Re: [Kea-users] kea-dhcp4 1.4.0-P1 HA features

2018-09-18 Thread Itay Rozenberg 



 Original message 
From: Ivan Stenda 
Date: 9/18/18 14:02 (GMT+02:00)
To: mar...@isc.org
Cc: kea-users@lists.isc.org
Subject: Re: [Kea-users] kea-dhcp4 1.4.0-P1 HA features

Hello Marcin,

thank you for your support. I have been confused by docs, sample configs on ISC 
sites are different.
Here are timers in milliseconds:
https://ftp.isc.org/isc/kea/1.4.0-P1/kea-guide.html#high-availability-library
and here in seconds:
https://kea.isc.org/wiki/HADesign

So I adjusted timers this way:
"parameters": {
"high-availability": [ {
"this-server-name": "dhcp-11",
"mode": "load-balancing",
"heartbeat-delay": 2000,
"max-response-delay": 6000,
"max-ack-delay": 5000,
"max-unacked-clients": 0,

Up to client-class specification, with this configuration server did not sent 
any responses so I removed this part.

For subnet selector, it seems to selector work without this specification. I am 
using relay agents residing in the subnets so there is always option to find 
match.

regards
i


št 13. 9. 2018 o 15:31 Marcin Siodelski mailto:mar...@isc.org>> 
napísal(a):
Ivan,

Thanks for providing the log and config snippets. I have several
comments to share, but neither of them may definitively solve your issue.

Your heartbeat-delay and max-ack-delay are set to very low values. Note
that they are provided in milliseconds. This means that each server will
be constantly sending heartbeats to its partner and when the partner
doesn't respond to a heartbeat it won't wait long enough for it to
generate DHCP response before it assumes that it is down.

I realize that you might be doing it to simulate failure scenario where
the surviving server takes over the partner's traffic quickly and the
whole test is not stuck waiting for such transition. However, you may
consider re-running this test with significantly higher values of
heatbeat-delay to make sure that the server being in "partner-down"
state isn't hammered by the heartbeats it needs to generate. It
shouldn't be, but one never knows.

Secondly, your subnet contains two pools which are not assigned to any
of the HA servers (they lack "client-class" specification). Without this
specification both servers should be able to use both pools. However,
during the normal operation (load balancing) they may end up offering
the same address to two distinct clients and the race condition occurs.
Admittedly, this should not be the reason for the behavior you're
seeing, but I thought I make it clear.

Thirdly, the subnet configuration provided doesn't contain any subnet
selector. Such selector is typically an "interface" or "relay" parameter
specified at the subnet level. Let's take an "interface" as an example.
If you say "interface": "eth0" in the subnet configuration it means that
the server will assign that subnet for the DHCP traffic received on its
interface "eth0".

If the subnet selector is not provided the server will try matching
"some" address in the client's packet with available subnets. This can
be: ciaddr, giaddr, source ip address etc. However, if this client is
booting, none of those may be available and the server is unable to
select subnet for the client. As a result it will drop the query.

However, you say that the servers are responding to the clients before
simulating a failure on one of them. This would mean that the subnet is
selected correctly. However, perhaps the fact that both servers are
online is masking the issue that one of them as actually not responding?
Just a thought.

Did you try simulating a failure of the other server in the pair? I am
wondering if this is specific to the Kea instance.

Can you re-run the test with DEBUG logging enabled? We'd see if the
surviving server receives any packets and why it drops them.

