Kea issueshttps://gitlab.isc.org/isc-projects/kea/-/issues2023-05-18T10:17:31Zhttps://gitlab.isc.org/isc-projects/kea/-/issues/2861Implement RFC 8925 IPv6-Only Preferred Option for DHCPv42023-05-18T10:17:31ZVicky Riskvicky@isc.orgImplement RFC 8925 IPv6-Only Preferred Option for DHCPv4Petr reports that at CSNOG there were multiple requests for this and it was observed that this option is already implemented in some major phone operating systems.Petr reports that at CSNOG there were multiple requests for this and it was observed that this option is already implemented in some major phone operating systems.https://gitlab.isc.org/isc-projects/kea/-/issues/2779automatically retry interfaces that previously failed2023-04-06T13:47:30ZThomas Eppersonautomatically retry interfaces that previously failedI am trying to use kea-dhcp4 to listed on two different ethernet connections. One or both of them might not be connected on startup. I am using networkmanager to configure the ethernet ports. I have the ignore-carrier option set in netwo...I am trying to use kea-dhcp4 to listed on two different ethernet connections. One or both of them might not be connected on startup. I am using networkmanager to configure the ethernet ports. I have the ignore-carrier option set in networkmanager so that both ethernet ports are configured with ip addresses as desired.
I would like to have kea-dchp4 respond on both ports. Current behavior is that kea only responds to ports that are connected on startup. Connecting a port after startup does not result in kea listening on that ethernet port.
In the log, I see the following:
2022-12-20 19:08:38.634 WARN [kea-dhcp4.dhcpsrv/487.281473514119200] DHCPSRV_OPEN_SOCKET_FAIL failed to open socket: the interface end1 is not runninghttps://gitlab.isc.org/isc-projects/kea/-/issues/2032RADIUS hook support for expressions in accounting messages2023-10-30T21:17:57ZVicky Riskvicky@isc.orgRADIUS hook support for expressions in accounting messagesThe ARM states that expressions are supported in RADIUS, but apparently they are not supported in accounting messages. Can we add this into the accounting messages?
A user who purchased this hook on-line ran across this limitation.The ARM states that expressions are supported in RADIUS, but apparently they are not supported in accounting messages. Can we add this into the accounting messages?
A user who purchased this hook on-line ran across this limitation.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1596Include subnet and pool user context in lease database2023-04-06T12:02:31ZPeter DaviesInclude subnet and pool user context in lease databaseI would like the option to copy the information from user-context on subnet level and from pool level to user-context in lease4/lease6 table after a lease accepted. What I would like to see it is :
Example config:
```
{
"...I would like the option to copy the information from user-context on subnet level and from pool level to user-context in lease4/lease6 table after a lease accepted. What I would like to see it is :
Example config:
```
{
"name": "CMTS-4",
"relay": {
"ip-addresses": [ "0123:4567:891b:cd::1" ]
},
"subnet6": [
{
"subnet": "0123:4567:891b:cd::/64",
"id": 40001,
"pools": [
{ "pool": "0123:4567:891b:cd:4000::a - 0123:4567:891b:cd:7fff:ffff:ffff:ffff" ,"client-class": "pool_one", "user-context": { "pool": "pool_one", "name" : "av", "size" : "10" }} ,
{ "pool": "0123:4567:891b:cd::a - 0123:4567:891b:cd:3fff:ffff:ffff:ffff" ,"client-class": "gamers", "user-context": { "pool": "gamers", "name" : "computers", "size" : "1000" } } ,
{ "pool": "0123:4567:891b:cd:8000::a - 0123:4567:891b:cd:bfff:ffff:ffff:ffff" ,"client-class": "internet"}
],
"pd-pools": [
{
"prefix": "abcd:ef01:9044::",
"client-class": "pool_one",
"prefix-len": 46,
"delegated-len": 56,
"user-context": { "pdpool": "pool_one", "name" : "av" }
},
{
"prefix": "abcd:ef01:9444::",
"client-class": "gamers",
"prefix-len": 46,
"delegated-len": 56,
"user-context": { "pdpool": "gamers", "name" : "lan" }
},
{
"prefix": "abcd:ef01:8120::",
"client-class": "internet",
"prefix-len": 44,
"delegated-len": 56
}
],
"user-context": {
"device": "CMTS-4",
"location": "Partner"
}
}
]
}
```
When a user gets a lease with "client-class: gamers" then on the lease record in the lease table he will have the next json:
```
"user-context": {
shared-network: {}, ## <- came from shared-network level
"subnet" : { "device": "CMTS-4", "location": "Partner"}, ## <- came from subnet level
"pd-pool" : { "pdpool": "gamers", "name" : "lan" }, ## <- came from pd-pool level
"pool" : { "pool": "gamers", "name" : "computers", "size" : "1000" } ## <- came from pool level
}
```
This will help me get info on my subscribers, the lease table doesnt have specific info,
Lets say that I have a few pools under one subnet(like the example),
with that info I can get more accurate statistics on the leased addresses.
How many subscribers I have in gamers.
Another idea is to add info from other hook,
We are using radius hook,
So If was I able to select fields from radius hook, like "username" or some other attribute (that came from radius) and put it inside user-context:
```
"user-context": {
"radius" : { "username" : "xxxxx", }
}
```
[RT #17374 ](https://support.isc.org/Ticket/Display.html?id=17374)backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1517Overlapping Subnet Warning2022-05-25T09:25:25ZPeter DaviesOverlapping Subnet WarningOverlapping Subnet Warning:
It is at present not considered an error to configure a subnet that has an address space that either partially or completely overlaps the address space of existing subnet.
It may however be of interest to ...Overlapping Subnet Warning:
It is at present not considered an error to configure a subnet that has an address space that either partially or completely overlaps the address space of existing subnet.
