ISC Open Source Projects issueshttps://gitlab.isc.org/groups/isc-projects/-/issues2023-07-31T13:38:18Zhttps://gitlab.isc.org/isc-projects/kea/-/issues/2140Can't use kea-dhcp6 as Prefix Delegation backend (like previously dibbler)2023-07-31T13:38:18ZLajos KatonaCan't use kea-dhcp6 as Prefix Delegation backend (like previously dibbler)Hi
I would like to use Kea for Openstack Neutron's pd "backend" (https://opendev.org/openstack/neutron ).
Currently we have a driver in Neutron for Dibbler which we use the following way (user workflow: https://docs.openstack.org/neutro...Hi
I would like to use Kea for Openstack Neutron's pd "backend" (https://opendev.org/openstack/neutron ).
Currently we have a driver in Neutron for Dibbler which we use the following way (user workflow: https://docs.openstack.org/neutron/latest/admin/config-ipv6.html#prefix-delegation ):
Neutron l3-agent creates IP namespaces for the routers, and dibbler is started within the ip namespace with a config like this:
_duid-type duid-en 8888 0x0f73d556b8364067bc6b3c2e61367d67
downlink-prefix-ifaces "none"
script
"/opt/stack/data/neutron/pd/877976ab-71c1-4c3f-ab76-281c5f2a61fa:0f73d556-b836-4067-bc6b-3c2e61367d67:qr-58b7a155-28/notify.sh"
iface "qg-f63df9d7-a7" {
bind-to-address fe80::f816:3eff:fe3a:f745
pd 1
}_
sudo ip netns exec qrouter-7dc7553b-b3aa-4782-b534-e4fc61f8b54f dibbler-client start -w /opt/stack/data/neutron/pd/877976ab-71c1-4c3f-ab76-281c5f2a61fa:0f73d556-b836-4067-bc6b-3c2e61367d67:qr-58b7a155-28/client.conf
notify.sh is a hook script to make possible that the prefix is finally stored in db and user can fetch it via REST API.
I tried to use Kea isntead to reach something similar result:
```
_$ cat kea_test.conf
{
# DHCPv6 configuration starts on the next line
"Dhcp6": {
# Next we set up the interfaces to be used by the server.
"interfaces-config": {
"interfaces": [ "qg-f63df9d7-a7" ]
},
# Finally, we list the subnets from which we will be leasing addresses.
"subnet6": [
{
"subnet": "2001:db8:2222::/48",
"pools": [
{"pool": "2001:db8:2222::/64"}
],
"pd-pools": [
{
"prefix": "3000:1::",
"prefix-len": 64,
"delegated-len": 96
}
]
}
]
# DHCPv6 configuration ends with the next line
}}
sudo kea-dhcp6 -c kea_test.conf_
```
but without success.
I saw that Kea has support for hooks (not sure I can use them as those are not in current distros), not sure if I can have similar hook like we have with dibbler.
environment:
Ubuntu 20.04.3 LTS
Linux mykeaenv 5.4.0-88-generic #99-Ubuntu SMP Thu Sep 23 17:29:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
$ kea-dhcp6 -v
2.0.0outstandingTomek MrugalskiTomek Mrugalskihttps://gitlab.isc.org/isc-projects/kea/-/issues/1562command_processed hook not tested or documented in CA2022-08-01T13:27:57ZTomek Mrugalskicommand_processed hook not tested or documented in CAThis was discovered in #1421 that the `command_processed` hook point is not documented and not tested.
With the upcoming RBAC, we need to improve the testing situation.This was discovered in #1421 that the `command_processed` hook point is not documented and not tested.
