ISC Open Source Projects issueshttps://gitlab.isc.org/groups/isc-projects/-/issues2023-10-20T13:42:39Zhttps://gitlab.isc.org/isc-projects/kea/-/issues/3095DHCPv4 option 21 policy-filter example may be misleading2023-10-20T13:42:39ZPiotrek ZadrogaDHCPv4 option 21 policy-filter example may be misleadingExample of that Option that is currently in the source code (`all-options.json`) may be misleading.
```
/*
Code Len Address 1 Mask 1
+-----+-----+-----+-----+-----+-----+-----+-----+-----+--...Example of that Option that is currently in the source code (`all-options.json`) may be misleading.
```
/*
Code Len Address 1 Mask 1
+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+
| 21 | n | a1 | a2 | a3 | a4 | m1 | m2 | m3 | m4 |
+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+
Address 2 Mask 2
+-----+-----+-----+-----+-----+-----+-----+-----+---
| a1 | a2 | a3 | a4 | m1 | m2 | m3 | m4 | ...
+-----+-----+-----+-----+-----+-----+-----+-----+---
*/
// Type: array of {IPv4 address}
{
"code": 21,
"data": "192.0.2.21, 192.0.2.22",
"name": "policy-filter"
},
```
`data` should be rather pairs of (IPv4, mask), e.g.
```
"data": "192.0.2.0, 255.255.255.0",
```
or
```
"data": "192.0.2.0, 255.255.255.0, 10.2.0.0, 255.255.0.0",
```kea2.5.3Piotrek ZadrogaPiotrek Zadrogahttps://gitlab.isc.org/isc-projects/kea/-/issues/3093Missing error message from OpenSSL 3.1.32023-09-27T07:18:10ZFrancis DupontMissing error message from OpenSSL 3.1.3OpenSSL 3.1.3 release the 2023/09/19 changed one of the error messages checked in TLS unit tests.
Patch attached.[openssl313.diff](/uploads/ad85a5778be88145f6159130bf597fa2/openssl313.diff)OpenSSL 3.1.3 release the 2023/09/19 changed one of the error messages checked in TLS unit tests.
Patch attached.[openssl313.diff](/uploads/ad85a5778be88145f6159130bf597fa2/openssl313.diff)kea2.5.3Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/3086support parsing strings with escaped null character2023-10-06T09:07:56ZRazvan Becheriusupport parsing strings with escaped null character```
Expected: parsed_ = eval.parseString("ucase('12345~!@#$%^&*()_+uPpEr{}[];:<>/?\\67890\t \0\b\r\f') == " "'12345~!@#$%^&*()_+UPPER{}[];:<>/?\\67890\t \0\b\r\f'") doesn't throw an exception.
Actual: it throws std::exception-derived e...```
Expected: parsed_ = eval.parseString("ucase('12345~!@#$%^&*()_+uPpEr{}[];:<>/?\\67890\t \0\b\r\f') == " "'12345~!@#$%^&*()_+UPPER{}[];:<>/?\\67890\t \0\b\r\f'") doesn't throw an exception.
Actual: it throws std::exception-derived exception with description: "<string>:1.7: Invalid character: '".
```kea2.5.3Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/3083ping-check-hook-task-5 Implement PingCheckMgr2023-10-18T12:57:45ZThomas Markwalderping-check-hook-task-5 Implement PingCheckMgrImplement PingCheckMgr class per Ping Check design
https://gitlab.isc.org/isc-projects/kea/-/wikis/Designs/ping-check
When complete PingCheckMgr should be integrated with PingChannel and
PingContextStore and use them to fulfill ping ch...Implement PingCheckMgr class per Ping Check design
https://gitlab.isc.org/isc-projects/kea/-/wikis/Designs/ping-check
When complete PingCheckMgr should be integrated with PingChannel and
PingContextStore and use them to fulfill ping check requests, including
contexts expiration management
It will not be integrated into hook callouts (i.e not loadable, configurable)
nor decline leases. These steps are left to task 6.
depends on #3055kea2.5.3Thomas MarkwalderThomas Markwalderhttps://gitlab.isc.org/isc-projects/kea/-/issues/3080Process: need to publish security policy2023-10-23T08:20:40ZTomek MrugalskiProcess: need to publish security policyAnother thing pointed out by @manu in his [security audit](https://gitlab.isc.org/isc-private/kea/-/wikis/Kea-Security-Review-02-2023#10-process-how-to-handle-confidential-information-fix-for-a-reported-security-vulnerability). We need t...Another thing pointed out by @manu in his [security audit](https://gitlab.isc.org/isc-private/kea/-/wikis/Kea-Security-Review-02-2023#10-process-how-to-handle-confidential-information-fix-for-a-reported-security-vulnerability). We need to publish security policy in a concise form and publish it in a standard github way. That basically means creating SECURITY.md file and enabling security reporting on github.
We already have Section 23.3 in ARM and [KB article](https://kb.isc.org/docs/aa-00861). Both look like great sources of info.kea2.5.3Tomek MrugalskiTomek Mrugalskihttps://gitlab.isc.org/isc-projects/kea/-/issues/3078improve -V/W output when kea is installed from pkgs2023-10-04T15:23:15ZWlodzimierz Wencelimprove -V/W output when kea is installed from pkgsAt this point `kea-dhcp4 -V` output may have two options:
* when installed from git:
```
2.5.2-git
git 7129fed942dd381d8946f5b43f5423b8d4ccab20
(and other stuff)
```
* when installed from tarball or pkg:
```
2.5.2
tarball
```
And this s...At this point `kea-dhcp4 -V` output may have two options:
* when installed from git:
```
2.5.2-git
git 7129fed942dd381d8946f5b43f5423b8d4ccab20
(and other stuff)
```
* when installed from tarball or pkg:
```
2.5.2
tarball
```
And this solution introduces some problems when we quickly try to debug reported issue, even with version reported we need to ask how it was installed, I would add 3rd way and when installed from pkg `kea-dhcp4 -V` would return:
```
2.5.2
isc20230630120747 (rpm)
```
this would require change in `configure.ac` and kea-packaging repo.kea2.5.3Wlodzimierz WencelWlodzimierz Wencelhttps://gitlab.isc.org/isc-projects/kea/-/issues/3070Make new RADIUS capable of reading dictionaries2023-10-23T07:24:52ZAndrei Pavelandrei@isc.orgMake new RADIUS capable of reading dictionaries* [x] put the configuration knob that accepted a path to dictionary file(s) back. Initially removed [here](https://gitlab.isc.org/isc-private/kea-premium/-/compare/4e23d9ca8f155f21b2705231706bcd1c739ee80a...eafb77cf1a82cf6d18b5dd59ce57f6...* [x] put the configuration knob that accepted a path to dictionary file(s) back. Initially removed [here](https://gitlab.isc.org/isc-private/kea-premium/-/compare/4e23d9ca8f155f21b2705231706bcd1c739ee80a...eafb77cf1a82cf6d18b5dd59ce57f6037a8a5cfa?from_project_id=28&page=2&straight=false#ad9e33bea00c115cc9d98d1f5c84990ad97ba1c3_104_105).
* [x] add logic to parse the dictionary file(s).
* [x] add logic to insert attribute definitions, constants, and values to runtime memory.kea2.5.3Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/3068CA returns number overflow on ipv6 stats2023-10-12T08:04:56ZPeter DaviesCA returns number overflow on ipv6 statsSending a statistic-get command IPv6 statistics to the control-agent can cause a
number overflow error to be returned to the caller.
Sending the command directly to the Kea process's control socket does not generate
this error.
...Sending a statistic-get command IPv6 statistics to the control-agent can cause a
number overflow error to be returned to the caller.
Sending the command directly to the Kea process's control socket does not generate
this error.
[RT #22759]( https://support.isc.org/Ticket/Display.html?id=22759)kea2.5.3Andrei Pavelandrei@isc.orgAndrei Pavelandrei@isc.orghttps://gitlab.isc.org/isc-projects/kea/-/issues/3066ctrl agent: cannot listen on ipv62023-09-26T13:22:27ZJohn Doectrl agent: cannot listen on ipv6**Describe the bug**
The kea control agent cannot listen on IPv6 addresses via the `http-host` option. We've tried several IPv6 types (GUA, ULA, link local including interface scope) and notations (with brackets and without). For the no...**Describe the bug**
The kea control agent cannot listen on IPv6 addresses via the `http-host` option. We've tried several IPv6 types (GUA, ULA, link local including interface scope) and notations (with brackets and without). For the notation without brackets, the agent silently does not listen at all on an IP address, the notation with brackets, a configuration parsing error occurs.
**To Reproduce**
Steps to reproduce the behavior:
We're using a configuration e.g.
```json
{
"Control-agent": {
"http-host": "$HOST",
"http-port": 8000
// ...
}
}
```
where `$HOST` is
- (empty string) causes `ERROR [kea-ctrl-agent.dctl/433402.140592497919872] DCTL_PARSER_FAIL : Failed to convert to IP address:Failed to convert string to address '': Invalid argument`
- *http-host* line does not exist: listens on 127.0.0.1:8000
- `2001:db8::1` causes about 10 log lines of `RROR [kea-ctrl-agent.dctl/433486.140500168120192] DCTL_PARSER_FAIL : unable to setup TCP acceptor for listening to the incoming HTTP requests: open: Permission denied` and does not listen on the IPv6.
- `[2001:db8::1]` causes about 10 log lines of `ERROR [kea-ctrl-agent.dctl/433528.140127554930560] DCTL_PARSER_FAIL : Failed to convert [2001:db8::1] to IP address:Failed to convert string to address '[2001:db8::1]': Invalid argument` and does not listen on the IPv6
Since we're also loading the HA module, we configure a list of peers with the bracketed IPv6 notation (non-bracketed causes parsing errors):
```json
{
"Dhcp4": {
"hooks-libraries": [
{
"library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so",
"parameters": {}
},
{
"library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so",
"parameters": {
"high-availability": [
{
"this-server-name": "host1",
"mode": "hot-standby",
"heartbeat-delay": 10000,
"max-response-delay": 10000,
"max-ack-delay": 5000,
"max-unacked-clients": 5,
"peers": [
{
"name": "host1",
"url": "https://[2001:db8::1]:8000",
"trust-anchor": "/etc/kea/bundle.pem",
"cert-file": "/etc/kea/host.crt",
"key-file": "/etc/kea/host.key",
"auto-failover": true,
"basic-auth-user": "admin",
"basic-auth-password": "..."
# ...
},
{
"name": "host2",
"url": "https://[2001:db8::2]:8000",
"trust-anchor": "/etc/kea/bundle.pem",
"cert-file": "/etc/kea/host.crt",
"key-file": "/etc/kea/host.key",
"role": "standby",
"auto-failover": true,
"basic-auth-user": "admin",
"basic-auth-password": "..."
}
]
...
```
This configuration seems to be accepted correctly.
**Expected behavior**
We expect IPv6 to be fully supported for a top notch project like kea. Are we missing a configuration option?
**Environment:**
- Kea version: version 2.2.0
- OS: debian 11
- Which features were compiled in (in particular which backends)
- If/which hooks where loaded in: HAkea2.5.3https://gitlab.isc.org/isc-projects/kea/-/issues/3065Get more detailed GTEST_VERSION when using --with-gtest-source2023-10-25T14:55:48ZPiotrek ZadrogaGet more detailed GTEST_VERSION when using --with-gtest-sourceIt seems that extracting GTEST_VERSION doesn't work correctly with recent versions of GTest.
`config.report` often shows:
```
Google Test:
GTEST_VERSION: googletest
```
Correct version could be extracted from sources - file `CMakeLi...It seems that extracting GTEST_VERSION doesn't work correctly with recent versions of GTest.
`config.report` often shows:
```
Google Test:
GTEST_VERSION: googletest
```
Correct version could be extracted from sources - file `CMakeLists.txt`:
```
set(GOOGLETEST_VERSION 1.11.0)
```
e.g.:
```shell
GTEST_VERSION=`grep "set(GOOGLETEST_VERSION" -h $GTEST_SOURCE/* 2>/dev/null | cut -d' ' -f2 | sed 's/)//'`
```kea2.5.3Piotrek ZadrogaPiotrek Zadrogahttps://gitlab.isc.org/isc-projects/kea/-/issues/3055ping-check-hook-task-4 Implement PingChannel and ICMPMsg2023-10-05T11:31:47ZThomas Markwalderping-check-hook-task-4 Implement PingChannel and ICMPMsgImplement PingChannel and ICMPMsg classes per Ping Check design
https://gitlab.isc.org/isc-projects/kea/-/wikis/Designs/ping-check
When complete: Given an IOService and appropriate callbacks, PingChannel
should be able to perpetuate se...Implement PingChannel and ICMPMsg classes per Ping Check design
https://gitlab.isc.org/isc-projects/kea/-/wikis/Designs/ping-check
When complete: Given an IOService and appropriate callbacks, PingChannel
should be able to perpetuate sending echos and receiving replies.kea2.5.3Thomas MarkwalderThomas Markwalderhttps://gitlab.isc.org/isc-projects/kea/-/issues/3046Kea ARM section on DDNS doesn't mention DDNS-tuning hook library2023-10-06T11:34:06ZVicky Riskvicky@isc.orgKea ARM section on DDNS doesn't mention DDNS-tuning hook libraryCould we add a link or reference to the DDNS-tuning library to the DDNS section of the ARM? I think it is otherwise easy to miss the fact that you can customized the name creation.
https://kea.readthedocs.io/en/latest/arm/ddns.htmlCould we add a link or reference to the DDNS-tuning library to the DDNS section of the ARM? I think it is otherwise easy to miss the fact that you can customized the name creation.
https://kea.readthedocs.io/en/latest/arm/ddns.htmlkea2.5.3Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/3041UDP client side communication boilerplate for RADIUS2023-10-23T07:25:32ZAndrei Pavelandrei@isc.orgUDP client side communication boilerplate for RADIUSPart of the RADIUS redesign.
* [ ] boilerplate for the RADIUS client
* [ ] UDP client added to the RADIUS client code with timeouts and retries as in `freeradius-client:lib/sendserver.c:339-400`
* [ ] unit test for sending and receiving...Part of the RADIUS redesign.
* [ ] boilerplate for the RADIUS client
* [ ] UDP client added to the RADIUS client code with timeouts and retries as in `freeradius-client:lib/sendserver.c:339-400`
* [ ] unit test for sending and receiving basic UDP datagrams
- either with mock server as target endpoint, or with FreeRADIUS server but `DISABLED_` by default in that latter case
Issue is considered resolved if the server receives a datagram, even if it considers it malformed, or ignores it silently.kea2.5.3Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/3032testing libs compiled even without --with-gtest2023-10-23T13:52:22ZWlodzimierz Wenceltesting libs compiled even without --with-gtestLooks like some of test related libs are compiled even if unit tests are not enabled:
```
make[5]: Entering directory '/home/wlodek/kea/src/bin/dhcp4'
CXX dhcp4_srv.lo
CXX dhcp4to6_ipc.lo
CXX client_handler.lo
CXX ...Looks like some of test related libs are compiled even if unit tests are not enabled:
```
make[5]: Entering directory '/home/wlodek/kea/src/bin/dhcp4'
CXX dhcp4_srv.lo
CXX dhcp4to6_ipc.lo
CXX client_handler.lo
CXX dhcp4_lexer.lo
CXX dhcp4_parser.lo
CXX parser_context.lo
CXX dhcp4_messages.lo
CXXLD libdhcp4.la
CXXLD kea-dhcp4
make[5]: Leaving directory '/home/wlodek/kea/src/bin/dhcp4'
Making all in tests
make[5]: Entering directory '/home/wlodek/kea/src/bin/dhcp4/tests'
Making all in .
make[6]: Entering directory '/home/wlodek/kea/src/bin/dhcp4/tests'
CXX libco1_la-callout_library_1.lo
CXX libco2_la-callout_library_2.lo
CXX libco3_la-callout_library_3.lo
CXXLD libco2.la
CXXLD libco1.la
CXXLD libco3.la
make[6]: Leaving directory '/home/wlodek/kea/src/bin/dhcp4/tests'
make[5]: Leaving directory '/home/wlodek/kea/src/bin/dhcp4/tests'
make[4]: Leaving directory '/home/wlodek/kea/src/bin/dhcp4'
Making all in dhcp6
make[4]: Entering directory '/home/wlodek/kea/src/bin/dhcp6'
Making all in .
make[5]: Entering directory '/home/wlodek/kea/src/bin/dhcp6'
CXX main.o
CXX dhcp6_log.lo
CXX dhcp6_srv.lo
CXX ctrl_dhcp6_srv.lo
CXX json_config_parser.lo
CXX dhcp6to4_ipc.lo
CXX client_handler.lo
CXX dhcp6_lexer.lo
CXX dhcp6_parser.lo
CXX parser_context.lo
CXX dhcp6_messages.lo
CXXLD libdhcp6.la
CXXLD kea-dhcp6
make[5]: Leaving directory '/home/wlodek/kea/src/bin/dhcp6'
Making all in tests
make[5]: Entering directory '/home/wlodek/kea/src/bin/dhcp6/tests'
Making all in .
make[6]: Entering directory '/home/wlodek/kea/src/bin/dhcp6/tests'
CXX libco1_la-callout_library_1.lo
CXX libco2_la-callout_library_2.lo
CXX libco3_la-callout_library_3.lo
CXXLD libco2.la
CXXLD libco1.la
CXXLD libco3.la
make[6]: Leaving directory '/home/wlodek/kea/src/bin/dhcp6/tests'
make[5]: Leaving directory '/home/wlodek/kea/src/bin/dhcp6/tests'
```
```
make[5]: Entering directory '/home/wlodek/kea/src/lib/util/unittests'
CXX libutil_unittests_la-fork.lo
CXX libutil_unittests_la-newhook.lo
CXX libutil_unittests_la-testdata.lo
CXXLD libutil_unittests.la
make[5]: Leaving directory '/home/wlodek/kea/src/lib/util/unittests'
```
and
```
make[6]: Entering directory '/home/wlodek/kea/src/lib/log/tests'
CXX logger_example-logger_example.o
CXX init_logger_test-init_logger_test.o
CXX buffer_logger_test-buffer_logger_test.o
CXX logger_lock_test-logger_lock_test.o
CXX logger_lock_test-log_test_messages.o
CXXLD init_logger_test
CXXLD buffer_logger_test
CXXLD logger_example
CXXLD logger_lock_test
make[6]: Leaving directory '/home/wlodek/kea/src/lib/log/tests'
```kea2.5.3Wlodzimierz WencelWlodzimierz Wencelhttps://gitlab.isc.org/isc-projects/kea/-/issues/3027Design for RADIUS refactoring2023-12-04T10:13:26ZTomek MrugalskiDesign for RADIUS refactoringWe need to substantially refactor (or more properly: rewrite large parts) the RADIUS hook, in particular get rid of the FreeRADIUS-client code.
For details, see [the RADIUS design on Kea wiki](https://gitlab.isc.org/isc-projects/kea/-/w...We need to substantially refactor (or more properly: rewrite large parts) the RADIUS hook, in particular get rid of the FreeRADIUS-client code.
For details, see [the RADIUS design on Kea wiki](https://gitlab.isc.org/isc-projects/kea/-/wikis/Designs/Multi-Threaded-RADIUS-Library-Refactored-with-its-own-RADIUS-Client).kea2.5.3https://gitlab.isc.org/isc-projects/kea/-/issues/3017[kea_2.4.0]New monitor interface added in kea conf but dhcp4 server can't det...2023-11-28T09:30:37Zchen sijie[kea_2.4.0]New monitor interface added in kea conf but dhcp4 server can't detect the new added interface---
name: Bug report
about: Create a report to help us improve
---
If you believe your bug report is a security issue (e.g. a packet that can kill the server), DO NOT REPORT IT HERE. Please use https://www.isc.org/community/report-bug/...---
name: Bug report
about: Create a report to help us improve
---
If you believe your bug report is a security issue (e.g. a packet that can kill the server), DO NOT REPORT IT HERE. Please use https://www.isc.org/community/report-bug/ instead or send mail to security-office(at)isc(dot)org.
**Describe the bug**
New monitor interface added in kea conf file but dhcp4 server can't detect the new added interface.
**To Reproduce**
In our project we used kea as our dhcp server and did some second develop work. Below test scenario
failed after upgrade kea from 2.2.0 to 2.4.0.
Steps to reproduce the behavior:
1. Prepare kea conf file and until waiting one running interface to start dhcp4 server.
In this place we can find fhmintbre in RUNNING state and dhcp4server also startup normally.
2. After step1, a new interface fhmintbrc become running,then our service prepare one new conf file, in this file
interface parameter with both fhmintbre and fhmintbrc.
3. Because kea conf file update in our code logical, we need to reload dhcp4server, after reload the dhcp4server can't start.
the log info as "Failed to selecnterface: interface 'fhmintbrc' doesn't exist in the system (/tmp/kea-dhcp4.conf:42:17)"
Seems dhcp4server still used the old conf file didn't get the new conf with fhmintbrc info.
This scenario case work normally in kea 2.2.0. Can you help to check this issue?
**Expected behavior**
dhcp4server startup should use the latest kea-dhcp.conf file after new running interface added, but now we found
dhcp4server still used the old copy.
**Environment:**
- Kea version: kea 2.4.0
- OS: [e.g. Ubuntu 16.04 x64]
- Which features were compiled in (in particular which backends)
- If/which hooks where loaded in
**Additional Information**
Log info print in our env:
```
<14>1 2023-08-22T15:23:36.905286+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - Send dhcp readiness ack: status(SUCCESS):0, hoste: nescran6-dhcp-server-0
<15>1 2023-08-22T15:23:38.584740+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - Readiness fd reveived (IN) callback.
<15>1 2023-08-22T15:23:38.584831+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - hwinfoprovider data provider callback, path: [/na-hwinfo:hwinfo], request_xpath: [/nokia-hwinfo:hwinfo], module: [nokia-hwinfo]
<14>1 2023-08-22T15:23:38.584865+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - hwinfoprovider data provider: [{"nokia-hwinfo:hwo":{"readiness":[{"owner":"nescran6-dhcp-server-0","check-list":[0,1,2],"states":[{"type":2,"last-updated":"2023-08-22T23:23:36.900+08:00"}]}]}}]
<14>1 2023-08-22T15:26:18.863022+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintune0, index:6) upd event. flags:4098
<14>1 2023-08-22T15:26:18.863130+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintune0, index:6) upd event. flags:4098
<14>1 2023-08-22T15:26:18.970545+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintune0, index:6) upd event. flags:69699
<14>1 2023-08-22T15:26:19.305565+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintbre, index:7) updaevent. flags:4098
<14>1 2023-08-22T15:26:19.879863+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintune0, index:6) upd event. flags:69699
<14>1 2023-08-22T15:26:19.879984+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintune0, index:6) upd event. flags:69699
<14>1 2023-08-22T15:26:19.880041+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintbre, index:7) updaevent. flags:4098
<14>1 2023-08-22T15:26:19.880094+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintbre, index:7) updaevent. flags:4098
<14>1 2023-08-22T15:26:19.880160+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintbre, index:7) updaevent. flags:4098
<14>1 2023-08-22T15:26:20.473274+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: ip address(iface index:7) update event.ags:128
<14>1 2023-08-22T15:26:21.205540+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintbre, index:7) updaevent. flags:69635
<14>1 2023-08-22T15:26:21.205630+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintbre, index:7) updaevent. flags:69699
<14>1 2023-08-22T15:26:21.205691+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - Interface index(7) sate change to RUNNING
<14>1 2023-08-22T15:26:22.908112+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - DHCP server inactive.
<14>1 2023-08-22T15:26:23.005806+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - Start dhcp4 server success with cmd: genapiloggeat --ident dhcp4server -- /usr/sbin/kea-dhcp4 -c /tmp/kea-dhcp4.conf &
<14>1 2023-08-22T15:26:23.905870+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:23.905 INFO [kea-dhcp4.dhcp43.140102015412096] DHCP4_STARTING Kea DHCPv4 server version 2.4.0 (stable) starting
<14>1 2023-08-22T15:26:23.907140+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:23.907 INFO [kea-dhcp4.hosts3.140102015412096] HOSTS_BACKENDS_REGISTERED the following host backend types are available: postgresql
<14>1 2023-08-22T15:26:23.907517+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:23.907 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_ADD_IFACE listening on interface fhmintbre
<14>1 2023-08-22T15:26:23.907550+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:23.907 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_SOCKET_TYPE_DEFAULT "dhcp-socket-type" not specified , using default socket type raw
<14>1 2023-08-22T15:26:23.908007+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:23.907 INFO [kea-dhcp4.hooks3.140102015412096] HOOKS_LIBRARY_CLOSED hooks library /usr/lib64/libkea4hook.so successfully closed
<14>1 2023-08-22T15:26:23.908186+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:23.908 WARN [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CONFIGURED_SUBNET_WITHOUT_ID a subnet was configured without an id: 50.50.0.0/24
<14>1 2023-08-22T15:26:23.908205+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:23.908 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_NEW_SUBNET4 a new subnet has been added to configuration: 50.50.0.0/24 with params: valid-liime=300
<14>1 2023-08-22T15:26:23.908328+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:23.908 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_NEW_SUBNET4 a new subnet has been added to configuration: 50.50.1.0/24 with params: valid-liime=300
<14>1 2023-08-22T15:26:23.908421+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:23.908 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_NEW_SUBNET4 a new subnet has been added to configuration: 50.50.2.0/24 with params: valid-liime=300
<14>1 2023-08-22T15:26:23.908511+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:23.908 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_NEW_SUBNET4 a new subnet has been added to configuration: 50.50.3.0/24 with params: valid-liime=300
<14>1 2023-08-22T15:26:24.005271+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.005 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_NEW_SUBNET4 a new subnet has been added to configuration: 50.50.4.0/24 with params: valid-liime=300
<14>1 2023-08-22T15:26:24.005454+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.005 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_NEW_SUBNET4 a new subnet has been added to configuration: 50.50.5.0/24 with params: valid-liime=300
<14>1 2023-08-22T15:26:24.005638+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.005 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_NEW_SUBNET4 a new subnet has been added to configuration: 50.50.6.0/24 with params: valid-liime=300
<14>1 2023-08-22T15:26:24.005809+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.005 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_NEW_SUBNET4 a new subnet has been added to configuration: 60.60.1.0/24 with params: valid-liime=300
<14>1 2023-08-22T15:26:24.006040+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.006 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_SOCKET_TYPE_SELECT using socket type raw
<14>1 2023-08-22T15:26:24.006528+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.006 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_ADD_IFACE listening on interface fhmintbre
<14>1 2023-08-22T15:26:24.006563+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.006 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_SOCKET_TYPE_DEFAULT "dhcp-socket-type" not specified , using default socket type raw
<14>1 2023-08-22T15:26:24.007242+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.007 INFO [kea-dhcp4.hooks3.140102015412096] HOOKS_LIBRARY_LOADED hooks library /usr/lib64/libkea4hook.so successfully loaded
<14>1 2023-08-22T15:26:24.007270+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.007 INFO [kea-dhcp4.dhcp43.140102015412096] DHCP4_CONFIG_COMPLETE DHCPv4 server has completed configuration: added IPv4 subnets: 8; DDNS: disabled
<14>1 2023-08-22T15:26:24.107592+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.107 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_MEMFILE_DB opening memory file lease database: lfc-interval=3600 max-row-errors=100 name=/var/log/kleasesdb/kea-leases4.csv persist=true type=memfile universe=4
<14>1 2023-08-22T15:26:24.207168+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.207 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_MEMFILE_LEASE_FILE_LOAD loading leases from file /var/log/kea-leasesdb/kea-leases4.csv
<14>1 2023-08-22T15:26:24.229966+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.229 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_MEMFILE_EXTRACT_EXTENDED_INFO4 extracting extended info saw 0 leases, extended info sanity checks mfied 0 / updated 0 leases and 0 leases have relay or remote id
<14>1 2023-08-22T15:26:24.229991+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.229 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_MEMFILE_LFC_SETUP setting up the Lease File Cleanup interval to 3600 sec
<14>1 2023-08-22T15:26:24.313526+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.313 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_USE_ALLOCATOR using the iterative allocator for V4 leases in subnet 50.50.0.0/24
<14>1 2023-08-22T15:26:24.313558+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.313 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_USE_ALLOCATOR using the iterative allocator for V4 leases in subnet 50.50.1.0/24
<14>1 2023-08-22T15:26:24.313576+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.313 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_USE_ALLOCATOR using the iterative allocator for V4 leases in subnet 50.50.2.0/24
<14>1 2023-08-22T15:26:24.313590+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.313 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_USE_ALLOCATOR using the iterative allocator for V4 leases in subnet 50.50.3.0/24
<14>1 2023-08-22T15:26:24.313604+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.313 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_USE_ALLOCATOR using the iterative allocator for V4 leases in subnet 50.50.4.0/24
<14>1 2023-08-22T15:26:24.313618+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.313 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_USE_ALLOCATOR using the iterative allocator for V4 leases in subnet 50.50.5.0/24
<14>1 2023-08-22T15:26:24.313639+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.313 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_USE_ALLOCATOR using the iterative allocator for V4 leases in subnet 50.50.6.0/24
<14>1 2023-08-22T15:26:24.313654+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.313 INFO [kea-dhcp4.dhcps463.140102015412096] DHCPSRV_CFGMGR_USE_ALLOCATOR using the iterative allocator for V4 leases in subnet 60.60.1.0/24
<14>1 2023-08-22T15:26:24.314034+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.313 WARN [kea-dhcp4.dhcp43.140102015412096] DHCP4_MULTI_THREADING_INFO enabled: no, number of threads: 0, queue size: 0
<14>1 2023-08-22T15:26:24.314114+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.314 INFO [kea-dhcp4.dhcp43.140102015412096] DHCP4_STARTED Kea DHCPv4 server version 2.4.0 started
<14>1 2023-08-22T15:26:24.314292+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.314 ERROR [kea-dhcp4.packe463.140102015412096] DHCP4_BUFFER_RECEIVE_FAIL error on attempt to receive packet: Truncated DHCPv4 packet (len=55) received, atast 236 is expected.
<14>1 2023-08-22T15:26:24.314346+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.314 ERROR [kea-dhcp4.packe463.140102015412096] DHCP4_BUFFER_RECEIVE_FAIL error on attempt to receive packet: Truncated DHCPv4 packet (len=108) received, aeast 236 is expected.
<14>1 2023-08-22T15:26:24.314430+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.314 ERROR [kea-dhcp4.packe463.140102015412096] DHCP4_BUFFER_RECEIVE_FAIL error on attempt to receive packet: Truncated DHCPv4 packet (len=32) received, atast 236 is expected.
<14>1 2023-08-22T15:26:24.314487+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:24.314 ERROR [kea-dhcp4.packe463.140102015412096] DHCP4_BUFFER_RECEIVE_FAIL error on attempt to receive packet: Truncated DHCPv4 packet (len=12) received, atast 236 is expected.
<14>1 2023-08-22T15:26:35.569350+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintunc0, index:8) upd event. flags:4098
<14>1 2023-08-22T15:26:35.569495+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintunc0, index:8) upd event. flags:4098
<14>1 2023-08-22T15:26:35.672859+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintunc0, index:8) upd event. flags:69699
<14>1 2023-08-22T15:26:35.977884+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintbrc, index:9) updaevent. flags:4098
<14>1 2023-08-22T15:26:36.505480+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintbrc, index:9) updaevent. flags:69699
<14>1 2023-08-22T15:26:36.505604+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - Interface index(9) sate change to RUNNING
<14>1 2023-08-22T15:26:37.270782+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintunc0, index:8) upd event. flags:69699
<14>1 2023-08-22T15:26:37.305261+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintunc0, index:8) upd event. flags:69699
<14>1 2023-08-22T15:26:37.305334+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintbrc, index:9) updaevent. flags:69699
<14>1 2023-08-22T15:26:37.305384+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintbrc, index:9) updaevent. flags:69699
<14>1 2023-08-22T15:26:37.305439+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintbrc, index:9) updaevent. flags:69699
<14>1 2023-08-22T15:26:37.305482+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: interface(name:fhmintbrc, index:9) updaevent. flags:69699
<14>1 2023-08-22T15:26:37.965480+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - netlink: ip address(iface index:9) update event.ags:128
dhcpmanager[9]: INFO/keactrl: Reloading kea-dhcp4...
<14>1 2023-08-22T15:26:38.907204+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:38.907 INFO [kea-dhcp4.dhcp43.140102015412096] DHCP4_DYNAMIC_RECONFIGURATION initiate server reconfiguration using file: /tmp/kea-dhcp4.conf, after receivinIGHUP signal or config-reload command
<14>1 2023-08-22T15:26:38.907997+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:38.907 INFO [kea-dhcp4.hosts3.140102015412096] HOSTS_BACKENDS_REGISTERED the following host backend types are available: postgresql
<14>1 2023-08-22T15:26:39.005586+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:39.005 ERROR [kea-dhcp4.dhcp43.140102015412096] DHCP4_PARSER_FAIL failed to create or run parser for configuration element interfaces-config: Failed to selecnterface: interface 'fhmintbrc' doesn't exist in the system (/tmp/kea-dhcp4.conf:42:17) (/tmp/kea-dhcp4.conf:40:13)
<14>1 2023-08-22T15:26:39.005683+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:39.005 FATAL [kea-dhcp4.dhcp43.140102015412096] DHCP4_CONFIG_UNRECOVERABLE_ERROR DHCPv4 server new configuration failed with an error which cannot be recover
<14>1 2023-08-22T15:26:39.005752+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:39.005 ERROR [kea-dhcp4.dhcp43.140102015412096] DHCP4_CONFIG_LOAD_FAIL configuration error using file: /tmp/kea-dhcp4.conf, reason: Failed to select interfacinterface 'fhmintbrc' doesn't exist in the system (/tmp/kea-dhcp4.conf:42:17) (/tmp/kea-dhcp4.conf:40:13)
<14>1 2023-08-22T15:26:39.005943+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:39.005 FATAL [kea-dhcp4.dhcp43.140102015412096] DHCP4_DYNAMIC_RECONFIGURATION_FAIL dynamic server reconfiguration failed with file: /tmp/kea-dhcp4.conf
dhcpmanager[9]: INFO/keactrl: kea-dhcp6 isn't running.
dhcpmanager[9]: INFO/keactrl: kea-dhcp-ddns isn't running.
dhcpmanager[9]: INFO/keactrl: kea-ctrl-agent isn't running.
<14>1 2023-08-22T15:26:40.007603+08:00 nescran6-dhcp-server-0 dhcpmanager 9 - - Reload dhcp4 server success with cmd: /usr/sbin/ctrl reload -c /tmp/keactrl.conf
dhcpmanager[9]: INFO/keactrl: Reloading kea-dhcp4...
<14>1 2023-08-22T15:26:43.008206+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:43.008 INFO [kea-dhcp4.dhcp43.140102015412096] DHCP4_DYNAMIC_RECONFIGURATION initiate server reconfiguration using file: /tmp/kea-dhcp4.conf, after receivinIGHUP signal or config-reload command
<14>1 2023-08-22T15:26:43.009047+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:43.008 INFO [kea-dhcp4.hosts3.140102015412096] HOSTS_BACKENDS_REGISTERED the following host backend types are available: postgresql
<14>1 2023-08-22T15:26:43.105606+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:43.105 ERROR [kea-dhcp4.dhcp43.140102015412096] DHCP4_PARSER_FAIL failed to create or run parser for configuration element interfaces-config: Failed to selecnterface: interface 'fhmintbrc' doesn't exist in the system (/tmp/kea-dhcp4.conf:42:17) (/tmp/kea-dhcp4.conf:40:13)
<14>1 2023-08-22T15:26:43.105632+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:43.105 FATAL [kea-dhcp4.dhcp43.140102015412096] DHCP4_CONFIG_UNRECOVERABLE_ERROR DHCPv4 server new configuration failed with an error which cannot be recover
<14>1 2023-08-22T15:26:43.205210+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:43.105 ERROR [kea-dhcp4.dhcp43.140102015412096] DHCP4_CONFIG_LOAD_FAIL configuration error using file: /tmp/kea-dhcp4.conf, reason: Failed to select interfacinterface 'fhmintbrc' doesn't exist in the system (/tmp/kea-dhcp4.conf:42:17) (/tmp/kea-dhcp4.conf:40:13)
<14>1 2023-08-22T15:26:43.205239+08:00 nescran6-dhcp-server-0 dhcp4server 455 - - 2023-08-22 15:26:43.105 FATAL [kea-dhcp4.dhcp43.140102015412096] DHCP4_DYNAMIC_RECONFIGURATION_FAIL dynamic server reconfiguration failed with file: /tmp/kea-dhcp4.conf
dhcpmanager[9]: INFO/keactrl: kea-dhcp6 isn't running.
dhcpmanager[9]: INFO/keactrl: kea-dhcp-ddns isn't running.
dhcpmanager[9]: INFO/keactrl: kea-ctrl-agent isn't running.
```
**Contacting you**
sijie.chen@nokia-sbell.com
Andrei: edited the **Additional Information** section to be readable.kea2.5.3Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/2918ISC DHCP log emulation2023-10-06T17:12:30ZPeter DaviesISC DHCP log emulation---
name: ISC DHCP log emulation
about: Kea to generate logging similar ISC DCHP.
---
**Some initial questions**
- Are you sure your feature is not already implemented in the latest Kea version?
Kea's forensic logging hooks library ...---
name: ISC DHCP log emulation
about: Kea to generate logging similar ISC DCHP.
---
**Some initial questions**
- Are you sure your feature is not already implemented in the latest Kea version?
Kea's forensic logging hooks library can be configured generate messages that look
like ISC DHCP logging but DHCPDISCOVER/DHCPOFFER and SOLICIT/ADVERTISE
packets are not logged.
**Is your feature request related to a problem? Please describe.**
As a help to folks who are planning to migrate from ISC DCHP to Kea it may be helpful if
Kea could be induced to produce logging that approximate those generated by ISC DCHP.
**Describe the solution you'd like**
There appear to be two ways forward:
1) Enhance Kea's forensic logging hooks library.
2) Generate new logging messages at severity INFO
**Additional context**
See [RT #22155](https://support.isc.org/Ticket/Display.html?id=22155)kea2.5.3Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/2881DHCP4 Vendor-Specific Options do not get encapsulated when using the DB Backe...2023-12-07T14:12:48ZJosef StöcklDHCP4 Vendor-Specific Options do not get encapsulated when using the DB Backend (mysql)**Describe the bug**
While migrating a DHCP4 json-based configuration to the MySQL DB Backend I noticed that the Vendor-Specific Options (Code 43) do not get encapsulated and instead are transmitted as empty fields. The same configurat...**Describe the bug**
While migrating a DHCP4 json-based configuration to the MySQL DB Backend I noticed that the Vendor-Specific Options (Code 43) do not get encapsulated and instead are transmitted as empty fields. The same configuration with json produces the correct encapsulated option 43.
**To Reproduce**
Steps to reproduce the behavior:
1. Configure KEA with the mysql configuration backend and some basic subnet and pool.
```json
"Dhcp4": {
"server-tag": "DHCP",
"interfaces-config": {
"interfaces": [ "eth0" ]
},
"control-socket": {
"socket-type": "unix",
"socket-name": "/tmp/kea4-ctrl-socket"
},
"config-control": {
"config-databases": [{
"type": "mysql",
"name": "dhcp_db",
"host": "10.1.1.2",
"port": 3306,
"user": "kea",
"password": "<super secret pw>"
}],
"config-fetch-wait-time": 20
},
"hooks-libraries": [{
"library": "/usr/lib64/kea/hooks/libdhcp_mysql_cb.so"
}
],
"lease-database": {
"type": "mysql",
"name": "dhcp_db",
"host": "10.1.1.2",
"port": 3306,
"user": "kea",
"password": "<super secret pw>"
},
"hosts-database": {
"type": "mysql",
"name": "dhcp_db",
"host": "10.1.1.2",
"port": 3306,
"user": "kea",
"password": "<super secret pw>"
},
"expired-leases-processing": {
"reclaim-timer-wait-time": 10,
"flush-reclaimed-timer-wait-time": 25,
"hold-reclaimed-time": 3600,
"max-reclaim-leases": 100,
"max-reclaim-time": 250,
"unwarned-reclaim-cycles": 5
},
"renew-timer": 900,
"rebind-timer": 1800,
"valid-lifetime": 3600
}
```
2. Insert the following data into the configuration database:
```sql
-- to make a fully working example, a subnet and pool
INSERT INTO dhcp4_subnet (subnet_id, subnet_prefix, relay) VALUES (2, '10.16.0.0/20', '["10.17.0.1"]');
INSERT INTO dhcp4_subnet_server (subnet_id, server_id) VALUES (2, 1);
INSERT INTO dhcp4_pool (id, start_address, end_address, subnet_id) VALUES
(5, INET_ATON('10.16.0.20'), INET_ATON('10.16.15.200'), 2);
-- now the relevant entries
INSERT INTO dhcp4_option_def (id, code, name, space, type, is_array, encapsulate) VALUES
(3, 1, 'acs_url', 'vendor-encapsulated-options-space', 14, 0, '');
INSERT INTO dhcp4_option_def_server (option_def_id, server_id) VALUES (3, 1);
INSERT INTO dhcp4_options (option_id, code, value, formatted_value, space, persistent, dhcp_client_class, dhcp4_subnet_id, host_id, scope_id, user_context, shared_network_name, pool_id) VALUES
(1, 43, NULL, NULL, 'dhcp4', 1, NULL, NULL, NULL, 0, NULL, NULL, NULL),
(2, 1, NULL, 'http://10.10.10.10:8000/', 'vendor-encapsulated-options-space', 1, NULL, NULL, NULL, 0, NULL, NULL, NULL),
(3, 3, NULL, '10.17.0.1', 'dhcp4', 0, NULL, 2, NULL, 1, NULL, NULL, NULL);
INSERT INTO dhcp4_options_server (option_id, server_id) VALUES (1, 1), (2, 1), (3, 1);
```
3. After starting the server the DHCPOFFER contains for example the following data:
```
options:
type=001, len=004: 4294963200 (uint32)
type=003, len=004: 10.17.0.1
type=012, len=009: "fritz.box" (string)
type=043, len=000:
type=051, len=004: 3600 (uint32)
type=053, len=001: 2 (uint8)
type=054, len=004: 10.1.1.1
type=058, len=004: 900 (uint32)
type=059, len=004: 1800 (uint32)
```
4. See that option 43 does not encapsulate the 'acs_url' sub-option, but remains empty.
**Expected behavior**
The server is supposed to respond with
```
options:
type=001, len=004: 4294963200 (uint32)
type=003, len=004: 10.17.0.1
type=012, len=009: "fritz.box" (string)
type=043, len=034:,
options:
type=001, len=032: "http://10.10.10.10:8000/" (string)
type=051, len=004: 3600 (uint32)
type=053, len=001: 2 (uint8)
type=054, len=004: 10.1.1.1
type=058, len=004: 900 (uint32)
type=059, len=004: 1800 (uint32)
```
which is exactly what the following json configuration (additions into the "Dhcp4" object above) produces:
```json
"Dhcp4": {
"option-def": [
{
"name": "acs_url",
"code": 1,
"type": "string",
"array": false,
"record-types": "",
"space": "vendor-encapsulated-options-space",
"encapsulate": ""
}
],
"option-data": [
{
"name": "vendor-encapsulated-options",
"always-send": true
},
{
"name" : "acs_url",
"space" : "vendor-encapsulated-options-space",
"csv-format" : true,
"data" : "http://10.10.10.10:8000/",
"always-send": true
}
],
"subnet4": [
{
"subnet": "10.16.0.0/20",
"id" : 298,
"pools": [ { "pool": "10.16.0.20 - 10.16.15.200" } ],
"relay": {
"ip-address": "10.17.0.1"
},
"option-data": [
{
"name": "routers",
"space": "dhcp4",
"csv-format": true,
"data": "10.17.0.1"
}
]
}
]
}
```
**Environment:**
- Kea version: 2.2.0 (from Cloudsmith repo)
- OS: AlmaLinux release 8.8 (Sapphire Caracal)
- Which features were compiled in (in particular which backends)
- MySQL backend 14.0, library 3.1.21
- PostgreSQL backend 13.0, library 140008
- Memfile backend 2.1
- If/which hooks where loaded in
- `libdhcp_mysql_cb.so`
**Additional Information**
**Contacting you**
Please via GitLab message.kea2.5.3Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/2750[ISC-support #22101] Class priority is underdocumented in the ARM2023-10-18T12:39:19ZAndrei Pavelandrei@isc.org[ISC-support #22101] Class priority is underdocumented in the ARMThe order in which class information is applied, when defined in multiple classes, is documented only for options (presumed to be both option definitions and option data only by looking at a previous section):
> When determining which o...The order in which class information is applied, when defined in multiple classes, is documented only for options (presumed to be both option definitions and option data only by looking at a previous section):
> When determining which options to include in the response, the server examines the union of options from all of the assigned classes. If two or more classes include the same option, the value from the first class examined is used; classes are examined in the order they were associated, so ALL is always the first class and matching required classes are last.
It would be nice to extend this to lease lifetimes, v4 fields, and whatever else can be specified as class information.
