[Kea-users] New user, trying to use ip-reservations-unique feature

2022-01-29 Thread Kevin P. Fleming
Hello there! I've just deployed Kea 2.0.1 (using the ISC packages) on a pair of machines in my network to provide HA DHCP4/DHCP6 services (replacing the ISC DHCPd-based service in my layer 3 switches, which don't provide sufficient functionality for my needs). I've got the daemons running and HA m

Re: [Kea-users] New user, trying to use ip-reservations-unique feature

2022-01-31 Thread Kevin P. Fleming
2022 at 9:46 AM Kevin P. Fleming wrote: > > Hello there! I've just deployed Kea 2.0.1 (using the ISC packages) on > a pair of machines in my network to provide HA DHCP4/DHCP6 services > (replacing the ISC DHCPd-based service in my layer 3 switches, which > don't provide su

Re: [Kea-users] problems enabling HA Hot-Standby setup (OPEN)

2022-03-22 Thread Kevin P. Fleming
Also note that the Kea 'control agent' is the one that listens on port 8000, not the DHCP4/DHCP6 server processes. Ensure that it is also running and configured properly. On Tue, Mar 22, 2022 at 9:07 AM Dan Oachs wrote: > > That looks very similar to my setup which is working. Are you sure the k

Re: [Kea-users] Fwd: NTP servers?

2022-04-18 Thread Kevin P. Fleming
On Mon, Apr 18, 2022 at 9:13 AM Omar Othman wrote: > > Hi all, > > Our company does PXE over HTTPS, and every time the server tries to PXE boot > while having a bad time; things fail because of the SSL handshake (of > course). I have to mount a rescue image, adjust the time, and only then would

Re: [Kea-users] JSON hiding user and password to dB...

2022-04-20 Thread Kevin P. Fleming
On Wed, Apr 20, 2022 at 11:43 AM John Gammon wrote: > Good morning, all. > > I am curious if there is a method to hide the uid and pwd of the user > accessing the database as noted within the kea-dhcp4.conf file? I am > concerning that this remain protected on our network. > > > In general, no,

Re: [Kea-users] Error message while loading....

2022-04-26 Thread Kevin P. Fleming
You will likely need to check /etc/ld.so.conf.d/* to ensure that /usr/local/lib is in the default search path for the dynamic linker. Not really related to Kea, just an issue whenever you install shared libraries into /usr/local. On Tue, Apr 26, 2022 at 11:55 AM John Gammon wrote: > Good morning

Re: [Kea-users] Kea is tacking on an extra option 12 in DHCP offer message

2022-06-07 Thread Kevin P. Fleming
On Tue, Jun 7, 2022 at 3:15 PM Erik Edwards via Kea-users wrote: > > I second this. I have several network switches that choke on the returned > option. This appears to be RFC-compliant behavior on Kea's part, based on section 3 of RFC 6842: https://www.rfc-editor.org/rfc/rfc6842. -- ISC funds

Re: [Kea-users] Kea is tacking on an extra option 12 in DHCP offer message

2022-07-06 Thread Kevin P. Fleming
On Wed, Jul 6, 2022 at 11:08 AM Erik Edwards via Kea-users wrote: > > My comment is about being able to turn off certain responses that are > included by default. Even if the RFC says they should/must/may be > returned, I still have devices with broken dhcp clients where I have to > make accommoda

Re: [Kea-users] KEA 2.2.0 fails with reservations-lookup-first option

2022-08-30 Thread Kevin P. Fleming
On Tue, Aug 30, 2022 at 1:28 PM Caciano dos Santos Machado wrote: > > Hi, > > > Is "reservations-lookup-first" still a valid option? According to the documentation it is supported in Kea 2.2.0. > > > I am trying to start KEA 2.2.0 with this option set to true. > > I receive the following error w

Re: [Kea-users] yet another question about multiple subnets %)

2022-11-11 Thread Kevin P. Fleming
I am fairly certain that what you want to do is not possible. A client which receives multiple DHCP OFFER will choose one and complete the operation, and ignore the rest. It won't track all of them and obtain multiple addresses. - Original message - From: 3 To: kea-users@lists.isc.org S

Re: [Kea-users] yet another question about multiple subnets %)

2022-11-11 Thread Kevin P. Fleming
On Fri, Nov 11, 2022, at 08:58, 3 wrote: >> I am fairly certain that what you want to do is not possible. A client which >> receives multiple DHCP OFFER will choose one and complete the operation, and >> ignore the rest. It won't track all of them and obtain multiple addresses. > > there doesn't

Re: [Kea-users] HA with kea-dhcp4: beginner questions

2022-11-23 Thread Kevin P. Fleming
On Wed, Nov 23, 2022, at 06:08, Stefan G. Weichinger wrote: > I browsed the logs etc (could it be that kea logs in UTC and not in my > local timezone?). Everything quiet in there until the boxes were > unplugged, so no error visible until that manual intervention. Also consider that your network

Re: [Kea-users] ipv6 prefix delegation

2022-11-29 Thread Kevin P. Fleming
On Tue, Nov 29, 2022, at 19:28, Alan Batie wrote: > I'm trying to setup a kea server to replace our isc-dhcp server and used > the keama tool to generate a config file. In the ipv6 config, it > silently commented out all the prefix delegation sections: > > "pd-pools": [ > //{ > /

Re: [Kea-users] Load-Balancing Network issue between Relay and Kea

2023-01-04 Thread Kevin P. Fleming
On Wed, Jan 4, 2023, at 13:07, Francis Dupont wrote: > I leave details to our HA expert but it seems your setup requires an active > load-balancer: > - the path between clients and the first server is broken so this server >does not receive queries or clients do not receive responses > - the

Re: [Kea-users] Load-Balancing Network issue between Relay and Kea

2023-01-04 Thread Kevin P. Fleming
On Wed, Jan 4, 2023, at 15:54, Simon wrote: > Kevin P. Fleming wrote: > >> If 'max-unacked-clients' isn't sufficient to address this, then this leaves >> a fairly large opening in the Kea high-availability story, as any network >> disruption which causes

Re: [Kea-users] Load-Balancing Network issue between Relay and Kea

2023-01-05 Thread Kevin P. Fleming
On Thu, Jan 5, 2023, at 12:16, Frey, Rick E via Kea-users wrote: > > Example: > server1 not receiving DHCP requests from clients but is communicating with > server2. server2 is receiving DHCP requests from all clients but ignoring > some requests due to client should be serviced by server1 (vi

Re: [Kea-users] Load-Balancing Network issue between Relay and Kea

2023-01-09 Thread Kevin P. Fleming
On Mon, Jan 9, 2023, at 11:54, Veronique Lefebure wrote: > Very interesting thread. > > Mathias, you wrote "Expected behaviour: Kea 2 sees the unacked clients of Kea > 1 and sets Kea 1 in partner-down state and handles all requests.", but, If > there is no traffic between DHCP clients and Kea1,

Re: [Kea-users] Load-Balancing Network issue between Relay and Kea

2023-01-11 Thread Kevin P. Fleming
On Tue, Jan 10, 2023, at 02:34, Marcin Siodelski wrote: > For every client who sends a DHCPDISCOVER or DHCPREBIND to the partner > server and (finally) sets the "secs" field value greater than > "max-ack-delay", the other server bumps up its internal counter or > unacked clients. Again, it only

Re: [Kea-users] Load-Balancing Network issue between Relay and Kea

2023-01-11 Thread Kevin P. Fleming
On Wed, Jan 11, 2023, at 06:58, Kevin P. Fleming wrote: >> It would be useful if you could please open tickets in Gitlab to >> describe your failover scenarios and the desired behavior. Please >> disregard it if you have already opened them. > > I'll do that now an

Re: [Kea-users] IPV6 client gets the wrong IP for sometime after a reboot

2023-01-17 Thread Kevin P. Fleming
On Tue, Jan 17, 2023, at 04:54, Veronique Lefebure wrote: > Hi, > > I have observed that an IPV6 client gets the wrong IP when it reboots. > See detailed logs below. > The problem seems to be due to the fact the DUID of the client changes after > reboot. > Anyone else has observed the same ? > Ho

Re: [Kea-users] Using DHCP Relays

2023-01-20 Thread Kevin P. Fleming
On Fri, Jan 20, 2023, at 03:17, Stefan G. Weichinger wrote: > What I don't yet understand: how to assign requests coming from VLAN X > to the matching subnet X on Kea? > > I read something around "circuit ID" and "agent ID" here: > > https://docs.netgate.com/pfsense/en/latest/services/dhcp/relay.h

Re: [Kea-users] Kea 2.3.3 Initial Install with PostgreSQL on Proxmox CT Ubuntu 22.04

2023-01-25 Thread Kevin P. Fleming
On Wed, Jan 25, 2023, at 11:55, t...@chaoticreality.com wrote: > *Add repo for CloudSmith* >>curl-1sLf\ > 'https://dl.cloudsmith.io/public/isc/kea-2-3/setup.deb.sh'\ |sudo-Ebash > Given your stated 'newness' to all of this, I'd encourage you to use the Kea 2.2.x stable releases and

Re: [Kea-users] Kea 2.3.3 Initial Install with PostgreSQL on Proxmox CT Ubuntu 22.04

2023-01-25 Thread Kevin P. Fleming
On Wed, Jan 25, 2023, at 13:10, Aaron Jestrab wrote: > Interesting, I took the information I was reviewing to mean 2.3.4 was the > current experimental-development release and 2.3.3 was stable for the 2.3.x > version. I did not realize anything in 2.3.x is currently considered > development / un

Re: [Kea-users] DHCPv4 Conflict resolution on MAC change

2023-01-27 Thread Kevin P. Fleming
On Fri, Jan 27, 2023, at 14:58, Simon wrote: > GIRSTMAIR Tobias via Kea-users wrote: > >> As a workaround, an operator could manually delete the lease with kea- >> shell (or its underlying api), but that does not scale to our size. > > In what way doesn’t size ? > > Your problem isn’t new - it’s s

Re: [Kea-users] Problem during running DHCP server on VLAN interface

2023-01-29 Thread Kevin P. Fleming
On Sat, Jan 28, 2023, at 14:08, Darren Ankney wrote: > I’m not sure if you can listen directly on a VLAN. I don’t seem to > find the word VLAN in the ARM > (https://kea.readthedocs.io/en/kea-2.2.0/). You certainly can, that's how my system is configured. Kea just needs the interface name, an

Re: [Kea-users] CIDR or range notation in relay lists when using shared-networks?

2023-02-24 Thread Kevin P. Fleming
On Fri, Feb 24, 2023, at 07:11, Klaus Steden wrote: > > Correct, I am currently listing all relay IPs individually. It seems to be > the case that by using the shared-network parameter and defining my DHCP > pools within that context that I only have to include the list of relays > once, and th

[Kea-users] Source packages on Cloudsmith

2023-03-07 Thread Kevin P. Fleming
I'm building some new machines to replace my existing Kea DHCP servers, and the new machines are arm64 instead of amd64. Unfortunately there are no arm64 Debian packages published in the ISC Cloudsmith repositories. I can easily build my own binary packages if the Debian source packages are mad

Re: [Kea-users] Use of include statement doesn't seem to work (INTERNAL)

2023-03-14 Thread Kevin P. Fleming
On Tue, Mar 14, 2023, at 08:45, Weisteen Per wrote: > Running kea-dhcp4 -t /etc/kea/kea-dhcp4.conf returns no errors but > trying to start kea-dhcp4 fails using systemctl. Unfortunately 'fails' isn't something people can help troubleshoot... When this happens, grab the output of 'systemctl stat

[Kea-users] IPv6 subnet selection - no automatic selection possible?

2023-03-15 Thread Kevin P. Fleming
I recently redeployed Kea 2.2.0 in my network; previously it was behind a router providing relay services, but now it is directly connected to the subnets it serves. It is running on Linux, kernel is 6.1.. In the new configuration it has four interfaces enabled, and four subnets (one per interf

[Kea-users] Kea DHCPv4 with redundant routing - design review

2023-03-21 Thread Kevin P. Fleming
(Note: This message is a bit long, apologies for that but it's important to include all of the details. Also none of this applies to DHCPv6, since it uses only link-local and multicast addresses.) I've had Kea deployed for some time, in HA load-balancing mode, and it's been working well. The Ke

