[Kea-users] KEA DHCPv6 Server and PD

Fri, 04 Aug 2023 08:17:36 -0700 

Hello,
I am trying to set up the KEA DHCPv6 server with prefix delegation pools. I am now so far that the router behind the DHCPv6 obtains prefixes for its subnets, but all interfaces have the same prefix. 

Here is my setup:
gw-wan0 (server):
Debian/Bookworm
KEA: 2.2.0

$ cat /etc/kea/kea-dhcp6.conf
{
  "Dhcp6": {
    "valid-lifetime": 4000,
    "renew-timer": 1000,
    "rebind-timer": 2000,
    "preferred-lifetime": 3000,

    "control-socket": {
      "socket-type": "unix",
      "socket-name": "/run/kea/kea6-ctrl-socket"
    },

    "option-data": [
      {
        "name": "dns-servers",
        "data": "xxxx:xxxx::1"
      }
    ],

    "interfaces-config": {
      "interfaces": [ "enp2s0" ]
    },

    "lease-database": {
      "type": "memfile",
      "persist": true,
      "name": "/var/lib/kea/kea-leases6.csv",
      "lfc-interval": 3600
    },

    "subnet6": [
      {
        "subnet": "xxxx:xxxx:ff00:ff00::/56",
        "interface": "enp2s0",
        "pd-pools": [
          {
            "prefix": "xxxx:xxxx:ff00:ff00::",
            "prefix-len": 56,
            "delegated-len": 64
          }
        ]
      }
    ],

    "loggers": [
      {
        "name": "kea-dhcp6",
        "output_options": [
          {
            "output": "/var/log/kea/kea-dhcp6.log",
            "maxver": 8,
            "maxsize": 204800,
            "flush": true,
            "pattern": "%d{%j %H:%M:%S.%q} %c %m\n"
          }
        ],
        "severity": "DEBUG",
        "debuglevel": 99
      }
    ]
  }
}


$ ip a s enp2s0

3: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP 
group default qlen 1000

    link/ether 00:0d:b9:55:b8:15 brd ff:ff:ff:ff:ff:ff
    inet x.x.107.4/31 brd 255.255.255.255 scope global enp2s0
       valid_lft forever preferred_lft forever
    inet6 xxxx:xxxx:ff00:ff00::1/56 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::20d:b9ff:fe55:b815/64 scope link
       valid_lft forever preferred_lft forever


gw-test (client):
Debian/Bookworm
wide-dhcpv6-client: 20080615-23

(for historical reasons and because I'm already running many other 
installations with it, I'm currently testing with WIDE)


$ cat /etc/wide-dhcpv6/dhcp6c.conf
profile default
{
  script "/etc/wide-dhcpv6/radvd";
};

interface enp2s0
{
  send ia-pd 0;
  script "/etc/wide-dhcpv6/radvd";
};

id-assoc pd
{
  prefix-interface enp3s0
  {
    sla-id 1;
  };
  prefix-interface enp4s0
  {
    sla-id 2;
  };
};

$ ip a s enp2s0

3: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP 
group default qlen 1000

    link/ether 00:0d:b9:56:4b:c5 brd ff:ff:ff:ff:ff:ff
    inet x.x.107.5/31 brd x.x.107.5 scope global dynamic enp2s0
       valid_lft 3381sec preferred_lft 3381sec

    inet6 xxxx:xxxx:ff00:0:20d:b9ff:fe56:4bc5/64 scope global dynamic 
mngtmpaddr

       valid_lft 86085sec preferred_lft 14085sec
    inet6 fe80::20d:b9ff:fe56:4bc5/64 scope link
       valid_lft forever preferred_lft forever

$ ip a s enp3s0

4: enp3s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state 
DOWN group default qlen 1000

    link/ether 00:0d:b9:56:4b:c6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.3.1/24 brd 192.168.3.255 scope global enp3s0
       valid_lft forever preferred_lft forever
    inet6 xxxx:xxxx:ff00:ff00:20d:b9ff:fe56:4bc6/64 scope global tentative
       valid_lft forever preferred_lft forever

$ ip a s enp4s0

5: enp4s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state 
DOWN group default qlen 1000

    link/ether 00:0d:b9:56:4b:c7 brd ff:ff:ff:ff:ff:ff
    inet 192.168.4.1/24 brd 192.168.4.255 scope global enp4s0
       valid_lft forever preferred_lft forever
    inet6 xxxx:xxxx:ff00:ff00:20d:b9ff:fe56:4bc7/64 scope global tentative
       valid_lft forever preferred_lft forever


Both devices are directly connected to each other on the enp2s0 interface.


My expectation was that gw-test would get its own /64 IPv6 subnet at the 
KEA DHCPv6 server for each interface defined in the wide-dhcpv6-client 
(i.e. enp3s0 and enp4s0). Instead, both interfaces get the same subnet, 
which makes no sense (or is not the result I have in mind).



Every time I restart the wide-dhcpv6-client, KEA counts up the subnet by 
one. Currently I got the subnet xxxx:xxxx:ff00:ff00::/64 (after emptying 
the lease cache). After the next reboot I get the subnet ff01, then 
ff02, ff03 and so on.



Unfortunately I don't find the documentation on KEA DHCPv6 server and 
prefix delegation pools very comprehensive. I put together my 
configuration from the few examples I found on the internet.



I would be very grateful for any help:
1. why doesn't each interface get its own subnet /64?

2. why does KEA count up the subnets instead of - with a new DHCP 
request - assigning the same subnets again?


Many thanks & best regards
Meinhard
--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users






















					Reply via email to