Commit 03c13b8d authored by Thomas Markwalder's avatar Thomas Markwalder
Browse files

[#13,!6] - Updated v6 admin guide sections with global reservation info

parent 7f351007
......@@ -3103,7 +3103,7 @@ should include options from the isc option space:
</simpara>
</listitem>
</itemizedlist>
<para>This feature is currently implemented for memfile backend.</para>
<para>
......@@ -3268,6 +3268,24 @@ should include options from the isc option space:
reservation checks when dealing with existing leases. Therefore, system
administrators are encouraged to use out-of-pool reservations if
possible.</para>
<para>Beginning with Kea 1.5.0, there is now support for global
host reservations. These are reservations that are specified at the
global level within the configuration and that do not belong to any
specific subnet. Kea will still match inbound client packets to a
subnet as before, but when the subnet's reservation mode is set to
<command>"global"</command>, Kea will look for host reservations only
among the global reservations defined. Typcially, such resrvations would
be used to reserve hostnames for clients which may move from one subnet
to another.
</para>
<note>You can reserve any ip-address or prefix in a global reservation.
Just keep in mind that Kea will not do any sanity checking on the address
or prefix and that for Kea 1.5.0, support for global reservations should
be considered experimental.
</note>
</section>
<section xml:id="reservation6-conflict">
......@@ -3317,6 +3335,15 @@ should include options from the isc option space:
out-of-pool reservations. If the reserved address does not belong to a
pool, there is no way that other clients could get this address.
</para>
<note>
<para>The conflict resolution mechanism does not work for global
reservations. As of Kea 1.5.0, it is generally recommended to not use
global reservations for addresses or prefixes. If you want to use it
anyway, you have to manually ensure that the reserved values are not
in the dynamic pools.</para>
</note>
</section>
<section xml:id="reservation6-hostname">
......@@ -3538,10 +3565,10 @@ should include options from the isc option space:
Allowed values are:
<itemizedlist>
<listitem><simpara> <command>all</command> - enables all host reservation
types. This is the default value. This setting is the safest and the most
flexible. It allows in-pool and out-of-pool reservations. As all checks
are conducted, it is also the slowest.
<listitem><simpara> <command>all</command> - enables both in-pool
and out-of-pool host reservation types. This is the default value. This
setting is the safest and the most flexible. As all checks are conducted,
it is also the slowest. This does not check against global reservations.
</simpara></listitem>
<listitem><simpara> <command>out-of-pool</command> - allows only out of
......@@ -3551,7 +3578,18 @@ should include options from the isc option space:
with in-pool addresses, thus improving performance. Do not use this mode
if any of your reservations use in-pool address. Caution is advised when
using this setting. Kea does not sanity check the reservations against
<command>reservation-mode</command> and misconfiguration may cause problems.
<command>reservation-mode</command> and misconfiguration may cause
problems.
</simpara></listitem>
<listitem><simpara> <command>global</command> - allows only global
host reservations. With this setting in place, the server searches for
reservations for a client only among the defined global reservations.
If an address is specified, the server will skip the reservation checks
done when dealing in other modes, thus improving performance.
Caution is advised when using this setting: Kea does not sanity check
the reservations when <command>global</command> and
misconfiguration may cause problems.
</simpara></listitem>
<listitem><simpara>
......@@ -3576,9 +3614,44 @@ should include options from the isc option space:
}
]
}
</screen>
</screen>
</para>
<para>
An example configuration using global reservations is shown below:
<screen>
"Dhcp6": {
<userinput>
"reservations": [
{
"duid": "00:03:00:01:11:22:33:44:55:66",
"hostname": "host-one"
},
{
"duid": "00:03:00:01:99:88:77:66:55:44",
"hostname": "host-two"
}
],
</userinput>
"subnet6": [
{
"subnet": "2001:db8:1::/64",
<userinput>"reservation-mode": "global"</userinput>,
...
},
{
"subnet": "2001:db8:2::/64",
<userinput>"reservation-mode": "global"</userinput>,
...
}
]
}
</screen>
For more details regarding global reservations, see
<xref linkend="global-reservations6"/>.
</para>
<para>Another aspect of the host reservations are different types of
identifiers. Kea 1.1.0 supports two types of identifiers
in DHCPv6: hw-address and duid, but more identifier types
......@@ -3620,6 +3693,76 @@ If not specified, the default value is:
</screen>
</para>
</section>
<section id="global-reservations6">
<title>Global reservations in DHCPv6</title>
<para>In some deployments, such as mobile, clients can roam within the
network and there is a desire to specify certain parameters regardless of
the client's current location. To facilitate such a need, a global
reservation mechanism has been implemented. The idea behind it is that
regular host reservations are tied to specific subnets, by using specific
subnet-id. Kea 1.5.0 introduced a new capability to specify global
reservation that can be used in every subnet that has global reservations
enabled.</para>
<para>This feature can be used to assign certain parameters, such as
hostname or other dedicated, host-specific options. It can also be used to
assign addresses or prefixes. However, global reservations that assign
either of these bypass the whole topology determination provided by DHCP
logic implemented in Kea. It is very easy to misuse this feature and get
configuration that is inconsistent. To give a specific example, imagine a
global reservation for an address 2001:db8:1111::1 and two subnets
2001:db8:1111::/64 and 2001:db8:ffff::/48. If global reservations are used
in both subnets and a device matching global host reservations visits part
of the network that is covered by 2001:db8:ffff::/48, it will get an IP
address 2001:db8:ffff::/48, which will be outside of the prefix announced
by its local router using Router Advertisements. Such a configuration
would be unsuable or at the very least ridden with issues, such as the
downlink traffic not reaching the device.</para>
<para>
To use global host reservations a configuration similar to the following
can be used:
<screen>
"Dhcp6:" {
// This specifies global reservations. They will apply to all subnets that
// have global reservations enabled.
<userinput>
"reservations": [
{
"hw-address": "aa:bb:cc:dd:ee:ff",
"hostname": "hw-host-dynamic"
},
{
"hw-address": "01:02:03:04:05:06",
"hostname": "hw-host-fixed",
// Use of IP address is global reservation is risky. If used outside of
// matching subnet, such as 2001:db8:1::/64, it will result in a broken
// configuration being handled to the client.
"ip-address": "2001:db8:ff::77"
},
{
"duid": "01:02:03:04:05",
"hostname": "duid-host"
}
]</userinput>,
"valid-lifetime": 600,
"subnet4": [ {
"subnet": "2001:db8:1::/64",
<userinput>"reservation-mode": "global",</userinput>
"pools": [ { "pool": "2001:db8:1::-2001:db8:1::100" } ]
} ]
}
</screen>
</para>
<para>When using database backends, the global host reservations are
distinguished from regular reservations by using subnet-id value of
zero.</para>
<!-- see CfgHostOperations::createConfig6() in
src/lib/dhcpsrv/cfg_host_operations.cc -->
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment