Kea issueshttps://gitlab.isc.org/isc-projects/kea/-/issues2024-03-27T12:55:24Zhttps://gitlab.isc.org/isc-projects/kea/-/issues/2984Add support for Delegated-IPv6-Prefix to RADIUS hook2024-03-27T12:55:24ZDarren AnkneyAdd support for Delegated-IPv6-Prefix to RADIUS hookCurrently, the RADIUS hook can create a reservation for an IP address based on the content of framed-ipv6-address (https://www.rfc-editor.org/rfc/rfc6911#section-3.1) in the access-accept response. It would be nice to also be able to cr...Currently, the RADIUS hook can create a reservation for an IP address based on the content of framed-ipv6-address (https://www.rfc-editor.org/rfc/rfc6911#section-3.1) in the access-accept response. It would be nice to also be able to create a reservation for a prefix based on the content of delegated-ipv6-prefix (https://www.rfc-editor.org/rfc/rfc4818) in the access-accept response.
[RT22056](https://support.isc.org/Ticket/Display.html?id=22056)kea2.5.8https://gitlab.isc.org/isc-projects/kea/-/issues/3113Don't seem to be able to skip subnet/lease selection in a hook2024-03-28T08:10:19ZAndrew ForgueDon't seem to be able to skip subnet/lease selection in a hookWhat's the proper way to skip lease/subnet selection and delegate _everything_ to a hook library? I'm trying to hook kea up to a custom IPAM system.
The best I can tell is that you implement `pkt4_receive`/`pkt4_send` and tell `lease4_...What's the proper way to skip lease/subnet selection and delegate _everything_ to a hook library? I'm trying to hook kea up to a custom IPAM system.
The best I can tell is that you implement `pkt4_receive`/`pkt4_send` and tell `lease4_select` and `subnet4_select` as `setStatus(CalloutHandle::NEXT_STEP_SKIP)`.
The hook documentation for lease4_select says:
> Next step status: If any callout installed on the "lease4_select" hook sets the next step action to SKIP, the server will not assign any lease and the callouts become responsible for the lease assignment. If the callouts fail to provide a lease, the packet processing will continue, but client will not get an address.
I'm confused as to which (other) callouts should "provide a lease" if I'm skipping lease4_select? Should I be overwriting the lease4 argument in `lease4_select` instead, and setting `NEXT_STATUS_CONTINUE`? If I do this, how do I prevent Kea from recording the lease? Do I need to SKIP `lease4_*` callouts too?
The only subnet is one from `0.0.0.0` - `255.255.255.255`
```
int pkt4_receive(CalloutHandle &handle) {
... business logic here ...
}
int pkt4_send(CalloutHandle &handle) {
... business logic here ...
}
int lease4_select(CalloutHandle &handle) {
handle.setStatus(CalloutHandle::NEXT_STEP_SKIP);
return 0;
}
int subnet4_select(CalloutHandle &handle) {
handle.setStatus(CalloutHandle::NEXT_STEP_SKIP);
return 0;
}
```
Kea 2.4 seems to drop the packet after DHCP4_PACKET_NAK_0003 (even though pkt4_send will eventually fill in everything), the client never receives anything:
```
2023-10-17 06:44:16.759 DEBUG [kea-dhcp4.packets/657887.140610219676288] DHCP4_BUFFER_RECEIVED received buffer from 127.1.2.3:6671 to 127.0.0.1:6672 over interface lo
2023-10-17 06:44:16.759 DEBUG [kea-dhcp4.options/657887.140610166056640] DHCP4_BUFFER_UNPACK parsing buffer received from 127.1.2.3 to 127.0.0.1 over interface lo
2023-10-17 06:44:16.759 DEBUG [kea-dhcp4.packets/657887.140610166056640] DHCP4_PACKET_RECEIVED [hwtype=1 02:00:00:00:00:01], cid=[no info], tid=0x1: DHCPDISCOVER (type 1) received from 127.1.2.3 to 127.0.0.1 on interface lo
2023-10-17 06:44:16.759 DEBUG [kea-dhcp4.packets/657887.140610166056640] DHCP4_QUERY_DATA [hwtype=1 02:00:00:00:00:01], cid=[no info], tid=0x1, packet details: local_address=127.0.0.1:6672, remote_address=127.1.2.3:6671, msg_type=DHCPDISCOVER (1), transid=0x
1,