Marcin

On 13.09.2018 14:09, Ivan Stenda wrote:
> Hello Marcin,
>
> what I see on working host is:
>
> 2018-09-13 13:52:53.079 WARN  [kea-dhcp4.ha-hooks/2558]
> HA_LEASE_UPDATE_COMMUNICATIONS_FAILED [hwtype=1 08:3e:5d:10:53:54],
> cid=[no info], tid=0x70b576d2: failed to communicate with dhcp-12
> (http://10.58.0.12:8080/): Connection refused
> 2018-09-13 13:52:53.789 WARN  [kea-dhcp4.ha-hooks/2558]
> HA_HEARTBEAT_COMMUNICATIONS_FAILED failed to send heartbeat to dhcp-12
> (http://10.58.0.12:8080/): Connection refused
> 2018-09-13 13:52:54.820 WARN  [kea-dhcp4.ha-hooks/2558]
> HA_HEARTBEAT_COMMUNICATIONS_FAILED failed to send heartbeat to dhcp-12
> (http://10.58.0.12:8080/): Connection refused
> 2018-09-13 13:52:55.957 WARN  [kea-dhcp4.ha-hooks/2558]
> HA_HEARTBEAT_COMMUNICATIONS_FAILED failed to send heartbeat to dhcp-12
> (http://10.58.0.12:8080/): Connection refused
> 2018-09-13 13:52:55.957 INFO  [kea-dhcp4.ha-hooks/2558]
> HA_STATE_TRANSITION server transitions from LOAD-BALANCING to
> PARTNER-DOWN state, partner state is UNDEFINED
> 2018-09-13 13:52:55.957 INFO

[Kea-users] Cant "make" the master version with radius hook

2018-09-14 Thread Itay Rozenberg 
Hi guys
I'm getting this error when trying to compile the "master" version:
make[8]: Entering directory 
`/root/install/kea/kea-1.5.0b-git/premium/src/hooks/dhcp/radius'
  CXX  libradius_la-radius.lo
radius.cc: In member function 'void 
isc::radius::RadiusImpl::init(isc::data::ElementPtr&)':
radius.cc:143:43: error: 'DatabaseConnection' does not name a type
 auto radiusFactory = [this](const DatabaseConnection::ParameterMap&) {
   ^
radius.cc:145:9: error: ISO C++ forbids declaration of 'parameter' with no type 
[-fpermissive]
 };
 ^
radius.cc:145:10: error: expected ')' before ';' token
 };
  ^
radius.cc: In lambda function:
radius.cc:145:10: error: expected '{' before ';' token
In file included from 
/usr/local/include/boost/function/detail/maybe_include.hpp:18:0,
 from 
/usr/local/include/boost/function/detail/function_iterate.hpp:14,
 from 
/usr/local/include/boost/preprocessor/iteration/detail/iter/forward1.hpp:52,
 from /usr/local/include/boost/function.hpp:64,
 from ../../../../../src/lib/database/database_connection.h:11,
 from ../../../../../src/lib/dhcpsrv/host_mgr.h:10,
 from radius.cc:6:
/usr/local/include/boost/function/function_template.hpp: In instantiation of 
'static R boost::detail::function::function_obj_invoker1::invoke(boost::detail::function::function_buffer&, T0) [with FunctionObj = 
isc::radius::RadiusImpl::init(isc::data::ElementPtr&)::__lambda0; R = 
boost::shared_ptr; T0 = const 
std::map, std::basic_string >&]':
/usr/local/include/boost/function/function_template.hpp:925:38:   required from 
'void boost::function1::assign_to(Functor) [with Functor = 
isc::radius::RadiusImpl::init(isc::data::ElementPtr&)::__lambda0; R = 
boost::shared_ptr; T0 = const 
std::map, std::basic_string >&]'
/usr/local/include/boost/function/function_template.hpp:716:7:   required from 
'boost::function1::function1(Functor, typename boost::enable_if_c<(! 
boost::is_integral::value), int>::type) [with Functor = 
isc::radius::RadiusImpl::init(isc::data::ElementPtr&)::__lambda0; R = 
boost::shared_ptr; T0 = const 
std::map, std::basic_string >&; typename 
boost::enable_if_c<(! boost::is_integral::value), int>::type = int]'
/usr/local/include/boost/function/function_template.hpp:1061:16:   required 
from 'boost::function::function(Functor, typename boost::enable_if_c<(! 
boost::is_integral::value), int>::type) [with Functor = 
isc::radius::RadiusImpl::init(isc::data::ElementPtr&)::__lambda0; R = 
boost::shared_ptr; T0 = const 
std::map, std::basic_string >&; typename 
boost::enable_if_c<(! boost::is_integral::value), int>::type = int]'
radius.cc:146:71:   required from here
/usr/local/include/boost/function/function_template.hpp:138:42: error: no match 
for call to '(isc::radius::RadiusImpl::init(isc::data::ElementPtr&)::__lambda0) 
(const std::map, std::basic_string >&)'
   return (*f)(BOOST_FUNCTION_ARGS);
  ^
radius.cc:143:35: note: candidate is:
 auto radiusFactory = [this](const DatabaseConnection::ParameterMap&) {
   ^
radius.cc:145:10: note: 
isc::radius::RadiusImpl::init(isc::data::ElementPtr&)::__lambda0
 };
  ^
radius.cc:145:10: note:   no known conversion for argument 1 from 'const 
std::map, std::basic_string >' to 'int'
In file included from radius.cc:11:0:
./radius_log.h: At global scope:
./radius_log.h:25:11: warning: 'isc::radius::RADIUS_DBG_TRACE' defined but not 
used [-Wunused-variable]
const int RADIUS_DBG_TRACE = isc::log::DBGLVL_TRACE_BASIC;
   ^
make[8]: *** [libradius_la-radius.lo] Error 1
make[8]: Leaving directory 
`/root/install/kea/kea-1.5.0b-git/premium/src/hooks/dhcp/radius'
make[7]: *** [all-recursive] Error 1
make[7]: Leaving directory 
`/root/install/kea/kea-1.5.0b-git/premium/src/hooks/dhcp/radius'
make[6]: *** [all] Error 2
make[6]: Leaving directory 
`/root/install/kea/kea-1.5.0b-git/premium/src/hooks/dhcp/radius'
make[5]: *** [all-recursive] Error 1
make[5]: Leaving directory 
`/root/install/kea/kea-1.5.0b-git/premium/src/hooks/dhcp'
make[4]: *** [all-recursive] Error 1
make[4]: Leaving directory `/root/install/kea/kea-1.5.0b-git/premium/src/hooks'
make[3]: *** [all-recursive] Error 1
make[3]: Leaving directory `/root/install/kea/kea-1.5.0b-git/premium/src'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/root/install/kea/kea-1.5.0b-git/premium'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/root/install/kea/kea-1.5.0b-git'
make: *** [all] Error 2

