Re: [Kea-users] Converting a dhcpd option to kea

2023-10-23 Thread Darren Ankney 
Hi,

You may want to have a look at the Kea Migration Assistant Online
site: https://dhcp.isc.org for help migrating an ISC DHCP
configuration to Kea (though it cannot automatically convert all parts
of some ISC DHCP configurations).  You configuration could be broken
into three parts.  The custom option definition
(https://kea.readthedocs.io/en/kea-2.2.0/arm/dhcp4-srv.html#custom-dhcpv4-options),
the Class definition / membership
(https://kea.readthedocs.io/en/kea-2.2.0/arm/classify.html), and the
setting of values in the custom options inside the class
(https://kea.readthedocs.io/en/kea-2.2.0/arm/classify.html).

Converted, it might look something like the below which I obtained
from the aforementioned https://dhcp.isc.org I have not tested the
config for functionality (though it looks to me like it would work),
only for correct syntax (meaning Kea will start and run using this
config).  Hopefully this (and the Kea Migration Assistant site) help!

{
  "Dhcp4": {
"option-def": [
  {
"space": "Nutanix",
"name": "fc_ip",
"code": 200,
"type": "string"
  },
  {
"space": "Nutanix",
"name": "api_key",
"code": 201,
"type": "string"
  }
],
"client-classes": [
  {
"name": "NutanixFC",
"test": "option[60].hex == 'NutanixFC'",
"option-def": [
  {
"name": "vendor-encapsulated-options",
"code": 43,
"type": "empty",
"encapsulate": "Nutanix"
  }
],
"option-data": [
  {
"name": "vendor-encapsulated-options",
"code": 43
  },
  {
"space": "Nutanix",
"name": "fc_ip",
"code": 200,
"data": "10.1.1.1"
  },
  {
"space": "Nutanix",
"name": "api_key",
"code": 201,
"data":
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJLZXlVVUlEIjoiZjE2MzBkYzMtODU0OC00YjZiLTZlMWMtZTVlOTU0YjM1NTQ2In0.HB_IdIaFvvyHpfzDzLZMQkHKstRsdiWnEMoqtU4N4kY"
  }
]
  }
]
  }
}

Thank you,

Darren Ankney

On Mon, Oct 23, 2023 at 4:25 PM Marcos Della  wrote:
>
> I have the following from dhcpd that I wanted to convert to KEA. I'm 
> struggling with how to implement it correctly:
>
> option space Nutanix;
> option Nutanix.fc_ip code 200 = string;
> option Nutanix.api_key code 201 = string;
> class “NutanixFC” {
> match if option vendor-class-identifier = “NutanixFC”;
>
> vendor-option-space Nutanix;
>
> option Nutanix.fc_ip “10.1.1.1”;
>
> option Nutanix.api_key 
> “eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJLZXlVVUlEIjoiZjE2MzBkYzMtODU0OC00YjZiLTZlMWMtZTVlOTU0YjM1NTQ2In0.HB_IdIaFvvyHpfzDzLZMQkHKstRsdiWnEMoqtU4N4kY”;}
>
> --
> ISC funds the development of this software with paid support subscriptions. 
> Contact us at https://www.isc.org/contact/ for more information.
>
> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>
> Kea-users mailing list
> Kea-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

[Kea-users] Converting a dhcpd option to kea

2023-10-23 Thread Marcos Della 
I have the following from dhcpd that I wanted to convert to KEA. I'm
struggling with how to implement it correctly:

option space Nutanix;
option Nutanix.fc_ip code 200 = string;
option Nutanix.api_key code 201 = string;
class “NutanixFC” {
match if option vendor-class-identifier = “NutanixFC”;

vendor-option-space Nutanix;

option Nutanix.fc_ip “10.1.1.1”;

option Nutanix.api_key
“eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJLZXlVVUlEIjoiZjE2MzBkYzMtODU0OC00YjZiLTZlMWMtZTVlOTU0YjM1NTQ2In0.HB_IdIaFvvyHpfzDzLZMQkHKstRsdiWnEMoqtU4N4kY”;}
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Kea 2.4.0 and duplicate host reservations not working as documented

2023-10-23 Thread Kevin P. Fleming 
On Mon, Oct 23, 2023, at 08:28, Veronique Lefebure wrote:
> Maybe https://gitlab.isc.org/isc-projects/kea/-/issues/2796 ?
 
