[Freeipa-users] Re: Plans for integrating DHCP

Wed, 25 Oct 2023 12:18:10 -0700 


On 9/25/23 13:56, Charles Hedrick via FreeIPA-users wrote:
We did most of this, and have been using it for a few years. However it depends upon the ISC DHCP server, which is now EOL. The replacement, KEA, does not support LDAP, and there are no plans for it to. 


I think the reason is that they didn't want to put dynamic addresses 
in LDAP, because LDAP is thought of as read-mostly. The way LDAP is 
used in IPA, of course, means there are lots of changes going on. For 
most sites, I suspect putting leases in LDAP would be OK. But ISC 
isn't going to help, I don't think.

------------------------------------------------------------------------

*From:* Ellsworth, Nathan Andrew via FreeIPA-users 
<freeipa-users@lists.fedorahosted.org>

*Sent:* Monday, September 25, 2023 2:09 PM

*To:* freeipa-users@lists.fedorahosted.org 
<freeipa-users@lists.fedorahosted.org>

*Cc:* Ellsworth, Nathan Andrew <nathan.ellswo...@utdallas.edu>
*Subject:* [Freeipa-users] Re: Plans for integrating DHCP

There is an interesting design document already for DHCP with FreeIPA.

https://www.freeipa.org/page/DHCP_Integration_Design


I've already implemented a kea-isc dhcp integration with freeipa.  Been 
operating for about 16 months now without important change.  Also 
handles dnssec key rotations.  Allows to designate fixed ips, handles 
name collisions, generates certs, offers to collect v6 duid with v4 mac 
under a common freeipa/dns host, etc.   Entirely HA, supports ranges via 
via across a dozen 'inside client locations', etc.   Uses mariadb as a 
backend to kea-dhcp. And supports connectivity to more than one ISP for 
HA purposes. https://rockstablesystems.com   It was 'quite a ride' from 
a tech perspective.



HC






_______________________________________________
FreeIPA-users mailing list --freeipa-users@lists.fedorahosted.org
To unsubscribe send an email tofreeipa-users-le...@lists.fedorahosted.org
Fedora Code of 
Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines
List 
Archives:https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report 
it:https://pagure.io/fedora-infrastructure/new_issue
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue






















					Reply via email to