thank you
itay

[Banner]
Powered by U-BTech 
XTRABANNER

Please do not enrich emails sent to

[Kea-users] Radius - ip reservation

2018-07-13 Thread Itay Rozenberg 

Hi all
Did some one managed to get it working ?

I keep getting the IP address from the dynamic pool and not the ip I reserved


Itay,



Sent from my Samsung Galaxy smartphone.

[Banner]
Powered by U‑BTech 
XTRABANNER

Please do not enrich emails sent to 
me


[Banner]
Powered by U‑BTech 
XTRABANNER

Please do not enrich emails sent to 
me




This message contains information that may be confidential or privileged.
If you are not the intended recipient, you may not use, copy or disclose
to anyone any of the information in this message. If you have received
this message and are not the intended recipient, kindly notify the sender
and delete this message from your computer.
___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] option 54

2018-05-11 Thread Itay Rozenberg 

After the client gets the address from the dhcp server ,its renewing it 
directly to kea, i need it to renew it via the relay


 Original message 
From: "Chaigneau, Nicolas" 
Date: 5/11/18 11:44 (GMT+02:00)
To: itay cohen , kea-users@lists.isc.org
Subject: Re: [Kea-users] option 54


Option 54 is set automatically by the server (to the IP address on which the 
packet was received, I think).

