Hi Darren, Deciding the reservation model
9.3.9. Global Reservations in DHCPv4 describes in general our setup. Clients generally can roam in our network based on the attributed "pool class" to the specific mac address and the "accessability" of the specific network. The following section: #+begin_quote 9.3.9. Global Reservations in DHCPv4:An address assigned via global host reservation must be feasible for the subnet the server selects for the client. In other words, the address must lie within the subnet; otherwise, it is ignored and the server will attempt to dynamically allocate an address. If the selected subnet belongs to a shared network, the server checks for feasibility against the subnet's siblings, selecting the first in-range subnet. If no such subnet exists, the server falls back to dynamically allocating the address.
#+END_quote
with the given example:
#+begin_quote
"Dhcp4": {
# This specifies global reservations.
# They will apply to all subnets that
# have global reservations enabled.
"reservations": [
{
"hw-address": "aa:bb:cc:dd:ee:ff",
"hostname": "hw-host-dynamic"
},
{
"hw-address": "01:02:03:04:05:06",
"hostname": "hw-host-fixed",
# Use of IP addresses in global reservations is risky.
# If used outside of a matching subnet, such as 192.0.1.0/24,
# it will result in a broken configuration being handed
# to the client.
"ip-address": "192.0.1.77"
},
{
"duid": "01:02:03:04:05",
"hostname": "duid-host"
},
{
"circuit-id": "'charter950'",
"hostname": "circuit-id-host"
},
{
"client-id": "01:11:22:33:44:55:66",
"hostname": "client-id-host"
}
],
"valid-lifetime": 600,
"subnet4": [
{
"id": 1,
"subnet": "10.0.0.0/24",
# Specify if the server should look up global reservations.
"reservations-global": true,
# Specify if the server should look up in-subnet reservations.
"reservations-in-subnet": false,
# Specify if the server can assume that all reserved addresses
# are out-of-pool. It can be ignored because
"reservations-in-subnet"
# is false.
# "reservations-out-of-pool": false,
"pools": [ { "pool": "10.0.0.10-10.0.0.100" } ]
}
]
}
#+end_quote
contradicts (at least at my current understanding) with:
https://kea.readthedocs.io/en/kea-3.0.2/arm/dhcp4-srv.html#host-reservations-in-dhcpv4
(9.3. Host Reservations in DHCPv4)
#+begin_quoteMaking a reservation for a mobile host that may visit multiple subnets requires a separate host definition in each subnet that host is expected to visit. It is not possible to define multiple host definitions with the same hardware address in a single subnet. Multiple host definitions with the same hardware address are valid if each is in a different subnet.
#+end_quote that wants a reservation at the subnet level. Then there is also the part: #+begin_quote # Specify if the server should look up global reservations. "reservations-global": true, # Specify if the server should look up in-subnet reservations. "reservations-in-subnet": false, #+end_quotewhere in https://kea.readthedocs.io/en/kea-3.0.2/arm/dhcp4-srv.html#fine-tuning-dhcpv4-host-reservation
(9.3.8. Fine-Tuning DHCPv4 Host Reservation) it is explainedthat in the setup using resertations-global deactivates the use of reservations-in-subnet anyway (so why is it even defined):
#+begin_quote 9.3.8. Fine-Tuning DHCPv4 Host Reservation
{
"Dhcp4": {
"reservations-global": true,
"reservations-in-subnet": false
}
}
#+end_quote
Right this mail is already to big, so i will postpone my questions on
the decision diagram in 9.3.8. Fine-Tuning DHCPv4 Host Reservation.
gg
On 11/20/25 9:52 AM, Gregor Kling wrote:
Hi Darren, On 11/19/25 3:58 PM, Darren Ankney wrote:Hi Gregor, That *should* work, but you don't have to do it that way. You could specify the reservation globally, set `"reservations-global": true`(https://kea.readthedocs.io/en/stable/arm/dhcp4-srv.html#fine-tuning-dhcpv4-host-reservation)and specify whatever classes are necessary in "client-classes" so that you would only need to have one entry per client. This may reduce performance but see here: https://reports.kea.isc.org/ for Kea performance numbers, perhaps it is not a concern?Actually this is the part where i am right now trying to wrap my head around.It is totally unclear to me if reservations-in-subnet or reservations-global is what i should use. I guess you will hear from me for this one as well :) ggThank you, Darren AnkneyOn Wed, Nov 19, 2025 at 4:16 AM Gregor Kling <[email protected]> wrote:Hello, On 11/18/25 10:13 AM, Gregor Kling wrote:If i am understanding correctly, i'll have to to put #+begin_quote "hw-address": "a1:bb:cc:dd:ee:ff", "client-classes": [ "pool_name_1", "pool_name_etc" ] #+end_quote (without ip-address) in every subnet reservations block where i want to have the system with the mac address: "a1:bb:cc:dd:ee:ff" get an address from the "matching" dynamic pool?To answer myself:https://kea.readthedocs.io/en/kea-3.0.2/arm/dhcp4-srv.html#host-reservations-in-dhcpv4is clear about that: #+begin_quote Making a reservation for a mobile host that may visit multiple subnetsrequires a separate host definition in each subnet that host is expectedto visit. It is not possible to define multiple host definitions with the same hardware address in a single subnet. Multiple host definitionswith the same hardware address are valid if each is in a different subnet.#+end_quote gg -- Gregor Kling Abteilung ITS, Sachgebiet ITS-N Technische Hochschule Mittelhessen University of Applied Sciences Tel: 0641/309-1292 E-Mail: [email protected] --ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. [email protected]
-- Gregor Kling Abteilung ITS, Sachgebiet ITS-N Technische Hochschule Mittelhessen University of Applied Sciences Tel: 0641/309-1292 E-Mail: [email protected]
smime.p7s
Description: S/MIME Cryptographic Signature
-- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. [email protected]
