Re: [Kea-users] KEA MySQL Database Circuit ID Storage
Hi Cody, Please have a look at the forensic logging hook for a way to log circuit IDs with leases: https://kea.readthedocs.io/en/kea-2.4.0/arm/hooks.html#libdhcp-legal-log-so-forensic-logging Thank you, Darren Ankney On Fri, Oct 20, 2023 at 9:47 AM Cody Shultz via Kea-users wrote: > > Hello, > > > > We’ve have our DHCP relay agent inserting a Circuit ID field > into the incoming DHCP packets. Does this field get mapped to leases in the > DHCP database, and if not, is there a way to configure it? We would like to > be able to filter our leases via the circuit ID to make tracking down > specific user leases easier. Thanks! > > > > Cody Shultz > > -- > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > Kea-users mailing list > Kea-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/kea-users -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
Re: [Kea-users] Configuring HA with multiple interfaces on both the appliances
Hi Kraishak,
In the URL for the primary server set the URL including the IP you
want it to listen on for the primary. Same on the secondary using the
IP you want the secondary to listen on. It doesn't matter if you are
serving DHCP on the same IP or not.
Thank you,
Darren Ankney
On Thu, Oct 19, 2023 at 2:52 AM Kraishak Mahtha wrote:
>
> Hi,
> yes I have to use the URL directive for sure, I am in sync with that. the
> only doubt was when we have multiple interfaces like eth0, eth1, and eth2 and
> I want kea-dhcp listening only on the eth1 and eth2 interface which IP should
> I need to use in URL directive
>
> Should be able to use any one of the addresses you have for that server.
> > Yes I am also thinking the same way that I will be using eth0 IP
> address in URL directive by default, but just want to confirm is that a
> correct way of proceeding?
>
>
> On Wed, Oct 18, 2023 at 11:47 PM Rick Frey wrote:
>>
>> In reading
>> https://kea.readthedocs.io/en/kea-2.4.0/arm/hooks.html#multi-threaded-configuration-ha-mt,
>> you still configure the “url” directive of the HA hook with single URL for
>> control commands even when using HA+MT mode with http-dedicated-listener =
>> true. Thus the URL would need to be pointed to an IP address (or hostname
>> that resolves) of that server and is routable between the two HA nodes.
>> I’ve not used Kea in with http-dedicated-listener, but assuming you can use
>> any IP address on the host. Should be able to use any one of addresses you
>> have for that server.
>>
>> Not sure I understand your question. Are you concerned if using an URL w/
>> single IP address, that the address or interface may fail on the server?
>>
>>
>>
>>
>> On Oct 18, 2023, at 10:15 AM, Kraishak Mahtha wrote:
>>
>> Hi Rick,
>>
>> Thanks for your response and explanation but I a using the kea-dhcp with (HA
>> + MT) mode hence I will be not using the kea-control agent in my regular use
>> case, so the IPs for the URLs will be of interface IP address but as said if
>> we have different listening interfaces ..I am a bit confused about the
>> configuration.
>>
>> Thanks
>> Kraishak
>>
>> On Mon, Oct 16, 2023 at 9:09 PM Rick Frey wrote:
>>>
>>> You can have different number of listening interfaces for HA pair (assuming
>>> they are able to receive requests for all subnets). The “url” directive in
>>> the HA hook configuration is for the Control-Agent (CA). The addr/port of
>>> the Control-Agent is independent of the DHCP4 server and is specified in
>>> its config (kea-ctrl-agent.conf). The address for the Control-Agent can be
>>> different than address(es) you configure for the DHCP4 server.
>>>
>>> On Oct 16, 2023, at 8:37 AM, Kraishak Mahtha wrote:
>>>
>>> Hi all,
>>>
>>> Re-sending the mail once again to check if anyone is familiar with this
>>> case, and can guide me.
>>>
>>> On Tue, Oct 3, 2023 at 12:32 PM Kraishak Mahtha
>>> wrote:
Hi all,
I have a few doubts in a case where we have multiple interfaces listening
in the kea dhcp and configured in HA/Failover mode.
For instance: I have server A with four interfaces
eth0 (192.168.0.51), eth1 (192.168.0.52), eth2 (192.168.0.53), eth3
(192.168.0.54) and server B I have three interfaces
eth1(192.168.0.61), eth2(192.168.0.62), eth2(192.168.0.63).