It cannot be an arbitrary value, it is used by clients in DHCPREQUEST messages. 
The server will ignore such messages with an option 54 that does not match its 
configuration (even if they are unicast to him) because it indicates that the 
client is trying to communicate with another server.

What are you trying to do exactly ?


Regards,
Nicolas.

De : Kea-users [mailto:kea-users-boun...@lists.isc.org] De la part de itay cohen
Envoyé : vendredi 11 mai 2018 02:35
À : kea-users@lists.isc.org
Objet : [Kea-users] option 54

hi all

i'm using kea-1.2.0

i'm trying to set
"option-data": [
{ "name": "routers", "data": " 10.0.0.1"  },
 { "name": "dhcp-server-identifier", "data": 
"10.0.0.1"  }
 ],
now, when kea is trying to send the  packet back its being Dropped with this 
message,
[kea-dhcp4.bad-packets/19941] DHCP4_PACKET_DROP_0007 [hwtype=1 
a8:11:fc:98:fe:dd], cid=[ff:fc:98:fe:dd:00:03:00:01:a8:11:fc:98:fe:dd], 
tid=0x4a68f6e1: failed to process packet: Option 54 already present in this 
message.

any thoughts ?

thank you,
Itay



This message contains information that may be privileged or confidential and is 
the property of the Capgemini Group. It is intended only for the person to whom 
it is addressed. If you are not the intended recipient, you are not authorized 
to read, print, retain, copy, disseminate, distribute, or use this message or 
any part thereof. If you receive this message in error, please notify the 
sender immediately and delete all copies of this message.

[Banner]
Powered by U-BTech 
XTRABANNER

Please do not enrich emails sent to 
me


This message contains information that may be confidential or privileged.
If you are not the intended recipient, you may not use, copy or disclose
to anyone any of the information in this message. If you have received
this message and are not the intended recipient, kindly notify the sender
and delete this message from your computer.
___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

[Kea-users] skip timed out requests

2017-08-17 Thread Itay Rozenberg 

Hello list

Does someone know a way telling kea to skip requests that are waiting in the  
queue more then X seconds ?

Thank you
Itay,


[Banner]
Powered by U-BTech 
XTRABANNER

Please do not enrich emails sent to 
me


This message contains information that may be confidential or privileged.
If you are not the intended recipient, you may not use, copy or disclose
to anyone any of the information in this message. If you have received
this message and are not the intended recipient, kindly notify the sender
and delete this message from your computer.
___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Parsing Option 82

2017-07-04 Thread Itay Rozenberg 
For the other one (remote_id) use getOption(RAI_OPTION_AGENT_REMOTE_ID).


From: Kea-users [mailto:kea-users-boun...@lists.isc.org] On Behalf Of Itay 
Rozenberg
Sent: Tuesday, July 4, 2017 5:23 PM
To: 'Gokulakrishnan Gopalakrishnan'
Cc: 'kea-users@lists.isc.org'
Subject: Re: [Kea-users] Parsing Option 82


Greetings


Type 001 – circuit_id - hex, you need to convert it to ascii. (try it on this 
web site: http://www.rapidtables.com/convert/number/hex-to-ascii.htm )
Type 002 – remote_id - Mac address
Each of them can be hex or mac address.

Try this:
std::string hexToAscii(std::string c) {
int length = c.length();
std::string newString;
for (int i = 0; i < length; i+=2) {
std::string byte = c.substr(i, 2);
char chr = (char)(int)strtol(byte.c_str(), NULL, 16);
newString.push_back(chr);
}
return newString;
}



OptionPtr rai = query4_ptr->getOption(DHO_DHCP_AGENT_OPTIONS);
if (rai) {
OptionPtr circuit_id_opt = 
rai->getOption(RAI_OPTION_AGENT_CIRCUIT_ID);
if (circuit_id_opt) {
string cid = 
hexToAscii(circuit_id_opt->toHexString().substr(2));
}
}

For the other one (remote_id) use getOption(RAI_OPTION_AGENT_CIRCUIT_ID).

itay

From: Kea-users [mailto:kea-users-boun...@lists.isc.org] On Behalf Of 
Gokulakrishnan Gopalakrishnan
Sent: Tuesday, July 4, 2017 2:20 PM
To: kea-users@lists.isc.org<mailto:kea-users@lists.isc.org>
Subject: [Kea-users] Parsing Option 82

I'm trying to print and parse Option 82 but I couldn't understand the format in 
which it is received. My 'option->toText()' print this
type=082, len=024:,
options:
  type=001, len=014: 01:0c:45:74:68:65:72:6e:65:74:31:2f:32:39
  type=002, len=006: 04:62:73:56:13:bc

Can someone help me to understand this value?

Thanks,
Gokul

[Banner]<https://www.partner.co.il/partnertvfa>
Powered by U‑BTech 
XTRABANNER<http://www.u-btech.com/products/xtrabanner/poweredby>

Please do not enrich emails sent to 
me<mailto:xban...@orange.co.il?subject=Please%20do%20not%20enrich%20emails%20sent%20to%20me%20%5BRemoval%20Code%3A%20DNE42%5D=Please%20do%20not%20enrich%20emails%20sent%20to%20me>



This message contains information that may be confidential or privileged.
If you are not the intended recipient, you may not use, copy or disclose
to anyone any of the information in this message. If you have received
this message and are not the intended recipient, kindly notify the sender
and delete this message from your computer.

This message contains information that may be confidential or privileged.
If you are not the intended recipient, you may not use, copy or disclose
to anyone any of the information in this message. If you have received
this message and are not the intended recipient, kindly notify the sender
and delete this message from your computer.
___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] Parsing Option 82

2017-07-04 Thread Itay Rozenberg 

Greetings


Type 001 – circuit_id - hex, you need to convert it to ascii. (try it on this 
web site: http://www.rapidtables.com/convert/number/hex-to-ascii.htm )
Type 002 – remote_id - Mac address
Each of them can be hex or mac address.

Try this:
std::string hexToAscii(std::string c) {
int length = c.length();
std::string newString;
for (int i = 0; i < length; i+=2) {
std::string byte = c.substr(i, 2);
char chr = (char)(int)strtol(byte.c_str(), NULL, 16);
newString.push_back(chr);
}
return newString;
}



OptionPtr rai = query4_ptr->getOption(DHO_DHCP_AGENT_OPTIONS);
if (rai) {
OptionPtr circuit_id_opt = 
rai->getOption(RAI_OPTION_AGENT_CIRCUIT_ID);
if (circuit_id_opt) {
string cid = 
hexToAscii(circuit_id_opt->toHexString().substr(2));
}
}

For the other one (remote_id) use getOption(RAI_OPTION_AGENT_CIRCUIT_ID).

itay

From: Kea-users [mailto:kea-users-boun...@lists.isc.org] On Behalf Of 
Gokulakrishnan Gopalakrishnan
Sent: Tuesday, July 4, 2017 2:20 PM
To: kea-users@lists.isc.org
Subject: [Kea-users] Parsing Option 82

I'm trying to print and parse Option 82 but I couldn't understand the format in 
which it is received. My 'option->toText()' print this
type=082, len=024:,
options:
  type=001, len=014: 01:0c:45:74:68:65:72:6e:65:74:31:2f:32:39
  type=002, len=006: 04:62:73:56:13:bc

Can someone help me to understand this value?

Thanks,
Gokul

[Banner]
Powered by U‑BTech 
XTRABANNER

Please do not enrich emails sent to 
me


This message contains information that may be confidential or privileged.
If you are not the intended recipient, you may not use, copy or disclose
to anyone any of the information in this message. If you have received
this message and are not the intended recipient, kindly notify the sender
and delete this message from your computer.
___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users