Kea issueshttps://gitlab.isc.org/isc-projects/kea/-/issues2022-10-24T08:02:55Zhttps://gitlab.isc.org/isc-projects/kea/-/issues/501remote-option4-global-set accepts option with empty data2022-10-24T08:02:55ZWlodzimierz Wencelremote-option4-global-set accepts option with empty data```
{
"arguments": {
"options": [
{
"code": 6
}
],
"remote": {
"type": "mysql"
},
"server-tags": [
"abc"
]
},
"command": "remote-option4-global-set"
}
```
Response:
```
{
"a...```
{
"arguments": {
"options": [
{
"code": 6
}
],
"remote": {
"type": "mysql"
},
"server-tags": [
"abc"
]
},
"command": "remote-option4-global-set"
}
```
Response:
```
{
"arguments": {
"options": [
{
"code": 6,
"space": "dhcp4"
}
]
},
"result": 0,
"text": "DHCPv4 option successfully set."
}
```
Kea should not be configured with empty option. Possible that it's not yet implemented.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/513Verify that subnets in a shared network sanity checks are performed for confi...2020-06-04T15:44:52ZFrancis DupontVerify that subnets in a shared network sanity checks are performed for config updates outside the JSON config file.Reference https://gitlab.isc.org/isc-projects/kea/merge_requests/242#note_46769
Note this should be addressed only when the CB train will be merged.Reference https://gitlab.isc.org/isc-projects/kea/merge_requests/242#note_46769
Note this should be addressed only when the CB train will be merged.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/541auto-generated config parsing tests are currently limited to "Dhcp4Parser*.*"2019-08-08T16:20:44ZThomas Markwalderauto-generated config parsing tests are currently limited to "Dhcp4Parser*.*"The following discussion from !254 should be addressed:
- [ ] @marcin started a [discussion](https://gitlab.isc.org/isc-projects/kea/merge_requests/254#note_48600): (+4 comments)
> Now that you trained me how to re-generate the un...The following discussion from !254 should be addressed:
- [ ] @marcin started a [discussion](https://gitlab.isc.org/isc-projects/kea/merge_requests/254#note_48600): (+4 comments)
> Now that you trained me how to re-generate the unit tests in get_config_unittests.cc I wonder if enabling this test that calls `extractConfig` should result in re-generating the tests?outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/542add support for ccache in Hammer for virtualbox provider2022-12-28T11:23:06ZMichal Nowikowskiadd support for ccache in Hammer for virtualbox providerbecause for now it only works for LXCbecause for now it only works for LXCoutstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/554Speedup subnet selection2022-11-02T15:10:18ZFrancis DupontSpeedup subnet selectionFirst we use a selector structure where all possible keys are (so not the query itself), second the most interesting key is the source address of the query (interesting here means mainly the key which should not change between two querie...First we use a selector structure where all possible keys are (so not the query itself), second the most interesting key is the source address of the query (interesting here means mainly the key which should not change between two queries from the same or similar clients.
So I propose to cache selector => subnet selection results in a hash table (unordered multi map) keyed by the source address.
Note as this can slow down things where there are a few subnets conditions of use, cache sizing, etc, should be analyzed (so it is an **idea**).
Changed for a more global research of subnet selection speedup.backlogFrancis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/568Handle Debian/Ubuntu multiple architecture support2023-01-12T15:28:56ZFrancis DupontHandle Debian/Ubuntu multiple architecture supportCurrently in configure we look for libraries in .../lib and .../lib64 directories. It is not enough on Debian/Ubuntu which uses an architecture triplet so e.g we have to add .../lib/x86_64-linux-gnu to the directory list.
Two notes:
- ...Currently in configure we look for libraries in .../lib and .../lib64 directories. It is not enough on Debian/Ubuntu which uses an architecture triplet so e.g we have to add .../lib/x86_64-linux-gnu to the directory list.
Two notes:
- freeradius client library already uses this with the ARCH_TRIPLET variable (set to ```/x86_64-linux-gnu``` with a leading /.
- the triplet is returned by ```g++ -dumpmachine``` with only one -.
As the path can be given I am not sure there is no round around today but now the issue is identified there is no need to wait to be caught by it.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/581ISC DHCP "decline"2019-04-18T15:36:10ZFrancis DupontISC DHCP "decline"According to ISC DHCP dhcpd config doc:
```
The declines keyword
allow declines;
deny declines;
ignore declines;
The DHCPDECLINE message is used by DHCP clients to indicate that the lease the se...According to ISC DHCP dhcpd config doc:
```
The declines keyword
allow declines;
deny declines;
ignore declines;
The DHCPDECLINE message is used by DHCP clients to indicate that the lease the server has
offered is not valid. When the server receives a DHCPDECLINE for a particular address, it
normally abandons that address, assuming that some unauthorized system is using it. Unfor-
tunately, a malicious or buggy client can, using DHCPDECLINE messages, completely exhaust
the DHCP server's allocation pool. The server will eventually reclaim these leases, but not
while the client is running through the pool. This may cause serious thrashing in the DNS,
and it will also cause the DHCP server to forget old DHCP client address allocations.
The declines flag tells the DHCP server whether or not to honor DHCPDECLINE messages. If it
is set to deny or ignore in a particular scope, the DHCP server will not respond to DHCPDE-
CLINE messages.
The declines flag is only supported by DHCPv4 servers. Given the large IPv6 address space
and the internal limits imposed by the server's address generation mechanism we don't think
it is necessary for DHCPv6 servers at this time.
Currently, abandoned IPv6 addresses are reclaimed in one of two ways:
a) Client renews a specific address:
If a client using a given DUID submits a DHCP REQUEST containing
the last address abandoned by that DUID, the address will be
reassigned to that client.
b) Upon the second restart following an address abandonment. When
an address is abandoned it is both recorded as such in the lease
file and retained as abandoned in server memory until the server
is restarted. Upon restart, the server will process the lease file
and all addresses whose last known state is abandoned will be
retained as such in memory but not rewritten to the lease file.
This means that a subsequent restart of the server will not see the
abandoned addresses in the lease file and therefore have no record
of them as abandoned in memory and as such perceive them as free
for assignment.
The total number addresses in a pool, available for a given DUID value, is internally lim-
ited by the server's address generation mechanism. If through mistaken configuration, mul-
tiple clients are using the same DUID they will competing for the same addresses causing the
server to reach this internal limit rather quickly. The internal limit isolates this type
of activity such that address range is not exhausted for other DUID values. The appearance
of the following error log, can be an indication of this condition:
"Best match for DUID <XX> is an abandoned address, This may be a
result of multiple clients attempting to use this DUID"
where <XX> is an actual DUID value depicted as colon separated
string of bytes in hexadecimal values.
```ISC DHCP Migrationhttps://gitlab.isc.org/isc-projects/kea/-/issues/586disable dhcpdecline via configuration option2019-04-25T16:01:56ZGhost Userdisable dhcpdecline via configuration optionI disabled the DHCPDECLINE feature in the KEA source.
In our FTTH access network IP conflict never ever can happen, because of the dhcp snooping
based IP- and ARP anti spoofing, so processing the DHCPDECLINE messages from the clients is ...I disabled the DHCPDECLINE feature in the KEA source.
In our FTTH access network IP conflict never ever can happen, because of the dhcp snooping
based IP- and ARP anti spoofing, so processing the DHCPDECLINE messages from the clients is just a vulnerability.
I suggest the DHCPDECLINE feature should be disable via configuration option, global or/and subnet level.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/592Unable to isolate kea logs based on severity level.2023-03-29T10:04:34ZGhost UserUnable to isolate kea logs based on severity level.```javascript
"Logging": {
"loggers": [
{
"name": "kea-dhcp4",
"output_options": [
{
"output": "/var/log/kea-dhcp4.log"
}
],
"severity": "WARN"
},
{
...```javascript
"Logging": {
"loggers": [
{
"name": "kea-dhcp4",
"output_options": [
{
"output": "/var/log/kea-dhcp4.log"
}
],
"severity": "WARN"
},
{
"debuglevel": 99,
"name": "kea-dhcp4",
"output_options": [
{
"output": "/var/log/kea-debug.log"
}
],
"severity": "DEBUG"
}
]
}
```
Above is the portion of kea server config, all the logs are directed to "/var/log/kea-debug.log" irrespective of severity level.
Expected: logs of severity "WARN" and higher to be logged to "/var/log/kea-dhcp4.log".
Perhaps there is a loop missing when scanning the named sections of the logging section?outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/593Consider MySQL CB schema changes to make it compatible with NDBCLUSTER2023-05-10T07:22:33ZMarcin SiodelskiConsider MySQL CB schema changes to make it compatible with NDBCLUSTEROne of the Kea users attempted to use NDBCLUSTER instead of InnoDB engine with Kea 1.5.0. Some CB specific tables added in 1.5.0 use `UPDATE CASCADE` action. Specifically, the tables holding address/prefix pools include `UPDATE` action r...One of the Kea users attempted to use NDBCLUSTER instead of InnoDB engine with Kea 1.5.0. Some CB specific tables added in 1.5.0 use `UPDATE CASCADE` action. Specifically, the tables holding address/prefix pools include `UPDATE` action referencing the subnet_id primary key. This works fine for the InnoDB engine, but not for the NDB cluster.
The NDB cluster docs says this:
```
ON UPDATE CASCADE is not supported when the reference is to the parent table's primary key.
```
And further on it explains:
```
This is because an update of a primary key is implemented as a delete of the old row (containing the old primary key) plus an insert of the new row (with a new primary key). This is not visible to the NDB kernel, which views these two rows as being the same, and thus has no way of knowing that this update should be cascaded.
```
Even though, we use InnoDB by default, we may consider removing the `UPDATE CASCADE` actions on primary keys (which would require us to modify the code that updates subnet_id for a given prefix), to support users which want to play with cluster engines.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/598forbid using empty string as value of shared-network-name parameter in remote...2021-10-20T09:44:18ZWlodzimierz Wencelforbid using empty string as value of shared-network-name parameter in remote-subnet4-set commandright now values that are allowed are:
- non empty string
- empty string
- null
And two of them have the same result, I propose forbidding `"shared-network-name": ""` to avoid misusing this parameter.right now values that are allowed are:
- non empty string
- empty string
- null
And two of them have the same result, I propose forbidding `"shared-network-name": ""` to avoid misusing this parameter.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/602Kea takes a long time to process an invalid configuration file2022-10-06T10:58:58ZStephen MorrisKea takes a long time to process an invalid configuration fileUsing AFL to fuzz Kea4 and Kea6 configuration files - i.e. executing the command
```
kea-dhcp{4,6} -t <config-file>
```
... where AFL is creating fuzzed configuration files, a number of instances were encountered where the program took a...Using AFL to fuzz Kea4 and Kea6 configuration files - i.e. executing the command
```
kea-dhcp{4,6} -t <config-file>
```
... where AFL is creating fuzzed configuration files, a number of instances were encountered where the program took an unusually long time to process the file and report errors. A tarball containing two such files (one for Kea4 and one for Kea6) is attached. Elapsed times for processing these files on two ISC systems were:
**perf-c2**
kea4-hang.conf: > 20s
kea6-hang.conf: > 74s
Version information:
1.5.0-git
git 958abe5063b6e602c0070e336524e313c3a87671
linked with:
log4cplus 1.1.3
OpenSSL 1.0.2k-fips 26 Jan 2017
database:
Memfile backend 2.1
**2017 Macbook Pro**
kea4-hang.conf: > 5s
kea6-hang.conf > 17s
Version information:
1.5.0-git
git 958abe5063b6e602c0070e336524e313c3a87671
linked with:
log4cplus 2.0.2
OpenSSL 1.0.2r 26 Feb 2019
database:
Memfile backend 2.1
Admittedly the corrupt files are quite large (the Kea6 file is over 300kB), but the time to process them does seem unusually long.
[hangs.tar.gz](/uploads/5c946a418288dfa0c5a358500937e979/hangs.tar.gz)outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/631Compile fails on illumos (OpenSolaris derivitive)2020-01-16T21:16:47ZGhost UserCompile fails on illumos (OpenSolaris derivitive)Currently the compile is failing on illumos (OpenSolaris fork, similar to Solaris 10), so far it look to be small things.
I will try to provide patches, although my C/C++ foo is bad.Currently the compile is failing on illumos (OpenSolaris fork, similar to Solaris 10), so far it look to be small things.
I will try to provide patches, although my C/C++ foo is bad.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/656Need more checks on global parameters.2021-10-20T09:44:17ZFrancis DupontNeed more checks on global parameters.Reference https://gitlab.isc.org/isc-projects/kea/issues/576#note_61000 second problem: invalid values for global parameters should be rejected even they are not used:
- for individual parameters, e.g. next-server sets to something not ...Reference https://gitlab.isc.org/isc-projects/kea/issues/576#note_61000 second problem: invalid values for global parameters should be rejected even they are not used:
- for individual parameters, e.g. next-server sets to something not parse-able as an IPv4 address (nor empty)
- between parameters, e.g. 0 <= t1_percent <= 1 and t1_percent < t2_percent
The ideas are:
- avoid cases where the config backend is used to create a configuration which can't be saved and reloaded (get then set or write then reload fails)
- avoid cases where a global parameter with an invalid value is added/accepted and the invalid will raise an error a long time ago when an update will first use it (e.g. configuration built incrementally starting by global parameters, IMHO could be a popular way to proceed).
To summary the current check on global parameter value type is fine but not enough. Related to #576, #535 and #513outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/669the order of dependencies libraries in Makefile.am in src/bin/* is not consis...2022-11-02T15:10:20ZRazvan Becheriuthe order of dependencies libraries in Makefile.am in src/bin/* is not consistentkea_lfc_LDADD = liblfc.la
kea_lfc_LDADD += $(top_builddir)/src/lib/cfgrpt/libcfgrpt.la
kea_lfc_LDADD += $(top_builddir)/src/lib/eval/libkea-eval.la
kea_lfc_LDADD += $(top_builddir)/src/lib/dhcpsrv/libkea-dhcpsrv.la
kea_lfc_LDADD += $(to...kea_lfc_LDADD = liblfc.la
kea_lfc_LDADD += $(top_builddir)/src/lib/cfgrpt/libcfgrpt.la
kea_lfc_LDADD += $(top_builddir)/src/lib/eval/libkea-eval.la
kea_lfc_LDADD += $(top_builddir)/src/lib/dhcpsrv/libkea-dhcpsrv.la
kea_lfc_LDADD += $(top_builddir)/src/lib/process/libkea-process.la
kea_lfc_LDADD += $(top_builddir)/src/lib/dhcp_ddns/libkea-dhcp_ddns.la
kea_lfc_LDADD += $(top_builddir)/src/lib/stats/libkea-stats.la
kea_lfc_LDADD += $(top_builddir)/src/lib/config/libkea-cfgclient.la
kea_lfc_LDADD += $(top_builddir)/src/lib/dhcp/libkea-dhcp++.la
if HAVE_MYSQL
kea_lfc_LDADD += $(top_builddir)/src/lib/mysql/libkea-mysql.la
endif
if HAVE_PGSQL
kea_lfc_LDADD += $(top_builddir)/src/lib/pgsql/libkea-pgsql.la
endif
if HAVE_CQL
kea_lfc_LDADD += $(top_builddir)/src/lib/cql/libkea-cql.la
endif
kea_lfc_LDADD += $(top_builddir)/src/lib/database/libkea-database.la
kea_lfc_LDADD += $(top_builddir)/src/lib/asiolink/libkea-asiolink.la
kea_lfc_LDADD += $(top_builddir)/src/lib/cc/libkea-cc.la
kea_lfc_LDADD += $(top_builddir)/src/lib/dns/libkea-dns++.la
kea_lfc_LDADD += $(top_builddir)/src/lib/cryptolink/libkea-cryptolink.la
kea_lfc_LDADD += $(top_builddir)/src/lib/hooks/libkea-hooks.la
kea_lfc_LDADD += $(top_builddir)/src/lib/log/libkea-log.la
kea_lfc_LDADD += $(top_builddir)/src/lib/util/threads/libkea-threads.la
kea_lfc_LDADD += $(top_builddir)/src/lib/util/libkea-util.la
kea_lfc_LDADD += $(top_builddir)/src/lib/exceptions/libkea-exceptions.la
kea_lfc_LDADD += $(LOG4CPLUS_LIBS) $(CRYPTO_LIBS) $(BOOST_LIBS)
kea_dhcp4_LDADD = libdhcp4.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/cfgrpt/libcfgrpt.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/dhcpsrv/libkea-dhcpsrv.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/eval/libkea-eval.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/dhcp_ddns/libkea-dhcp_ddns.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/stats/libkea-stats.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/config/libkea-cfgclient.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/dhcp/libkea-dhcp++.la
if HAVE_MYSQL
kea_dhcp4_LDADD += $(top_builddir)/src/lib/mysql/libkea-mysql.la
endif
if HAVE_PGSQL
kea_dhcp4_LDADD += $(top_builddir)/src/lib/pgsql/libkea-pgsql.la
endif
if HAVE_CQL
