Re: [Kea-users] option 54

2018-05-11 Thread Marcin Siodelski 
Hi,

I recommend upgrading to Kea 1.3 (or 1.4 in a couple of weeks), which
already have this feature:

https://kea.isc.org/docs/kea-guide.html#dhcp4-serverid

Kind Regards,

Marcin Siodelski
ISC

On 11.05.2018 10:58, Itay Rozenberg wrote:
> 
> After the client gets the address from the dhcp server ,its renewing it 
> directly to kea, i need it to renew it via the relay
> 
> 
>  Original message 
> From: "Chaigneau, Nicolas" <nicolas.chaign...@capgemini.com>
> Date: 5/11/18 11:44 (GMT+02:00)
> To: itay cohen <icohen9...@gmail.com>, kea-users@lists.isc.org
> Subject: Re: [Kea-users] option 54
> 
> 
> Option 54 is set automatically by the server (to the IP address on which the 
> packet was received, I think).
> 
> It cannot be an arbitrary value, it is used by clients in DHCPREQUEST 
> messages. The server will ignore such messages with an option 54 that does 
> not match its configuration (even if they are unicast to him) because it 
> indicates that the client is trying to communicate with another server.
> 
> What are you trying to do exactly ?
> 
> 
> Regards,
> Nicolas.
> 
> De : Kea-users [mailto:kea-users-boun...@lists.isc.org] De la part de itay 
> cohen
> Envoyé : vendredi 11 mai 2018 02:35
> À : kea-users@lists.isc.org
> Objet : [Kea-users] option 54
> 
> hi all
> 
> i'm using kea-1.2.0
> 
> i'm trying to set
> "option-data": [
> { "name": "routers", "data": " 10.0.0.1"  },
>  { "name": "dhcp-server-identifier", "data": 
> "10.0.0.1"  }
>  ],
> now, when kea is trying to send the  packet back its being Dropped with this 
> message,
> [kea-dhcp4.bad-packets/19941] DHCP4_PACKET_DROP_0007 [hwtype=1 
> a8:11:fc:98:fe:dd], cid=[ff:fc:98:fe:dd:00:03:00:01:a8:11:fc:98:fe:dd], 
> tid=0x4a68f6e1: failed to process packet: Option 54 already present in this 
> message.
> 
> any thoughts ?
> 
> thank you,
> Itay
> 
> 
> 
> This message contains information that may be privileged or confidential and 
> is the property of the Capgemini Group. It is intended only for the person to 
> whom it is addressed. If you are not the intended recipient, you are not 
> authorized to read, print, retain, copy, disseminate, distribute, or use this 
> message or any part thereof. If you receive this message in error, please 
> notify the sender immediately and delete all copies of this message.
> 
> [Banner]<https://www.partner.co.il/partnerfiber?PartnerCampaignId=191088_source=Signature_medium=Banner_campaign=FiberApril18>
> Powered by U-BTech 
> XTRABANNER<http://www.u-btech.com/products/xtrabanner/poweredby>
> 
> Please do not enrich emails sent to 
> me<mailto:xban...@orange.co.il?subject=Please%20do%20not%20enrich%20emails%20sent%20to%20me%20%5BRemoval%20Code%3A%20DNE42%5D=Please%20do%20not%20enrich%20emails%20sent%20to%20me>
> 
> 
> This message contains information that may be confidential or privileged.
> If you are not the intended recipient, you may not use, copy or disclose
> to anyone any of the information in this message. If you have received
> this message and are not the intended recipient, kindly notify the sender
> and delete this message from your computer.
> 
> 
> 
> ___
> Kea-users mailing list
> Kea-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
> 

___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] option 54

2018-05-11 Thread Itay Rozenberg 

After the client gets the address from the dhcp server ,its renewing it 
directly to kea, i need it to renew it via the relay


 Original message 
From: "Chaigneau, Nicolas" <nicolas.chaign...@capgemini.com>
Date: 5/11/18 11:44 (GMT+02:00)
To: itay cohen <icohen9...@gmail.com>, kea-users@lists.isc.org
Subject: Re: [Kea-users] option 54


Option 54 is set automatically by the server (to the IP address on which the 
packet was received, I think).

It cannot be an arbitrary value, it is used by clients in DHCPREQUEST messages. 
The server will ignore such messages with an option 54 that does not match its 
configuration (even if they are unicast to him) because it indicates that the 
client is trying to communicate with another server.

What are you trying to do exactly ?


Regards,
Nicolas.

De : Kea-users [mailto:kea-users-boun...@lists.isc.org] De la part de itay cohen
Envoyé : vendredi 11 mai 2018 02:35
À : kea-users@lists.isc.org
Objet : [Kea-users] option 54

hi all

i'm using kea-1.2.0

i'm trying to set
"option-data": [
{ "name": "routers", "data": " 10.0.0.1"  },
 { "name": "dhcp-server-identifier", "data": 
"10.0.0.1"  }
 ],
now, when kea is trying to send the  packet back its being Dropped with this 
message,
[kea-dhcp4.bad-packets/19941] DHCP4_PACKET_DROP_0007 [hwtype=1 
a8:11:fc:98:fe:dd], cid=[ff:fc:98:fe:dd:00:03:00:01:a8:11:fc:98:fe:dd], 
tid=0x4a68f6e1: failed to process packet: Option 54 already present in this 
message.

any thoughts ?

thank you,
Itay



This message contains information that may be privileged or confidential and is 
the property of the Capgemini Group. It is intended only for the person to whom 
it is addressed. If you are not the intended recipient, you are not authorized 
to read, print, retain, copy, disseminate, distribute, or use this message or 
any part thereof. If you receive this message in error, please notify the 
sender immediately and delete all copies of this message.

[Banner]<https://www.partner.co.il/partnerfiber?PartnerCampaignId=191088_source=Signature_medium=Banner_campaign=FiberApril18>
Powered by U-BTech 
XTRABANNER<http://www.u-btech.com/products/xtrabanner/poweredby>

Please do not enrich emails sent to 
me<mailto:xban...@orange.co.il?subject=Please%20do%20not%20enrich%20emails%20sent%20to%20me%20%5BRemoval%20Code%3A%20DNE42%5D=Please%20do%20not%20enrich%20emails%20sent%20to%20me>


This message contains information that may be confidential or privileged.
If you are not the intended recipient, you may not use, copy or disclose
to anyone any of the information in this message. If you have received
this message and are not the intended recipient, kindly notify the sender
and delete this message from your computer.
___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] option 54

2018-05-11 Thread Chaigneau, Nicolas 

Option 54 is set automatically by the server (to the IP address on which the 
packet was received, I think).

It cannot be an arbitrary value, it is used by clients in DHCPREQUEST messages. 
The server will ignore such messages with an option 54 that does not match its 
configuration (even if they are unicast to him) because it indicates that the 
client is trying to communicate with another server.

What are you trying to do exactly ?


Regards,
Nicolas.

De : Kea-users [mailto:kea-users-boun...@lists.isc.org] De la part de itay cohen
Envoyé : vendredi 11 mai 2018 02:35
À : kea-users@lists.isc.org
Objet : [Kea-users] option 54

hi all

i'm using kea-1.2.0

i'm trying to set
"option-data": [
{ "name": "routers", "data": " 10.0.0.1"  },
 { "name": "dhcp-server-identifier", "data": 
"10.0.0.1"  }
 ],
now, when kea is trying to send the  packet back its being Dropped with this 
message,
[kea-dhcp4.bad-packets/19941] DHCP4_PACKET_DROP_0007 [hwtype=1 
a8:11:fc:98:fe:dd], cid=[ff:fc:98:fe:dd:00:03:00:01:a8:11:fc:98:fe:dd], 
tid=0x4a68f6e1: failed to process packet: Option 54 already present in this 
message.

any thoughts ?

thank you,
Itay



This message contains information that may be privileged or confidential and is 
the property of the Capgemini Group. It is intended only for the person to whom 
it is addressed. If you are not the intended recipient, you are not authorized 
to read, print, retain, copy, disseminate, distribute, or use this message or 
any part thereof. If you receive this message in error, please notify the 
sender immediately and delete all copies of this message.
___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] option 54 in subnet definition

2016-12-16 Thread Igor Smitran 

Ok, thanx.
Just wanted to be sure that i didn't misconfigured the server.
So far i have manage to bypass the problem by creating buffer_receive 
and pkt_send hooks.


pkt_send is changing server-id when sent to client (based on some 
conditions).
buffer_receive is changing it back to server private ip. Otherwise the 
packet would be dropped because of foreign identifier error.