options:
type=053, len=001: 1 (uint8)
type=060, len=015: "HTTPClient::7::" (string)
type=082, len=012:,
options:
type=001, len=004: 65:74:68:30
type=005, len=004: 172.16.42.1 (ipv4-address)
type=093, len=002: 0(uint16)
2023-10-17 06:44:16.759 DEBUG [kea-dhcp4.callouts/657887.140610166056640] HOOKS_CALLOUTS_BEGIN begin all callouts for hook pkt4_receive
2023-10-17 06:44:16.759 INFO [kea-dhcp4.myhooklib-callouts/657887.140610166056640] LOG_MYHOOKLIB_GENERIC Carbide: type=082, len=012:,
options:
type=001, len=004: 65:74:68:30
type=005, len=004: 172.16.42.1 (ipv4-address)
2023-10-17 06:44:16.759 INFO [kea-dhcp4.myhooklib-callouts/657887.140610166056640] LOG_MYHOOKLIB_PKT4_RECEIVE: CIRCUIT ID [eth0] in packet
2023-10-17 06:44:16.759 INFO [kea-dhcp4.myhooklib-callouts/657887.140610166056640] LOG_MYHOOKLIB_GENERIC Carbide: type=060, len=015: "HTTPClient::7::" (string)
2023-10-17 06:44:16.759 ERROR [kea-dhcp4.myhooklib-callouts/657887.140610166056640] LOG_MYHOOKLIB_PKT4_RECEIVE: Missing option [93] in packet
2023-10-17 06:44:16.846 DEBUG [kea-dhcp4.callouts/657887.140610166056640] HOOKS_CALLOUT_CALLED hooks library with index 1 has called a callout on hook pkt4_receive that has address 0x7fe25b9f3ae3 (callout duration: 87.199 ms)
2023-10-17 06:44:16.846 DEBUG [kea-dhcp4.callouts/657887.140610166056640] HOOKS_CALLOUTS_COMPLETE completed callouts for hook pkt4_receive (total callouts duration: 87.199 ms)
2023-10-17 06:44:16.846 DEBUG [kea-dhcp4.dhcpsrv/657887.140610166056640] DHCPSRV_CFGMGR_SUBNET4_ADDR selected subnet 0.0.0.0/0 for packet received by matching address 172.16.42.1
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.packets/657887.140610166056640] DHCP4_SUBNET_SELECTED [hwtype=1 02:00:00:00:00:01], cid=[no info], tid=0x1: the subnet with ID 1 was selected for client assignments
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.packets/657887.140610166056640] DHCP4_SUBNET_DATA [hwtype=1 02:00:00:00:00:01], cid=[no info], tid=0x1: the selected subnet details: 0.0.0.0/0
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.hosts/657887.140610166056640] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv4 reservation for subnet id 1, identified by hwaddr=020000000001
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.hosts/657887.140610166056640] HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using identifier: hwaddr=020000000001
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.hosts/657887.140610166056640] HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier hwaddr=020000000001, found 0 host(s)
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.hosts/657887.140610166056640] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_NULL host not found using subnet id 1 and identifier hwaddr=020000000001
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.hosts/657887.140610166056640] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv4 reservation for subnet id 1, identified by circuit-id=65746830
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.hosts/657887.140610166056640] HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using identifier: circuit-id=65746830
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.hosts/657887.140610166056640] HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier circuit-id=65746830, found 0 host(s)
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.hosts/657887.140610166056640] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_NULL host not found using subnet id 1 and identifier circuit-id=65746830
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.dhcp4/657887.140610166056640] DHCP4_CLASS_ASSIGNED [hwtype=1 02:00:00:00:00:01], cid=[no info], tid=0x1: client packet has been assigned to the following class(es): UNKNOWN
