Commit eb1d523e authored by Tomek Mrugalski's avatar Tomek Mrugalski 🛰
Browse files

[4483] Example configs added.

parent 9659cf0b
......@@ -9,6 +9,7 @@ EXTRA_DIST += devel/qa.dox
nobase_dist_doc_DATA = examples/ddns/sample1.json
nobase_dist_doc_DATA += examples/ddns/template.json
nobase_dist_doc_DATA += examples/kea4/backends.json
nobase_dist_doc_DATA += examples/kea4/classify.json
nobase_dist_doc_DATA += examples/kea4/hooks.json
nobase_dist_doc_DATA += examples/kea4/leases-expiration.json
nobase_dist_doc_DATA += examples/kea4/multiple-options.json
......@@ -17,6 +18,7 @@ nobase_dist_doc_DATA += examples/kea4/several-subnets.json
nobase_dist_doc_DATA += examples/kea4/single-subnet.json
nobase_dist_doc_DATA += examples/kea6/advanced.json
nobase_dist_doc_DATA += examples/kea6/backends.json
nobase_dist_doc_DATA += examples/kea6/classify.json
nobase_dist_doc_DATA += examples/kea6/hooks.json
nobase_dist_doc_DATA += examples/kea6/leases-expiration.json
nobase_dist_doc_DATA += examples/kea6/multiple-options.json
......
# This is an example configuration file for the DHCPv4 server in Kea.
# The purpose of this example is to showcase how clients can be classified.
{ "Dhcp4": {
# Kea is told to listen on ethX interface only.
"interfaces-config": {
"interfaces": [ "ethX" ]
},
# Let's use the simplest backend: memfile and use some reasonable values
# for timers. They are of no concern for the classification demonstration.
"lease-database": { "type": "memfile" },
"renew-timer": 1000,
"rebind-timer": 2000,
"valid-lifetime": 4000,
# This list defines several classes that incoming packets can be assigned to.
# One packet can belong to zero or more classes.
"client-classes": [
# The first class attempts to match the whole hardware address to specific
# value. All incoming packets with that MAC address will get special
# value of the option. If there are many hosts that require special
# treatment, it is much better to use host reservations. However, doing
# tricks with MAC addresses may prove useful in some cases, e.g.
# by matching OUI to known value we can detect certain vendors.
{
"name": "special_snowflake",
"test": "pkt4.mac == 0x010203040506",
"option-data": [{
"name": "domain-name-servers",
"data": "127.0.0.1"
}]
},
# Let's classify all incoming DISCOVER (message type 1) to a separate
# class.
{
"name": "discovers",
"test": "pkt4.msgtype == 1"
},
# Clients are supposed to set transaction-id field to a random value.
# Clients that send it with 0 are most likely broken. Let's mark them
# as such.
{
"name": "broken",
"test": "pkt4.transid == 0"
},
# Let's pick VoIP phones. Those that send their class identifiers
# as Aastra, should belong to VoIP class. For a list of all options,
# see www.iana.org/assignments/bootp-dhcp-parameters/
{
"name": "VoIP",
"test": "substring(option[60].hex,0,6) == 'Aastra'"
},
],
# The following list defines subnets. For some subnets we defined
# a class that is allowed in that subnet. If not specified,
# everyone is allowed. When it is specified, only packets belonging
# to that class are allowed for a given subnet.
"subnet4": [
{
# This one is for VoIP devices only.
"pools": [ { "pool": "192.0.2.1 - 192.0.2.200" } ],
"subnet": "192.0.2.0/24",
"client-class": "VoIP",
"interface": "ethX"
},
# This one doesn't have any client-class specified, so everyone
# is allowed in. The normal subnet selection rules still apply,
# though.
{
"pools": [ { "pool": "192.0.3.1 - 192.0.3.200" } ],
"subnet": "192.0.3.0/24",
"interface": "ethX"
}
]
},
# The following configures logging. It assumes that messages with at least
# informational level (info, warn, error) will will be logged to stdout.
"Logging": {
"loggers": [
{
"name": "kea-dhcp4",
"output_options": [
{
"output": "stdout"
}
],
"severity": "INFO"
}
]
}
}
# This is an example configuration file for the DHCPv4 server in Kea.
# The purpose of this example is to showcase how clients can be classified.
{ "Dhcp6":
{
# Kea is told to listen on ethX interface only.
"interfaces-config": {
"interfaces": [ "ethX" ]
},
# Let's use the simplest backend: memfile and use some reasonable values
# for timers. They are of no concern for the classification demonstration.
"lease-database": { "type": "memfile" },
"renew-timer": 1000,
"rebind-timer": 2000,
"preferred-lifetime": 3000,
"valid-lifetime": 4000,
# This list defines several classes that incoming packets can be assigned to.
# One packet can belong to zero or more classes.
"client-classes": [
# The first class attempts to match all packets coming in on ethX interface.
{
"name": "lab",
"test": "pkt.iface == 'ethX'",
"option-data": [{
"name": "dns-servers",
"data": "2001:db8::1"
}]
},
# Let's classify all incoming RENEW (message type 5) to a separate
# class.
{
"name": "discovers",
"test": "pkt6.msgtype == 5"
},
# Let's pick cable modems. In this simple example we'll assume the device
# is a cable modem if it sends vendor option with enterprise-id equal
# to 4491.
{
"name": "cable-modems",
"test": "vendor.enterprise == 4491"
},
],
# The following list defines subnets. Each subnet consists of at
# least subnet and pool entries.
"subnet6": [
{
"pools": [ { "pool": "2001:db8:1::/80" } ],
"subnet": "2001:db8:1::/64",
"client-class": "cable-modems",
"interface": "ethX"
},
{
"pools": [ { "pool": "2001:db8:2::/80" } ],
"subnet": "2001:db8:2::/64",
"interface": "ethX"
}
]
},
# The following configures logging. Kea will log all debug messages
# to /var/log/kea-debug.log file.
"Logging": {
"loggers": [
{
"name": "kea-dhcp6",
"output_options": [
{
"output": "/var/log/kea-debug.log"
}
],
"debuglevel": 99,
"severity": "DEBUG"
}
]
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment