ISC Open Source Projects issueshttps://gitlab.isc.org/groups/isc-projects/-/issues2021-09-22T13:06:31Zhttps://gitlab.isc.org/isc-projects/kea/-/issues/2028remote-class4-set fails if it depends options that are created in the CB2021-09-22T13:06:31ZPeter Daviesremote-class4-set fails if it depends options that are created in the CBremote-class4-set fails if it depends options that are created in the CB:
The following command fails if the option-data is defined in the CB. It succeeds if the option-data is defined in the configuration file
```
curl -kSs -...remote-class4-set fails if it depends options that are created in the CB:
The following command fails if the option-data is defined in the CB. It succeeds if the option-data is defined in the configuration file
```
curl -kSs -H "Content-Type:application/json" -u 'admin:<pass>' https://10.0.0.1 -d '{"service":["dhcp4"],"command":"remote-class4-set","arguments":{"client-classes":[{ "name": "xxxx", "boot-file-name": "bootfile", "valid-lifetime": 180, "test": "substring(option[60].hex,0,11) == '\''xxxx'\''", "option-data": [ { "space": "XXXX", "name": "config-file-name", "code": 1, "data": "xyz", "always-send": true }, { "space": "dhcp4", "name": "tftp-server-name", "code": 66, "data": "10.0.0.1", "always-send": true } ] }],"remote":{"type":"mysql"},"server-tags":["all"]}}'
```
```
[
{
"result": 1,
"text": "option data is not a valid string of hexadecimal digits: xyz (<wire>:0:151)"
}
]
```
[RT #18879](https://support.isc.org/Ticket/Display.html?id=18879)kea2.0.0 (formerly 1.9.12)Marcin SiodelskiMarcin Siodelskihttps://gitlab.isc.org/isc-projects/kea/-/issues/2029Readonly Mysql configuration backend2023-07-17T13:58:20ZVitalij OsypenkoReadonly Mysql configuration backendHi, it is not possible to set CB as readonly, it breaks using views with data from different database. E.g.:
```
ERROR [kea-dhcp4.dhcp4/87919.139919704906176] DHCP4_CONFIG_LOAD_FAIL configuration error using file: /etc/kea/kea-dhcp4.conf...Hi, it is not possible to set CB as readonly, it breaks using views with data from different database. E.g.:
```
ERROR [kea-dhcp4.dhcp4/87919.139919704906176] DHCP4_CONFIG_LOAD_FAIL configuration error using file: /etc/kea/kea-dhcp4.conf, reason: during update from config backend database: unable to prepare MySQL statement <INSERT INTO dhcp4_options ( code, value, formatted_value, space, persistent, dhcp_client_class, dhcp4_subnet_id, scope_id, user_context, shared_network_name, pool_id, modification_ts) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)>, reason: The target table dhcp4_options of the INSERT is not insertable-into
```
Kea DHCPv4 server version 1.9.10outstandinghttps://gitlab.isc.org/isc-projects/bind9/-/issues/2862Persistent mode doesn't work with `named` AFL fuzzing2022-04-02T07:50:35ZSiva Kesava R KakarlaPersistent mode doesn't work with `named` AFL fuzzing### Summary
When the code is compiled with `afl-clang-fast` to enable fuzzing of `named` in persistent mode, it either results in a compilation error with an older version (2.52b) or goes through with the latest version (3.14c), but the...### Summary
When the code is compiled with `afl-clang-fast` to enable fuzzing of `named` in persistent mode, it either results in a compilation error with an older version (2.52b) or goes through with the latest version (3.14c), but the persistent mode is not detected.
### BIND version used
Older version:
- BIND 9.17.5 (Development Release) <id:dbcf683>
- afl-clang-fast 2.52b
- clang version 4.0.1-10 (tags/RELEASE_401/final)
- Ubuntu:bionic container; afl-clang-fast installed with `apt install afl++`
Latest Version:
- BIND 9.17.16 (Development Release) <id:502f48a>
- afl-cc ++3.14c, mode: LLVM-PCGUARD [(afl-clang-fast symlinks to afl-cc and uses the mode variable to detect LLVM or gcc)](https://github.com/AFLplusplus/AFLplusplus#a-selecting-the-best-afl-compiler-for-instrumenting-the-target)
- Ubuntu clang version 12.0.1-++20210630032618+fed41342a82f-1~exp1~20210630133332.127
- Using aflplusplus/aflplusplus:latest container
### Steps to reproduce
Older version:
- cd bind9; `autoreconf -fi`
- `CXX=afl-clang-fast++ CC=afl-clang-fast ./configure --enable-fuzzing=afl --disable-linux-caps --disable-shared --enable-static --enable-developer --without-cmocka --without-zlib`
- `make -j`
The above `make` results in the following error:
```
make[4]: Entering directory '/bind9/bin/named'
CC fuzz.o
afl-clang-fast 2.52b by <lszekeres@google.com>
fuzz.c:585:2: error: cast from 'const char *' to 'char *' drops const qualifier [-Werror,-Wcast-qual]
__AFL_LOOP(0);
^
<command line>:11:88: note: expanded from here
#define __AFL_LOOP(_A) ({ static volatile char *_B __attribute__((used)); _B = (char*)"##SIG_AFL_PERS...
^
1 error generated.
```
Commenting out that [line from `fuzz.c`](https://gitlab.isc.org/isc-projects/bind9/-/blob/dbcf683c1a57f49876e329fca183cb39d20ca3a4/bin/named/fuzz.c#L577) makes without any issue, but AFL doesn’t recognize it to be in persistent mode (expected as this line was used to signal that).
The build goes through if `afl-clang` is used instead of the `afl-clang-fast`. The problem is that `named` has to be fuzzed in persistent mode only: there is a check for if the environment variable [`AFL_Persistent` is set in fuzz.c](https://gitlab.isc.org/isc-projects/bind9/-/blob/dbcf683c1a57f49876e329fca183cb39d20ca3a4/bin/named/fuzz.c#L752 ) and then it spawns a new fuzz thread.
Latest Version:
Everything gets built using the same above commands, but the new thread is not spawned when run as the above check fails. Running `named -A client:127.0.0.1:53 -g` actually results in a segmentation fault (printing `...found 8 CPUs, using 8 worker threads; using 8 UDP listeners per interface; segmentation fault`) when compiled with the latest version of afl++.
----------------
What version combination (Bind version + clang version) works well for fuzzing the `named` binary using the `-A client:127.0.0.1:53` argument? Are there some flags that have to be set to allow the detection of the persistent mode and allows fuzz thread spawning in the `named_fuzz_setup` function?Not plannedhttps://gitlab.isc.org/isc-projects/kea/-/issues/2031build fails with boost-1.77.02021-08-24T14:58:48ZLars Wendlerbuild fails with boost-1.77.0```
/bin/sh ../../../libtool --tag=CXX --mode=compile x86_64-pc-linux-gnu-g++ -DHAVE_CONFIG_H -I. -I../../.. -I../../../src/lib -I../../../src/lib -DDHCP_DATA_DIR="\"/var/lib/kea\"" -DTOP_BUILDDIR="\"../../..\"" -DKEA_LFC_EXECUTABLE=...```
/bin/sh ../../../libtool --tag=CXX --mode=compile x86_64-pc-linux-gnu-g++ -DHAVE_CONFIG_H -I. -I../../.. -I../../../src/lib -I../../../src/lib -DDHCP_DATA_DIR="\"/var/lib/kea\"" -DTOP_BUILDDIR="\"../../..\"" -DKEA_LFC_EXECUTABLE="\"/
usr/sbin/kea-lfc\"" -DOS_LINUX -I../../.. -I../../.. -Wall -Wextra -Wnon-virtual-dtor -Wwrite-strings -Woverloaded-virtual -Wno-sign-compare -pthread -Wno-missing-field-initializers -fPIC -march=native -mtune=native -O2 -pipe -c -o libkea_dhcpsrv_la-timer_mgr.lo `test -f 'timer_mgr.cc' || echo './'`timer_mgr.cc
libtool: compile: x86_64-pc-linux-gnu-g++ -DHAVE_CONFIG_H -I. -I../../.. -I../../../src/lib -I../../../src/lib -DDHCP_DATA_DIR=\"/var/lib/kea\" -DTOP_BUILDDIR=\"../../..\" -DKEA_LFC_EXECUTABLE=\"/usr/sbin/kea-lfc\" -DOS_LINUX -I../../.. -I../../.. -Wall -Wextra -Wnon-virtual-dtor -Wwrite-strings -Woverloaded-virtual -Wno-sign-compare -pthread -Wno-missing-field-initializers -fPIC -march=native -mtune=native -O2 -pipe -c timer_mgr.cc -fPIC -DPIC -o .libs/libkea_dhcpsrv_la-timer_mgr.o
timer_mgr.cc:72:14: error: ‘map’ in namespace ‘std’ does not name a template type
72 | typedef std::map<std::string, TimerInfoPtr> TimerInfoMap;
| ^~~
timer_mgr.cc:16:1: note: ‘std::map’ is defined in header ‘<map>’; did you forget to ‘#include <map>’?
15 | #include <boost/scoped_ptr.hpp>
+++ |+#include <map>
16 |
timer_mgr.cc:220:5: error: ‘TimerInfoMap’ does not name a type; did you mean ‘TimerInfoPtr’?
220 | TimerInfoMap registered_timers_;
| ^~~~~~~~~~~~
| TimerInfoPtr
timer_mgr.cc: In constructor ‘isc::dhcp::TimerMgrImpl::TimerMgrImpl()’:
timer_mgr.cc:227:5: error: class ‘isc::dhcp::TimerMgrImpl’ does not have any field named ‘registered_timers_’
227 | registered_timers_(), mutex_(new std::mutex) {
| ^~~~~~~~~~~~~~~~~~
timer_mgr.cc: In member function ‘void isc::dhcp::TimerMgrImpl::registerTimerInternal(const string&, const Callback&, long int, const isc::asiolink::IntervalTimer::Mode&)’:
timer_mgr.cc:263:9: error: ‘registered_timers_’ was not declared in this scope; did you mean ‘registerTimer’?
263 | if (registered_timers_.find(timer_name) != registered_timers_.end()) {
| ^~~~~~~~~~~~~~~~~~
| registerTimer
timer_mgr.cc:275:5: error: ‘registered_timers_’ was not declared in this scope; did you mean ‘registerTimer’?
275 | registered_timers_.insert(std::pair<std::string, TimerInfoPtr>(timer_name,
| ^~~~~~~~~~~~~~~~~~
| registerTimer
timer_mgr.cc: In member function ‘void isc::dhcp::TimerMgrImpl::unregisterTimerInternal(const string&)’:
timer_mgr.cc:292:5: error: ‘TimerInfoMap’ has not been declared
292 | TimerInfoMap::iterator timer_info_it = registered_timers_.find(timer_name);
| ^~~~~~~~~~~~
timer_mgr.cc:295:9: error: ‘timer_info_it’ was not declared in this scope
295 | if (timer_info_it == registered_timers_.end()) {
| ^~~~~~~~~~~~~
timer_mgr.cc:295:26: error: ‘registered_timers_’ was not declared in this scope; did you mean ‘registerTimer’?
295 | if (timer_info_it == registered_timers_.end()) {
| ^~~~~~~~~~~~~~~~~~
| registerTimer
timer_mgr.cc:304:5: error: ‘registered_timers_’ was not declared in this scope; did you mean ‘registerTimer’?
304 | registered_timers_.erase(timer_info_it);
| ^~~~~~~~~~~~~~~~~~
| registerTimer
timer_mgr.cc:304:30: error: ‘timer_info_it’ was not declared in this scope
304 | registered_timers_.erase(timer_info_it);
| ^~~~~~~~~~~~~
timer_mgr.cc: In member function ‘void isc::dhcp::TimerMgrImpl::unregisterTimersInternal()’:
timer_mgr.cc:328:5: error: ‘TimerInfoMap’ was not declared in this scope; did you mean ‘TimerInfoPtr’?
328 | TimerInfoMap registered_timers_copy(registered_timers_);
| ^~~~~~~~~~~~
| TimerInfoPtr
timer_mgr.cc:331:10: error: ‘TimerInfoMap’ is not a class, namespace, or enumeration
331 | for (TimerInfoMap::iterator timer_info_it = registered_timers_copy.begin();
| ^~~~~~~~~~~~
timer_mgr.cc:332:10: error: ‘timer_info_it’ was not declared in this scope
332 | timer_info_it != registered_timers_copy.end(); ++timer_info_it) {
| ^~~~~~~~~~~~~
timer_mgr.cc:332:27: error: ‘registered_timers_copy’ was not declared in this scope
332 | timer_info_it != registered_timers_copy.end(); ++timer_info_it) {
| ^~~~~~~~~~~~~~~~~~~~~~
timer_mgr.cc: In member function ‘bool isc::dhcp::TimerMgrImpl::isTimerRegistered(const string&)’:
timer_mgr.cc:341:17: error: ‘registered_timers_’ was not declared in this scope; did you mean ‘registerTimer’?
341 | return (registered_timers_.find(timer_name) != registered_timers_.end());
| ^~~~~~~~~~~~~~~~~~
| registerTimer
timer_mgr.cc:343:17: error: ‘registered_timers_’ was not declared in this scope; did you mean ‘registerTimer’?
343 | return (registered_timers_.find(timer_name) != registered_timers_.end());
| ^~~~~~~~~~~~~~~~~~
| registerTimer
timer_mgr.cc: In member function ‘size_t isc::dhcp::TimerMgrImpl::timersCount() const’:
timer_mgr.cc:351:17: error: ‘registered_timers_’ was not declared in this scope; did you mean ‘registerTimer’?
351 | return (registered_timers_.size());
| ^~~~~~~~~~~~~~~~~~
| registerTimer
timer_mgr.cc:353:17: error: ‘registered_timers_’ was not declared in this scope; did you mean ‘registerTimer’?
353 | return (registered_timers_.size());
| ^~~~~~~~~~~~~~~~~~
| registerTimer
timer_mgr.cc: In member function ‘void isc::dhcp::TimerMgrImpl::setupInternal(const string&)’:
timer_mgr.cc:370:4: error: ‘TimerInfoMap’ has not been declared
370 | TimerInfoMap::const_iterator timer_info_it = registered_timers_.find(timer_name);
| ^~~~~~~~~~~~
timer_mgr.cc:371:8: error: ‘timer_info_it’ was not declared in this scope
371 | if (timer_info_it == registered_timers_.end()) {
| ^~~~~~~~~~~~~
timer_mgr.cc:371:25: error: ‘registered_timers_’ was not declared in this scope; did you mean ‘registerTimer’?
371 | if (timer_info_it == registered_timers_.end()) {
| ^~~~~~~~~~~~~~~~~~
| registerTimer
timer_mgr.cc:378:37: error: ‘timer_info_it’ was not declared in this scope; did you mean ‘timer_info’?
378 | const TimerInfoPtr& timer_info = timer_info_it->second;
| ^~~~~~~~~~~~~
| timer_info
timer_mgr.cc: In member function ‘void isc::dhcp::TimerMgrImpl::cancelInternal(const string&)’:
timer_mgr.cc:398:5: error: ‘TimerInfoMap’ has not been declared
398 | TimerInfoMap::const_iterator timer_info_it = registered_timers_.find(timer_name);
| ^~~~~~~~~~~~
timer_mgr.cc:399:9: error: ‘timer_info_it’ was not declared in this scope
399 | if (timer_info_it == registered_timers_.end()) {
| ^~~~~~~~~~~~~
timer_mgr.cc:399:26: error: ‘registered_timers_’ was not declared in this scope; did you mean ‘registerTimer’?
399 | if (timer_info_it == registered_timers_.end()) {
| ^~~~~~~~~~~~~~~~~~
| registerTimer
timer_mgr.cc:404:5: error: ‘timer_info_it’ was not declared in this scope
404 | timer_info_it->second->interval_timer_.cancel();
| ^~~~~~~~~~~~~
timer_mgr.cc: In member function ‘void isc::dhcp::TimerMgrImpl::timerCallback(const string&)’:
timer_mgr.cc:410:5: error: ‘TimerInfoMap’ has not been declared
410 | TimerInfoMap::iterator timer_info_it = registered_timers_.find(timer_name);
| ^~~~~~~~~~~~
timer_mgr.cc:411:9: error: ‘timer_info_it’ was not declared in this scope
411 | if (timer_info_it != registered_timers_.end()) {
| ^~~~~~~~~~~~~
timer_mgr.cc:411:26: error: ‘registered_timers_’ was not declared in this scope; did you mean ‘registerTimer’?
411 | if (timer_info_it != registered_timers_.end()) {
| ^~~~~~~~~~~~~~~~~~
| registerTimer
timer_mgr.cc:408:48: warning: unused parameter ‘timer_name’ [-Wunused-parameter]
408 | TimerMgrImpl::timerCallback(const std::string& timer_name) {
| ~~~~~~~~~~~~~~~~~~~^~~~~~~~~~
make[5]: *** [Makefile:1641: libkea_dhcpsrv_la-timer_mgr.lo] Error 1
```
And indeed, the fix gcc suggests works:
```
--- kea-1.9.10/src/lib/dhcpsrv/timer_mgr.cc
+++ kea-1.9.10/src/lib/dhcpsrv/timer_mgr.cc
@@ -13,6 +13,7 @@
#include <util/multi_threading_mgr.h>
#include <boost/scoped_ptr.hpp>
+#include <map>
#include <functional>
#include <utility>
```kea1.9.11https://gitlab.isc.org/isc-projects/dhcp/-/issues/202Enhance dhclient to parse multiple instances in Option 17/43/1252022-03-09T19:00:29Zdongyang wangEnhance dhclient to parse multiple instances in Option 17/43/125---
name: Feature request
about: Enhance dhclient to parse multiple instances in Option 17/43/125
---
**Some initial questions**
- Are you sure your feature is not already implemented in the latest ISC DHCP version?
Yes
- Are you sure...---
name: Feature request
about: Enhance dhclient to parse multiple instances in Option 17/43/125
---
**Some initial questions**
- Are you sure your feature is not already implemented in the latest ISC DHCP version?
Yes
- Are you sure your feature is not already implemented in the latest Kea version? Perhaps it's a
good time to consider migration?
This is for DHCP client, and KEA doesn't support client.
- Are you sure what you would like to do is not possible using some other mechanisms?
Not sure, maybe there also has other way.
- Have you discussed your idea on dhcp-users or dhcp-workers mailing lists?
Sorry, I commit to here first. Upload the patch as an attachment.
[0001-Enhance-dhclient-to-parse-multiple-instances-in-Opti.patch](/uploads/0daaff86a3432d950fb316177a0666fb/0001-Enhance-dhclient-to-parse-multiple-instances-in-Opti.patch)
**Is your feature request related to a problem? Please describe.**
When DHCP server sends a single instance in Option 17/43/125 from the dhclient-exit-hooks,
dhclient can parse it well.
But if DHCP server sends multiple instances, dhclient only can parse the first one.
**Describe the solution you'd like**
Use a do-while to parse each "struct option_cache-->option" in the oclist.
**Describe alternatives you've considered**
**Additional context**
**Funding its development**
**Participating in development**
Are you willing to participate in the feature development? ISC team always tries to make a feature
as generic as possible, so it can be used in wide variety of situations. That means the proposed
solution may be a bit different that you initially thought. Are you willing to take part in the
design discussions? Are you willing to test an unreleased engineering code?
Yes! It's my pleasure, I'm very glad to do these.
**Contacting you**
How can ISC reach you to discuss this matter further? If you do not specify any means such as
e-mail, jabber id or a telephone, we may send you a message on github with questions when we have
them.
Maybe here has a typo: >>we may send you a message on **github **with questions when we have them.
We are on GitLab now :)
Using GitLab can contact me, thanks.Outstandinghttps://gitlab.isc.org/isc-projects/bind9/-/issues/2863WSL crash with Dig when querying DoH server2021-08-16T11:29:58ZtriaticWSL crash with Dig when querying DoH server<!--
If the bug you are reporting is potentially security-related - for example,
if it involves an assertion failure or other crash in `named` that can be
triggered repeatedly - then please do *NOT* report it here, but send an
email to [...<!--
If the bug you are reporting is potentially security-related - for example,
if it involves an assertion failure or other crash in `named` that can be
triggered repeatedly - then please do *NOT* report it here, but send an
email to [security-officer@isc.org](security-officer@isc.org).
-->
### Summary
Following the decision to remove the native Windows binaries I would like to use Dig under Windows Subsystem for Linux (WSL, Ubuntu on Windows). Specifically I would like to use Dig to query DNS-over-HTTPS, so have installed the dev PPA. However a crash is observed when running DoH queries on WSL, but no such crash for non-DoH queries.
### BIND version used
```
C:\>wsl dig -v
DiG 9.17.16-1+ubuntu20.04.1+isc+1-Ubuntu
```
### Steps to reproduce
Install Ubuntu on Windows, add the dev PPA, and run the following command:
`wsl dig +https @dns.google isc.org A`
### What is the current *bug* behavior?
Error output:
`netmgr/tcp.c:135: fatal error: RUNTIME_CHECK(result == 0) failed`
### What is the expected *correct* behavior?
The A record for isc.org.
This is the output for non DoH:
```
C:\>wsl dig @dns.google isc.org A
; <<>> DiG 9.17.16-1+ubuntu20.04.1+isc+1-Ubuntu <<>> @dns.google isc.org A
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40794
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;isc.org. IN A
;; ANSWER SECTION:
isc.org. 59 IN A 149.20.1.66
;; Query time: 27 msec
;; SERVER: 8.8.8.8#53(dns.google) (UDP)
;; WHEN: Mon Aug 16 11:19:05 BST 2021
;; MSG SIZE rcvd: 52
```
### Relevant configuration files
N/A
### Relevant logs and/or screenshots
N/A
### Possible fixes
N/ASeptember 2021 (9.16.21, 9.16.21-S1, 9.17.18)Artem BoldarievArtem Boldarievhttps://gitlab.isc.org/isc-projects/kea/-/issues/2032RADIUS hook support for expressions in accounting messages2023-10-30T21:17:57ZVicky Riskvicky@isc.orgRADIUS hook support for expressions in accounting messagesThe ARM states that expressions are supported in RADIUS, but apparently they are not supported in accounting messages. Can we add this into the accounting messages?
A user who purchased this hook on-line ran across this limitation.The ARM states that expressions are supported in RADIUS, but apparently they are not supported in accounting messages. Can we add this into the accounting messages?
A user who purchased this hook on-line ran across this limitation.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/2033Database lease backend statistics contain statistics for non-existent subnets2021-11-03T16:08:10ZThomas MarkwalderDatabase lease backend statistics contain statistics for non-existent subnetsIt appears that when configured subnets are deleted entries in the corresponding leaseX-stat table entries are not being removed. There are likely a number of ways that lease statistics
for a subnet get orphaned when subnets cease to ex...It appears that when configured subnets are deleted entries in the corresponding leaseX-stat table entries are not being removed. There are likely a number of ways that lease statistics
for a subnet get orphaned when subnets cease to exist. Certainly, cascade deletes help but only for CB subnets. The code that processes the result set needs to be altered so that rows for non-existent subnets are not issue.kea2.1.0Thomas MarkwalderThomas Markwalderhttps://gitlab.isc.org/isc-projects/bind9/-/issues/2864BIND-9.16.19: Resolver fetch process hang2021-08-17T06:55:31Znanwn147929@alibaba-inc.comBIND-9.16.19: Resolver fetch process hang<!--
If the bug you are reporting is potentially security-related - for example,
if it involves an assertion failure or other crash in `named` that can be
triggered repeatedly - then please do *NOT* report it here, but send an
email to [...<!--
If the bug you are reporting is potentially security-related - for example,
if it involves an assertion failure or other crash in `named` that can be
triggered repeatedly - then please do *NOT* report it here, but send an
email to [security-officer@isc.org](security-officer@isc.org).
-->
### Summary
Sending outgoing resquery process could be hang for seconds, which is abnormal.
### BIND version used
BIND 9.16.19-RedHat-9.16.19-20210816135007.alios7 (Stable Release) <id:df0e751>
running on Linux x86_64 3.10.0-327.ali2012.alios7.x86_64 #1 SMP Mon Oct 9 14:09:14 CST 2017
built by make with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-epoll' '--with-pic' '--with-python=/home/tops/bin/python2.7' '--with-python-install-dir=/home/tops' '--disable-geoip' '--with-tuning=large' '--enable-querytrace' '--enable-auto-validation=no' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro ' 'CPPFLAGS= -DDIG_SIGCHASE' 'PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig:/usr/lib64/pkgconfig/:/home/admin/246_20210813142442272_220712980_code/rpm_workspace/rpm/.dep_create/lib/pkgconfig'
compiled by GCC 4.8.5 20150623 (Red Hat 4.8.5-4)
compiled with OpenSSL version: OpenSSL 1.0.1e-fips 11 Feb 2013
linked to OpenSSL version: OpenSSL 1.0.1e-fips 11 Feb 2013
compiled with libuv version: 1.35.0
linked to libuv version: 1.35.0
compiled with libxml2 version: 2.9.1
linked to libxml2 version: 20901
compiled with zlib version: 1.2.7
linked to zlib version: 1.2.7
threads support is enabled
default paths:
named configuration: /etc/named.conf
rndc configuration: /etc/rndc.conf
DNSSEC root key: /etc/bind.keys
nsupdate session key: /var/run/named/session.key
named PID file: /var/run/named/named.pid
named lock file: /var/run/named/named.lock
### Steps to reproduce
Not sure, supposing some specific flow would cause the issue.