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.dhcp4/657887.140610166056640] DHCP4_CLASS_ASSIGNED [hwtype=1 02:00:00:00:00:01], cid=[no info], tid=0x1: client packet has been assigned to the following class(es): ALL, VENDOR_CLASS_HTTPClient::7::, UNKNOWN
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.ddns/657887.140610166056640] DHCP4_CLIENT_HOSTNAME_PROCESS [hwtype=1 02:00:00:00:00:01], cid=[no info], tid=0x1: processing client's Hostname option
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.dhcpsrv/657887.140610166056640] DHCPSRV_MEMFILE_GET_HWADDR obtaining IPv4 leases for hardware address hwtype=1 02:00:00:00:00:01
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.alloc-engine/657887.140610166056640] ALLOC_ENGINE_V4_OFFER_NEW_LEASE allocation engine will try to offer new lease to the client [hwtype=1 02:00:00:00:00:01], cid=[no info], tid=0x1
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.hosts/657887.140610166056640] HOSTS_CFG_GET_ONE_SUBNET_ID_ADDRESS4 get one host with reservation for subnet id 1 and IPv4 address 0.0.0.1
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.hosts/657887.140610166056640] HOSTS_CFG_GET_ALL_ADDRESS4 get all hosts with reservations for IPv4 address 0.0.0.1
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.hosts/657887.140610166056640] HOSTS_CFG_GET_ALL_ADDRESS4_COUNT using address 0.0.0.1, found 0 host(s)
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.hosts/657887.140610166056640] HOSTS_CFG_GET_ONE_SUBNET_ID_ADDRESS4_NULL host not found using subnet id 1 and address 0.0.0.1
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.dhcpsrv/657887.140610166056640] DHCPSRV_MEMFILE_GET_ADDR4 obtaining IPv4 lease for address 0.0.0.1
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.callouts/657887.140610166056640] HOOKS_CALLOUTS_BEGIN begin all callouts for hook lease4_select
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.callouts/657887.140610166056640] HOOKS_CALLOUT_CALLED hooks library with index 1 has called a callout on hook lease4_select that has address 0x7fe25b9f4647 (callout duration: 0.007 ms)
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.callouts/657887.140610166056640] HOOKS_CALLOUTS_COMPLETE completed callouts for hook lease4_select (total callouts duration: 0.007 ms)
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.dhcpsrv/657887.140610166056640] DHCPSRV_HOOK_LEASE4_SELECT_SKIP Lease4 creation was skipped, because of callout skip flag.
```
... not sure what's supposed to happen at this point to prevent the WARN/ERROR of not having a lease ...
Then:
```
2023-10-17 06:44:16.847 WARN [kea-dhcp4.alloc-engine/657887.140610166056640] ALLOC_ENGINE_V4_ALLOC_FAIL_SUBNET [hwtype=1 02:00:00:00:00:01], cid=[no info], tid=0x1: failed to allocate an IPv4 lease in the subnet 0.0.0.0/0, subnet-id 1, shared network (none)
2023-10-17 06:44:16.847 WARN [kea-dhcp4.alloc-engine/657887.140610166056640] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 02:00:00:00:00:01], cid=[no info], tid=0x1: failed to allocate an IPv4 address after 1 attempt(s)
2023-10-17 06:44:16.847 WARN [kea-dhcp4.alloc-engine/657887.140610166056640] ALLOC_ENGINE_V4_ALLOC_FAIL_CLASSES [hwtype=1 02:00:00:00:00:01], cid=[no info], tid=0x1: Failed to allocate an IPv4 address for client with classes: ALL, VENDOR_CLASS_HTTPClient::7
::, UNKNOWN
2023-10-17 06:44:16.847 DEBUG [kea-dhcp4.bad-packets/657887.140610166056640] DHCP4_PACKET_NAK_0003 [hwtype=1 02:00:00:00:00:01], cid=[no info], tid=0x1: failed to advertise a lease, client sent ciaddr 0.0.0.0, requested-ip-address (no address)
```
... no further output here ...kea2.6.0Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/3035Expose interface-id in dhcpv6 hook points2023-09-21T13:22:34ZSorin EsanuExpose interface-id in dhcpv6 hook pointsHello!