With the upcoming RBAC, we need to improve the testing situation.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1447use thread_local to optimize access to thread context2021-10-20T11:53:14ZRazvan Becheriuuse thread_local to optimize access to thread contextmoved from
#1333 https://gitlab.isc.org/isc-projects/kea/-/merge_requests/917
and
#1333 https://gitlab.isc.org/isc-private/kea-premium/-/merge_requests/130moved from
#1333 https://gitlab.isc.org/isc-projects/kea/-/merge_requests/917
and
#1333 https://gitlab.isc.org/isc-private/kea-premium/-/merge_requests/130outstandingWlodzimierz WencelWlodzimierz Wencelhttps://gitlab.isc.org/isc-projects/kea/-/issues/1328Kea and link time optimization2023-09-28T08:09:49ZFrancis DupontKea and link time optimizationThis ticket addressed two different goals:
- first to investigate if/how Kea can be build using -flto
- second fix bugs revealed by the -flto optionsThis ticket addressed two different goals:
- first to investigate if/how Kea can be build using -flto
- second fix bugs revealed by the -flto optionsoutstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1316switch to an unordered map for LabeledValueSet2020-10-08T15:35:13ZFrancis Dupontswitch to an unordered map for LabeledValueSetCurrently a private map keyed by unsigned int is used and no iterating method is defined so it is safe and perhaps faster to use an unordered map i.e. a hash table instead a balanced binary search tree.
LabeledValueSet is used in state ...Currently a private map keyed by unsigned int is used and no iterating method is defined so it is safe and perhaps faster to use an unordered map i.e. a hash table instead a balanced binary search tree.
LabeledValueSet is used in state models which are themselves used to handle HTTP and JSON input.
Note an alternative is to get rid of the LabeledValueSet and to use directly an unordered map in StateSet as I am not happy with the StateSet::getState() method performance which is called in the runModel loop.
Or moved for LabeledValueSet to a template taking a shared pointer to LabeledValue derived object type parameter and of course LabelValuePtr for default.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1137some configuration related functions should throw exception if called from pa...2021-10-20T11:53:14ZRazvan Becheriusome configuration related functions should throw exception if called from packet processing functions or while processing packets (in MT)outstandingRazvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/926configure failed since cannot find stdlib.h on Yocto Poky Linux2022-06-23T08:57:27ZGhost Userconfigure failed since cannot find stdlib.h on Yocto Poky Linuxcongfigure kea with --boost_include_path may cause stdlib.h cannot be found
it is caused by below commit:
https://github.com/isc-projects/kea/commit/98e64a69d5271db2a6f4944b7c377ee6488a1a42
Change of ax_boost_for_kea.m4:
- BOOST_INCL...congfigure kea with --boost_include_path may cause stdlib.h cannot be found
it is caused by below commit:
https://github.com/isc-projects/kea/commit/98e64a69d5271db2a6f4944b7c377ee6488a1a42
Change of ax_boost_for_kea.m4:
- BOOST_INCLUDES="-I${boost_include_path}"
+ BOOST_INCLUDES="-isystem ${boost_include_path}"
and -isystem could cause this problem, refer: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70129
and https://stackoverflow.com/questions/37218953/isystem-on-a-system-include-directory-causes-errorsoutstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/888create pgsql connection thread handle2020-08-27T09:46:33ZRazvan Becheriucreate pgsql connection thread handlepgsql connection should have a handle for each threadpgsql connection should have a handle for each threadoutstandingRazvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/887create mysql connection thread handle2020-08-27T09:46:17ZRazvan Becheriucreate mysql connection thread handlemysql connection should have a handle for each threadmysql connection should have a handle for each threadoutstandingRazvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/886create thread resource2020-08-27T09:45:59ZRazvan Becheriucreate thread resourcecreate thread resource to handle the creation of a specific resource for a specific thread at run-timecreate thread resource to handle the creation of a specific resource for a specific thread at run-timeoutstandingRazvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/885all pgsql exchanges should be created on the stack or use thread_local2020-08-27T09:47:42ZRazvan Becheriuall pgsql exchanges should be created on the stack or use thread_localmove all pgsql exchanges on the stack or use thread_localmove all pgsql exchanges on the stack or use thread_localoutstandingRazvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/884all mysql exchanges should be created on the stack or use thread_local2020-08-27T09:47:25ZRazvan Becheriuall mysql exchanges should be created on the stack or use thread_localmove all mysql exchanges on the stack or use thread_localmove all mysql exchanges on the stack or use thread_localoutstandingRazvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/718RESTful API for Kea Control Agent (GSoC 2019)2019-08-06T11:08:58ZJames WangRESTful API for Kea Control Agent (GSoC 2019)Kea Control Agent currently implements an RPC-style API where all work is done by POSTing a command with arguments. This issue explores how to implement a true RESTful style API for Kea CA.
