Hello,
I am running dhcp6 server with strict policy that KEA talks only to clients
with known MACs (Reservations) and provides only a static config for them. All
clients are operating via DHCPv6 relay and the relay should pass client's MAC
option 79 RFC 6939 for KEA to be used via client-link-addr-option.
This is a working except from my kea-dhcp6.conf. All it works fine, if client
uses DUID-LLT or DUID-LL, where MAC address can be determined from DUID.
...
"client-classes": [
{
"name": "DROP",
"test": "not member('KNOWN')"
}
...
"host-reservation-identifiers": [ "hw-address", "duid" ],
"mac-sources": [ "client-link-addr-option", "remote-id", "subscriber-id",
"ipv6-link-local", "duid" ],
...
"subnet6": [
{
"reservations": [
{
"hw-address": "xx:xx:xx:xx:xx:xx",
"ip-addresses": [ "xxxx:xxxx:xxxx:1::2" ],
etc.
...
However, if client uses another DUID type, this happens - "Expression DROP is
evaluated to true" and the request is dropped.
INFO DHCP6_QUERY_LABEL received query:
duid=[00:02:00:00:d2:6d:8e:83:64:d4:6c:e7:26:8e], [no hwaddr info], tid=0x2621c
INFO EVAL_RESULT duid=[00:02:00:00:d2:6d:8e:83:64:d4:6c:e7:26:8e], [no hwaddr
info], tid=0x2621c: Expression DROP evaluated to true
DEBUG DHCP6_PACKET_DROP_DROP_CLASS2 dropped as member of the special class
'DROP' after host reservation lookup:
duid=[00:02:00:00:d2:6d:8e:83:64:d4:6c:e7:26:8e], [no hwaddr info]
local_address=[xxxx:xxxx:xxxx:x::x]:0,
remote_address=[xxxx:xxxx:xxxx:xxxx::1]:547, msg_type=SOLICIT (1),
It looks like that host reservation lookup was probably not performed with
correct MAC (that was told to the KEA via option 79).
Any ideas to fix it?
Thank you very much.
Sincerely,
Jan Rovner
--
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users