I see useful to expose option18 (interface id) and, eventually, option37 (remote id) to dhcpv6 hook points, in a similar way that option82 is sent in dhcpv4 hook points (QUERY4_OPTION_82 or QUERY4_OPTION_82_SUB_OPTION_1).
Thank you!Hello!
I see useful to expose option18 (interface id) and, eventually, option37 (remote id) to dhcpv6 hook points, in a similar way that option82 is sent in dhcpv4 hook points (QUERY4_OPTION_82 or QUERY4_OPTION_82_SUB_OPTION_1).
Thank you!next-stable-2.6https://gitlab.isc.org/isc-projects/kea/-/issues/2602Do not place libdir location in .conf files2023-07-05T10:39:18ZAlexander KanavinDo not place libdir location in .conf files/etc/kea/kea-ctrl-agent.conf and /etc/kea/kea-dhcp4.conf carry a reference to a library directory in their comments. This is problematic on multilib systems where there can be multiple library locations (e.g. 32 and 64 bit), but only one.../etc/kea/kea-ctrl-agent.conf and /etc/kea/kea-dhcp4.conf carry a reference to a library directory in their comments. This is problematic on multilib systems where there can be multiple library locations (e.g. 32 and 64 bit), but only one set of config files. Yocto project carries a patch to remove libdir references:
https://git.yoctoproject.org/poky/tree/meta/recipes-connectivity/kea/files/fix-multilib-conflict.patch
and we'd like to submit it as a merge request here.next-stable-2.6https://gitlab.isc.org/isc-projects/kea/-/issues/2101Relative path for hooks2023-06-29T08:49:17ZTomek MrugalskiRelative path for hooksWhen preparing the first template (see #2050), it became obvious that the hooks installation dir is very OS-specific. It would be very convenient if Kea knew the hook installation dir, so the same config with just a libname could be used...When preparing the first template (see #2050), it became obvious that the hooks installation dir is very OS-specific. It would be very convenient if Kea knew the hook installation dir, so the same config with just a libname could be used. If path is absolute, it would work as before. If it's relative, the default path would be prepended.next-stable-2.6https://gitlab.isc.org/isc-projects/kea/-/issues/479HA peer should drop leases not present on the partner during sync2022-11-02T15:10:19ZMarcin SiodelskiHA peer should drop leases not present on the partner during syncLet's suppose there are two HA peers A and B. The peer B dies. While the peer B is offline, the admin sends `lease4-del` command to the A. The peer B starts up and synchronizes its lease database with A. It correctly adds new leases and ...Let's suppose there are two HA peers A and B. The peer B dies. While the peer B is offline, the admin sends `lease4-del` command to the A. The peer B starts up and synchronizes its lease database with A. It correctly adds new leases and updates existing leases based on the list received from A. However, it doesn't remove the lease deleted on A while it was offline. The server admin would need to send `lease4-del` command to B to remove the lease.
In order to address this problem we have to fetch all leases from the B's backend and iterate over them to see if they are also present on A. In order to do so, we will have to keep the local copy of leases received from A. For Memfile, MySQL and Postgres we could do it more efficiently by comparing ranges of leases as they are ordered by IP addresses. After comparing a range of leases we could simply drop the local copy of the lease ranges. However, this won't work for Cassandra which returns leases out of order. In the Cassandra case we will have to collect all leases returned by the peer.backlogMarcin SiodelskiMarcin Siodelskihttps://gitlab.isc.org/isc-projects/kea/-/issues/382Propagate lease updates between HA peers2022-11-02T15:08:41ZMarcin SiodelskiPropagate lease updates between HA peersHigh Availability setup includes at least two servers paired to provide reliable service. We have the lease_cmds hooks library which is utilized by the HA hooks library to send lease updates between the peers. Sometimes, though, an admin...High Availability setup includes at least two servers paired to provide reliable service. We have the lease_cmds hooks library which is utilized by the HA hooks library to send lease updates between the peers. Sometimes, though, an administrator may want to update lease information via the control channel, e.g. remove stale lease. Currently, he'd need to send appropriate command to all HA peers that (potentially) share the lease information. It is useful to be able to send the command to only one of the HA peers and let it propagate it down to other servers. For that, the HA peer would need to somehow identify that the command has been sent by the administrator rather than the HA peer, otherwise it would trigger circular updates.
The details how to implement it are TBD.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/47Update network/subnet hooks to handle new classification fields2022-11-02T15:08:43ZGhost UserUpdate network/subnet hooks to handle new classification fields[#5374](https://oldkea.isc.org/ticket/5374) was merged but introduced new features which require an update of hooks managing shared networks and subnets.[#5374](https://oldkea.isc.org/ticket/5374) was merged but introduced new features which require an update of hooks managing shared networks and subnets.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/2622`run_script` hook should contain all DHCP options2022-12-01T14:53:51Zvps-eric`run_script` hook should contain all DHCP optionsI propose that the `run_script` hook be expanded to include all (or more) options of the DHCPv4 packet. As it stands, [only option 82 is returned](https://gitlab.isc.org/isc-projects/kea/-/blob/master/src/hooks/dhcp/run_script/run_script...I propose that the `run_script` hook be expanded to include all (or more) options of the DHCPv4 packet. As it stands, [only option 82 is returned](https://gitlab.isc.org/isc-projects/kea/-/blob/master/src/hooks/dhcp/run_script/run_script.cc#L373-383):
```
RunScriptImpl::extractOption(vars,
pkt4->getOption(DHO_DHCP_AGENT_OPTIONS),
prefix, suffix);
RunScriptImpl::extractSubOption(vars,
pkt4->getOption(DHO_DHCP_AGENT_OPTIONS),
RAI_OPTION_AGENT_CIRCUIT_ID,
prefix, suffix);
RunScriptImpl::extractSubOption(vars,
pkt4->getOption(DHO_DHCP_AGENT_OPTIONS),
RAI_OPTION_REMOTE_ID,
prefix, suffix);
```
Not having looked in-depth, this seems like a place to add a loop over all the option constants, and additionally over each suboption (if applicable). This might be completely unrealistic, however.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/2313kea-dhcp6 has wrong hook label in exception catch block2022-11-02T15:10:40ZThomas Markwalderkea-dhcp6 has wrong hook label in exception catch blockkea-dhcp6 server has try-catch block around the call to leases6_committed hook callout. The catch block calls HookManager to drop parked packet but specifies the wrong hook name:
```
try {
// Call all installed cal...kea-dhcp6 server has try-catch block around the call to leases6_committed hook callout. The catch block calls HookManager to drop parked packet but specifies the wrong hook name:
```
try {
// Call all installed callouts
HooksManager::callCallouts(Hooks.hook_index_leases6_committed_,
*callout_handle);
} catch (...) {
// Make sure we don't orphan a parked packet.
HooksManager::drop("leases4_committed", query);
throw;
}
```
It should be "leases6_committed". I doubt this is having any real impact but it might represent a memory leak under certain error conditions.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1092legal logging hook should save state of lease added via lease4/6-add commands2022-11-02T15:10:19ZWlodzimierz Wencellegal logging hook should save state of lease added via lease4/6-add commandsFound out while I was working on isc-projects/kea#1022
Lease4/6-add commands are related to legal logging hook. If administrator is able to add lease with different states - it should be logged when legal logging hook is enabled. e.g.:
...Found out while I was working on isc-projects/kea#1022
Lease4/6-add commands are related to legal logging hook. If administrator is able to add lease with different states - it should be logged when legal logging hook is enabled. e.g.:
commands and result:
```
'{"command": "lease6-add","arguments": {"state": 2, "subnet-id": 1,"ip-address": "2001:db8:1::1","duid": "1a:1b:1c:1d:1e:1f:20:21:22:23:24","iaid": 1234}}'
{
"result": 0,
"text": "Lease for address 2001:db8:1::1, subnet-id 1 added."
}
'{"command": "lease6-add","arguments": {"state": 1, "subnet-id": 1,"ip-address": "2001:db8:1::2","duid": "1a:1b:1c:1d:1e:1f:20:21:22:23:24","iaid": 1234}}'
{
"result": 0,
"text": "Lease for address 2001:db8:1::2, subnet-id 1 added."
}
'{"command": "lease6-add","arguments": {"state": 0, "subnet-id": 1,"ip-address": "2001:db8:1::3","duid": "1a:1b:1c:1d:1e:1f:20:21:22:23:24","iaid": 1234}}'
{
"result": 0,
"text": "Lease for address 2001:db8:1::3, subnet-id 1 added."
}
```
and even if we added 3 different leases, legal logging saved this:
```
2020-01-24 05:49:42 PST Administrator added a lease of address: 2001:db8:1::1 to a device with DUID: 1a:1b:1c:1d:1e:1f:20:21:22:23:24
2020-01-24 05:49:42 PST Administrator added a lease of address: 2001:db8:1::2 to a device with DUID: 1a:1b:1c:1d:1e:1f:20:21:22:23:24
2020-01-24 05:49:42 PST Administrator added a lease of address: 2001:db8:1::3 to a device with DUID: 1a:1b:1c:1d:1e:1f:20:21:22:23:24
```backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/301Report a hook DSO version when it is loaded2022-11-02T15:08:41ZThomas MarkwalderReport a hook DSO version when it is loadedIt would be useful, if Hook DSO versions were emitted when they are loaded, or if they were included in response to the version report command.It would be useful, if Hook DSO versions were emitted when they are loaded, or if they were included in response to the version report command.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/290Arguments/parameters for hooks and commands are not checked2023-02-25T19:27:17ZFrancis DupontArguments/parameters for hooks and commands are not checkedChild of #229 for all hooks.Child of #229 for all hooks.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/251if hook is defined in config twice then all operations are made 2 times2023-07-31T13:52:07ZMichal Nowikowskiif hook is defined in config twice then all operations are made 2 timesif in config there is:
```
{
"library": "/usr/local/lib/hooks/libdhcp_class_cmds.so"
}, {
"library": "/usr/local/lib/hooks/libdhcp_class_cmds.so"
}
```
then operations like 'class-add' are performed 2 times.
In case of 'class-add...if in config there is:
```
{
"library": "/usr/local/lib/hooks/libdhcp_class_cmds.so"
}, {
"library": "/usr/local/lib/hooks/libdhcp_class_cmds.so"
}
```
then operations like 'class-add' are performed 2 times.
In case of 'class-add' the second one fails as there is already given class present.
UPDATE: See the discussion below. This is uncommon, but valid. However, Kea should print a warning if the same hook is loaded more than once.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1562command_processed hook not tested or documented in CA2022-08-01T13:27:57ZTomek Mrugalskicommand_processed hook not tested or documented in CAThis was discovered in #1421 that the `command_processed` hook point is not documented and not tested.
With the upcoming RBAC, we need to improve the testing situation.This was discovered in #1421 that the `command_processed` hook point is not documented and not tested.