* Original [proposal](https://summerofcode.wit...Kea Control Agent currently implements an RPC-style API where all work is done by POSTing a command with arguments. This issue explores how to implement a true RESTful style API for Kea CA.
* Original [proposal](https://summerofcode.withgoogle.com/dashboard/project/6159304481046528/details/) for this project
* The draft API reference can be found [here](https://gitlab.isc.org/Rinne0410/kea/wikis/API-references). It will be moved to main Wiki once finalized
* The underlying implementation design can be found [here](https://gitlab.isc.org/Rinne0410/kea/wikis/New-API-design)outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/602Kea takes a long time to process an invalid configuration file2022-10-06T10:58:58ZStephen MorrisKea takes a long time to process an invalid configuration fileUsing AFL to fuzz Kea4 and Kea6 configuration files - i.e. executing the command
```
kea-dhcp{4,6} -t <config-file>
```
... where AFL is creating fuzzed configuration files, a number of instances were encountered where the program took a...Using AFL to fuzz Kea4 and Kea6 configuration files - i.e. executing the command
```
kea-dhcp{4,6} -t <config-file>
```
... where AFL is creating fuzzed configuration files, a number of instances were encountered where the program took an unusually long time to process the file and report errors. A tarball containing two such files (one for Kea4 and one for Kea6) is attached. Elapsed times for processing these files on two ISC systems were:
**perf-c2**
kea4-hang.conf: > 20s
kea6-hang.conf: > 74s
Version information:
1.5.0-git
git 958abe5063b6e602c0070e336524e313c3a87671
linked with:
log4cplus 1.1.3
OpenSSL 1.0.2k-fips 26 Jan 2017
database:
Memfile backend 2.1
**2017 Macbook Pro**
kea4-hang.conf: > 5s
kea6-hang.conf > 17s
Version information:
1.5.0-git
git 958abe5063b6e602c0070e336524e313c3a87671
linked with:
log4cplus 2.0.2
OpenSSL 1.0.2r 26 Feb 2019
database:
Memfile backend 2.1
Admittedly the corrupt files are quite large (the Kea6 file is over 300kB), but the time to process them does seem unusually long.
[hangs.tar.gz](/uploads/5c946a418288dfa0c5a358500937e979/hangs.tar.gz)outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/348Small experiment improving congestion control locks2023-03-15T11:43:45ZFrancis DupontSmall experiment improving congestion control locksI propose a small experiment to see if this trivial (and recognized as correct) change makes a noticeable difference. I leave to QA the win threshold which requires inclusion in 1.5 or 1.6.
The change is here and in the attachment too.
...I propose a small experiment to see if this trivial (and recognized as correct) change makes a noticeable difference. I leave to QA the win threshold which requires inclusion in 1.5 or 1.6.
The change is here and in the attachment too.
```
diff --git a/src/lib/dhcp/packet_queue_ring.h b/src/lib/dhcp/packet_queue_ring.h
index 315e2a0375..bcaa496747 100644
--- a/src/lib/dhcp/packet_queue_ring.h
+++ b/src/lib/dhcp/packet_queue_ring.h
@@ -123,12 +123,12 @@ public:
/// @return A pointer to dequeued packet, or an empty pointer
/// if the queue is empty.
virtual PacketTypePtr popPacket(const QueueEnd& from = QueueEnd::FRONT) {
- isc::util::thread::Mutex::Locker lock(mutex_);
PacketTypePtr packet;
if (queue_.empty()) {
return (packet);
}
+ isc::util::thread::Mutex::Locker lock(mutex_);
if (from == QueueEnd::FRONT) {
packet = queue_.front();
queue_.pop_front();
```
[better-lock.diff](/uploads/0f3a20502c39e13e033d0818fd20b25c/better-lock.diff)outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/333parser libraries for servers (for netconf)2022-11-02T15:24:02ZFrancis Dupontparser libraries for servers (for netconf)Build in DHCPv4 and DHCPv6 (at least) Makefiles a convenience library with the parser so a tool which just needs to parse a DHCPv4 (or DHCPv6) configuration including comments and includes can link with this library and calls a parse* me...Build in DHCPv4 and DHCPv6 (at least) Makefiles a convenience library with the parser so a tool which just needs to parse a DHCPv4 (or DHCPv6) configuration including comments and includes can link with this library and calls a parse* method to get a syntactic correct Element.
I have an use for this in netconf to port and improve a to-yang tool which translates such config to YANG and loads it to sysrepo datastore. IMHO config backend should use this too.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/36define "same subnet"2020-08-29T09:25:33ZGhost Userdefine "same subnet"Define what is "same subnet" i.e. what makes two similar subnets allowed or forbidden.
Obviously same subnet ID should be forbidden.
Same subnet text representation (i.e., `192.168.0.0/24`) is more arguable.
Note this is a design/discus...Define what is "same subnet" i.e. what makes two similar subnets allowed or forbidden.
Obviously same subnet ID should be forbidden.
Same subnet text representation (i.e., `192.168.0.0/24`) is more arguable.
Note this is a design/discussion ticket (no branch, no code, no doc).outstandingFrancis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/501remote-option4-global-set accepts option with empty data2022-10-24T08:02:55ZWlodzimierz Wencelremote-option4-global-set accepts option with empty data```
{
"arguments": {
"options": [
{
"code": 6
}
],
"remote": {
"type": "mysql"
},
"server-tags": [
"abc"
]
},
"command": "remote-option4-global-set"
}
```
Response:
```
{
"a...```
{
"arguments": {
"options": [
{
"code": 6
}
],
"remote": {
"type": "mysql"
},
"server-tags": [
"abc"
]
},
"command": "remote-option4-global-set"
}
```
Response:
```
{
"arguments": {
"options": [
{
"code": 6,
"space": "dhcp4"
}
]
},
"result": 0,
"text": "DHCPv4 option successfully set."
}
```
Kea should not be configured with empty option. Possible that it's not yet implemented.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/449Create AuditRevision object to carry supplementary information for audit entries2020-09-10T15:49:35ZMarcin SiodelskiCreate AuditRevision object to carry supplementary information for audit entriesThe CB database includes `dhcp4_audit_revision` table which holds general information about the changes applied in the database. Currently it holds a timestamp and the log message. The timestamp is and will remain being generated automat...The CB database includes `dhcp4_audit_revision` table which holds general information about the changes applied in the database. Currently it holds a timestamp and the log message. The timestamp is and will remain being generated automatically. The log message is also generated automatically at the moment but the idea is to be able to specify the log message in the command. Some examples can be found here:
https://gitlab.isc.org/isc-projects/kea/wikis/designs/configuration-in-db-design#configuration-management
In the future we may store more information in the revision table. For example: name of the user who applied a change, IP address from which the command has been sent etc. This information must be encapsulated in a new object, e.g. AuditRevision and passed via the CB API to the commands that modify the information in the database, i.e. set and del commands.
Even though we could postpone this change to later Kea release, it may be actually better to add it now to keep the API stable in next releases.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/74Confusing Cassandra error: executeMutation(): [applied] is false for statemen...2021-10-27T09:14:25ZGhost UserConfusing Cassandra error: executeMutation(): [applied] is false for statement INSERT_HOSTI tried to add the following host reservation:
```
{
"command": "reservation-add",
"arguments": {
"reservation":
{
"subnet-id":1,
"client-id": "01:0a:0b:0c:0d:0e:0f",
...I tried to add the following host reservation:
```
{
"command": "reservation-add",
"arguments": {
"reservation":
{
"subnet-id":1,
"client-id": "01:0a:0b:0c:0d:0e:0f",
"ip-address": "192.0.2.205",
"next-server": "192.0.2.1",
"server-hostname": "hal9000",
"boot-file-name": "/dev/null",
"option-data": [
{
"name": "domain-name-servers",
"data": "10.1.1.202,10.1.1.203"
},
{
"name": "domain-name-servers",
"data": "10.1.1.202,10.1.1.203"
}
],
"client-classes": [ "isc", "office" ]
}
}
}
```
and got this confusing error message:
```
{ "result": 1, "text": "CqlExchange::executeMutation(): [applied] is false for statement INSERT_HOST" }
```
This error is caused by the fact there is duplicated option (the same option defined twice). Normal user has no chance to understand this error message. It should be more descriptive.outstanding