cert
e one in the sample command line.
Don't I show what you are suggesting I might not have done? "--ca
Certificate_Autority.pem"
CS, cs.temp.m...@gmail.com
On Thu, 14 Mar 2024 at 11:22, Rick Frey wrote:
> I believe that error indicates your Kea server requires a client
> certificat
s (without certs) as does kea-shell, however micetro
does not. I suppose this is likely outside the scope of this userlist and
I'll follow up further in that with bluecat.
CS, cs.temp.m...@gmail.com
On Thu, 14 Mar 2024 at 12:32, Rick Frey wrote:
> When “cert-required” is set to true, you
Empty reply from server" tho telnet works.
curl --insecure -u bad_user:bad_password -X POST -H "Content-Type:
application/json" -d '{ "command": "config-get", "service": [ "dhcp4" ] }'
xxx.xxx.xxx.xxx:8000
CS, cs.temp.m...@gmail.com
On Thu
equired (_ssl.c:2578)
Do you all know what I've done wrong or what I need to do to make the cert
right?
CS, cs.temp.m...@gmail.com
--
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
To unsubscribe visit h
Has anyone performed a migration from windows to kea and have any leads or
recommendations for starting to plan mine?
CS, cs.temp.m...@gmail.com
--
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information
18 matches
Mail list logo