advanced.json 5.57 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12
// This is an example configuration file for DHCPv6 server in Kea.
// It attempts to showcase some of the more advanced features.
// Topology wise, it's a basic scenario with one IPv6 subnet configured.
// It is assumed that one subnet (2001:db8:1::/64) is available directly
// over ethX interface.
//
// The following features are currently showcased here:
// 1. Configuration of MAC/hardware address sources in DHCPv6
// 2. RSOO (Relay supplied options) - Some relays may insert options with the
//    intention for the server to insert them into client directed messages.
// 3. Control socket. Kea can open a socket and listen for incoming
//    commands.
Tomek Mrugalski's avatar
Tomek Mrugalski committed
13 14 15 16

{ "Dhcp6":

{
17
  // Kea is told to listen on ethX network interface only.
18
  "interfaces-config": {
19 20
    "interfaces": [ "ethX" ],

Tomek Mrugalski's avatar
Tomek Mrugalski committed
21 22 23
        // This makes interfaces to be re-detected at each (re-)configuration.
        // By default it is true.
        "re-detect": true
24
  },
Tomek Mrugalski's avatar
Tomek Mrugalski committed
25

26 27 28 29
  // We need to specify the the database used to store leases. As of
  // September 2016, four database backends are supported: MySQL,
  // PostgreSQL, Cassandra, and the in-memory database, Memfile.
  // We will use memfile  because it doesn't require any prior set up.
Tomek Mrugalski's avatar
Tomek Mrugalski committed
30
  "lease-database": {
31 32
      "type": "memfile",
      "lfc-interval": 3600
Tomek Mrugalski's avatar
Tomek Mrugalski committed
33 34
  },

35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
// Kea 0.9.1 introduced MAC/hardware addresses support in DHCPv6. There is
// no single reliable method of getting MAC address information in DHCPv6.
// Kea supports several methods. Depending on your network set up, some
// methods may be more preferable than others, hence the configuration
// parameter. 'mac-sources' is a list of methods. Allowed parameters are:
// any, raw, duid, ipv6-link-local, client-link-addr-option, rfc6939 (which
// is an alias for client-link-addr-option), remote-id, rfc4649 (which is an
// alias for remote-id, subscriber-id, rfc4580 (which is an alias for
// subscriber-id) and docsis.
//
// Note that the order matters. Methods are attempted one by one in the order
// specified until hardware address is obtained. If you don't care which method
// is used, using 'any' is marginally faster than enumerating them all.
//
// If mac-sources are not specified, a default value of 'any' is used.
Tomek Mrugalski's avatar
Tomek Mrugalski committed
50 51
  "mac-sources": [ "client-link-addr-option", "duid", "ipv6-link-local" ],

52 53 54 55 56 57 58 59
// RFC6422 defines a mechanism called relay-supplied options option. The relay
// agent may insert certain options that the server will echo back to the
// client, if certain criteria are met. One condition is that the option must
// be RSOO-enabled (i.e. allowed to be echoed back). IANA maintains a list
// of those options here:
// http://www.iana.org/assignments/dhcpv6-parameters/dhcpv6-parameters.xhtml#options-relay-supplied
// However, it is possible to allow the server to echo back additional options.
// This entry marks options 110, 120 and 130 as RSOO-enabled.
60
   "relay-supplied-options": [ "110", "120", "130" ],
61

62 63 64 65 66 67 68 69 70 71 72 73 74 75 76

    // This defines a control socket. If defined, Kea will open a UNIX socket
    // and will listen for incoming commands. See section 15 of the Kea User's
    // Guide for list of supported commands.
    "control-socket": {
        "socket-type": "unix",
        "socket-name": "/tmp/kea6-ctrl-socket"
    },

// Addresses will be assigned with preferred and valid lifetimes
// being 3000 and 4000, respectively. Client is told to start
// renewing after 1000 seconds. If the server does not respond
// after 2000 seconds since the lease was granted, client is supposed
// to start REBIND procedure (emergency renewal that allows switching
// to a different server).
Tomek Mrugalski's avatar
Tomek Mrugalski committed
77 78 79 80 81
  "preferred-lifetime": 3000,
  "valid-lifetime": 4000,
  "renew-timer": 1000,
  "rebind-timer": 2000,

82 83
// The following list defines subnets. Each subnet consists of at
// least subnet and pool entries.
Tomek Mrugalski's avatar
Tomek Mrugalski committed
84 85 86
  "subnet6": [
    {
      "pools": [ { "pool": "2001:db8:1::/80" } ],
87

88 89 90 91
// This defines PD (prefix delegation) pools. In this case
// we have only one pool. That consists of /64 prefixes
// being delegated out of large /48 pool. Each delegated
// prefix will contain an excluded-prefix option.
92 93 94 95 96 97 98 99 100
      "pd-pools": [
      {
          "prefix": "2001:db8:abcd::",
          "prefix-len": 48,
          "delegated-len": 64,
          "excluded-prefix": "2001:db8:abcd:1234::",
          "excluded-prefix-len": 62
      }
      ],
Tomek Mrugalski's avatar
Tomek Mrugalski committed
101
      "subnet": "2001:db8:1::/64",
102 103 104 105 106 107 108 109 110
      "interface": "ethX",

      // Sometimes the relay may use an odd IPv6 address that's not matching
      // the subnet. This is discouraged, but there are valid cases when it
      // makes sense. One case is when the relay has only link-local address
      // and another is when there is a shared subnet scenario.
      "relay": {
          "ip-address": "3000::1"
      }
Tomek Mrugalski's avatar
Tomek Mrugalski committed
111 112 113 114
    }
  ]
},

115 116 117
// The following configures logging. It assumes that messages with at
// least informational level (info, warn, error and fatal) should be
// logged to stdout.
Tomek Mrugalski's avatar
Tomek Mrugalski committed
118 119 120 121 122 123
"Logging": {
    "loggers": [
        {
            "name": "kea-dhcp6",
            "output_options": [
                {
124 125 126 127 128 129 130 131 132 133
                    "output": "stdout",
                    // Several additional parameters are possible in addition
                    // to the typical output. Flush determines whether logger
                    // flushes output to a file. Maxsize determines maximum
                    // filesize before the file is being rotated. maxver
                    // specifies the maximum number of rotated files being
                    // kept.
                    "flush": true,
                    "maxsize": 204800,
                    "maxver": 4
Tomek Mrugalski's avatar
Tomek Mrugalski committed
134 135
                }
            ],
136 137
            "debuglevel": 0,
            "severity": "INFO"
Tomek Mrugalski's avatar
Tomek Mrugalski committed
138 139 140 141 142
        }
    ]
}

}