With the upcoming RBAC, we need to improve the testing situation.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/2449atomic lease limits2022-08-11T11:51:44ZAndrei Pavelandrei@isc.orgatomic lease limitsMake the checking of lease limits atomic to the lease allocation process, and thus resulting in a hard limit cap, as outlined below:
* [ ] Add the limits to the lease candidate's user context under path `ISC.limits` in the `leaseX_selec...Make the checking of lease limits atomic to the lease allocation process, and thus resulting in a hard limit cap, as outlined below:
* [ ] Add the limits to the lease candidate's user context under path `ISC.limits` in the `leaseX_select` callout.
* [ ] Add before-event triggers on the lease tables in MySQL and PostgreSQL that check the limits and prevent the subsequent INSERT or UPDATE statement if a limit is exceeded. If the INSERT or UPDATE is carried out, `ISC.limits` is removed from the user context.
* [ ] Signal the event of reaching a limit to the lease manager which logs its details.
* [ ] Make sure the event is properly handled as a frequent application logic event in the calling contexts (e.g. allocation engine, HA service, lease_cmds), as opposed to a technical failure which can disrupt the usual service or can be costly in terms of performance.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/948hooks providing commands should check for control channel2019-11-28T16:39:45ZFrancis Duponthooks providing commands should check for control channelAs mentioned in #794 cb_cmds and in general any hooks mostly providing commands should check a control channel is configured as obviously they are useless without one... #794 recommends to refuse to load.As mentioned in #794 cb_cmds and in general any hooks mostly providing commands should check a control channel is configured as obviously they are useless without one... #794 recommends to refuse to load.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/450Populate log messages from the cb_cmds to the database2020-09-10T15:50:03ZMarcin SiodelskiPopulate log messages from the cb_cmds to the databaseAssuming that we do #449, we then have to extend the cb_cmds hooks library to actually use the log messages conveyed in the control commands to the database through the AuditRevision objects.Assuming that we do #449, we then have to extend the cb_cmds hooks library to actually use the log messages conveyed in the control commands to the database through the AuditRevision objects.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/435A design for "backends in hooks"2022-04-21T10:39:03ZTomek MrugalskiA design for "backends in hooks"We had a discussion about Kea packaging in 1.6 (see meeting notes 2019-01-24). The conclusion was that we want to prepare for Kea packaging better. In particular, the database backends should be moved to hooks that are loaded dynamically...We had a discussion about Kea packaging in 1.6 (see meeting notes 2019-01-24). The conclusion was that we want to prepare for Kea packaging better. In particular, the database backends should be moved to hooks that are loaded dynamically, rather than included during compilation time.
The overall intention is to have a directory where hooks could be loaded from. This is similar to Apache modules. They have 2 directories: mods-available and mods-enabled. The first one contains a list of modules (hooks). The second one has symlinks to those modules (hooks) that will be loaded. This approach is super easy to understand and use. Also, very extensible, because you can package backends and other hooks in independent RPM or DEB packages.
It's different than what we do now and several things have to be changed before we get there:
1. When Kea parses configuration, it has to know what lease-database and hosts-database backends are supported. Right now it's hardcoded* (but see below). We'd need to load the hooks first and they would register available backends, then we'd process rest of the configuration.
1. RADIUS is implemented as a hook and it does provide hosts backend. Before doing anything, please investigate how it registers "radius" hosts-backend type. This is not exactly a ready to use solution (because you can't configure "radius" backend in the config yet), but they underlying implementation of backend type registration is good.
1. we need to develop a code that would load all the hooks from a directory
Things to consider:
1. name the directory properly (people complained that the hooks have incorrect name libdhcp- and also are placed in incorrect directory)
2. perhaps we could have hooks that are loaded always (call them permanent hooks maybe?). Those would be put in the hooks-enabled directory and would be loaded at kea startup and not unloaded during reconfiguration? This would be most useful for parameter-less hooks (such a config backends)
3. apache allows having a separate config file for each module. IMHO this is a bit too much, but maybe it's something to look at after all?
The goal of this ticket is to write a design. It should conclude with w written design and a list of tickets needed to implement it.outstanding