kea_dhcp4_LDADD += $(top_builddir)/src/lib/cql/libkea-cql.la
endif
kea_dhcp4_LDADD += $(top_builddir)/src/lib/database/libkea-database.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/asiolink/libkea-asiolink.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/cc/libkea-cc.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/dns/libkea-dns++.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/process/libkea-process.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/cryptolink/libkea-cryptolink.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/hooks/libkea-hooks.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/log/libkea-log.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/util/threads/libkea-threads.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/util/libkea-util.la
kea_dhcp4_LDADD += $(top_builddir)/src/lib/exceptions/libkea-exceptions.la
kea_dhcp4_LDADD += $(LOG4CPLUS_LIBS) $(CRYPTO_LIBS) $(BOOST_LIBS)
kea_dhcp6_LDADD = libdhcp6.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/cfgrpt/libcfgrpt.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/dhcpsrv/libkea-dhcpsrv.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/eval/libkea-eval.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/dhcp_ddns/libkea-dhcp_ddns.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/stats/libkea-stats.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/config/libkea-cfgclient.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/dhcp/libkea-dhcp++.la
if HAVE_MYSQL
kea_dhcp6_LDADD += $(top_builddir)/src/lib/mysql/libkea-mysql.la
endif
if HAVE_PGSQL
kea_dhcp6_LDADD += $(top_builddir)/src/lib/pgsql/libkea-pgsql.la
endif
if HAVE_CQL
kea_dhcp6_LDADD += $(top_builddir)/src/lib/cql/libkea-cql.la
endif
kea_dhcp6_LDADD += $(top_builddir)/src/lib/database/libkea-database.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/asiolink/libkea-asiolink.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/cc/libkea-cc.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/dns/libkea-dns++.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/process/libkea-process.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/cryptolink/libkea-cryptolink.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/hooks/libkea-hooks.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/log/libkea-log.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/util/threads/libkea-threads.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/util/libkea-util.la
kea_dhcp6_LDADD += $(top_builddir)/src/lib/exceptions/libkea-exceptions.la
kea_dhcp6_LDADD += $(LOG4CPLUS_LIBS) $(CRYPTO_LIBS) $(BOOST_LIBS)
and similar diffsbackloghttps://gitlab.isc.org/isc-projects/kea/-/issues/671make v4 and v6 similar code as consistent as possible2020-03-31T09:04:05ZRazvan Becheriumake v4 and v6 similar code as consistent as possibleThere are a lot of files which are 90% the same code, so minor inconsistencies should be resolved:
```
src/bin/dhcp4/
main.cc
ctrl_dhcp4_srv.cc
ctrl_dhcp4_srv.h
dhcp4_lexer.ll
dhcp4_parser.yy
json_config_parser.cc
json_config_parser.h
dh...There are a lot of files which are 90% the same code, so minor inconsistencies should be resolved:
```
src/bin/dhcp4/
main.cc
ctrl_dhcp4_srv.cc
ctrl_dhcp4_srv.h
dhcp4_lexer.ll
dhcp4_parser.yy
json_config_parser.cc
json_config_parser.h
dhcp4_srv.cc
dhcp4_srv.h
```
vs
```
src/bin/dhcp6/
main.cc
ctrl_dhcp6_srv.cc
ctrl_dhcp6_srv.h
dhcp6_lexer.ll
dhcp6_parser.yy
json_config_parser.cc
json_config_parser.h
dhcp6_srv.cc
dhcp6_srv.h
```
The goal here is to detect minor bugs and fix them (some of the issues were fixed in v4 and not in v6, or there have been some conflicts and merges that broke the code on one v4 and not on v6, so the problems were solved only for one version).
This way we can easily detect missing functionality or wrong conflict resolutions.
The same should be considered for code in:
src/lib/dhcpsrv/parsers/dhcp_parsers.cc
the case for initSubnets for v4 and v6 (subnet id is mandatory for v4 but not for v6). This is handled differently.
As mentioned before, I use Beyond Compare to see differences in files, and can easily see functional differences where there should not be any.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/674Reorder MySQL CB statements.2022-11-02T15:10:18ZFrancis DupontReorder MySQL CB statements.New fields were added at the end of statement before server tag or modification timestamps. When the MySQL CB will be fully stabilized and **before** working on PostgreSQL CB these statements should be reorganized to have continuous bloc...New fields were added at the end of statement before server tag or modification timestamps. When the MySQL CB will be fully stabilized and **before** working on PostgreSQL CB these statements should be reorganized to have continuous blocks, e.g. all pool entries together.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/675remote-config-get command2022-11-02T15:10:17ZWlodzimierz Wencelremote-config-get commandI was thinking about a commend that will return server configuration stored in data base based on server-tag.
```json
{
"command": "remote-config-get"
"service": [ "dhcp4" ],
"arguments": {
"remote": {
"t...I was thinking about a commend that will return server configuration stored in data base based on server-tag.
```json
{
"command": "remote-config-get"
"service": [ "dhcp4" ],
"arguments": {
"remote": {
"type": "mysql"
},
"server-tags": [ "abc" ]
}
}
```
```json
{
"result": 0,
"text": "DHCPv4 configuration found.",
"arguments": {
JSON config with "abc" and "all" server-tags
}
}
```backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/681Synchronize reservations between HA partners2022-11-02T16:23:36ZGhost UserSynchronize reservations between HA partnersI have bought Kea Premium hook package and I am using it for IP reservation but I have a problem not sure if that's how should be or not.
I am running kea DHCP in HA(Active/HotStandBY)- When I add a reservation on Active node it doesn't...I have bought Kea Premium hook package and I am using it for IP reservation but I have a problem not sure if that's how should be or not.
I am running kea DHCP in HA(Active/HotStandBY)- When I add a reservation on Active node it doesn't get replicated to HotStandBy node. Due to this, I am unable to use my hot standby node. Can you please have a look asap.
And what will happen if I add some reservation while other node is down - will they get replication when the node comes back online?
Kea DHCP 1.5outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/688cb_cmds new remote-{subnet,shared-network}[46]-detach commands2022-11-02T15:10:17ZFrancis Dupontcb_cmds new remote-{subnet,shared-network}[46]-detach commandsThis is about config backend shareable objects so subnets and shared networks.
A subnet is shareable between several servers but remote-subnet[46]-del-by-* deletes the subnet object from the database so for all servers (MySQL schema cas...This is about config backend shareable objects so subnets and shared networks.
A subnet is shareable between several servers but remote-subnet[46]-del-by-* deletes the subnet object from the database so for all servers (MySQL schema cascade the delete on subnet_id so there is no dangling references in *_subnet_server tables).
IMHO we need new commands to detach a subnet (or a shared network) from a particular server so after the operation it still belongs to other servers (possibly none).
Note that remote-subnet[46]-set can be used to attach a subnet to a server so we do not need the opposite command.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/695use a subnet's domain-name as a qualifying suffix for DDNS (trac #5048)2020-08-27T11:53:01ZGhost Useruse a subnet's domain-name as a qualifying suffix for DDNS (trac #5048)https://github.com/isc-projects/kea/pull/106
Proposed fix for:
https://oldkea.isc.org/ticket/5048
"Kea servers should be able to use a subnet's domain-name as a qualifying suffix for DDNS"
https://lists.isc.org/pipermail/kea-users/2017...https://github.com/isc-projects/kea/pull/106
Proposed fix for:
https://oldkea.isc.org/ticket/5048
"Kea servers should be able to use a subnet's domain-name as a qualifying suffix for DDNS"
https://lists.isc.org/pipermail/kea-users/2017-January/000776.html
https://lists.isc.org/pipermail/kea-users/2017-February/000813.html
This fix is against KEA 1.4.0
https://github.com/isc-projects/kea/pull/106
UPDATE:
Uploaded patch against 1.5.0
Opening issue so it stays on your radar.