Also, it would be nice to clarify the relationship of class information relative to global values, shared network values, and subnet values, which is also currently only mentioned for options:
> When options are defined as part of the class definition they override any global options that may be defined, and in turn will be overridden by any options defined for an individual subnet.kea2.5.3Andrei Pavelandrei@isc.orgAndrei Pavelandrei@isc.orghttps://gitlab.isc.org/isc-projects/bind9/-/issues/4408Release Checklist for BIND 9.16.45, 9.16.45-S1, 9.18.20, 9.18.20-S1, 9.19.182024-01-10T07:22:57ZPetr Špačekpspacek@isc.orgRelease Checklist for BIND 9.16.45, 9.16.45-S1, 9.18.20, 9.18.20-S1, 9.19.18## Release Schedule
**Code Freeze:** Wednesday, 1 November 2023
**Tagging Deadline:** Monday, 6 November 2023
**Public Release:** Wednesday, 15 November 2023
## Documentation Review Links
**Closed issues assigned to the milestone ...## Release Schedule
**Code Freeze:** Wednesday, 1 November 2023
**Tagging Deadline:** Monday, 6 November 2023
**Public Release:** Wednesday, 15 November 2023
## Documentation Review Links
**Closed issues assigned to the milestone without a release note:**
- [9.16.45](https://gitlab.isc.org/isc-projects/bind9/-/issues?scope=all&sort=created_asc&state=closed&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29¬%5Blabel_name%5D%5B%5D=Release+Notes¬%5Blabel_name%5D%5B%5D=Duplicate&label_name%5B%5D=v9.16)
- [9.16.45-S1](https://gitlab.isc.org/isc-private/bind9/-/issues?scope=all&sort=created_asc&state=closed&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29¬%5Blabel_name%5D%5B%5D=Release+Notes¬%5Blabel_name%5D%5B%5D=Duplicate&label_name%5B%5D=v9.16-S)
- [9.18.20](https://gitlab.isc.org/isc-projects/bind9/-/issues?scope=all&sort=created_asc&state=closed&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29¬%5Blabel_name%5D%5B%5D=Release+Notes¬%5Blabel_name%5D%5B%5D=Duplicate&label_name%5B%5D=v9.18)
- [9.18.20-S1](https://gitlab.isc.org/isc-private/bind9/-/issues?scope=all&sort=created_asc&state=closed&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29¬%5Blabel_name%5D%5B%5D=Release+Notes¬%5Blabel_name%5D%5B%5D=Duplicate&label_name%5B%5D=v9.18-S)
- [9.19.18](https://gitlab.isc.org/isc-projects/bind9/-/issues?scope=all&sort=created_asc&state=closed&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29¬%5Blabel_name%5D%5B%5D=Release+Notes¬%5Blabel_name%5D%5B%5D=Duplicate&label_name%5B%5D=v9.19)
**Merge requests merged into the milestone without a release note:**
- [9.16.45](https://gitlab.isc.org/isc-projects/bind9/-/merge_requests?scope=all&sort=merged_at&state=merged&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29¬%5Blabel_name%5D%5B%5D=Release+Notes&target_branch=bind-9.16)
- [9.16.45-S1](https://gitlab.isc.org/isc-private/bind9/-/merge_requests?scope=all&sort=merged_at&state=merged&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29¬%5Blabel_name%5D%5B%5D=Release+Notes&target_branch=bind-9.16-sub)
- [9.18.20](https://gitlab.isc.org/isc-projects/bind9/-/merge_requests?scope=all&sort=merged_at&state=merged&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29¬%5Blabel_name%5D%5B%5D=Release+Notes&target_branch=bind-9.18)
- [9.18.20-S1](https://gitlab.isc.org/isc-private/bind9/-/merge_requests?scope=all&sort=merged_at&state=merged&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29¬%5Blabel_name%5D%5B%5D=Release+Notes&target_branch=bind-9.18-sub)
- [9.19.18](https://gitlab.isc.org/isc-projects/bind9/-/merge_requests?scope=all&sort=merged_at&state=merged&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29¬%5Blabel_name%5D%5B%5D=Release+Notes&target_branch=main)
**Merge requests merged into the milestone without a `CHANGES` entry:**
- [9.16.45](https://gitlab.isc.org/isc-projects/bind9/-/merge_requests?scope=all&sort=merged_at&state=merged&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29&label_name%5B%5D=No+CHANGES&target_branch=bind-9.16)
- [9.16.45-S1](https://gitlab.isc.org/isc-private/bind9/-/merge_requests?scope=all&sort=merged_at&state=merged&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29&label_name%5B%5D=No+CHANGES&target_branch=bind-9.16-sub)
- [9.18.20](https://gitlab.isc.org/isc-projects/bind9/-/merge_requests?scope=all&sort=merged_at&state=merged&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29&label_name%5B%5D=No+CHANGES&target_branch=bind-9.18)
- [9.18.20-S1](https://gitlab.isc.org/isc-private/bind9/-/merge_requests?scope=all&sort=merged_at&state=merged&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29&label_name%5B%5D=No+CHANGES&target_branch=bind-9.18-sub)
- [9.19.18](https://gitlab.isc.org/isc-projects/bind9/-/merge_requests?scope=all&sort=merged_at&state=merged&milestone_title=November+2023+%289.16.45%2C+9.16.45-S1%2C+9.18.20%2C+9.18.20-S1%2C+9.19.18%29&label_name%5B%5D=No+CHANGES&target_branch=main)
## Release Checklist
### Before the Code Freeze
- [x] ***(QA)*** Rebase -S editions on top of current open-source versions: `git checkout bind-9.18-sub && git rebase origin/bind-9.18`
- [x] ***(QA)*** [Inform Support and Marketing of impending release (and give estimated release dates).](https://mattermost.isc.org/isc/pl/gjwhu93hqty798zom8wsfuashc)
- [x] ***(QA)*** Ensure there are no permanent test failures on any platform. Check [public](https://gitlab.isc.org/isc-projects/bind9/-/pipelines?scope=all&source=schedule) and [private](https://gitlab.isc.org/isc-private/bind9/-/pipelines?scope=all&source=schedule) scheduled pipelines: https://gitlab.isc.org/isc-projects/bind9/-/issues/4408#note_414255
- [x] ***(QA)*** Check charts from `shotgun:*` jobs in the scheduled pipelines to verify there is no unexplained performance drop for any protocol.
- [x] ***(QA)*** Check [Perflab](https://perflab.isc.org/) to ensure there has been no unexplained drop in performance for the versions being released.
- [x] ***(QA)*** Check whether all issues assigned to the release milestone are resolved[^1].
- [x] ***(QA)*** Ensure that there are no outstanding [merge requests in the private repository](https://gitlab.isc.org/isc-private/bind9/-/merge_requests/)[^1] (Subscription Edition only).
- [x] ***(QA)*** [Ensure](https://gitlab.isc.org/isc-private/bind-qa/-/blob/master/bind9/releng/check_backports.py) all merge requests marked for backporting have been indeed backported: https://gitlab.isc.org/isc-projects/bind9/-/issues/4408#note_414265
- [x] ***(QA)*** [Announce (on Mattermost) that the code freeze is in effect.](https://mattermost.isc.org/isc/pl/7ah5g9yc57gh3rppwz9s9uhrfo)
### Before the Tagging Deadline
- [x] ***(QA)*** Inspect the current output of the `cross-version-config-tests` job to verify that no unexpected backward-incompatible change was introduced in the current release cycle.
- [x] ***(QA)*** Ensure release notes are correct, ask Support and Marketing to check them as well. [Example](https://gitlab.isc.org/isc-private/bind9/-/merge_requests/510)
- [x] ***(QA)*** Add a release marker to `CHANGES`. Examples: [9.18](https://gitlab.isc.org/isc-projects/bind9/-/commit/f14d8ad78c0506fd4247187f2177f8eceeb6b3b9), [9.16](https://gitlab.isc.org/isc-projects/bind9/-/commit/1bcdf21874f99a00da389d723e0ad07dfd70f9f1)
- [x] ***(QA)*** Add a release marker to `CHANGES.SE` (Subscription Edition only). [Example](https://gitlab.isc.org/isc-private/bind9/-/commit/0f03d5737bcbdaa1bf713c6db1887b14938c3421)
- [x] ***(QA)*** Update BIND 9 version in `configure.ac` ([9.18+](https://gitlab.isc.org/isc-projects/bind9/-/commit/3c85ab7f4c35e6d8acef1393606002a0a8730100)) or `version` ([9.16](https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7692/diffs?commit_id=1bcdf21874f99a00da389d723e0ad07dfd70f9f1)).
- [x] ***(QA)*** ~~Rebuild `configure` using Autoconf on `docs.isc.org` (9.16).~~
- [x] ***(QA)*** ~~Update GitLab settings for all maintained branches to disallow merging to them: [public](https://gitlab.isc.org/isc-projects/bind9/-/settings/repository), [private](https://gitlab.isc.org/isc-private/bind9/-/settings/repository)~~
- [x] ***(QA)*** Tag the releases in the private repository (`git tag -s -m "BIND 9.x.y" v9.x.y`).
### Before the ASN Deadline (for ASN Releases) or the Public Release Date (for Regular Releases)
- [x] ***(QA)*** Check that the formatting is correct for the HTML version of release notes.
- [x] ***(QA)*** Check that the formatting of the generated man pages is correct.
- [x] ***(QA)*** Verify GitLab CI results [for the tags](https://gitlab.isc.org/isc-private/bind9/-/pipelines?scope=tags) created and sign off on the releases to be published.
- [x] ***(QA)*** ~~Update GitLab settings for all maintained branches to allow merging to them again: [public](https://gitlab.isc.org/isc-projects/bind9/-/settings/repository), [private](https://gitlab.isc.org/isc-private/bind9/-/settings/repository)~~
- [x] ***(QA)*** Prepare (using [`version_bump.py`](https://gitlab.isc.org/isc-private/bind-qa/-/blob/master/bind9/releng/version_bump.py)) and merge MRs resetting the release notes and updating the version string for each maintained branch.
- [x] ***(QA)*** Rebase the Subscription Edition branches (including recent release prep commits) on top of the open source branches with updated version strings.
- [x] ***(QA)*** Announce (on Mattermost) that the code freeze is over.
- [x] ***(QA)*** Request signatures for the tarballs, providing their location and checksums. Ask [signers on Mattermost](https://mattermost.isc.org/isc/channels/bind-9-qa).
- [x] ***(Signers)*** Ensure that the contents of tarballs and tags are identical.
- [x] ***(Signers)*** Validate tarball checksums, sign tarballs, and upload signatures.
- [x] ***(QA)*** Verify tarball signatures and check tarball checksums again: Run `publish_bind.sh` on repo.isc.org to pre-publish.
- [x] ~~***(QA)*** Prepare the `patches/` subdirectory for each security release (if applicable).~~
- [x] ***(QA)*** Pre-publish ASN and/or Subscription Edition tarballs so that packages can be built.
- [x] ***(QA)*** Build and test ASN and/or Subscription Edition packages (in [cloudsmith branch in private repo](https://gitlab.isc.org/isc-private/rpms/bind/-/tree/cloudsmith)). [Example](https://gitlab.isc.org/isc-private/rpms/bind/-/commit/e2512f4cfaf991827a635e374e7e93b27a5f38ba)
- [x] ***(QA)*** [Use the Printing Press project to prepare a release announcement email.](isc-private/printing-press!75)
- [x] ~~***(Marketing)*** Update ASN documents in the SF portal.~~
- [x] ~~***(Marketing)*** Send out ASN emails (if applicable).~~
### On the Day of Public Release
- [x] ***(QA)*** ~~Wait for clearance from Security Officer to proceed with the public release (if applicable).~~
- [x] ***(QA)*** Place tarballs in public location on FTP site.
- [x] ***(QA)*** Inform Marketing of the release, providing FTP links for the published tarballs.
- [x] ***(Marketing)*** Publish links to downloads on ISC website. [Example](https://gitlab.isc.org/website/theme-staging-site/-/commit/1ac7b30b73cb03228df4cd5651fa4e774ac35625)
- [x] ***(Marketing)*** Update the BIND -S information document in SF with download links to the new versions. (If this is a security release, this will have already been done as part of the ASN process.)
- [x] ***(Marketing)*** Update the Current Software Versions document in the SF portal if any stable versions were released.
- [x] ***(Marketing)*** Send the release announcement email to the *bind-announce* mailing list (and to *bind-users* if a major release - [example](https://lists.isc.org/pipermail/bind-users/2022-January/105624.html)).
- [x] ***(Marketing)*** Announce release on social media sites.
- [x] ***(Marketing)*** Update [Wikipedia entry for BIND](https://en.wikipedia.org/wiki/BIND).
- [x] ***(Support)*** Add the new releases to the [vulnerability matrix in the Knowledge Base](https://kb.isc.org/docs/aa-00913).
- [x] ***(Support)*** Update tickets in case of waiting support customers.
- [x] ***(QA)*** Build and test any outstanding private packages in [private repo](https://gitlab.isc.org/isc-private/rpms/bind/-/tree/cloudsmith). [Example](https://gitlab.isc.org/isc-private/rpms/bind/-/commit/2007d566db81dd9dfd79e571e2f600a3bc284da4)
- [x] ***(QA)*** Build [public RPMs](https://gitlab.isc.org/isc-packages/rpms/bind). [Example commit](https://gitlab.isc.org/isc-packages/rpms/bind/-/commit/3b5e851ea7c4e3570371a4878b5461f02a44f8cc) which triggers [Copr builds](https://copr.fedorainfracloud.org/coprs/isc/) automatically
- [x] ***(SwEng)*** Build Debian/Ubuntu packages.
- [x] ***(SwEng)*** Update Docker files [here](https://gitlab.isc.org/isc-projects/bind9-docker/-/branches) and make sure push is synchronized to [GitHub](https://github.com/isc-projects/bind9-docker). [Docker Hub](https://hub.docker.com/r/internetsystemsconsortium/bind9) should pick it up automatically. [Example](https://gitlab.isc.org/isc-projects/bind9-docker/-/commit/cada7e10e9af951595c98bfffc4bd42512faac05)
- [x] ***(QA)*** Ensure all new tags are annotated and signed. `git show --show-signature v9.19.12`
- [x] ***(QA)*** Push tags for the published releases to the public repository.
- [x] ***(QA)*** Using [`merge_tag.py`](https://gitlab.isc.org/isc-private/bind-qa/-/blob/master/bind9/releng/merge_tag.py), merge published release tags back into the their relevant development/maintenance branches.
- [x] ***(QA)*** ~~Ensure `allow_failure: true` is removed from the `cross-version-config-tests` job if it was set during the current release cycle.~~
- [x] ***(QA)*** Sanitize confidential issues which are assigned to the current release milestone and do not describe a security vulnerability, then make them public.
- [x] ***(QA)*** Sanitize [confidential issues](https://gitlab.isc.org/isc-projects/bind9/-/issues/?sort=milestone_due_desc&state=opened&confidential=yes) which are assigned to older release milestones and describe security vulnerabilities, then make them public if appropriate[^2].
- [x] ***(QA)*** Update QA tools used in GitLab CI (e.g. Black, PyLint, Sphinx) by modifying the relevant [`Dockerfile`](https://gitlab.isc.org/isc-projects/images/-/merge_requests/228/diffs).
- [x] ***(QA)*** Run a pipeline to rebuild all [images](https://gitlab.isc.org/isc-projects/images) used in GitLab CI.
- [x] ***(QA)*** Update [`metadata.json`](https://gitlab.isc.org/isc-private/bind-qa/-/blob/master/bind9/releng/metadata.json) with the upcoming release information.
[^1]: If not, use the time remaining until the tagging deadline to ensure all outstanding issues are either resolved or moved to a different milestone.
[^2]: As a rule of thumb, security vulnerabilities which have reproducers merged to the public repository are considered okay for full disclosure.November 2023 (9.16.45, 9.16.45-S1, 9.18.20, 9.18.20-S1, 9.19.18)Petr Špačekpspacek@isc.orgPetr Špačekpspacek@isc.org2023-11-15