Kea issueshttps://gitlab.isc.org/isc-projects/kea/-/issues2018-08-27T17:14:26Zhttps://gitlab.isc.org/isc-projects/kea/-/issues/83Update HA design with the ability to hold state2018-08-27T17:14:26ZGhost UserUpdate HA design with the ability to hold stateWe're going to implement a hold in a waiting state capability in HA.
As a first step, we need to to update the [requirements](../wikis/HARequriements) and the [design](../wikis/HADesign). This ticket covers this update.We're going to implement a hold in a waiting state capability in HA.
As a first step, we need to to update the [requirements](../wikis/HARequriements) and the [design](../wikis/HADesign). This ticket covers this update.Kea1.5-beta1https://gitlab.isc.org/isc-projects/kea/-/issues/82Improve Kea test capabilities2019-01-25T19:18:24ZGhost UserImprove Kea test capabilitiesKea accepts the "-p" switch to change the port on which it listens. However, there appears to be no way to alter the port to which it sends replies. Similarly perfdhcp accepts the "-L" switch to alter the local port (the port on which ...Kea accepts the "-p" switch to change the port on which it listens. However, there appears to be no way to alter the port to which it sends replies. Similarly perfdhcp accepts the "-L" switch to alter the local port (the port on which it listens for responses? - this is not clear), but there appears to be no way to alter the port to which it sends packets.
Although full testing on the privileged ports using multiple systems would still need to be carried out before release, it would simplify a lot of development testing if Kea and perfdhcp could (with suitable switch settings) communicate via unprivileged ports on the loopback interface.Kea1.6Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/81RADIUS hook issue? Duplicated attributes in RADIUS requests after reloading ...2019-01-01T14:16:36ZGhost UserRADIUS hook issue? Duplicated attributes in RADIUS requests after reloading configItay Rozenburg reports to us:
> Greetings Support
>
> 1) I think I found a bug in the radius hook.
>
> When I reload the configuration via rest api,
> The radius requests looks weird,
> You can see Some of the attributes twice ...Itay Rozenburg reports to us:
> Greetings Support
>
> 1) I think I found a bug in the radius hook.
>
> When I reload the configuration via rest api,
> The radius requests looks weird,
> You can see Some of the attributes twice in each request.
> Access-Request (1), id: 0x54, Authenticator: ****
> User-Name Attribute (1), length: 20, Value: xxxyyy
> User-Password Attribute (2), length: 18, Value: ***
> User-Password Attribute (2), length: 18, Value: ***
> Calling-Station-Id Attribute (31), length: 19, Value: aa:bb:cc:dd:ee:ff
> NAS-Identifier Attribute (32), length: 5, Value: kea
> NAS-Identifier Attribute (32), length: 5, Value: kea
> Connect-Info Attribute (77), length: 41, Value: ***xxx***
> Connect-Info Attribute (77), length: 41, Value: ***xxx***
> NAS-Port Attribute (5), length: 6, Value: 1480
> NAS-IP-Address Attribute (4), length: 6, Value: 10.1.1.1
>
> If I reload the process everything looks fine.Kea1.5-finalFrancis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/80HA: timeout for disabling DHCP service during lease synchronization should be...2018-11-05T19:25:30ZGhost UserHA: timeout for disabling DHCP service during lease synchronization should be controllableThe leases synchronization timeout is now controlled via the 'sync-timeout'. While the synchronization is performed, the DHCP service of the active partner is disabled, but for the hardcoded time of 60 seconds. This should either be the ...The leases synchronization timeout is now controlled via the 'sync-timeout'. While the synchronization is performed, the DHCP service of the active partner is disabled, but for the hardcoded time of 60 seconds. This should either be the same as the timeout for communication over the control channel or should have its own configuration knob. In fact, when we implement the #5652 we can't really set to the same value as the timeout for communication over control channel, because we will be sending multiple commands but the service should be disabled for the entire synchronization.Kea1.5-beta1https://gitlab.isc.org/isc-projects/kea/-/issues/78Extend HA hooks library to synchronize leases by chunks, i.e. multiple fetche...2018-11-05T19:25:30ZGhost UserExtend HA hooks library to synchronize leases by chunks, i.e. multiple fetches of leasesOne of the major use cases for the lease_cmds hooks library is to provide a way to synchronize leases between HA enabled servers. Currently the HA hooks library will fetch the entire lease database which requires the lease_cmds hooks lib...One of the major use cases for the lease_cmds hooks library is to provide a way to synchronize leases between HA enabled servers. Currently the HA hooks library will fetch the entire lease database which requires the lease_cmds hooks library to create a JSON structure of the whole lease database. This eats the CPU and memory. In case of large number of leases in the database it may freeze the server for a long period of time.
In order to mitigate this issue the lease_cmds hooks librart must support fetching limited number of leases, e.g. 1000, 2000 leases etc. The controlling client should be able to specify last fetched leases with the limit and the server should return leases with addresses beyond this last fetched address. That way, the entire lease database may be returned in chunks with client specifying the start of the next chunk.
This ticket is about extending the HA hooks library to utilize this mechanism implemented with #5651 in the lease_cmds.Kea1.5-beta1https://gitlab.isc.org/isc-projects/kea/-/issues/77memfile: add a command to force writing in-memory DB to file2022-11-02T15:08:43ZGhost Usermemfile: add a command to force writing in-memory DB to filememfile keeps leases in memory and writes changes to disk. If the leasefile is lost for whatever reason, it may be useful to tell Kea to write is entire lease file to disk.memfile keeps leases in memory and writes changes to disk. If the leasefile is lost for whatever reason, it may be useful to tell Kea to write is entire lease file to disk.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/75RADIUS documentation needs an update2018-11-27T13:35:28ZGhost UserRADIUS documentation needs an updateI've spotted couple small issues in section 14.4.8:
- It still mentions --with-tier2
- STEP 2 the last sentence misses word "download": To and compile this version, please use the following steps:
- The last sentence in Step 3 says tha...I've spotted couple small issues in section 14.4.8:
- It still mentions --with-tier2
- STEP 2 the last sentence misses word "download": To and compile this version, please use the following steps:
- The last sentence in Step 3 says that boost has no explicit make install step. But it has b2 install, so that remark doesn't make much sense.
Also, need to provide links to the bug fixes Francis reported back to FreeRADIUS.Kea1.5-beta2Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/74Confusing Cassandra error: executeMutation(): [applied] is false for statemen...2021-10-27T09:14:25ZGhost UserConfusing Cassandra error: executeMutation(): [applied] is false for statement INSERT_HOSTI tried to add the following host reservation:
```
{
"command": "reservation-add",
"arguments": {
"reservation":
{
"subnet-id":1,
"client-id": "01:0a:0b:0c:0d:0e:0f",
...I tried to add the following host reservation:
```
{
"command": "reservation-add",
"arguments": {
"reservation":
{
"subnet-id":1,
"client-id": "01:0a:0b:0c:0d:0e:0f",
"ip-address": "192.0.2.205",
"next-server": "192.0.2.1",
"server-hostname": "hal9000",
"boot-file-name": "/dev/null",
"option-data": [
{
"name": "domain-name-servers",
"data": "10.1.1.202,10.1.1.203"
},
{
"name": "domain-name-servers",
"data": "10.1.1.202,10.1.1.203"
}
],
"client-classes": [ "isc", "office" ]
}
}
}
```
and got this confusing error message:
```
{ "result": 1, "text": "CqlExchange::executeMutation(): [applied] is false for statement INSERT_HOST" }
```
This error is caused by the fact there is duplicated option (the same option defined twice). Normal user has no chance to understand this error message. It should be more descriptive.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/71User Documentation for Config Backend2019-05-27T13:54:24ZGhost UserUser Documentation for Config BackendThis ticket is going to cover updates to the User's Guide for Kea Config Backend in 1.5.0 release.This ticket is going to cover updates to the User's Guide for Kea Config Backend in 1.5.0 release.Kea1.6Marcin SiodelskiMarcin Siodelskihttps://gitlab.isc.org/isc-projects/kea/-/issues/70Global Host Reservations Task 5: data migration scripts to convert existing s...2018-11-07T11:38:39ZGhost UserGlobal Host Reservations Task 5: data migration scripts to convert existing subnet-id values of 0The changes made in 5704 to support global HRs necessitate migrating existing data. Specifically for MySQL and PostgreSQL, any columns with values of 0 for subnet IDs in hosts and options tables, need to replace with NULL, and for Cassa...The changes made in 5704 to support global HRs necessitate migrating existing data. Specifically for MySQL and PostgreSQL, any columns with values of 0 for subnet IDs in hosts and options tables, need to replace with NULL, and for Cassandra, they should be replaced with GLOBAL_ID_UNUSED.
Data migration steps need to be added to the schema upgrade scripts for 1.5.0 to accommodate this.Kea1.5-beta1https://gitlab.isc.org/isc-projects/kea/-/issues/69Global Host Reservations Task 4: Host Commands should accept global subnet id2018-11-07T17:52:34ZGhost UserGlobal Host Reservations Task 4: Host Commands should accept global subnet idHost Cmds need to accept a subnet-id value of SUBNET_ID_GLOBAL for either v4 or v6 subnet-ids, to allow manipulation of global reservations.Host Cmds need to accept a subnet-id value of SUBNET_ID_GLOBAL for either v4 or v6 subnet-ids, to allow manipulation of global reservations.Kea1.5-beta1https://gitlab.isc.org/isc-projects/kea/-/issues/68Global Host Reservations Task 3:Add v6 support for new HR_GLOBAL mode2018-08-27T11:35:31ZGhost UserGlobal Host Reservations Task 3:Add v6 support for new HR_GLOBAL mode1. Add support for HR_GLOBAL mode to kea-dhpd4/subnet parsing
2. Modify v6 AllocEngine::findReservation to utilize new mode1. Add support for HR_GLOBAL mode to kea-dhpd4/subnet parsing
2. Modify v6 AllocEngine::findReservation to utilize new modeKea1.5-beta1Thomas MarkwalderThomas Markwalderhttps://gitlab.isc.org/isc-projects/kea/-/issues/67Need a mechanism to output binary expressions as hexadecimal strings2019-09-02T07:12:00ZGhost UserNeed a mechanism to output binary expressions as hexadecimal stringsA prospective user attempted to use the following expression for a value of a Radius attribute:
{
"name": "Password"
"expr": "pkt4.mac"
}
The value produced by pkt4.mac, is a series of binary bytes, which cannot be
expressed in a...A prospective user attempted to use the following expression for a value of a Radius attribute:
{
"name": "Password"
"expr": "pkt4.mac"
}
The value produced by pkt4.mac, is a series of binary bytes, which cannot be
expressed in a Radius authorization file. The radius server actually errors out stating the values do not match. We need a way to convert an expression result to a string literal such as:
"0xXXXXX" or "xx:xx:xx"
We could do it as perhaps a function:
hexString(pkt4.mac)
This would be useful beyond this particular case involving Radius.
As an aside using the same expression for User Name or Connection Id work because we convert it to a string, under the covers.Kea1.5-beta1Stephen MorrisStephen Morrishttps://gitlab.isc.org/isc-projects/kea/-/issues/66IETF NOC requested Authoritative flag in Kea2019-01-03T16:01:06ZGhost UserIETF NOC requested Authoritative flag in KeaDuring discussions with IETF network team, they raised a question to have a configuration knob in Kea to let it know it's not authoritative.
The goal is to have two running instances without each NAKing the other's packets.During discussions with IETF network team, they raised a question to have a configuration knob in Kea to let it know it's not authoritative.
The goal is to have two running instances without each NAKing the other's packets.Kea1.5-beta1https://gitlab.isc.org/isc-projects/kea/-/issues/65library for yang <-> json configuration element translators2018-11-05T09:44:05ZGhost Userlibrary for yang <-> json configuration element translatorsNew library with yang <-> json translators for representation of configuration elements.
A priori one fro `src/lib/dhcpsrv/parsers` parse class.New library with yang <-> json translators for representation of configuration elements.
A priori one fro `src/lib/dhcpsrv/parsers` parse class.Kea1.5-beta1Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/64a new hook to manage client class 'class_cmds'2018-11-05T16:48:10ZGhost Usera new hook to manage client class 'class_cmds'For yang/netconf and config backend we need a way to manage client-classes so a 'class_cmds' which provides the usual function: adding, querying (aka get) and deleting client classes from the running configuration.
Open questions:
- wh...For yang/netconf and config backend we need a way to manage client-classes so a 'class_cmds' which provides the usual function: adding, querying (aka get) and deleting client classes from the running configuration.
Open questions:
- where to put it? a priori support package
- what to do with dependent expressions? If a class is just removed this can lead to a configuration which cannot be reloaded so a priori expressions of following classes should be checked against dangling references.
- do we need a change/update? as the class order is critical IMHO we should provide one.
Note that class-list should simply return the list of configured class names. Add should append the new class to the end.Kea1.5-beta1Marcin SiodelskiMarcin Siodelskihttps://gitlab.isc.org/isc-projects/kea/-/issues/62Missing header files in installation directories and bump up lib version numb...2018-11-28T16:40:11ZGhost UserMissing header files in installation directories and bump up lib version numbers for Kea 1.5.0-beta2We appear not to be installing the various *_message.h files when doing a "make install".We appear not to be installing the various *_message.h files when doing a "make install".Kea1.5-beta2Marcin SiodelskiMarcin Siodelskihttps://gitlab.isc.org/isc-projects/kea/-/issues/61errors in kea-admin script and related scripts2018-11-07T09:15:57ZGhost Usererrors in kea-admin script and related scriptsReported via a Kea support customer:
Found annoying error in kea-admin, the $prefix environment variable is set but not exported so it cannot be used by scripts in $prefix/share/kea/scripts/mysql/*.sh.
Also there are errors in $pre...Reported via a Kea support customer:
Found annoying error in kea-admin, the $prefix environment variable is set but not exported so it cannot be used by scripts in $prefix/share/kea/scripts/mysql/*.sh.
Also there are errors in $prefix/share/kea/scripts/admin-utils.sh at lines 25 and 39, where the --host="${db_host}" parameter is missing so the mysql commands are always attempted towards the local database even if -h or --host parameter is used in kea-admin calls.
I suspect the same problems could be in other backends as well but I didn't check them.
He attached his proposed corrections to admin-utils.sh and kea-admin.Kea1.5-beta1Tomek MrugalskiTomek Mrugalskihttps://gitlab.isc.org/isc-projects/kea/-/issues/59configure.ac log message "checking for premium hooks..." is confusing to users2018-11-27T12:30:17ZGhost Userconfigure.ac log message "checking for premium hooks..." is confusing to usersThe configure script emits text like the following:
checking for premium hook forensic_log availability...... found
checking for premium hook flex_id availability...... found
checking for premium hook host_cmds availability...... found
...The configure script emits text like the following:
checking for premium hook forensic_log availability...... found
checking for premium hook flex_id availability...... found
checking for premium hook host_cmds availability...... found
checking for premium hook subnet_cmds availability...... no
checking for premium hook radius availability...... no
checking for premium hook host_cache availability...... no
The word "premium" here is confusing, as the list being checked for includes all non-open source hooks (i.e. premium, subscriber...). People purchasing the Premium tar ball think things are missing.
We should either remove the message or the word "premium". We've had at least one user contact us, thinking there is an issue.Kea1.5-beta2Marcin SiodelskiMarcin Siodelskihttps://gitlab.isc.org/isc-projects/kea/-/issues/58KB article about required classes2018-11-07T00:06:51ZGhost UserKB article about required classesKea1.5-beta1Cathy AlmondCathy Almond