Igor

On 12/16/2016 10:45 AM, Francis Dupont wrote:

We know the address given is server-identifier should get more control,
there are some tickets about this (and as far as I know no time to
deal with them soon...).

Regards

Francis Dupont 
Igor Smitran writes:

Hi list,

Did any of you tried to set custom server-identifier in a subnet?

In case you wonder why would one do that:

Server is in a private network, behind firewall. There is a dhcp relay
that forwards all requests to dhcp server.

But, when server leases a public ip to a cpe device then cpe device is
not able to renew it's lease because it is not able to send unicast
packet to dhcp server private ip.

Here comes ASA to rescue. There is a NAT on a public ip that forwards
all dhcp packets to private ip of dhcp server.

So, DHCP server needs to change his server-identifier in order to tell
the client that he can renew his lease by using public ip.

But, this doesn;t work, server still sends his private IP in option 54.

  {"subnet": "PUBLIC/26",
   "renew-timer": 300,
   "rebind-timer" : 525,
   "pools": [ { "pool": "FIRST_PUBLIC_IP - LAST_PUBLIC_IP" } ],
   "option-data" : [
   {
 "name" : "dhcp-server-identifier",
 "code" : 54,
 "space" : "dhcp4",
 "csv-format" : true,
 "data" : "PUBLIC_IP_ASA_NAT"
   },

...

___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users


___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users



___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] option 54 in subnet definition

2016-12-16 Thread Francis Dupont 
We know the address given is server-identifier should get more control,
there are some tickets about this (and as far as I know no time to
deal with them soon...).

Regards

Francis Dupont 
Igor Smitran writes:
> Hi list,
> 
> Did any of you tried to set custom server-identifier in a subnet?
> 
> In case you wonder why would one do that:
> 
> Server is in a private network, behind firewall. There is a dhcp relay 
> that forwards all requests to dhcp server.
> 
> But, when server leases a public ip to a cpe device then cpe device is 
> not able to renew it's lease because it is not able to send unicast 
> packet to dhcp server private ip.
> 
> Here comes ASA to rescue. There is a NAT on a public ip that forwards 
> all dhcp packets to private ip of dhcp server.
> 
> So, DHCP server needs to change his server-identifier in order to tell 
> the client that he can renew his lease by using public ip.
> 
> But, this doesn;t work, server still sends his private IP in option 54.
> 
>  {"subnet": "PUBLIC/26",
>   "renew-timer": 300,
>   "rebind-timer" : 525,
>   "pools": [ { "pool": "FIRST_PUBLIC_IP - LAST_PUBLIC_IP" } ],
>   "option-data" : [
>   {
> "name" : "dhcp-server-identifier",
> "code" : 54,
> "space" : "dhcp4",
> "csv-format" : true,
> "data" : "PUBLIC_IP_ASA_NAT"
>   },
> 
> ...
> 
> ___
> Kea-users mailing list
> Kea-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
> 
___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

[Kea-users] option 54 in subnet definition

2016-12-16 Thread Igor Smitran 

Hi list,

Did any of you tried to set custom server-identifier in a subnet?

In case you wonder why would one do that:

Server is in a private network, behind firewall. There is a dhcp relay 
that forwards all requests to dhcp server.


But, when server leases a public ip to a cpe device then cpe device is 
not able to renew it's lease because it is not able to send unicast 
packet to dhcp server private ip.


Here comes ASA to rescue. There is a NAT on a public ip that forwards 
all dhcp packets to private ip of dhcp server.


So, DHCP server needs to change his server-identifier in order to tell 
the client that he can renew his lease by using public ip.


But, this doesn;t work, server still sends his private IP in option 54.

{"subnet": "PUBLIC/26",
 "renew-timer": 300,
 "rebind-timer" : 525,
 "pools": [ { "pool": "FIRST_PUBLIC_IP - LAST_PUBLIC_IP" } ],
 "option-data" : [
 {
   "name" : "dhcp-server-identifier",
   "code" : 54,
   "space" : "dhcp4",
   "csv-format" : true,
   "data" : "PUBLIC_IP_ASA_NAT"
 },

...

___
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users