... | ... | @@ -8,7 +8,7 @@ This release adds new features, improves existing features, clarifies documentat |
|
|
|
|
|
**Setting lease time for client classes.** Earlier Kea versions allowed setting different lease lifetimes depending on where the device was located in the network (using the global, network, or subnet levels). However, it was impossible to set the lifetime based on device type. This missing capability is now implemented for IPv4, with IPv6 support coming soon. #1635
|
|
|
|
|
|
**TLS support work in progress.** The Kea team continues its work on implementing Transport Layer Security (TLS) in Kea. The ultimate goal is for the Control Agent (CA) to be able to accept HTTPS connections. While the TLS solution is not yet usable, several important milestones have been completed. There are now several new parameters available in the CA configuration: `trust-anchor`, `cert-file`, `key-file`, and `cert-required`. The parameters can be configured, but they are not yet used. A new config example, `doc/examples/agent/https.json`, has been added with some commentary (#1662). Another change updated the asiolink library to be able to handle the new TLS socket type. This is not a user-visible change. #1644
|
|
|
**TLS support work in progress.** The Kea team continues its work on implementing Transport Layer Security (TLS) in Kea. The ultimate goal is for the Control Agent (CA) to be able to accept HTTPS connections. While the TLS solution is not yet usable, several important milestones have been completed. There are now several new parameters available in the CA configuration: `trust-anchor`, `cert-file`, `key-file`, and `cert-required`. The parameters can be configured, but they are not yet used. A new config example, `doc/examples/agent/https.json`, has been added with some commentary (#1662). Another change updated the asiolink library to be able to handle the future TLS socket types. This is not a user-visible change. #1644
|
|
|
|
|
|
**DB cluster improvements.** Kea does not officially support any database (DB) clustering solutions; we have heard from users who have used clustering solutions with varying results. The ISC team has begun experimenting with Galera, Percona, NDB, and group replication. We set up clusters and ran unit and system tests, and found a few issues to address. The first two improvements make our MySQL libraries run better in a Percona cluster. One ticket updated the MySQL schema with the primary key for forensic logging (#1709), while another fixed several problems in unit tests that manifested themselves only on Percona (#1708). Finally, we are getting ready to run performance tests of multiple Kea instances connected to a DB cluster. To do that reliably, we need to export the list of leases assigned by each instance and then correlate them to check for any duplicates. With that in mind, we extended our `perfdhcp` tool with the ability to export the list of assigned leases. We hope to make good use of that capability in future tests. #1703
|
|
|
|
... | ... | |