Mix of physical and virtual interfaces (VLAN) does not work (#1117) · Issues · ISC Open Source Projects / Kea

Mix of physical and virtual interfaces (VLAN) does not work

Describe the bug Setting up KEA DHCP server on a system to listen to a physical interface and one or multiple virtual interfaces causes wrong IP pools to be assigned.

To Reproduce Steps to reproduce the behavior:

Set up a virtual interface as VLAN interface connected to a physical interface
Configure KEA DHCP server to listen to physical interface and virtual interface in "raw" mode
Try to request an IP from the pool assigned to the VLAN
KEA DHCP server gets confused and handles the request on both devices advertising different ips

Expected behavior Proper IP pools should be assigned. VLAN requests must not be handled on physical device.

Environment:

Kea version: 1.6.1
OS: Debian 10
Which features were compiled in (in particular which backends): mysql
If/which hooks where loaded in: libdhcp_stat_cmds.so, libdhcp_ha.so, libdhcp_lease_cmds.so

Additional Information Config file:

{
        "Dhcp4": {
                "interfaces-config": {
                        "interfaces": [ "eth0", "eth0.30", "eth0.50", "eth0.100" ],
                        "dhcp-socket-type": "raw"
                },
                "control-socket": {
                        "socket-type": "unix",
                        "socket-name": "/tmp/kea4-ctrl-socket"
                },
                "lease-database": {
               …
                },
                "hosts-database": {
               …
                },
                "sanity-checks": {
                        "lease-checks": "fix-del"
                },
                "valid-lifetime": 28800,
                "rebind-timer": 21600,
                "subnet4": [
                        {
                                "pools": [
                                        {
                                                "pool": "192.168.20.100-192.168.20.200"
                                        }
                                ],
                                "id": 1,
                                "subnet": "192.168.20.0/24",
                                "interface": "eth0",
                                "option-data": [
                       …
                                ]
                        },
                        {
                                "pools": [
                                        {
                                                "pool": "192.168.30.100-192.168.30.200"
                                        }
                                ],
                                "id": 30,
                                "subnet": "192.168.30.0/24",
                                "interface": "eth0.30",
                                "option-data": [
                       …
                                ]
                        },
                        {
                                "pools": [
                                        {
                                                "pool": "192.168.50.100-192.168.50.200"
                                        }
                                ],
                                "id": 50,
                                "interface" : "eth0.50",
                                "subnet": "192.168.50.0/24",
                                "option-data": [
                       …
                                ]
                        },
                        {
                                "pools": [
                                        {
                                                "pool": "192.168.100.100-192.168.100.200"
                                        }
                                ],
                                "id": 100,
                                "subnet": "192.168.100.0/24",
                                "interface": "eth0.100",
                                "option-data": [
                       …
                                ]
                        }
                ],
                "hooks-libraries": [
               …
                ],
                "loggers": [
                        …
                ]
        }
}

Currently I have a temporary solution in place by creating a "macvlan" device (also virtual) to handle traffic from the physical device. But this is not an optimal solution.

Contacting you talk.about@gmx.de

**Describe the bug**
Setting up KEA DHCP server on a system to listen to a physical interface and one or multiple virtual interfaces causes wrong IP pools to be assigned.

**To Reproduce**
Steps to reproduce the behavior:
1. Set up a virtual interface as VLAN interface connected to a physical interface
2. Configure KEA DHCP server to listen to physical interface and virtual interface in "raw" mode
3. Try to request an IP from the pool assigned to the VLAN
4. KEA DHCP server gets confused and handles the request on both devices advertising different ips

**Expected behavior**
Proper IP pools should be assigned. VLAN requests must not be handled on physical device.

**Environment:**
 - Kea version: 1.6.1
 - OS: Debian 10
 - Which features were compiled in (in particular which backends): mysql
 - If/which hooks where loaded in: libdhcp_stat_cmds.so, libdhcp_ha.so, libdhcp_lease_cmds.so

**Additional Information**
Config file:

```
{
        "Dhcp4": {
                "interfaces-config": {
                        "interfaces": [ "eth0", "eth0.30", "eth0.50", "eth0.100" ],
                        "dhcp-socket-type": "raw"
                },
                "control-socket": {
                        "socket-type": "unix",
                        "socket-name": "/tmp/kea4-ctrl-socket"
                },
                "lease-database": {
               …
                },
                "hosts-database": {
               …
                },
                "sanity-checks": {
                        "lease-checks": "fix-del"
                },
                "valid-lifetime": 28800,
                "rebind-timer": 21600,
                "subnet4": [
                        {
                                "pools": [
                                        {
                                                "pool": "192.168.20.100-192.168.20.200"
                                        }
                                ],
                                "id": 1,
                                "subnet": "192.168.20.0/24",
                                "interface": "eth0",
                                "option-data": [
                       …
                                ]
                        },
                        {
                                "pools": [
                                        {
                                                "pool": "192.168.30.100-192.168.30.200"
                                        }
                                ],
                                "id": 30,
                                "subnet": "192.168.30.0/24",
                                "interface": "eth0.30",
                                "option-data": [
                       …
                                ]
                        },
                        {
                                "pools": [
                                        {
                                                "pool": "192.168.50.100-192.168.50.200"
                                        }
                                ],
                                "id": 50,
                                "interface" : "eth0.50",
                                "subnet": "192.168.50.0/24",
                                "option-data": [
                       …
                                ]
                        },
                        {
                                "pools": [
                                        {
                                                "pool": "192.168.100.100-192.168.100.200"
                                        }
                                ],
                                "id": 100,
                                "subnet": "192.168.100.0/24",
                                "interface": "eth0.100",
                                "option-data": [
                       …
                                ]
                        }
                ],
                "hooks-libraries": [
               …
                ],
                "loggers": [
                        …
                ]
        }
}
```

Currently I have a temporary solution in place by creating a "macvlan" device (also virtual) to handle traffic from the physical device. But this is not an optimal solution.

**Contacting you**
talk.about@gmx.de

Edited Feb 06, 2020 by Talkabout

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information