### What is the current *bug* behavior?
Sending outgoing resquery process could be hang for seconds, which can be detected by querytrace(enabled by compiling):
```
17-Aug-2021 00:41:27.982 fetch: game-redis-1159.knight.game.12406.270199.-100/CNAME
17-Aug-2021 00:41:27.982 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): create
17-Aug-2021 00:41:27.982 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): join
17-Aug-2021 00:41:27.982 fetch 0x7fa699adedf0 (fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME)): created
17-Aug-2021 00:41:27.982 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): start
17-Aug-2021 00:41:27.982 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): try fctx->qc=0
17-Aug-2021 00:41:27.982 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): cancelqueries
17-Aug-2021 00:41:27.982 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): getaddresses fctx->depth=0
17-Aug-2021 00:41:27.982 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): query
17-Aug-2021 00:41:27.982 resquery 0x7fa604d05360 (fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME)): send
17-Aug-2021 00:41:29.122 resquery 0x7fa604d05360 (fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME)): sent
17-Aug-2021 00:41:29.123 resquery 0x7fa604d05360 (fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME)): udpconnected
17-Aug-2021 00:41:29.123 resquery 0x7fa604d05360 (fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME)): senddone
17-Aug-2021 00:41:29.152 resquery 0x7fa604d05360 (fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME)): response
17-Aug-2021 00:41:29.152 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): rctx_answer
17-Aug-2021 00:41:29.152 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): cache_message
17-Aug-2021 00:41:29.152 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): cache_name
17-Aug-2021 00:41:29.152 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): findnoqname
17-Aug-2021 00:41:29.153 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): clone_results
17-Aug-2021 00:41:29.153 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): [result: success] query canceled in response(); responding
17-Aug-2021 00:41:29.153 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): cancelquery
17-Aug-2021 00:41:29.153 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): done
17-Aug-2021 00:41:29.153 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): stopqueries
17-Aug-2021 00:41:29.153 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): cancelqueries
17-Aug-2021 00:41:29.153 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): sendevents
17-Aug-2021 00:41:29.158 fetch 0x7fa699adedf0 (fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME)): destroyfetch
17-Aug-2021 00:41:29.158 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): shutdown
17-Aug-2021 00:41:29.187 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): doshutdown
17-Aug-2021 00:41:29.187 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): stopqueries
17-Aug-2021 00:41:29.187 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): cancelqueries
17-Aug-2021 00:41:29.187 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): unlink
17-Aug-2021 00:41:29.187 fctx 0x7fa60be39de0(game-redis-1159.knight.game.12406.270199.-100/CNAME): destroy
```
It take more than 1 second between resquery "send" and be "sent". Meanwhile, all working threads are in D(uninterruptible sleep) state:
![7CD8A3A0-FB10-495D-837A-3A07E0401566](/uploads/287ff5842bdd12f38a2542c0bd6c8d1c/7CD8A3A0-FB10-495D-837A-3A07E0401566.png)
### What is the expected *correct* behavior?
Not hang.
(What you should see instead.)
### Relevant configuration files
(Paste any relevant configuration files - please use code blocks (```)
to format console output. If submitting the contents of your
configuration file in a non-confidential Issue, it is advisable to
obscure key secrets: this can be done automatically by using
`named-checkconf -px`.)
### Relevant logs and/or screenshots
(Paste any relevant logs - please use code blocks (```) to format console
output, logs, and code, as it's very hard to read otherwise.)
### Possible fixes
(If you can, link to the line of code that might be responsible for the
problem.)https://gitlab.isc.org/isc-projects/kea/-/issues/2034atexit(mysql_library_end) is never called2021-09-20T17:50:38ZAndrei Pavelandrei@isc.orgatexit(mysql_library_end) is never calledDiscovered through a compile warning that says:
```
static bool isc::db::MySqlHolder::<lambda()>::_FUN()’ will never be NULL
```
for this line:
```
bool MySqlHolder::atexit_ = []{atexit([]{mysql_library_end();});return true;};
```
What ...Discovered through a compile warning that says:
```
static bool isc::db::MySqlHolder::<lambda()>::_FUN()’ will never be NULL
```
for this line:
```
bool MySqlHolder::atexit_ = []{atexit([]{mysql_library_end();});return true;};
```
What it's saying is that the address of the lambda is always different than zero. Which gets casted to a true when assigned to `atexit_`. That's not the concerning part. To the best of my understanding, the lambda never gets called here. And so `atexit()` is never called. And so `mysql_library_end()` never gets called. Quote from [the MySQL docs](https://dev.mysql.com/doc/c-api/8.0/en/mysql-library-end.html):
> To avoid memory leaks after the application is done using the library (for example, after closing the connection to the server), be sure to call mysql_library_end() explicitly. This enables memory managment to be performed to clean up and free resources used by the library.
So this could be a socket leak? If I remember, unclosed sockets outlive the process.