Re: [Kea-users] Kea-DHCP HA

2023-03-30 Thread Kevin P. Fleming
On Thu, Mar 30, 2023, at 08:02, Kraishak Mahtha wrote: > Hi all, > I have recently started exploring kea-dhcp4 ha, I have a doubt can we > configure the kea -HA without using kea-control agent ? > Have you read the HA section of the Kea ARM? It details exactly how to do that. The section name

Re: [Kea-users] Kea-DHCP HA

2023-04-03 Thread Kevin P. Fleming
On Mon, Apr 3, 2023, at 03:12, Kraishak Mahtha wrote: > Hi, > > While I am checking for the failover section in the kea guide under the > section > > https://kea.readthedocs.io/en/kea-2.2.0/arm/hooks.html?highlight=trust-anchor#https-support > it says > > The three parameters must be either al

Re: [Kea-users] Expected/documented behavior for updating kea config via api and removing the generated "id"

2023-04-17 Thread Kevin P. Fleming
On Mon, Apr 17, 2023, at 15:55, Nathan Neulinger wrote: > Alternative question - can I explicitly provide an id? If so, what is the > allowable range/requirements for the values? > > Details are in the Kea ARM: https://kea.readthedocs.io/en/latest/arm/dhcp4-srv.html#ipv4-subnet-identifier --

Re: [Kea-users] kea-dhcp failover not working

2023-04-18 Thread Kevin P. Fleming
On Tue, Apr 18, 2023, at 12:26, Kraishak Mahtha wrote: > Hi, > I am trying to configure the kea-DHCP failover. > Initially, I ran two DHCP servers as two separate standalone and tested the > DHCP leases. It is working fine but when I add that to the failover type it > is not working. unable to

Re: [Kea-users] kea 2.0.3 dhcp4 HA not working

2023-04-20 Thread Kevin P. Fleming
> I will definitely read through the docs on this. And I know this next > question may be a bit difficult/subjective perhaps to answer - but my > use case is my home network with fairly long leases. It’s also on the > “quiet” side. This obviously isn’t the load/rps of say a college > campus,

Re: [Kea-users] Dropping the packets in load balancing

2023-05-18 Thread Kevin P. Fleming
On Thu, May 18, 2023, at 06:18, Kraishak Mahtha wrote: > > I don't know how this hashing algorithm decides that a peer need to grant a > lease but for the same combination of mac address previously I got leases > from the same server when they are both live, So basically > HA_COMMUNICATION_INTE

Re: [Kea-users] How do I list current IPv4 leases? (INTERNAL)

2023-06-06 Thread Kevin P. Fleming
On Tue, Jun 6, 2023, at 07:28, Weisteen Per wrote: > Hi I'm replying even though this was apparently an "INTERNAL" message :-) > > Simple question, how do I get a list of all current leases when using > memfile as database backend? Regardless of the backend, the 'lease_cmds' hook library is wha

Re: [Kea-users] kea 2.2.0 - responding twice to broadcast requests

2023-06-10 Thread Kevin P. Fleming
On Fri, Jun 9, 2023, at 21:43, vom513 wrote: > Is there some knob that can be turned to pare this down to just the > actual interface in the config ? Or did I stumble on a bug ? Indeed, it's in the "Interface Configuration" section of the Kea ARM: https://kea.readthedocs.io/en/kea-2.2.0/arm/dhc

Re: [Kea-users] max-unacked-clients definition

2023-06-22 Thread Kevin P. Fleming
On Thu, Jun 22, 2023, at 10:42, Kraishak Mahtha wrote: > I thought if the client sends a request and the server is unable to grant a > lease then it can consider an unacked client but here when the client is > sending the request to the stand-by server then we are seeing in the log as > > 2023-

Re: [Kea-users] max-unacked-clients definition

2023-06-22 Thread Kevin P. Fleming
On Thu, Jun 22, 2023, at 11:52, Kraishak Mahtha wrote: > Hi Kevin, > Thanks for the explanation. But in a few trials, the clients crossed more > than 10 seconds but still, I don't see a change and getting an > acknowledgment or server getting updated partner-down, > > I am attaching one of the

Re: [Kea-users] max-unacked-clients definition

2023-06-22 Thread Kevin P. Fleming
On Thu, Jun 22, 2023, at 13:58, Frey, Rick E wrote: > The server needs to see its partner down before it will consider requests as > un-acked and begin responding such requests. If your standby server does not > see the other server as partner-down, the requests are not tracked as > un-acked ev