Case 1) Can we define failover configuration with servers A and B
specifying server A listening on three interfaces and server B listening
on two interfaces? (no same number of interfaces on both appliances).
Case 2) When we have such a configuration how do we deal with the failover
configuration where we specify only one IP?
"peers": [
{
"role": "primary",
"name": "dhcp1",
"auto-failover": true,
"url": "http://192.168.0.51:8001";
},
{
"role": "secondary",
"name": "dhcp2",
"auto-failover": true,
"url": "http://192.168.0.61:8001";
}
],
Should we specify all the listening interface IP's in the failover section?
Can someone who is familiar with such setups and has faced similar issues
guide me?
Thanks in Advance
Kraishak
>>> --
>>> ISC funds the development of this software with paid support subscriptions.
>>> Contact us at https://www.isc.org/contact/ for more information.
>>>
>>> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>>>
>>> Kea-users mailing list
>>> Kea-users@lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/kea-users
>>>
>>>
>>> --
>>> ISC funds the development of this software with paid support subscriptions.
>>> Contact us at https://www.isc.org/contact/ for more information.
>>>
>>> To unsubscribe visit https://lists.isc.org/mailman/listinf
Re: [Kea-users] Issue installing Kea DHCP4 on Ubuntu 22 with Postgresql 16
Hi Ben, I'm not sure what to make of those errors. It does appear that changing database ownership is the correct course of action: https://gitlab.isc.org/isc-projects/kea/-/issues/2773 I'd say perform some tests and make sure that leases are successfully stored in the database (perhaps use the API to retrieve some leases). Keep an eye on logs for any error messages. Thank you, Darren Ankney On Tue, Oct 17, 2023 at 2:35 PM Ben Bridges wrote: > > Hi, > > > > I am trying to install the Kea DHCP4 server on Ubuntu 22.04 with PostgreSQL > v16. When I try to create the database tables with kea-admin, I get the > following error: > > > > psql:/usr/share/kea/scripts/pgsql/dhcpdb_create.pgsql:36: ERROR: permission > denied for schema public > > LINE 1: CREATE TABLE lease4 ( > > > > I had granted all privileges on the public schema (as well as all privileges > to the kea database) to the kea user. I read that in postgresql v16 only the > owner of a database can create objects in it, so I changed the owner of the > kea database to be the kea user and re-ran “kea-admin db-init” to initialize > the kea database. I did not get the above error, and the “kea-admin > db-version …” command now returns ’18.0’, but the “kea-admin db-init” command > did output the following NOTICEs: > > > > psql:/usr/share/kea/scripts/pgsql/dhcpdb_create.pgsql:140: NOTICE: function > lease4dumpheader() does not exist, skipping > > psql:/usr/share/kea/scripts/pgsql/dhcpdb_create.pgsql:148: NOTICE: function > lease4dumpdata() does not exist, skipping > > psql:/usr/share/kea/scripts/pgsql/dhcpdb_create.pgsql:178: NOTICE: function > lease6dumpheader() does not exist, skipping > > psql:/usr/share/kea/scripts/pgsql/dhcpdb_create.pgsql:186: NOTICE: function > lease6dumpdata() does not exist, skipping > > > > Are those message ok? Did I do the correct thing by changing the owner of > the kea database to be the kea user? Will that cause problems later when Kea > is upgraded to a newer version? Should the owner of the kea database be > changed back to the root user after it is initialized? Should the kea user > be granted all privileges on the public schema as I did? > > > > Thanks, > > .Ben Bridges. > > > > -- > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > Kea-users mailing list > Kea-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/kea-users -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
Re: [Kea-users] Migration Questions
Hi,
> Does the Kea Lease Migration support ISC DHCP Failover Lease Files?
The only difference between a non-failover lease file and failover
lease file in ISC DHCP, AFAIK, was that there were some extra entries
about peers and status. I don't think there was anything in the
actual leases themselves, so I imagine the answer would be yes.
>
> I might have overlooked this in the document for the Lease Migration. Would
> it be possible to upload the output of the Kea Lease Migration to MySQL
> Database Backend when Kea is configured to store Leases in a database rather
> than memfile? Or is the output intended to be used in the memfile?