It may however be of interest to administrators that this sort of configuration exists.
Would it be possible to allow Kea to log a warning message when it discovers this type of situation?
refers to RT [#17206](https://support.isc.org/Ticket/Display.html?id=17206)kea2.1-backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1375Improve Database reconnect logic2021-01-22T17:15:24ZThomas MarkwalderImprove Database reconnect logicCurrently, when kea-dhcp4/6 servers lose connectivity to any of their backends (lease, host, or CB), the reconnect logic attempts to reconnect to all of them, whether they were lost or not. This is not the most efficient or flexible thi...Currently, when kea-dhcp4/6 servers lose connectivity to any of their backends (lease, host, or CB), the reconnect logic attempts to reconnect to all of them, whether they were lost or not. This is not the most efficient or flexible thing to do.
The reconnect logic is here:
ControlledDhcpv*Srv::dbReconnect(ReconnectCtlPtr db_reconnect_ctl)
This function is the lost db callback function and is invoked by the DatabaseConnection that suffers the failure. To improve behavior we will likely need more information passed in via db_reconnect_ctl, such that the above function can identify which backend has been lost and reconnect only that one.
We have a support customer that suggests we might want the ability to treat the loss of CB as non-fatal:
https://support.isc.org/Ticket/Display.html?id=16862kea1.9.3Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/465Add subnet4-update and subnet6-update commands to subnet-cmds hook [ISC-suppo...2019-04-19T11:25:18ZVicky Riskvicky@isc.orgAdd subnet4-update and subnet6-update commands to subnet-cmds hook [ISC-support #14130]In order to update an existing subnet, you (currently) have to first delete it and then add it.
When making a small change to a large number of subnets, this can create excessive amount of traffic.
Could we please have additional comman...In order to update an existing subnet, you (currently) have to first delete it and then add it.
When making a small change to a large number of subnets, this can create excessive amount of traffic.
Could we please have additional commands to update an existing subnet?
This was part of the original design, but we didn't implement it at the time (likely ran out of time)
https://gitlab.isc.org/isc-projects/kea/wikis/designs/commands#24-subnets-management
S.7. Kea MAY support the #FF0000 subnet4-update command.
S.8. Kea MAY support the #FF0000 subnet6-update command.
From the wiki:
Those two commands allow making changes to an existing subnet: changing prefix, prefix length, T1, T2, preferred lifetime, valid lifetime timers, allowed client classes, subnet specific options, and subnet-id values. It also allows modifying pools.
Kea1.6Tomek MrugalskiTomek Mrugalskihttps://gitlab.isc.org/isc-projects/kea/-/issues/399Merge DHCPv4 shared networks fetched from the CB into the configuration2019-02-20T16:40:51ZMarcin SiodelskiMerge DHCPv4 shared networks fetched from the CB into the configuration`SrvConfig::merge` must be updated to merge DHCPv4 shared networks into existing staging or current config.`SrvConfig::merge` must be updated to merge DHCPv4 shared networks into existing staging or current config.Kea1.6Thomas MarkwalderThomas Markwalderhttps://gitlab.isc.org/isc-projects/kea/-/issues/398Add logging to the MySQL config backend2019-05-16T16:50:35ZMarcin SiodelskiAdd logging to the MySQL config backendThe MySQL config backend currently lacks any log messages. They should be added.The MySQL config backend currently lacks any log messages. They should be added.Kea1.6Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/397Add audit trail for the DHCPv6 MySQL backend2019-04-18T13:57:59ZMarcin SiodelskiAdd audit trail for the DHCPv6 MySQL backendThe audit table in MySQL config backend must be updated to track incremental configuration changes. Then, the server must use this table to learn about the configuration changes it should fetch.
To find out what exactly should be put in...The audit table in MySQL config backend must be updated to track incremental configuration changes. Then, the server must use this table to learn about the configuration changes it should fetch.
To find out what exactly should be put in the audit log, please see changes in #396.Kea1.6Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/396Add audit trail for the DHCPv4 MySQL backend2019-02-08T14:59:13ZMarcin SiodelskiAdd audit trail for the DHCPv4 MySQL backendThe audit table in MySQL config backend must be updated to track incremental configuration changes. Then, the server must use this table to learn about the configuration changes it should fetch.The audit table in MySQL config backend must be updated to track incremental configuration changes. Then, the server must use this table to learn about the configuration changes it should fetch.Kea1.6Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/395Create a class representing CB audit entries2019-01-16T13:06:32ZMarcin SiodelskiCreate a class representing CB audit entriesThe CB uses audit tables to track incremental changes in the servers' configurations. We need a C++ class representing the audit entries.The CB uses audit tables to track incremental changes in the servers' configurations. We need a C++ class representing the audit entries.Kea1.6Marcin SiodelskiMarcin Siodelskihttps://gitlab.isc.org/isc-projects/kea/-/issues/167Log client fingerprinting data2022-06-03T11:59:27ZVicky Riskvicky@isc.orgLog client fingerprinting dataIdentifying client device types via 'fingerprinting' is a common feature of dhcp mgmt utilities. Some users who want to do this themselves are asking where they can get the raw data from Kea. They could then use one of the open source d...Identifying client device types via 'fingerprinting' is a common feature of dhcp mgmt utilities. Some users who want to do this themselves are asking where they can get the raw data from Kea. They could then use one of the open source databases such as https://fingerbank.org to determine via post processing what device type the client most likely is.
Can we log the order in which the client requests options as well as the vendor ID for use by a fingerprinting service? (e.g. options 55 and 60 from the REQUEST for DHCPv4)
This could be added to the existing forensic log hook, or we could create another hook.outstandingPeter DaviesPeter Davies