Compiler is g++11, but I remember getting it in previous versions also. Flags are `-Wall -Wextra`, but they might not be required.kea2.0.0 (formerly 1.9.12)Andrei Pavelandrei@isc.orgAndrei Pavelandrei@isc.orghttps://gitlab.isc.org/isc-projects/kea/-/issues/2035Fix doxygen errors in premium2021-08-17T11:44:15ZTomek MrugalskiFix doxygen errors in premiumThere's several Doxygen errors in the following hooks:
- RADIUS
- host_cache
- cb_cmds
- gss_tsig
To repro this issue, compile with `--enable-generate-docs`, go to premium dir, do `make devel`, see `html/doxygen-error.log` for details.There's several Doxygen errors in the following hooks:
- RADIUS
- host_cache
- cb_cmds
- gss_tsig
To repro this issue, compile with `--enable-generate-docs`, go to premium dir, do `make devel`, see `html/doxygen-error.log` for details.Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/2038ability to migrate database leases to memfile leases2022-02-18T08:00:19ZAndrei Pavelandrei@isc.orgability to migrate database leases to memfile leaseskea-admin does have the lease-dump action which generates a very similar CSV to the one generated and read by kea-dhcp[46] when configured to work with memfile, but it's not quite there yet. Here are differences:
`kea-admin lease-dump m...kea-admin does have the lease-dump action which generates a very similar CSV to the one generated and read by kea-dhcp[46] when configured to work with memfile, but it's not quite there yet. Here are differences:
`kea-admin lease-dump mysql`:
```csv
address,hwaddr,client_id,valid_lifetime,expire,subnet_id,fqdn_fwd,fqdn_rev,hostname,state,
10.0.0.0,000C01020334,01000C01020334,7200,2021-08-17 19:00:20,1,0,0,,default,
```
Leases saved by kea-dhcp4:
```csv
address,hwaddr,client_id,valid_lifetime,expire,subnet_id,fqdn_fwd,fqdn_rev,hostname,state,user_context
10.0.0.0,00:0c:01:02:03:04,01:00:0c:01:02:03:04,7200,1629215965,1,0,0,,0,
```
Required format changes:
* hwaddr: blob "000C01020334" to colon-separated "00:0c:01:02:03:04"
* client_id: blob "01000C01020334" to colon-separated "01:00:0c:01:02:03:04"
* expire: human-readable "2021-08-17 19:00:20" to unix "1629215965"
* state: human-readable "default" to numeric "0"
And for v6:
`kea-admin lease-dump mysql`:
```csv
address,duid,valid_lifetime,expire,subnet_id,pref_lifetime,lease_type,iaid,prefix_len,fqdn_fwd,fqdn_rev,hostname,hwaddr,hwtype,hwaddr_source,state,user_context
2001:db8:1:0:1::,0001000128AE81F5000C01020304,7200,2021-08-17 19:19:33,1,3600,IA_NA,1,128,0,0,,000C01020304,1,HWADDR_SOURCE_IPV6_LINK_LOCAL,default,
```
Leases saved by kea-dhcp6:
```csv
address,duid,valid_lifetime,expire,subnet_id,pref_lifetime,lease_type,iaid,prefix_len,fqdn_fwd,fqdn_rev,hostname,hwaddr,state,user_context
2001:db8:1:0:1::,00:01:00:01:28:ae:81:f5:00:0c:01:02:03:3f,7200,1629217233,1,3600,0,1,128,0,0,,00:0c:01:02:03:3f,0,
```
Required format changes:
* duid: blob "0001000128AE81F5000C01020304" to colon-separated "00:01:00:01:28:ae:81:f5:00:0c:01:02:03:3f"
* expire: human-readable "2021-08-17 19:19:33" to unix "1629217233"
* lease-type: human-readable "IA_NA" to numeric "1"
* hwaddr: blob "000C01020304" to colon-separated "00:0c:01:02:03:3f"
* state: human-readable "default" to numeric "0"
And there are two extra columns in the case of lease-dump. What's up with those:
* hwtype
* hwaddr_source
user-context needs to be looked at too in both cases.
The output of `kea-admin lease-dump` might differ for PostgreSQL than for MySQL.kea2.1.2Andrei Pavelandrei@isc.orgAndrei Pavelandrei@isc.orghttps://gitlab.isc.org/isc-projects/kea/-/issues/2071distcheck is missing db backends, sysrepo and gss-tsig and CXX flags for TSAN...2023-07-17T13:58:25ZRazvan Becheriudistcheck is missing db backends, sysrepo and gss-tsig and CXX flags for TSAN are not propagatedkea2.3.0Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/2227RFC3396 Encoding Long Options2022-05-19T17:33:41ZPeter DaviesRFC3396 Encoding Long OptionsRFC3396 Encoding Long Options:
rfc3396 defines a mechanism for encoding long DHCP options by concatenating multiple instances of the same option.
Implementing this would be useful to users we need to send, for example, a list of c...RFC3396 Encoding Long Options:
rfc3396 defines a mechanism for encoding long DHCP options by concatenating multiple instances of the same option.
Implementing this would be useful to users we need to send, for example, a list of classless routes (option 121) that exceed 255 bytes (rfc3442).
[RT 19933](https://support.isc.org/Ticket/Display.html?id=19933)kea2.1.6Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/2385bump up lib versions for 2.1.52022-04-25T13:18:59ZRazvan Becheriubump up lib versions for 2.1.5kea2.1.5Thomas MarkwalderThomas Markwalderhttps://gitlab.isc.org/isc-projects/kea/-/issues/2294disable TLS tests if TLS is not configured in setup2022-03-30T15:28:27ZAndrei Pavelandrei@isc.orgdisable TLS tests if TLS is not configured in setup`hasMySQLTls()` or `KEA_MYSQL_HAVE_SSL` doesn't seem to be checked for all libraries e.g. HA, CB, forensic logging and so tests for those libraries are failing if TLS is not configured in the running setup.`hasMySQLTls()` or `KEA_MYSQL_HAVE_SSL` doesn't seem to be checked for all libraries e.g. HA, CB, forensic logging and so tests for those libraries are failing if TLS is not configured in the running setup.kea2.1.3Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/2250TLS unit tests fail with OpenSSL 1.1.1m2022-02-09T09:07:25ZAndrei Pavelandrei@isc.orgTLS unit tests fail with OpenSSL 1.1.1m```
$ grep OPENSSL_VERSION_TEXT /usr/include/openssl/opensslv.h
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1m 14 Dec 2021"
```
<details open>
<summary>The full list of failing tests:</summary>
<pre>
[ RUN ] TLSTest.loadNoCAFile...```
$ grep OPENSSL_VERSION_TEXT /usr/include/openssl/opensslv.h
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1m 14 Dec 2021"
```
<details open>
<summary>The full list of failing tests:</summary>
<pre>
