ISC Open Source Projects issueshttps://gitlab.isc.org/groups/isc-projects/-/issues2023-07-17T18:59:35Zhttps://gitlab.isc.org/isc-projects/kea/-/issues/239ISC DHCP server config booting keyword2023-07-17T18:59:35ZFrancis DupontISC DHCP server config booting keyword>>>
The booting keyword
**allow booting;**
**deny booting;**
**ignore booting;**
The booting flag is used to tell dhcpd whether or not to respond to
queries from a particular client. This keyword only has meaning when
it appears in a...>>>
The booting keyword
**allow booting;**
**deny booting;**
**ignore booting;**
The booting flag is used to tell dhcpd whether or not to respond to
queries from a particular client. This keyword only has meaning when
it appears in a host declaration. By default, booting is allowed, but
if it is disabled for a particular client, then that client will not be
able to get an address from the DHCP server.
>>>
It looks like an indirect way to add a reservation without address. The only action should be to check Kea supports this case?backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/238ISC DHCP server config option one-lease-per-client2023-07-13T18:45:31ZFrancis DupontISC DHCP server config option one-lease-per-client>>>
The one-lease-per-client statement
one-lease-per-client flag;
If this flag is enabled, whenever a client sends a DHCPREQUEST for a
particular lease, the server will automatically free any other leases
the client holds. This presume...>>>
The one-lease-per-client statement
one-lease-per-client flag;
If this flag is enabled, whenever a client sends a DHCPREQUEST for a
particular lease, the server will automatically free any other leases
the client holds. This presumes that when the client sends a DHCPRE-
QUEST, it has forgotten any lease not mentioned in the DHCPREQUEST -
i.e., the client has only a single network interface and it does not
remember leases it's holding on networks to which it is not currently
attached. Neither of these assumptions are guaranteed or provable,
so we urge caution in the use of this statement.
>>>
Dubious utility: put here only for documentation purpose.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/236ISC DHCP and Kea shared-networks are not the same2023-07-13T18:42:08ZFrancis DupontISC DHCP and Kea shared-networks are not the sameThis ticket documents differences between ISC DHCP and Kea shared-networks:
- in ISC DHCP any subnet is a member of a shared-network, e.g. the config parser creates an anonymous one when it finds a "plain" subnet
- in ISC DHCP localizat...This ticket documents differences between ISC DHCP and Kea shared-networks:
- in ISC DHCP any subnet is a member of a shared-network, e.g. the config parser creates an anonymous one when it finds a "plain" subnet
- in ISC DHCP localization aka subnet selection in fact selects a shared-network. In Kea the selected subnet has some kind of priority over its siblings in the shared-network
- Kea shared-networks come with a performance penalty for resources to access at the shared-network level vs the selected subnet
To be reference by the MA for shared-networks with more than one subnet (with one subnet the shared-network is removed).backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/235ISC DHCP "class-like" if statements2023-07-17T18:49:15ZFrancis DupontISC DHCP "class-like" if statementsThis ticket is about how to convert this ISC DHCP config style:
```
subnet 10.208.0.0 netmask 255.255.128.0 {
option subnet-mask 255.255.128.0 ;
if substring (option vendor-class-identifier,0,4) = "MSFT"{
...This ticket is about how to convert this ISC DHCP config style:
```
subnet 10.208.0.0 netmask 255.255.128.0 {
option subnet-mask 255.255.128.0 ;
if substring (option vendor-class-identifier,0,4) = "MSFT"{
option routers 10.208.0.1 ;
option domain-name-servers 10.237.3.4, 10.237.3.5 ;
}
if substring (option vendor-class-identifier,0,2) = "RG"{
option classless-routes = 0F:0A:EC:0A:D0:00:01 ;
}
pool {
deny members of "MotoVIP";
range 10.208.64.1 10.208.127.254;
}
}
```
(old discussion)
The 2 if (and the "MotoVIIP" class uses an test expression which can be easily converted into a match if defining a class. The domain-name-servers option shares the same value but not the routers or the classless-routes so it is not possible to set all these parameters in class definitions.