> "naive" (dhcpd, microsoft style) conflict resolution (immediately reassign 
> lease to reserved host) (#2796) · Issues · ISC Open Source Projects / Kea · 
> GitLab 
> When resolving conflicts between active leases and host reservations, Kea 
> relies on the client with the active lease to cooperate. When lease times are 
> long, and the client...
> gitlab.isc.org

While that's not directly about 'duplicate reservations', the same logic would 
work for them I'll add a note to it. Thanks for the link!
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Kea 2.4.0 and duplicate host reservations not working as documented

2023-10-23 Thread Veronique Lefebure 
Maybe https://gitlab.isc.org/isc-projects/kea/-/issues/2796 ?
[https://gitlab.isc.org/uploads/-/system/project/avatar/26/kea-logo-100x70.png]
"naive" (dhcpd, microsoft style) conflict resolution (immediately reassign 
lease to reserved host) (#2796) · Issues · ISC Open Source Projects / Kea · 
GitLab
When resolving conflicts between active leases and host reservations, Kea 
relies on the client with the active lease to cooperate. When lease times are 
long, and the client...
gitlab.isc.org


From: Kea-users  on behalf of Darren Ankney 

Sent: Sunday, October 22, 2023 8:38 PM
To: kea-users@lists.isc.org 
Subject: Re: [Kea-users] Kea 2.4.0 and duplicate host reservations not working 
as documented

Hi Kevin,

I thought there was already an open or closed issue about this, but I
didn't find one...

Thank you,

Darren Ankney

On Sun, Oct 22, 2023 at 10:32 AM Kevin P. Fleming
 wrote:
>
> On Sun, Oct 22, 2023, at 10:17, Darren Ankney wrote:
> > It then goes on to print details about the existing lease.  You could
> > possibly use the flex-id hook to overcome this (in certain situations
> > where there is something else to use as the identifier such as
> > circuit-id).  Alternatively, you could use the API to delete the lease
> > for 192.168.88.192 soon after granting so that it is free for your
> > other interface.  However, this could lead to strangeness should the
> > original interface try to renew (because the lease will no longer be
> > found and renewal will fail).  If it's possible, it would be best to
> > assign a separate address for each interface on the system.
>
> Thanks, at least I understand why this is happening now.
>
> I've tried other ways to address this on the client side (trying to use a 
> stable DUID or CID to have Kea think it's the same client regardless of 
> interface), but that doesn't seem to work out well either.
>
> The primary problem I'm solving here is that this client makes a lot of 
> outbound SSH connections to other machines on the network, and in order to 
> speed these up SSH persistent control channels are used. If the client 
> attempts to re-establish one of these connections after its IP address has 
> changed, SSH will just hang for quite a long time. Clearly the SSH client 
> could handle this better, but having a stable IP address is a more 
> straightforward fix.
>
> If there's no ticket open as a feature request for Kea to provide a method 
> for the existing leases to be ignored when a new REQUEST comes in, I'll 
> happily create one.
> --
> ISC funds the development of this software with paid support subscriptions. 
> Contact us at https://www.isc.org/contact/ for more information.
>
> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>
> Kea-users mailing list
> Kea-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Kea-users Digest, Vol 112, Issue 24

2023-10-23 Thread Darren Ankney 
Hi,

> Perhaps there is a permission issue?  Depending how you installed, Kea
> may be running as an unprivileged user (such as _kea) who may not have
> access to the .csv file to read on startup.
>
> Thank you,
>
> Darren Ankney
>
> — Darren, you were correct on this.  However, you won’t figure the 
> permissions issue out on CentOS 7.  I spent at least a day trying to figure 
> this out as well as several other issues and/or possibly bugs on CentOS 7 and 
> then finally created an Ubuntu 20.04 VM and started trying to use Kea on 
> Ubuntu like I was attempting to do on CentOS.  Now we are working and I have 
> a lot more questions to ask the mailing list

On CentOS 7, it is probably more than simple permissions.  SELinux was
not as well behaved yet as it seems to be in RHEL 9.  You could try
temporarily disabling SELinux and see if that fixes it.  However, it
should be pointed out that CentOS 7 is no longer officially supported
by Kea (as of 2.4.0) and so it might be best to move on from it anyway
(it is very old and EOL I believe).

Thank you,

Darren Ankney
-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users