Hello, I use Kea in a pure static way, that it responds ONLY to the requests of
trusted clients. I did not find any built-in solution, so I have modified
user_chk hook example to drop any request that does not come from MAC present
server reservations (Kea reservations = trusted MACs). Is this approach OK? Or
would it be possible to achieve the same result in the other way? In my
solution, I have a few weird things in the config files - for example "dummy"
pools like "pool": "192.168.1.0/32" ("dummy") , because pool declarations are
mandatory...
Secondly, I am not sure about HA config, because both of my servers finish with
HA_LOCAL_DHCP_ENABLE message. I have two servers (192.168.99.5 called
"keadhcp-1" and 192.168.99.6 called "keadhcp-2"), they have exactly the same
configuration file except "this-server-name": "keadhcp-x" line, see below. I
would like to have as quick failover as possible.
The last thing - I am also unsure how to properly update server config files -
I do config file update via API, one server immediately after another, maybe I
should wait some time before updating the second server in order to HA to
settle somehow ... Or not?
Thank you for any ideas,
Jan
"library": "/usr/local/lib/hooks/libdhcp_ha.so",
"parameters": {
"high-availability": [
{
"heartbeat-delay": 5000,
"max-ack-delay": 5000,
"max-response-delay": 10000,
"max-unacked-clients": 0,
"mode": "hot-standby",
"peers": [
{
"auto-failover": true,
"name": "keadhcp-1",
"role": "primary",
"url": "http://192.168.99.5:8000";
},
{
"auto-failover": true,
"name": "keadhcp-2",
"role": "standby",
"url": "http://192.168.99.6:8000";
}
],
"send-lease-updates": true,
"sync-leases": true,
"sync-page-limit": 10000,
"sync-timeout": 20000,
"this-server-name": "keadhcp-x"
}
]
}
}
_______________________________________________
Kea-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/kea-users