As there is no subnet related class selector (for two reasons: classes are globally defined and classes are used to select subnets so can't depend on them) the idea should to split the subnet into class-dependent subnets. It works well for the subnet selection and parameter setting but not for the pool: range conflicts are detected when they occur inside a subnet, not yet (cf Trac 2346) between subnets but clearly do *not* work.
So IMHO it is a good place for shared networks (cf Kea 5273)... (implemented since this comment)backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/233ISC DCHP host reservation "group <name>" parameter2022-11-02T15:08:44ZFrancis DupontISC DCHP host reservation "group <name>" parameterIt is not documented at all but in host reservations one can specify a group by name.
I believe it is a second way (first is inclusion of the host reservation declaration in the scope of the group) to apply a group to a host. If it is t...It is not documented at all but in host reservations one can specify a group by name.
I believe it is a second way (first is inclusion of the host reservation declaration in the scope of the group) to apply a group to a host. If it is the case the corresponding Kea feature is to declare a class without a matching expression with all the parameters (e.g. option-data) of the group and to specify the host reservation belongs to the class, so basically swapping the group keyword for class.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/231ISC DHCP host declaration are global2023-07-13T18:30:36ZFrancis DupontISC DHCP host declaration are globalISC DHCP host declarations are always global, Kea reservations are by default per subnet.
Kea 1.5 introduced global host reservations.ISC DHCP host declarations are always global, Kea reservations are by default per subnet.
Kea 1.5 introduced global host reservations.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/227ISC DHCP server config option limit-addrs/prefs-per-ia2023-07-17T18:40:44ZFrancis DupontISC DHCP server config option limit-addrs/prefs-per-ia>>>
The limit-addrs-per-ia statement
**limit-addrs-per-ia** number;
By default, the DHCPv6 server will limit clients to one IAADDR per IA
option, meaning one address. If you wish to permit clients to hang
onto multiple addresses at a t...>>>
The limit-addrs-per-ia statement
**limit-addrs-per-ia** number;
By default, the DHCPv6 server will limit clients to one IAADDR per IA
option, meaning one address. If you wish to permit clients to hang
onto multiple addresses at a time, configure a larger number here.
Note that there is no present method to configure the server to
forcibly configure the client with one IP address per each subnet on
a shared network. This is left to future work.
>>>
There is another **limit-prefs-per-ia** option for prefixes. It seems a good idea even if its main/obvious use case is not supported (by ISC DHCP).backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/224ISC DHCP server config option limited-broadcast-address2022-11-02T15:08:43ZFrancis DupontISC DHCP server config option limited-broadcast-addressThere is no manual entry for this. The idea is to get some control on the broadcast address used to send responses to on-link clients. A priori not a bad idea. BTW the limited broadcast address is 255.255.255.255 and is not forwarded by ...There is no manual entry for this. The idea is to get some control on the broadcast address used to send responses to on-link clients. A priori not a bad idea. BTW the limited broadcast address is 255.255.255.255 and is not forwarded by routers (so the name) but the ISC DHCP option takes an IPv4 address (vs a boolean).backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/223ISC DHCP server config option min-secs2023-07-17T18:34:24ZFrancis DupontISC DHCP server config option min-secs>>>
The min-secs statement
**min-secs** seconds;
Seconds should be the minimum number of seconds since a client began
trying to acquire a new lease before the DHCP server will respond to
its request. The number of seconds is based on w...>>>
The min-secs statement
**min-secs** seconds;
Seconds should be the minimum number of seconds since a client began
trying to acquire a new lease before the DHCP server will respond to
its request. The number of seconds is based on what the client
reports, and the maximum value that the client can report is 255 sec-
onds. Generally, setting this to one will result in the DHCP server
not responding to the client's first request, but always responding
to its second request.
This can be used to set up a secondary DHCP server which never offers
an address to a client until the primary server has been given a
chance to do so. If the primary server is down, the client will bind
to the secondary server, but otherwise clients should always bind to
the primary. Note that this does not, by itself, permit a primary
server and a secondary server to share a pool of dynamically-allocat-
able addresses.