Re: [Kea-users] max-unacked-clients definition

2023-06-23 Thread Kevin P. Fleming
On Fri, Jun 23, 2023, at 06:16, Kraishak Mahtha wrote: > And also one last question, is it suggested to go with un-acked-clients value > as zero both in hot-stand-by mode and load balance mode? As has been mentioned before, please read the Kea ARM carefully and thoroughly, especially the HA hook

Re: [Kea-users] Testing the kea-failover peer with muti threading and TLS support

2023-06-28 Thread Kevin P. Fleming
On Wed, Jun 28, 2023, at 07:44, Kraishak Mahtha wrote: > Hi Darren, > > I am deploying at my lab currently but, when we get more familiar we will > proceed with production. I tried yes even with 2.3.8 and I am facing an > issue, I thought it could be because of my certificates, and when I am

Re: [Kea-users] conflict reservation

2023-08-01 Thread Kevin P. Fleming
Leases can be removed using the API via kea-shell. No need to edit the file or shutdown any servers. On Tue, Aug 1, 2023, at 10:03, DDFR | Ronald Blaas wrote: > Hi all, > > I need some explaining or perhaps a solution 🙂 > > Our config has lots of host reservations based on circuit-id. > This i

Re: [Kea-users] KEA DHCPv6 Server and PD

2023-08-04 Thread Kevin P. Fleming
On Fri, Aug 4, 2023, at 11:17, Meinhard Schneider wrote: > I would be very grateful for any help: > 1. why doesn't each interface get its own subnet /64? This is under the control of the DHCPv6 client; it has to request the number of delegated prefixes it wishes to use, and then assign them to i

Re: [Kea-users] Kea HA- configuration sync

2023-09-04 Thread Kevin P. Fleming
On Mon, Sep 4, 2023, at 04:58, Ahiya Zadok wrote: > Hi all > > I've set up two kea servers in a HA load-balancing mode in my lab. > I'm using CSV as a mem file. > It seems to work correctly, and the leases are synchronized. > I noticed that the configuration isn't synchronized between the HA peer

[Kea-users] ARM port suggestions for HA+MT mode when Kea is serving both V4 and V6

2023-09-25 Thread Kevin P. Fleming
In the before times, when HA was typically deployed using communication through the Control Agent, the 'url' specified in the HA section of the DHCP4 and DHCP6 configs for any given peer could be the same, because that peer was only running one instance of the Control Agent. In the new world, w

Re: [Kea-users] Stork for RedHat/Rocky 9?

2023-09-28 Thread Kevin P. Fleming
Might be good to post this on the stork-users list instead of the kea-users list :-) On Thu, Sep 28, 2023, at 20:10, Scott Rakow wrote: > In wanting to install and test the latest version of Stork, the RPM's look to > only be for RedHat/Rocky 8. Will the next version include a build that will >

[Kea-users] Kea 2.4.0 and duplicate host reservations not working as documented

2023-10-22 Thread Kevin P. Fleming
I've got this in my config file for the DHCPv4 server (using Kea 2.4.0: "Dhcp4": { "authoritative": true, "valid-lifetime": 86400, "reservations-global": false, "reservations-in-subnet": true, "reservations-out-of-pool": true, "ip-reservations-unique": false, ... "sub

Re: [Kea-users] Kea 2.4.0 and duplicate host reservations not working as documented

2023-10-22 Thread Kevin P. Fleming
On Sun, Oct 22, 2023, at 10:17, Darren Ankney wrote: > It then goes on to print details about the existing lease. You could > possibly use the flex-id hook to overcome this (in certain situations > where there is something else to use as the identifier such as > circuit-id). Alternatively, you co

Re: [Kea-users] Kea 2.4.0 and duplicate host reservations not working as documented

2023-10-23 Thread Kevin P. Fleming
On Mon, Oct 23, 2023, at 08:28, Veronique Lefebure wrote: > Maybe https://gitlab.isc.org/isc-projects/kea/-/issues/2796 ? > "naive" (dhcpd, microsoft style) conflict resolution (immediately reassign > lease to reserved host) (#2796) · Issues