I don't think the migration assistant itself is capable of that, but
the kea-admin tool can transport leases between memfile csv format and
database (postgres or mysql):
https://kea.readthedocs.io/en/kea-2.4.0/arm/admin.html#the-kea-admin-tool
>
> Also, I used the Kea Lease Migration and the converted lease file shows all
> the leases just fine. I followed the example to load the output csv file
> into Kea DHCP4 and when I test the configuration file everything shows to be
> fine. However, when I go to start the Kea DHCP4 Service, I get the error
> "unable to open database: unable to open "filename" regardless if the csv
> file is in the /etc/kea directory or the /var/lib/kea/ directory.
>
> Here is the lease database configuration snippet with the lease file in the
> /etc/kea directory -
>
> "sanity-checks": {
> "lease-checks": "fix-del"
> },
> "lease-database": {
> // Memfile is the simplest and easiest backend to use. It's an
> in-memory
> // C++ database that stores its state in CSV file.
> "type": "memfile",
> "persist": true,
> "name": "/etc/kea/dhcpd-leases-kea.csv",
> "lfc-interval": 3600
> },
Perhaps there is a permission issue? Depending how you installed, Kea
may be running as an unprivileged user (such as _kea) who may not have
access to the .csv file to read on startup.
Thank you,
Darren Ankney
--
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users
Re: [Kea-users] DDNS limitations - ddns-qualifying-suffix vs domain-name
Hi Vladimir, You can set it "ddns-qualifying-suffix": "", which resets it to empty in the block in which you do that. You could also only specify inside subnets where you need it specified and not specify at global level. There would have to be some way to flag hostnames that you wanted to ignore a ddns-qualifying-suffix setting somehow to have it simultaneously set to some value and not apply to all hostnames in that block. Thank you, Darren Ankney On Tue, Oct 17, 2023 at 2:50 AM Vladimir Nikolić wrote: > > Thanks Darren. > > If ‘ddns-qualifying-subnet’ is being set on any level, it’s then appended to > the ‘hostname’ value from the host reservation. ‘hostname’ is the FQDN, only > if ‘ddns-qualifying-subnet’ is empty. > So it’s either one or another. > Which is really inflexible. > > Regards > > > > On 17 Oct 2023, at 12:26 am, Darren Ankney wrote: > > > > Hi Vladimir, > > > > The DHCPv4 domain-name option (15) isn't meant for use with ddns. It > > is a search domain that the client should use when performing name > > resolution. See: https://www.rfc-editor.org/rfc/rfc2132#section-3.17 > > > > You can set ddns-qualifying-suffix at the global, shared-network and > > subnet level. In a host reservation, you can use the "hostname" > > parameter to specify a FQDN to send to the client and for use in DDNS. > > See here: > > https://kea.readthedocs.io/en/kea-2.4.0/arm/dhcp4-srv.html#reserving-a-hostname > > > >> On Mon, Oct 16, 2023 at 3:23 PM Vladimir Nikolic via Kea-users > >> wrote: > >> > >> Hi, > >> > >> While trying to migrate DHCP service from ISC DHCP to ISC KEA, we are > >> hitting following KEA limitations: > >> > >> - option domain-name has no part in DDNS names construction, it's only > >> ddns-qualifying-suffix that's being honoured > >> - ddns-qualifying-suffix can't be specified in the class definition (we > >> have dedicated zone for our OOB devices) > >> - there can be only one DDNS zone for all the clients in a subnet > >> (ddns-qualifying-suffix), with ISC DHCP you can have one default > >> domain-name for a subnet and every single host reservation with a > >> different domain-name (DDNS zone) > >> > >> Regards, > >> Vladimir > >> -- > >> ISC funds the development of this software with paid support > >> subscriptions. Contact us at https://www.isc.org/contact/ for more > >> information. > >> > >> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > >> > >> Kea-users mailing list > >> Kea-users@lists.isc.org > >> https://lists.isc.org/mailman/listinfo/kea-users > > -- > > ISC funds the development of this software with paid support subscriptions. > > Contact us at https://www.isc.org/contact/ for more information. > > > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > > > Kea-users mailing list > > Kea-users@lists.isc.org > > https://lists.isc.org/mailman/listinfo/kea-users -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