>>>
Simple idea and easy to implement using Kea pkt4::getSecs.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/222Pool log threshold2023-07-17T18:30:49ZFrancis DupontPool log thresholdIdea from ISC DHCP, cf dhcpd.8:
>>>
The log-threshold-high and log-threshold-low statements
**log-threshold-high** percentage;
**log-threshold-low** percentage;
The log-threshold-low and log-threshold-high statements are used to
contr...Idea from ISC DHCP, cf dhcpd.8:
>>>
The log-threshold-high and log-threshold-low statements
**log-threshold-high** percentage;
**log-threshold-low** percentage;
The log-threshold-low and log-threshold-high statements are used to
control when a message is output about pool usage. The value for
both of them is the percentage of the pool in use. If the high
threshold is 0 or has not been specified, no messages will be pro-
duced. If a high threshold is given, a message is output once the
pool usage passes that level. After that, no more messages will be
output until the pool usage falls below the low threshold. If the
low threshold is not given, it default to a value of zero.
A special case occurs when the low threshold is set to be higer than
the high threshold. In this case, a message will be generated each
time a lease is acknowledged when the pool usage is above the high
threshold.
Note that threshold logging will be automatically disabled for shared
subnets whose total number of addresses is larger than (264)-1. The
server will emit a log statement at startup when threshold logging is
disabled as shown below:
"Threshold logging disabled for shared subnet of ranges:
<addresses>"
This is likely to have no practical runtime effect as CPUs are
unlikely to support a server actually reaching such a large number of
leases.
>>>
From this I like the idea to have a hook library which performs a simple
action (log is an example) when a threshold is crossed in a reasonably
sized pool.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/196Improve netconf performance: keep the control socket connection open2022-11-02T15:08:43ZTomek MrugalskiImprove netconf performance: keep the control socket connection openIn 1.5 the kea-netconf agent opens up a new connection every time there is a new config to be set. This means that if you're changing the configuration frequently, there are many connections set up and torn down. It would be better to ha...In 1.5 the kea-netconf agent opens up a new connection every time there is a new config to be set. This means that if you're changing the configuration frequently, there are many connections set up and torn down. It would be better to have persistent connection (or the option to enable it).
This is out of scope for 1.5, though. Looks like a potential optimization in 1.6.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/152Add a rebuild-test target for CA, D2 and NETCONF2022-11-02T15:08:43ZFrancis DupontAdd a rebuild-test target for CA, D2 and NETCONFand of course Netconf. Currently a rebuild-test target is available only for DHCPv4 and DHCPv6: it should be adapted to anything using a flex/bison JSON syntax.and of course Netconf. Currently a rebuild-test target is available only for DHCPv4 and DHCPv6: it should be adapted to anything using a flex/bison JSON syntax.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/110pool order2022-11-02T15:08:41ZFrancis Dupontpool orderConfiguration order of subnets and client classes is critical. Pools are ordered too but IMHO cases where it matters are uncommon, in fact it will be an issue only for config backend unit tests. I suggest to NOT address this issue (1.x l...Configuration order of subnets and client classes is critical. Pools are ordered too but IMHO cases where it matters are uncommon, in fact it will be an issue only for config backend unit tests. I suggest to NOT address this issue (1.x low for instance?).backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/76Update leases on 'dashboard server' without running HA2022-11-02T15:08:41ZGhost UserUpdate leases on 'dashboard server' without running HAOne of our GSOC students is working on a Kea dashboard, based on the GLASS project, a dashboard for ISC DHCP. The dashboard requires access to a local lease file so it can continuously or frequently update stats about pool utilization, e...One of our GSOC students is working on a Kea dashboard, based on the GLASS project, a dashboard for ISC DHCP. The dashboard requires access to a local lease file so it can continuously or frequently update stats about pool utilization, etc. It seems like the ideal way to do this is to push lease file updates to the dashboard server.
It seems we can use the 'backup server' feature of HA, but without the HA support. So, we would want a mode that doesn't check for a valid HA configuration and an HA partner. Also, we would want this feature to not require the premium HA package.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/54Reconfigure with an unusable lease back end, leaves the server in a non-worki...2022-11-02T15:08:41ZGhost UserReconfigure with an unusable lease back end, leaves the server in a non-working state (no rollback)A running kea-dhcpX server can be rendered non-functional by issuing a reconfigure (either by command or signal) with a configuration containing
a flawed lease back end specifications or to back end which cannot be reached.
After succes...A running kea-dhcpX server can be rendered non-functional by issuing a reconfigure (either by command or signal) with a configuration containing
a flawed lease back end specifications or to back end which cannot be reached.
After successfully parsing the configuration, the server attempts to connect to the new lease back end. This causes the LeaseMgrFactory to close the existing instance and subsequently fails to open a new one. The server will emit a log message that states reconfiguration has failed and at this point it will no longer process client packets.
A simple scenario:
1. start server with memfile lease back end
2. verify server hands out leases
3. change configuration to MySQL back end with an invalid database or user name
4. issue reconfig command
5. verify server does not see or acknowledge packets
The basic issue is the LeaseMgrFactory only permits one instance to exist. There is no "Staged" instance and we do not restore the one we closed. We probably don't handle host back ends any differently.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/52kea-dhcp4 can't offer ip reserved.2022-11-02T15:08:43ZGhost Userkea-dhcp4 can't offer ip reserved.subnet : 192.168.0.0/24
reservation1 : mac(aa:aa:aa:aa:aa:aa) ip(192.168.0.11)
reservation2 : mac(bb:bb:bb:bb:bb:bb) ip(192.168.0.12)
reservation1 has router option(3) 192.168.0.3
reservation2 has no options.
I used mysql for hosts res...subnet : 192.168.0.0/24
reservation1 : mac(aa:aa:aa:aa:aa:aa) ip(192.168.0.11)
reservation2 : mac(bb:bb:bb:bb:bb:bb) ip(192.168.0.12)
reservation1 has router option(3) 192.168.0.3
reservation2 has no options.
I used mysql for hosts reservation.
kea-dhcp4 responses to reservation1 but fail to response to reservation2 somtimes.
The Failure log is 'preparing on-wire-format of the packet to be sent failed DHCPv4 Option4AddrLst 3 is too big.At most 255 bytes are supported.'
In packets debug log, kea-dhcp4 try to response to reserve2 with router option(value is 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 ....... maybe 2048~4096byte)backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/51Impossible to use a Chromecast with kea DHCP2022-11-02T15:08:41ZGhost UserImpossible to use a Chromecast with kea DHCPHello,
since few month I use kea dhcp server, it works properly with all my devices but I have a big problem with my Chromecast, it doesn't work att all with your DHCP server. I already contacted Chromecast Support team. I don't know if ...Hello,
since few month I use kea dhcp server, it works properly with all my devices but I have a big problem with my Chromecast, it doesn't work att all with your DHCP server. I already contacted Chromecast Support team. I don't know if I am the only one with this problem.
Before I decided to use Kea I was using my ISP's dhcp server but it was too limited and verry bugfull.
I hope you will be able to find a way to fix this, I didn't gave you any logs or config files because I don't know what you really need but I really need it working and I'll give you any file you need, your DHCP server is VERRY nice !
Cordiallybackloghttps://gitlab.isc.org/isc-projects/kea/-/issues/47Update network/subnet hooks to handle new classification fields2022-11-02T15:08:43ZGhost UserUpdate network/subnet hooks to handle new classification fields[#5374](https://oldkea.isc.org/ticket/5374) was merged but introduced new features which require an update of hooks managing shared networks and subnets.[#5374](https://oldkea.isc.org/ticket/5374) was merged but introduced new features which require an update of hooks managing shared networks and subnets.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/44make database config parsing more flexible2022-11-02T15:08:41ZGhost Usermake database config parsing more flexibleCf. #5528 comments (look for "line 125").Cf. #5528 comments (look for "line 125").backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/22stringop-truncation warnings2022-11-02T15:08:41ZFrancis Dupontstringop-truncation warningsG++ 8 has a new warning stringop truncation which is emitted when strncat or strncpy (only the second in kea) fails to terminate (i.e. append a null character) its result.
There are on Fedora 28 spurious warnings on local/unix socket ad...G++ 8 has a new warning stringop truncation which is emitted when strncat or strncpy (only the second in kea) fails to terminate (i.e. append a null character) its result.
There are on Fedora 28 spurious warnings on local/unix socket address or ifname because they are filled using strncpy.
I have a mixed feeling about this: IMHO the issue is not in Kea but in the system header files which should add a ```nonstring``` attribute but did not, so no action is a possible answer to this...backlog