Re: [Kea-users] a few questions from a Kea newbie

2023-11-13 Thread Kevin P. Fleming
1) No, it is not necessary to use a database in order to use reservations. 2) Unfortunately this is not currently possible unless you can ensure that the host releases its lease before switching interfaces. I have discussed this in a number of threads on this list and there is an open issue for

Re: [Kea-users] a few questions from a Kea newbie

2023-11-14 Thread Kevin P. Fleming
On Tue, Nov 14, 2023, at 11:10, Jason Keltz wrote: > However, my experience with multiple IPv4 addresses to the same ether does > not work, and you said that it should. > > I tried to reserve: > hw-address: 78:24:af:45:32:99 with hostname test1 and ip > hw-address: as-above with hostname test1

Re: [Kea-users] Leases for known clients only - how ?

2023-12-10 Thread Kevin P. Fleming
On Sun, Dec 10, 2023, at 05:47, Jan Rovner via Kea-users wrote: > Hello, > > I would like to ask about a pure static KEA DHCP server setup, where: > > - only the well-known clients with static reservations for their MACs will > get reserved IP addrs (leases) > > - unknown clients/devices won't

Re: [Kea-users] Query on KeaDHCP version 2.4.1

2024-02-22 Thread Kevin P. Fleming
On Thu, Feb 22, 2024, at 06:41, Muhammad Zain wrote: > Hi, > I am working on kea stable release version 2.4.1. I am using postgres > compatible database when i load the sql script given at link below > *Issue is the database I am working on doesn't support INET as primary key. * > These stateme

Re: [Kea-users] DHCP6 host reservation

2024-04-02 Thread Kevin P. Fleming
On Mon, Apr 1, 2024, at 08:50, Cristina Bulfon wrote: > Hi Marek and Darren, > > Thanks for the answer > > - reply to Mark's reply > I’ve just tried the “duid” option instead of the “hw-address” and it > works, but - I guess - the node must already be installed to have the > client leases .

Re: [Kea-users] DHCP6 host reservation

2024-04-02 Thread Kevin P. Fleming
On Tue, Apr 2, 2024, at 07:56, Francis Dupont wrote: >> You cannot know the DUID in advance, as it's calculated by the OS >> on the machine using data it creates during the first boot of the OS. > > => some DUID formats are predictable e.g. LL (it uses the MAC address, > vs LLT which uses the MAC a

Re: [Kea-users] "ha_dedicated_ports" warning in Stork

2024-04-12 Thread Kevin P. Fleming
On Fri, Apr 12, 2024, at 19:36, mxhajducze...@gmail.com wrote: > > > Can someone please tell me what I am doing wrong here (I did follow the > configuration instructions) and how to fix this issue? It has been driving me > insane for a while now … With recent versions of Kea, multi-threaded m

Re: [Kea-users] "ha_dedicated_ports" warning in Stork

2024-04-12 Thread Kevin P. Fleming
On Fri, Apr 12, 2024, at 20:49, Marek Hajduczenia wrote: > Thank you, Kevin - in the example you're referring to, do I still need to > configure and run the control agent? I am a bit confounded as to what the > specific change I need to do in my setup (dhcp config or control agent > config) to m

Re: [Kea-users] kea-dhcpv6 won't offer adresses to clients

2024-05-10 Thread Kevin P. Fleming
On Fri, May 10, 2024, at 08:40, Marek Hajduczenia wrote: > I am sorry, I cannot process this information dump in its current > format. If you want to send / attach logs and config files via text > files + perhaps a packet capture on the affected interface, I will be > happy to look at it It was

Re: [Kea-users] reservation for the same host in several subnets

2024-08-26 Thread Kevin P. Fleming
On Mon, Aug 26, 2024, at 05:46, Darren Ankney wrote: > Hi Marek, > > You might be right. I do not know. I think yes, if you need to have > separate reservations for the two different interfaces, then you'd > have to specify separate subnets. Is there any particular reason that > the client canno

Re: [Kea-users] reservation for the same host in several subnets

2024-09-07 Thread Kevin P. Fleming
There is already an open feature request for reservations to *not* be stored in the lease database; if this is implemented, after Kea completes the DHCP transaction with the client it will 'forget' about the transaction. If the client then moves to a different subnet, or different interface on t