[ RUN ] TLSTest.loadNoCAFile
tls_unittest.cc:359: Failure
Failed
exception with unknown 'No such file or directory (system library, fopen)'
[ FAILED ] TLSTest.loadNoCAFile (0 ms)
[ RUN ] TLSTest.loadCAPath
[ OK ] TLSTest.loadCAPath (0 ms)
[ RUN ] TLSTest.loadKeyCA
tls_unittest.cc:359: Failure
Failed
exception with unknown 'no certificate or crl found (x509 certificate routines, X509_load_cert_crl_file)'
[ FAILED ] TLSTest.loadKeyCA (0 ms)
[ RUN ] TLSTest.loadCertFile
[ OK ] TLSTest.loadCertFile (0 ms)
[ RUN ] TLSTest.loadNoCertFile
tls_unittest.cc:359: Failure
Failed
exception with unknown 'No such file or directory (system library, fopen)'
[ FAILED ] TLSTest.loadNoCertFile (0 ms)
[ RUN ] TLSTest.loadCsrCertFile
tls_unittest.cc:359: Failure
Failed
exception with unknown 'no start line (PEM routines, get_name)'
[ FAILED ] TLSTest.loadCsrCertFile (0 ms)
[ RUN ] TLSTest.loadKeyFile
[ OK ] TLSTest.loadKeyFile (0 ms)
[ RUN ] TLSTest.loadNoKeyFile
tls_unittest.cc:359: Failure
Failed
exception with unknown 'No such file or directory (system library, fopen)'
[ FAILED ] TLSTest.loadNoKeyFile (0 ms)
[ RUN ] TLSTest.loadCertKeyFile
tls_unittest.cc:359: Failure
Failed
exception with unknown 'no start line (PEM routines, get_name)'
[ FAILED ] TLSTest.loadCertKeyFile (0 ms)
[ RUN ] TLSTest.loadMismatch
[ OK ] TLSTest.loadMismatch (0 ms)
[ RUN ] TLSTest.configure
[ OK ] TLSTest.configure (0 ms)
[ RUN ] TLSTest.configureError
tls_unittest.cc:359: Failure
Failed
exception with unknown 'load of cert file '/no-such-file' failed: No such file or directory (system library, fopen)'
[ FAILED ] TLSTest.configureError (0 ms)
[ RUN ] TLSTest.stream
[ OK ] TLSTest.stream (0 ms)
[ RUN ] TLSTest.noHandshake
tls_unittest.cc:406: Failure
Failed
send got unexpected error 'uninitialized (SSL routines, ssl_write_internal)'
tls_unittest.cc:406: Failure
Failed
receive got unexpected error 'uninitialized (SSL routines, ssl_read_internal)'
[ FAILED ] TLSTest.noHandshake (2 ms)
[ RUN ] TLSTest.serverNotConfigured
tls_unittest.cc:406: Failure
Failed
server got unexpected error 'no shared cipher (SSL routines, tls_post_process_client_hello)'
tls_unittest.cc:406: Failure
Failed
client got unexpected error 'sslv3 alert handshake failure (SSL routines, ssl3_read_bytes)'
[ FAILED ] TLSTest.serverNotConfigured (2 ms)
[ RUN ] TLSTest.clientNotConfigured
tls_unittest.cc:406: Failure
Failed
server got unexpected error 'tlsv1 alert unknown ca (SSL routines, ssl3_read_bytes)'
tls_unittest.cc:406: Failure
Failed
client got unexpected error 'certificate verify failed (SSL routines, tls_process_server_certificate)'
[ FAILED ] TLSTest.clientNotConfigured (14 ms)
[ RUN ] TLSTest.clientHTTPnoS
tls_unittest.cc:406: Failure
Failed
server got unexpected error 'http request (SSL routines, ssl3_get_record)'
[ FAILED ] TLSTest.clientHTTPnoS (1 ms)
[ RUN ] TLSTest.unknownClient
tls_unittest.cc:406: Failure
Failed
server got unexpected error 'wrong version number (SSL routines, ssl3_get_record)'
[ FAILED ] TLSTest.unknownClient (1 ms)
[ RUN ] TLSTest.anotherClient
tls_unittest.cc:406: Failure
Failed
server got unexpected error 'certificate verify failed (SSL routines, tls_process_client_certificate)'
[ FAILED ] TLSTest.anotherClient (18 ms)
[ RUN ] TLSTest.selfSigned
tls_unittest.cc:406: Failure
Failed
server got unexpected error 'certificate verify failed (SSL routines, tls_process_client_certificate)'
[ FAILED ] TLSTest.selfSigned (19 ms)
[ RUN ] TLSTest.noHandshakeCloseOnError
tls_unittest.cc:406: Failure
Failed
send got unexpected error 'uninitialized (SSL routines, ssl_write_internal)'
tls_unittest.cc:406: Failure
Failed
receive got unexpected error 'uninitialized (SSL routines, ssl_read_internal)'
[ FAILED ] TLSTest.noHandshakeCloseOnError (2 ms)
[ RUN ] TLSTest.serverNotConfiguredCloseonError
tls_unittest.cc:406: Failure
Failed
server got unexpected error 'no shared cipher (SSL routines, tls_post_process_client_hello)'
tls_unittest.cc:406: Failure
Failed
client got unexpected error 'sslv3 alert handshake failure (SSL routines, ssl3_read_bytes)'
[ FAILED ] TLSTest.serverNotConfiguredCloseonError (2 ms)
[ RUN ] TLSTest.clientNotConfiguredCloseonError
tls_unittest.cc:406: Failure
Failed
server got unexpected error 'tlsv1 alert unknown ca (SSL routines, ssl3_read_bytes)'
tls_unittest.cc:406: Failure
Failed
client got unexpected error 'certificate verify failed (SSL routines, tls_process_server_certificate)'
[ FAILED ] TLSTest.clientNotConfiguredCloseonError (7 ms)
[ RUN ] TLSTest.clientHTTPnoSCloseonError
tls_unittest.cc:406: Failure
Failed
server got unexpected error 'http request (SSL routines, ssl3_get_record)'
[ FAILED ] TLSTest.clientHTTPnoSCloseonError (1 ms)
[ RUN ] TLSTest.anotherClientCloseonError
tls_unittest.cc:406: Failure
Failed
server got unexpected error 'certificate verify failed (SSL routines, tls_process_client_certificate)'
[ FAILED ] TLSTest.anotherClientCloseonError (19 ms)
[ RUN ] TLSTest.selfSignedCloseonError
tls_unittest.cc:406: Failure
Failed
server got unexpected error 'certificate verify failed (SSL routines, tls_process_client_certificate)'
[ FAILED ] TLSTest.selfSignedCloseonError (18 ms)
</pre>
</details>kea2.1.3Andrei Pavelandrei@isc.orgAndrei Pavelandrei@isc.orghttps://gitlab.isc.org/isc-projects/kea/-/issues/2036Make the lease/HR lookup order configurable2022-02-04T18:52:30ZTomek MrugalskiMake the lease/HR lookup order configurableThis is related to [support#18476](https://support.isc.org/Ticket/Display.html?id=18476). In this particular deployment there are some pools with high utilization. The deployment uses HA and MySQL. After simulating many test scenarios, w...This is related to [support#18476](https://support.isc.org/Ticket/Display.html?id=18476). In this particular deployment there are some pools with high utilization. The deployment uses HA and MySQL. After simulating many test scenarios, we came up with a bottleneck caused by a large number of MySQL queries for non-existent HRs and leases.
The following parameter (alloc_engine.cc:1023 and 4282) could slice the number of queries in half:
```c++
// We have the choice in the order checking the lease and
// the reservation. The default is to begin by the lease
// if the multi-threading is disabled.
bool check_reservation_first = MultiThreadingMgr::instance().getMode();
```
Sadly, it's not configurable at the moment. There is no _best_ choice here. For networks that have high pool utilization and few IP reservations, the lease lookup first strategy is better. For networks that have many IP reservations, the do HR lookup first strategy is better.
As such, this parameter needs to be configurable.kea2.1.3Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/2288maxsize and maxver should be excluded from the loggers entry in config-get's ...2022-02-16T15:13:45ZAndrei Pavelandrei@isc.orgmaxsize and maxver should be excluded from the loggers entry in config-get's output if destination is not a filemaxsize and maxver are always included in config-get's output and this is a regression (or a feature) gained in Kea 2.1.2. They should be excluded when the output is not a file since they don't make sense in that case.
The behavior is s...maxsize and maxver are always included in config-get's output and this is a regression (or a feature) gained in Kea 2.1.2. They should be excluded when the output is not a file since they don't make sense in that case.
The behavior is similar for other entries. For example, "lease-database" excludes user, password, port when type is memfile.kea2.1.3Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/2279config-get command no longer return logger configuration2022-01-22T14:59:35ZWlodzimierz Wencelconfig-get command no longer return logger configurationUsed configuration in Kea:
```
{
"Dhcp6": {
"option-data": [],
"hooks-libraries": [],
"shared-networks": [],
"subnet6": [
{
"subnet": "3000::/64",
"pools": [...Used configuration in Kea:
```
{
"Dhcp6": {
"option-data": [],
"hooks-libraries": [],
"shared-networks": [],
"subnet6": [
{
"subnet": "3000::/64",
"pools": [
{
"pool": "3000::1-3000::f"
}
],
"interface": "enp0s9"
}
],
"interfaces-config": {
"interfaces": [
"enp0s9"
]
},
"control-socket": {
"socket-type": "unix",
"socket-name": "/home/wlodek/installed/git/var/run/kea/control_socket"
},
"renew-timer": 1000,
"rebind-timer": 2000,
"preferred-lifetime": 3000,
"valid-lifetime": 4000,
"loggers": [
{
"name": "kea-dhcp6",
"output_options": [
{
"output": "/home/wlodek/installed/git/var/log/kea.log"
}
],
"severity": "DEBUG",
"debuglevel": 99
}
],
"lease-database": {
"type": "memfile"
},
"multi-threading": {
"enable-multi-threading": true,
"thread-pool-size": 2,
"packet-queue-size": 16
}
}
}
```
result of `config-get` command:
```
[
{
"arguments": {
"Dhcp6": {
"calculate-tee-times": true,
"control-socket": {
"socket-name": "/home/wlodek/installed/git/var/run/kea/control_socket",
"socket-type": "unix"
},
"ddns-generated-prefix": "myhost",
"ddns-override-client-update": false,
"ddns-override-no-update": false,
"ddns-qualifying-suffix": "",
"ddns-replace-client-name": "never",
"ddns-send-updates": true,
"ddns-update-on-renew": false,
"ddns-use-conflict-resolution": true,
"decline-probation-period": 86400,
"dhcp-ddns": {
"enable-updates": false,
"max-queue-size": 1024,
"ncr-format": "JSON",
"ncr-protocol": "UDP",
"sender-ip": "0.0.0.0",
"sender-port": 0,
"server-ip": "127.0.0.1",
"server-port": 53001
},
"dhcp-queue-control": {
"capacity": 64,
"enable-queue": false,
"queue-type": "kea-ring6"
},
"dhcp4o6-port": 0,
"expired-leases-processing": {
"flush-reclaimed-timer-wait-time": 25,
"hold-reclaimed-time": 3600,
"max-reclaim-leases": 100,
"max-reclaim-time": 250,
"reclaim-timer-wait-time": 10,
"unwarned-reclaim-cycles": 5
},
"hooks-libraries": [],
"host-reservation-identifiers": [
"hw-address",
"duid"
],
"hostname-char-replacement": "",
"hostname-char-set": "[^A-Za-z0-9.-]",
"interfaces-config": {
"interfaces": [
"enp0s9"
],
"re-detect": true
},
"ip-reservations-unique": true,
"lease-database": {
"type": "memfile"
},
"mac-sources": [
"any"
],
"multi-threading": {
"enable-multi-threading": true,
"packet-queue-size": 16,
"thread-pool-size": 2
},
"option-data": [],
"option-def": [],
"parked-packet-limit": 256,
"preferred-lifetime": 3000,
"rebind-timer": 2000,
"relay-supplied-options": [
"65"
],
"renew-timer": 1000,
"reservations-global": false,
"reservations-in-subnet": true,
"reservations-out-of-pool": false,
"sanity-checks": {
"lease-checks": "warn"
},
"server-id": {
"enterprise-id": 0,
"htype": 0,
"identifier": "",
"persist": true,
"time": 0,
"type": "LLT"
},
"server-tag": "",
"shared-networks": [],
"statistic-default-sample-age": 0,
"statistic-default-sample-count": 20,
"store-extended-info": false,
"subnet6": [
{
"calculate-tee-times": true,
"id": 1,
"interface": "enp0s9",
"option-data": [],
"pd-pools": [],
"pools": [
{
"option-data": [],
"pool": "3000::1-3000::f"
}
],
"preferred-lifetime": 3000,
"rapid-commit": false,
"rebind-timer": 2000,
"relay": {
"ip-addresses": []
},
"renew-timer": 1000,
"reservations": [],
"store-extended-info": false,
"subnet": "3000::/64",
"t1-percent": 0.5,
"t2-percent": 0.8,
"valid-lifetime": 4000
}
],
"t1-percent": 0.5,
"t2-percent": 0.8,
"valid-lifetime": 4000
}
},
"result": 0
}
]
```
"loggers" list is missing.
We have multiple system tests failures on jenkins, and according to jenkins build history this build is probably cause of problems https://jenkins.aws.isc.org/job/kea-dev/job/tarball-internal/621/kea2.1.2Razvan BecheriuRazvan Becheriu