Can I ask you to open an issue there, so this fix is on Kea engineers' radars? We don't look at github too often...outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/705Solve the problem of variable expansion in general way2022-05-30T14:23:38ZMichal NowikowskiSolve the problem of variable expansion in general wayThe ticket evolved into a request to solve the variable expansion in a generic way. The solution should work for:
- makefiles
- scripts (both internal and external)
- documentation (.rst and man pages)
- config file examples
The origina...The ticket evolved into a request to solve the variable expansion in a generic way. The solution should work for:
- makefiles
- scripts (both internal and external)
- documentation (.rst and man pages)
- config file examples
The original description is as follows:
wipe_data.sh.in contains:
```bash
if [ -e @datarootdir@/@PACKAGE_NAME@/scripts/admin-utils.sh ]; then
. @datarootdir@/@PACKAGE_NAME@/scripts/admin-utils.sh
else
. @abs_top_builddir@/src/bin/admin/admin-utils.sh
fi
```
and this is evaluated by ./configure to:
```bash
if [ -e ${prefix}/share/kea/scripts/admin-utils.sh ]; then
. ${prefix}/share/kea/scripts/admin-utils.sh
else
. /home/test/workspace/kea-master-system-tests-v6/src/bin/admin/admin-utils.sh
fi
```
but ${prefix} has to been substituted but should have been.
After ./configure it should be:
```bash
if [ -e /usr/local/share/kea/scripts/admin-utils.sh ]; then
. /usr/local/share/kea/scripts/admin-utils.sh
else
. /home/test/workspace/kea-master-system-tests-v6/src/bin/admin/admin-utils.sh
fi
```
Generally this problem is broader. It touches many generated files by autoconf using AC_CONFIG_FILES.
One of the solution is using path_replacer.sh but it is inconvenient. Other approach is using sh script and makaefiles capabilities of resolving unresolved vars on its own. But it does not work in e.g. config files.
It would be good to have one solution for all.outstandingMichal NowikowskiMichal Nowikowskihttps://gitlab.isc.org/isc-projects/kea/-/issues/707wipe script path is wrong.2022-11-02T15:10:19ZFrancis Dupontwipe script path is wrong.Building and running make check from another directory (i.e. using ../configure vs ./configure) I got this warning:
```
wipeCqlData failed:[sh /tmp/kk705/build/../src/share/database/scripts/cql/wipe_data.sh 4.0 -u keatest -p keatest -k k...Building and running make check from another directory (i.e. using ../configure vs ./configure) I got this warning:
```
wipeCqlData failed:[sh /tmp/kk705/build/../src/share/database/scripts/cql/wipe_data.sh 4.0 -u keatest -p keatest -k keatest --request-timeout=6000 2>/dev/null
```
note the file does not exist (i.e. it is at another location):
```
ls /tmp/kk705/build/../src/share/database/scripts/cql/wipe_data.sh
ls: /tmp/kk705/build/../src/share/database/scripts/cql/wipe_data.sh: No such file or directory
```
Not critical as make distcheck does not build databases but anyway should be fixed as it is a bug and it impacts test performances... BTW the create and delete scripts are found so it should not be hard to fix.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/718RESTful API for Kea Control Agent (GSoC 2019)2019-08-06T11:08:58ZJames WangRESTful API for Kea Control Agent (GSoC 2019)Kea Control Agent currently implements an RPC-style API where all work is done by POSTing a command with arguments. This issue explores how to implement a true RESTful style API for Kea CA.
* Original [proposal](https://summerofcode.wit...Kea Control Agent currently implements an RPC-style API where all work is done by POSTing a command with arguments. This issue explores how to implement a true RESTful style API for Kea CA.
* Original [proposal](https://summerofcode.withgoogle.com/dashboard/project/6159304481046528/details/) for this project
* The draft API reference can be found [here](https://gitlab.isc.org/Rinne0410/kea/wikis/API-references). It will be moved to main Wiki once finalized
* The underlying implementation design can be found [here](https://gitlab.isc.org/Rinne0410/kea/wikis/New-API-design)outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/723Missing CB entry for deleting all global options2021-10-20T09:47:17ZFrancis DupontMissing CB entry for deleting all global optionsObviously either we have to add a deleteAllOptions4 or remove `remote-option4-global-del-all` from the design. Note as the CB command is starred this should be postponed...Obviously either we have to add a deleteAllOptions4 or remove `remote-option4-global-del-all` from the design. Note as the CB command is starred this should be postponed...outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/725Consistency of Element constness in Element containers2021-08-20T14:15:47ZAndrei Pavelandrei@isc.orgConsistency of Element constness in Element containers```
class ListElement : public Element {
std::vector<ElementPtr> l;
[...]
}
```
```
class MapElement : public Element {
std::map<std::string, ConstElementPtr> m;
[...]
}
```
Making these containers have the same const...```
class ListElement : public Element {
std::vector<ElementPtr> l;
[...]
}
```
```
class MapElement : public Element {
std::map<std::string, ConstElementPtr> m;
[...]
}
```
Making these containers have the same constness for the underlying type would enable less friction in:
1. Generic helper functions acting on both
2. Generic high-level use of both
04fa0d3f0b83d544044475cd51de100faf17a410 changed ListElement to hold ElementPtr instead of ConstElementPtr.
Would you consider it?outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/726Implement global parameters as stamped elements2022-11-02T15:10:18ZFrancis DupontImplement global parameters as stamped elementsMarcin's idea from #630 https://gitlab.isc.org/isc-projects/kea/issues/630#note_61471:
What do you think about changing the internal representation of the `SrvConfig::configured_globals_` from `isc::data::ElementPtr` to `data::StampedVa...Marcin's idea from #630 https://gitlab.isc.org/isc-projects/kea/issues/630#note_61471:
What do you think about changing the internal representation of the `SrvConfig::configured_globals_` from `isc::data::ElementPtr` to `data::StampedValueCollection` and start tracking database identifiers of the global parameters. That way, instead of deleting the entire global config, you could delete a given parameter if it comes from the database (its id is non-zero). The existing configuration would be preserved. Admittedly, if the parameter is set in the file and the database, the parameter value set in the file will be lost and the default will be set for it. But, that's really no different than what would happen if you have the same subnet in both places and you delete the one from the database. Attention least we'd be consistent.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/733make statistics more consistent2022-11-02T15:10:19ZFrancis Dupontmake statistics more consistentIn particular each time a packet is dropped the corresponding statistic should be updated. Ideally we should have received = dropped + replied. Reference https://gitlab.isc.org/isc-projects/kea/merge_requests/375#note_67900In particular each time a packet is dropped the corresponding statistic should be updated. Ideally we should have received = dropped + replied. Reference https://gitlab.isc.org/isc-projects/kea/merge_requests/375#note_67900backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/739More metadata checks in MySQL CB unit tests2019-08-08T16:23:54ZFrancis DupontMore metadata checks in MySQL CB unit testsAs we already do in CB cmds hook add more metadata checks in MySQL CB unit tests (reference https://gitlab.isc.org/isc-projects/kea/merge_requests/424#note_68391)As we already do in CB cmds hook add more metadata checks in MySQL CB unit tests (reference https://gitlab.isc.org/isc-projects/kea/merge_requests/424#note_68391)outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/774A lot of DISABLED unit tests - either enable or remove2022-11-02T15:10:17ZRazvan BecheriuA lot of DISABLED unit tests - either enable or removebacklogRazvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/776Add a command to get back command line arguments2022-11-02T15:10:19ZFrancis DupontAdd a command to get back command line argumentsThe new command command-line-get will return the list of arguments, i.e. the `argv` tables including the first item and of course the configuration file. Perhaps it should be useful to add the current directory?The new command command-line-get will return the list of arguments, i.e. the `argv` tables including the first item and of course the configuration file. Perhaps it should be useful to add the current directory?backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/782share/kea description in the ARM is wrong2022-11-02T15:10:19ZFrancis Dupontshare/kea description in the ARM is wrongThe ARM says 'share/kea/ — configuration specifications and examples.' and ls says there are (database) scripts and yang models in this directory (configuration specifications are a bind10 stuff and examples are in share/doc/kea/examples/).The ARM says 'share/kea/ — configuration specifications and examples.' and ls says there are (database) scripts and yang models in this directory (configuration specifications are a bind10 stuff and examples are in share/doc/kea/examples/).backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/792quality of life improvement: kea-admin db-version fails on empty db2022-03-31T08:12:51ZTomek Mrugalskiquality of life improvement: kea-admin db-version fails on empty dbkea-admin db-version prints the following error:
```
# kea-admin db-version mysql
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 1146 (42S02) at line 1: Table 'keatest.schema_version' doesn't exis...kea-admin db-version prints the following error:
```
# kea-admin db-version mysql
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 1146 (42S02) at line 1: Table 'keatest.schema_version' doesn't exist
```
when run on an empty DB (without any schema).
Instead, it should catch the fact that schema_version does not exist and should point user to kea-admin db-init command.
This is a quality of life improvement, so it's not terribly important.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/808server-tag is itself a global parameter2021-10-20T09:44:18ZFrancis Dupontserver-tag is itself a global parameterserver-tag is itself a global parameter so someone could have the bad idea to manage it using the config backend.
The sanity check fro global parameters in CB must check the global parameter is not server-tag. Note this applies for all ...server-tag is itself a global parameter so someone could have the bad idea to manage it using the config backend.
The sanity check fro global parameters in CB must check the global parameter is not server-tag. Note this applies for all global parameter commands even get will not lead to a disaster...outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/811autotools variables in installed documentation.2021-10-20T09:44:18ZFrancis Dupontautotools variables in installed documentation.A grep for `@prefix@` or `@...dir@` in installed Kea shows that `share/doc/kea/html/_sources/arm/keactrl.rst.txt` and `share/doc/kea/html/arm/keactrl.html` contain unexpanded autotools variables in config file code blocks.
Some possible...A grep for `@prefix@` or `@...dir@` in installed Kea shows that `share/doc/kea/html/_sources/arm/keactrl.rst.txt` and `share/doc/kea/html/arm/keactrl.html` contain unexpanded autotools variables in config file code blocks.
Some possible solutions:
- do nothing as these code blocks are just a copy of the original (before substitution) config files
- edit the code blocks to expand manually these variables to something more human friendly
- expand the original source file before processing
- include the real config files (of course after expansion): if it is feasible it is the best (easier maintenance, etc).outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/822Consider returning a list of shared networks, subnets etc for which options h...2022-11-02T15:10:17ZMarcin SiodelskiConsider returning a list of shared networks, subnets etc for which options have been setThe #418 introduced commands that allow for adding new option within the shared network, subnet etc. The response contains a list of options that have been set but it lacks the list of parent objects. We may consider also returning the p...The #418 introduced commands that allow for adding new option within the shared network, subnet etc. The response contains a list of options that have been set but it lacks the list of parent objects. We may consider also returning the parent objects but this is not critical in 1.6.0 release. Therefore, creating this ticket to address this in the future.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/830Sphinx documentation questions2022-11-02T15:10:20ZSuzanne GoldlustSphinx documentation questionsI have some outstanding questions about small details in the Sphinx docs and am not sure how best to address them.
1. In the ha-continue.json file, it says `"description": "See <xref linkend=\"anchor-in-the-docs\"/>",`. I assume that sh...I have some outstanding questions about small details in the Sphinx docs and am not sure how best to address them.
1. In the ha-continue.json file, it says `"description": "See <xref linkend=\"anchor-in-the-docs\"/>",`. I assume that should actually refer to a real anchor, right? I've changed it to `"description": "See <xref linkend=\"command-ha-continue\"/>",` but if that's not correct please let me know.
2. In remote-option4-global-get.json and remote-option6-global-get.json, it says:
```
"resp-syntax": [
"{",
" \"result\": 0,",
" \"text\": \"DHCPv4 option in found.\",",
```
Is that supposed to say IS found rather than IN found? I'm assuming yes and changing the text, but please let me know if that's not correct.
Related question: is there any way to verify that the results that we describe in the ARM are the actual results that people will see?
3. In subnet4-del.json and subnet6-del.json, the brief description says "This command has no effect on other configured subnets, but removing a subnet has certain implications which the server's administrator should be aware of." Should we include any information about what those implications are, or where users should look to find them?
4. In lease6-bulk-apply.json, The `cmd-comment` says `The \"deleted-leases\" and \"leases\" are optional parameters, but one of them must be specified."` Does that mean that you need one or the other but not both? It's unclear from the wording.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/833LFC logs are not under control of config2022-11-02T15:10:20ZMichal NowikowskiLFC logs are not under control of confige.g. log pattern does not follow the one set for DHCP4:
````
2019-08-13 18:19:16.205 INFO [kea-dhcp4.dhcpsrv/25380] DHCPSRV_MEMFILE_LFC_START starting Lease File Cleanup
2019-08-13 18:19:16.206 INFO [kea-dhcp4.dhcpsrv/25380] DHCPSRV_M...e.g. log pattern does not follow the one set for DHCP4:
````
2019-08-13 18:19:16.205 INFO [kea-dhcp4.dhcpsrv/25380] DHCPSRV_MEMFILE_LFC_START starting Lease File Cleanup
2019-08-13 18:19:16.206 INFO [kea-dhcp4.dhcpsrv/25380] DHCPSRV_MEMFILE_LFC_EXECUTE executing Lease File Cleanup using: /usr/sbin/kea-lfc -4
INFO [DhcpLFC] LFC_START Starting lease file cleanup
INFO [DhcpLFC] LFC_PROCESSING Previous file: /var/lib/kea/kea-leases4.csv.2, copy file: /var/lib/kea/kea-leases4.csv.1
INFO [DhcpLFC.dhcpsrv] DHCPSRV_MEMFILE_LEASE_FILE_LOAD loading leases from file /var/lib/kea/kea-leases4.csv.2
```backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/835on FreeBSD Kea should prefer clang instead of gcc2021-10-20T09:44:18ZMichal Nowikowskion FreeBSD Kea should prefer clang instead of gccas it fails on linking with log4cplus.
It could be done in configure.ac this way:
```
if uname="FreeBSD"
# override configure preference for gcc
AC_PROG_CC(clang llvm-gcc gcc)
AC_PROG_CXX(clang++ llvm-g++ g++)
else
AC_PROG_CC
...as it fails on linking with log4cplus.
It could be done in configure.ac this way:
```
if uname="FreeBSD"
# override configure preference for gcc
AC_PROG_CC(clang llvm-gcc gcc)
AC_PROG_CXX(clang++ llvm-g++ g++)
else
AC_PROG_CC
AC_PROG_CXX
fi
```
this is based on: https://lists.freebsd.org/pipermail/freebsd-toolchain/2013-September/001038.htmloutstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/849Kea MySQL CB accepts an option for non-existing subnet2022-11-02T15:10:18ZMarcin SiodelskiKea MySQL CB accepts an option for non-existing subnetIt is possible to set a DHCP option with the `remote-option4-subnet-set` for non-existing subnet. It is possible that the same issue is present for other similar commands.It is possible to set a DHCP option with the `remote-option4-subnet-set` for non-existing subnet. It is possible that the same issue is present for other similar commands.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/856Enable dynamic prefix support2024-02-07T22:34:55ZTiago GasparEnable dynamic prefix support---
name: Enable dynamic prefix support
about: Allow dynamic prefixes in a interface
---
**Some initial questions**
- Are you sure your feature is not already implemented in the latest Kea version?
From all I've searched all over the ...---
name: Enable dynamic prefix support
about: Allow dynamic prefixes in a interface
---
**Some initial questions**
- Are you sure your feature is not already implemented in the latest Kea version?
From all I've searched all over the internet this is not a standard kea nor ISC-DHCP option
- Are you sure what you would like to do is not possible using some other mechanisms?
I can't see any other way to do this without a wacky faulty scipt
- Have you discussed your idea on kea-users or kea-dev mailing lists?
No, I'm new to this of contributing and have no idea on how to do that
**Is your feature request related to a problem? Please describe.**
So I have a Linux system, in this case OpenWRT as the main router in my home, and I receive a IPv6 prefix from my ISP of size /56 and OpenWRT receives it and assigns it to each interface with the size I describe, but as the prefix is dynamic I can't configure the prefix in kea's config files because it is constantly changing.
**Describe the solution you'd like**
My suggestion is that kea could allow us to set a interface to listen on (as it does) and in the `"subnet":` option it could allow us to set a network like ::/60 (witch is the address for unspecified network)
**Describe alternatives you've considered**
I've considered setting only the listening interface and no subnet option but theãt wouldn't work as Kea also works as a stateless DHCPv6 server, so this is the best way I can think that the server can work as stateless and stateful DHCPv6 with or without a dynamic prefix
**Additional context**
I have a OpenWRT in my house and my ISP gives me a IPv6 Dynamic prefix, although OpenWRT natively handles IPv6 very well with Odhcpd, it doesn't offer many options to give out to clients besides the required ones like DNS and Gateway so I decided to dich odhcpd and I thought of dhcpd but I saw that Kea was a new, better DHCP meant to replace dhcpd at some point so as I'm all for the new and better I installed Kea and got this problem.
**Funding its development**
I'm curently studying so I don't have the money to fund it, but I work in networking every day so I can help you develop this feature asn needed and as I can
**Participating in development**
Yes absolutely! I'm here as needed Just ask, sometimes I can take a bit because of school but I will answer
**Contacting you**
I'd rather you contact me trough github or through here, I will enable e-mail notifications and if you really need to talk I'll privately send my phone numberoutstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/860on macOS 10.14.6 when configuring --with-lcov libssl is not recognized2022-11-02T15:10:19ZRazvan Becheriuon macOS 10.14.6 when configuring --with-lcov libssl is not recognized```
checking for OpenSSL library... yes
checking OpenSSL version... OpenSSL 1.0.2s 28 May 2019
checking support of SHA-2... configure: error: missing EVP entry for SHA-2
```
however, without --with-lcov works fine```
checking for OpenSSL library... yes
checking OpenSSL version... OpenSSL 1.0.2s 28 May 2019
checking support of SHA-2... configure: error: missing EVP entry for SHA-2
```
however, without --with-lcov works finebackloghttps://gitlab.isc.org/isc-projects/kea/-/issues/861unittests related to waitForProcess fail on FreeBSD 122022-11-02T15:10:20ZRazvan Becheriuunittests related to waitForProcess fail on FreeBSD 12```
[ FAILED ] 6 tests, listed below:
[ FAILED ] MemfileLeaseMgrTest.leaseFileCleanup4
[ FAILED ] MemfileLeaseMgrTest.leaseFileCleanup6
[ FAILED ] MemfileLeaseMgrTest.leaseFileFinish
[ FAILED ] MemfileLeaseMgrTest.leaseFileCopy...```
[ FAILED ] 6 tests, listed below:
[ FAILED ] MemfileLeaseMgrTest.leaseFileCleanup4
[ FAILED ] MemfileLeaseMgrTest.leaseFileCleanup6
[ FAILED ] MemfileLeaseMgrTest.leaseFileFinish
[ FAILED ] MemfileLeaseMgrTest.leaseFileCopy
[ FAILED ] MemfileLeaseMgrTest.leaseUpgrade4
[ FAILED ] MemfileLeaseMgrTest.leaseUpgrade6
```
After extending the timeout for `waitForProcess()` function calls from 2s or 5s to 20s, the tests pass.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/872Use hardware address in name generation for DDNS update requests2022-11-02T15:10:18ZGhost UserUse hardware address in name generation for DDNS update requests---
name: kea-dhcp4 Name Generation for DDNS Update Requests
about: Use hardware address (or something else) instead of ip address
---
**Some initial questions**
- Are you sure your feature is not already implemented in the latest Kea ...---
name: kea-dhcp4 Name Generation for DDNS Update Requests
about: Use hardware address (or something else) instead of ip address
---
**Some initial questions**
- Are you sure your feature is not already implemented in the latest Kea version? **Yes**
- Are you sure what you would like to do is not possible using some other mechanisms? **Maybe with hooks?**
- Have you discussed your idea on kea-users or kea-dev mailing lists? **No**
**Is your feature request related to a problem? Please describe.**
The automatic generation of a name for the DDNS update request is: [generated-prefix]-[address-text].[qualifying-suffix].
I need a name because I don't know the IP address, but this auto generated name contains the IP address... I need to manage some equipments that don't request the hostname or don't have it set.
**Describe the solution you'd like**
A solution can be to mangle the hw address instead of the IP address, or the possibility to choose. An example:
aa:bb:cc:dd:ee:ff -> aa-bb-cc-dd-ee-ff
**Describe alternatives you've considered**
Write an hook...
**Additional context**
Add any other context about the feature request here.
**Funding its development**
Kea is run by ISC, which is a small non-profit organization without any government funding or any permanent sponsorship organizations. Are you able and willing to participate financially in the development costs? **No**
**Participating in development**
Are you willing to participate in the feature development? ISC team always tries to make a feature as generic as possible, so it can be used in wide variety of situations. That means the proposed solution may be a bit different that you initially thought. Are you willing to take part in the design discussions? Are you willing to test an unreleased engineering code? **Yes**
**Contacting you**
How can ISC reach you to discuss this matter further? If you do not specify any means such as e-mail, jabber id or a telephone, we may send you a message on github with questions when we have them.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/873Integrate CodeQL (LGTM replacement) security checker into our process2023-02-23T12:30:30ZTomek MrugalskiIntegrate CodeQL (LGTM replacement) security checker into our processThere's a tool called LGTM: https://lgtm.com/
It is advertised as a security checker and is free for open source projects.
@manu, @fdupont, @godfryd - have you ever used it? Any opinions?
UPDATE: LGTM was replaced with CodeQL.There's a tool called LGTM: https://lgtm.com/
It is advertised as a security checker and is free for open source projects.
@manu, @fdupont, @godfryd - have you ever used it? Any opinions?
UPDATE: LGTM was replaced with CodeQL.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/877performance: allow Discover/Solicit to actually allocate a lease2020-08-31T13:32:24ZTomek Mrugalskiperformance: allow Discover/Solicit to actually allocate a leaseThis is one of the proposals in [performance improvements for 1.7](https://gitlab.isc.org/isc-private/kea/wikis/performance1.7).
The idea behind it is that if we allocate the lease sooner, we eliminate potential conflicts, so there shou...This is one of the proposals in [performance improvements for 1.7](https://gitlab.isc.org/isc-private/kea/wikis/performance1.7).
The idea behind it is that if we allocate the lease sooner, we eliminate potential conflicts, so there should be fewer lookups. This is particularly important in high pool utilization scenarios.
Not a major improvement, but it should help a bit.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/878performance: implement backend statistics2023-07-31T13:02:12ZTomek Mrugalskiperformance: implement backend statisticsWe want to be able to measure the following:
* looking for reservations took X us,
* looking for leases took Y us.
* Z queries per packet were conducted.
* W total queries performed by backend, average response time was A.
* possibly st...We want to be able to measure the following:
* looking for reservations took X us,
* looking for leases took Y us.
* Z queries per packet were conducted.
* W total queries performed by backend, average response time was A.
* possibly stats by query type (getLease4byHWAddr, getLease4ByAddr, etc.)
* possibly query by SQL type (A number of SELECTs, B number of INSERTs, C number of DELETEs)
This, on its own, wouldn't improve any performance, but it will be an essential tool for assessing other performance improvement proposals.next-stable-2.6https://gitlab.isc.org/isc-projects/kea/-/issues/879Implement SLAAC (stateless IPv6 configuration) daemon2019-09-05T15:54:40ZTomek MrugalskiImplement SLAAC (stateless IPv6 configuration) daemonThis is an experiment we (@fdupont, @godfryd, @tomek) did during a hackathon in Prague. For details, see
https://gitlab.isc.org/isc-projects/kea/wikis/hackathon/slaac.
This ticket is created to slowly evolve the code into something tha...This is an experiment we (@fdupont, @godfryd, @tomek) did during a hackathon in Prague. For details, see
https://gitlab.isc.org/isc-projects/kea/wikis/hackathon/slaac.
This ticket is created to slowly evolve the code into something that could one day be accepted as experimental feature in Kea.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/895implement alternate allocators2023-05-08T09:58:50ZFrancis Dupontimplement alternate allocatorsToday we provide only the incremental allocator (last_allocated_address++). It is trivial but obviously leads to contention in a multi-thread allocation. I propose two other allocators:
- [ ] hash based allocation (e.g. hash the client ...Today we provide only the incremental allocator (last_allocated_address++). It is trivial but obviously leads to contention in a multi-thread allocation. I propose two other allocators:
- [ ] hash based allocation (e.g. hash the client MAC address): it is stable (same client will likely get the same address) and predictable
- [x] pure random: very secure, not stable nor predictable (with a real (vs fake) PRNG). Done in #969.
- [x] FLQ: Free leases queue. Kea can create all leases on startup and keep going through this list. This uses more memory, but provide constant speed (or small speed up) when pool utilization grows. Implemented in #2780.
I am adding multi-threading label but it is only related.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/896Strange Sphinx ARM search results2022-11-02T15:10:18ZSuzanne GoldlustStrange Sphinx ARM search resultsI'm seeing a weird thing in the Kea RTD ARM: I went to the main page (https://kea.readthedocs.io/en/latest/) and searched for "configuration backend" in the search box. It found 50 pages matching the search query, so I clicked on the fir...I'm seeing a weird thing in the Kea RTD ARM: I went to the main page (https://kea.readthedocs.io/en/latest/) and searched for "configuration backend" in the search box. It found 50 pages matching the search query, so I clicked on the first set of responses (https://kea.readthedocs.io/en/latest/config.html?highlight=configuration%20backend), but they all say "SORRY - This page does not exist yet." If I go to the second set of matches (https://kea.readthedocs.io/en/latest/arm/config.html?highlight=configuration%20backend), those work. Why is the first set coming up in the search results if it doesn't work correctly?
And search does work correctly if I go to the 1.6.0 version rather than to "latest."backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/902Configuration Backend in DHCPv4 dhcp4_subnet not display2019-10-03T19:12:39ZGhost UserConfiguration Backend in DHCPv4 dhcp4_subnet not display![image](/uploads/78df9669353f2e41db6aac33097f6b65/image.png)
this is sql dhcp4_options tables
this is post confi-get , not code 3 display in subnet id 216,99
"subnet4": [
{
"4o6-interface": "...![image](/uploads/78df9669353f2e41db6aac33097f6b65/image.png)
this is sql dhcp4_options tables
this is post confi-get , not code 3 display in subnet id 216,99
"subnet4": [
{
"4o6-interface": "",
"4o6-interface-id": "",
"4o6-subnet": "",
"id": 99,
"option-data": [
{
"always-send": false,
"code": 3,
"csv-format": true,
"data": "192.168.0.1",
"name": "routers",
"space": "dhcp4"
}
],
"pools": [
{
"option-data": [],
"pool": "192.168.0.10-192.168.0.100"
}
],
"relay": {
"ip-addresses": []
},
"reservations": [],
"subnet": "192.168.0.0/24"
},
{
"4o6-interface": "",
"4o6-interface-id": "",
"4o6-subnet": "",
"id": 100,
"option-data": [],
"pools": [
{
"option-data": [],
"pool": "192.168.1.10-192.168.1.100"
}
],
"relay": {
"ip-addresses": []
},
"reservations": [],
"subnet": "192.168.1.0/24"
},
{
"4o6-interface": "",
"4o6-interface-id": "",
"4o6-subnet": "",
"id": 216,
"option-data": [
{
"always-send": false,
"code": 6,
"csv-format": true,
"data": "172.22.1.253",
"name": "domain-name-servers",
"space": "dhcp4"
},
{
"always-send": false,
"code": 4,
"csv-format": true,
"data": "10.10.10.50",
"name": "time-servers",
"space": "dhcp4"
}
],
"pools": [
{
"option-data": [],
"pool": "172.30.216.10-172.30.216.20"
}
],
"relay": {
"ip-addresses": []
},
"reservations": [],
"subnet": "172.30.216.0/21"
}
],outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/906man pages should be conditional on built binary2022-11-02T15:10:19Ztoppkman pages should be conditional on built binaryhere's a trivial patch to not generate kea-netconf(8) man page if sysrepo support is not enabled.
[0005-disablenetconf.patch](/uploads/c5c6042137f849a29567e421007a2077/0005-disablenetconf.patch)here's a trivial patch to not generate kea-netconf(8) man page if sysrepo support is not enabled.
[0005-disablenetconf.patch](/uploads/c5c6042137f849a29567e421007a2077/0005-disablenetconf.patch)backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/926configure failed since cannot find stdlib.h on Yocto Poky Linux2022-06-23T08:57:27ZGhost Userconfigure failed since cannot find stdlib.h on Yocto Poky Linuxcongfigure kea with --boost_include_path may cause stdlib.h cannot be found
it is caused by below commit:
https://github.com/isc-projects/kea/commit/98e64a69d5271db2a6f4944b7c377ee6488a1a42
Change of ax_boost_for_kea.m4:
- BOOST_INCL...congfigure kea with --boost_include_path may cause stdlib.h cannot be found
it is caused by below commit:
https://github.com/isc-projects/kea/commit/98e64a69d5271db2a6f4944b7c377ee6488a1a42
Change of ax_boost_for_kea.m4:
- BOOST_INCLUDES="-I${boost_include_path}"
+ BOOST_INCLUDES="-isystem ${boost_include_path}"
and -isystem could cause this problem, refer: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70129
and https://stackoverflow.com/questions/37218953/isystem-on-a-system-include-directory-causes-errorsoutstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/927Improve parsing of commas within text strings2019-10-17T15:43:43ZMichael McNallyImprove parsing of commas within text stringsOur friend Shawn, on support ticket [#15079](https://support.isc.org/Ticket/Display.html?id=15079) was having a bit of awkwardness trying to define some string-valued options in which the strings contained commas.
He wrote:
>>>
We have ...Our friend Shawn, on support ticket [#15079](https://support.isc.org/Ticket/Display.html?id=15079) was having a bit of awkwardness trying to define some string-valued options in which the strings contained commas.
He wrote:
>>>
We have a customer attempting to put a comma separated string into an option defined as text in Kea. Kea appears to be treating the comma as a delimiter for arrays and discarding the comma and the text after the comma. It appears that you may have addressed this issue somewhat in 1.6.0 but I wanted to check if there is any way to escape or otherwise allow for commas in text strings in 1.5.0.
For example given this option definition
```
{
"space": "dhcp4",
"code": 176,
"type": "string",
"name": "test"
}
```
And this specification for the option value
```
{
"name": "test",
"code": 177,
"data": "foo,bar"
}
```
We are only seeing "foo" put into the packet sent to the client. I have tried single quoting the text
"'foo,bar'" and escaping the comma "foo\,bar" and neither seem to work.
>>>
In a subsequent response on the same ticket he mentions that he has found a way to successfully escape the commas using multiple backslashes but this is likely to be a situation encountered by other operators who may find it similarly confusing, therefore we should consider (ideally) improving the parsing of commas that are within string literals OR (if not) at least better documenting how to use them.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/929replace boost::shared_ptr/weak_ptr and similar components with std::shared_pt...2019-10-17T15:53:34ZRazvan Becheriureplace boost::shared_ptr/weak_ptr and similar components with std::shared_ptr/std::weak_ptr and respective std componentsAs the code uses std::shared_ptr and boost_shared_ptr, the code should use only c++11 stl (std) components (if provided).
From what I know, only multi index container is not implemented in stl. Everything else should be stl.As the code uses std::shared_ptr and boost_shared_ptr, the code should use only c++11 stl (std) components (if provided).
From what I know, only multi index container is not implemented in stl. Everything else should be stl.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/938Implement RFC8539 (new softwire options)2019-10-24T15:54:34ZTomek MrugalskiImplement RFC8539 (new softwire options)There's a new [RFC 8539](https://tools.ietf.org/html/rfc8539) published. We should support it one day.
As there are currently no known customers or users and the complexity of its implementation is non-trivial, this is not a high priority.There's a new [RFC 8539](https://tools.ietf.org/html/rfc8539) published. We should support it one day.
As there are currently no known customers or users and the complexity of its implementation is non-trivial, this is not a high priority.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/942Feature: Client-Class option to always be required when "only-if-required" is...2022-11-02T15:10:19ZChrisFeature: Client-Class option to always be required when "only-if-required" is trueExplicitly requiring the classes in every subnet is currently the only way to achieve this.
**Participating in development**
Are you willing to participate in the feature development? ISC team always tries to make a feature as generic a...Explicitly requiring the classes in every subnet is currently the only way to achieve this.
**Participating in development**
Are you willing to participate in the feature development? ISC team always tries to make a feature as generic as possible, so it can be used in wide variety of situations. That means the proposed solution may be a bit different that you initially thought. Are you willing to take part in the design discussions? Are you willing to test an unreleased engineering code?
I am able and willing to help as much as I can/am of use. This includes testing of experimental code.
**Contacting you**
Gitlab/hubbackloghttps://gitlab.isc.org/isc-projects/kea/-/issues/948hooks providing commands should check for control channel2019-11-28T16:39:45ZFrancis Duponthooks providing commands should check for control channelAs mentioned in #794 cb_cmds and in general any hooks mostly providing commands should check a control channel is configured as obviously they are useless without one... #794 recommends to refuse to load.As mentioned in #794 cb_cmds and in general any hooks mostly providing commands should check a control channel is configured as obviously they are useless without one... #794 recommends to refuse to load.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/951Move Changelog to markdown2019-11-28T16:44:25ZTomek MrugalskiMove Changelog to markdownWe have issue numbers, MR links and commit-ids in the changelog. If we rename the file to ChangeLog.md, gitlab will turn them into clickable links.We have issue numbers, MR links and commit-ids in the changelog. If we rename the file to ChangeLog.md, gitlab will turn them into clickable links.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/953Provide capability to specify lease lifetimes at Pool and possibly Reservatio...2022-11-02T15:10:20ZGhost UserProvide capability to specify lease lifetimes at Pool and possibly Reservation level---
name: Feature request - Support `valid-lifetime` for pools
about: Management of lease lifetimes in IPv4 and IPv6 pools
---
(Apologies if I have filled the form in incorrectly. I wasn't sure which fields you wanted updated or replac...---
name: Feature request - Support `valid-lifetime` for pools
about: Management of lease lifetimes in IPv4 and IPv6 pools
---
(Apologies if I have filled the form in incorrectly. I wasn't sure which fields you wanted updated or replaced.)
**Some initial questions**
- Are you sure your feature is not already implemented in the latest Kea version?
- I have confirmed it is not implemented in 1.5 and can see no indication in documentation that anything has changed in 1.7.
- Are you sure what you would like to do is not possible using some other mechanisms?
- I do not believe it is possible.
- Have you discussed your idea on kea-users or kea-dev mailing lists?
- I have raised it on kea-users and a similar issue was previously raised in 2017 (https://lists.isc.org/mailman/htdig/kea-users/2017-March/000898.html)
**Is your feature request related to a problem? Please describe.**
- In our environment we mostly use reservations with long leases so that network problems do not cause a loss of address, but cannot do this with addresses from pools otherwise we would run out of pool addresses. We have pools and reservations in non-overlapping sections of the same subnets, so specifying the lease lifetime on the subnet is not an option. The ability to specify lease lifetimes on individual hosts would also be useful but far less important than being able to have different values for pools versus the rest of the subnet.
**Describe the solution you'd like**
I would like to see the `valid-lifetime` attribute supported for pools and possibly reservations. Given the addition of `max-lease-time` and `min-lease-time` in 1.6, it would make sense to provide these as well for consistency although we are unlikely to use them.
**Describe alternatives you've considered**
- Separating pools from reservations using different subnets is not practical as it would require rearchitecting our network which has over 1,000 subnets.
- Having the same lease time for reservations and pools would reduce the reliability/functionality of our network in some areas.
**Additional context**
- We are currently using this capability with the old ISC dhcpd server.
- Our IPv6 configuration mirrors our IPv4 configuration so we would like the capabilities to be equivalent (where this makes sense) in both.
**Funding its development**
Kea is run by ISC, which is a small non-profit organization without any government funding or any permanent sponsorship organizations. Are you able and willing to participate financially in the development costs?
- Unfortunately no. :-(
**Participating in development**
Are you willing to participate in the feature development? ISC team always tries to make a feature as generic as possible, so it can be used in wide variety of situations. That means the proposed solution may be a bit different that you initially thought. Are you willing to take part in the design discussions? Are you willing to test an unreleased engineering code?
- I would be interested in participating, but doubt I would have time to get up to speed on how the software currently works in order to develop any code.
- Do you have any pointers to documentation on the structure of the code so I can start to try to understand it even if I can't produce useful code?
- I am definitely willing to be involved in design discussions, test out engineering code and provide feedback on potential solutions or implementations.
**Contacting you**
How can ISC reach you to discuss this matter further? If you do not specify any means such as e-mail, jabber id or a telephone, we may send you a message on github with questions when we have them.
- I can be contacted at John.Gibbins@csiro.au or +61 2 6124 1419.
- Telephone may be problematic due the time difference with Australia (AEDT = GMT+11).backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/968Implement the hash allocator2023-07-05T10:42:16ZFrancis DupontImplement the hash allocatorReference #895, requires #966Reference #895, requires #966next-stable-3.0https://gitlab.isc.org/isc-projects/kea/-/issues/972Pool level DHCP options are ignored while returning ACK to client's INFORM2021-10-20T10:30:59ZGhost UserPool level DHCP options are ignored while returning ACK to client's INFORM**Bug Description**
For a client's DHCPINFORM message that requests (option 55) for a set of DHCP options, Kea ignores DHCP options in the pool configuration and only returns options specified in the subnet configuration while returning...**Bug Description**
For a client's DHCPINFORM message that requests (option 55) for a set of DHCP options, Kea ignores DHCP options in the pool configuration and only returns options specified in the subnet configuration while returning the DHCPACK
**To Reproduce**
For the example below, randomly selected option 67 (bootfile name) to test
1. Run Kea dhcpv4 with the following subnet config
```
"subnet4": [
{
"subnet": "192.168.5.0/24",
"pools": [
{
"pool": "192.168.5.111 - 192.168.5.222",
"option-data": [
{
"name": "boot-file-name",
"data": "poolLevel"
}]
}],
"option-data": [
{
"name": "boot-file-name",
"data": "subnetLevel"
}]
}
]
```
2. Client sends DHCPDISCOVER wherein client requests for Bootfile name (option 67) in the Parameter Request List (option 55)
3. Kea responds with DHCPOFFER that includes Bootfile name (option 67) with value `poolLevel` from pool configuration
4. Client follows up with DHCPREQUEST with the same list of options and Kea returns DHCPACK with the OFFER'd values.
5. Client sends DHCPINFORM requesting for Bootfile name (option 67) in the Parameter Request List (option 55)
6. Kea returns DHCPACK including Bootfile name (option 67) with unexpected value `subnetLevel`
**Expected behavior**
Server must respond to DHCPINFORM with values from the client's matching pool configuration in the DHCPACK, unless no such option is defined in the pool configuration.
In context of the example above, at step 6, server must return DHCPACK with value of Bootfile name (option 67) as `poolLevel`
**Environment:**
- Kea version: 1.7.1-git
git cf6a766d28c565bd4a0abe8631422dd9fdeb27ce
- OS: Ubuntu 18.04.2outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/980MySQL Group Replication doesn't support foreign key cascade2021-04-06T09:26:00ZGhost UserMySQL Group Replication doesn't support foreign key cascade**COMPLETELY UPDATED**
I'm using Kea 1.7.0 (installed via the cloudsmith.io yum repo) on CentOS 7.7.1908 with all updates installed. I'm using MySQL 8.0.18 installed from MySQL's yum repo for the backend. MySQL is configured with Group ...**COMPLETELY UPDATED**
I'm using Kea 1.7.0 (installed via the cloudsmith.io yum repo) on CentOS 7.7.1908 with all updates installed. I'm using MySQL 8.0.18 installed from MySQL's yum repo for the backend. MySQL is configured with Group Replication.
I ran into this issue trying to insert into dhcp4_options while doing a host reservation.
After digging into MySQL logs I found these errors:
[ERROR] [MY-011543] [Repl] Plugin group_replication reported: 'Table dhcp4_audit has a foreign key with 'CASCADE' clause. This is not compatible with Group Replication.'
[ERROR] [MY-011543] [Repl] Plugin group_replication reported: 'Table dhcp6_audit has a foreign key with 'CASCADE' clause. This is not compatible with Group Replication.'
I set the following foreign keys to no action:
* fk_dhcp4_audit_revision on update
* fk_dhcp6_audit_revision on update
* fk_dhcp4_subnet_shared_network on delete
* fk_dhcp6_subnet_shared_network on delete
* fk_dhcp4_pool_subnet_id on update
* fk_dhcp6_pool_subnet_id on update
* fk_dhcp6_pd_pool_subnet_id on update
Making these changes appears to work. I can insert and delete reservations and reservation specific options and Kea uses the reservations to respond to requests. However, I'm assuming these constraints are in there for a reason so what have I broken by doing this?outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/990Better support for recent Botan (configure, warnings)2022-11-02T15:10:18ZFrancis DupontBetter support for recent Botan (configure, warnings)Recent versions of Botan display some warnings:
```
In file included from botan_hash.cc:14:
/usr/local/Cellar/botan/2.12.1/include/botan-2/botan/lookup.h:35:1: warning: this header is deprecated [-W#pragma-messages]
BOTAN_DEPRECATED_HEAD...Recent versions of Botan display some warnings:
```
In file included from botan_hash.cc:14:
/usr/local/Cellar/botan/2.12.1/include/botan-2/botan/lookup.h:35:1: warning: this header is deprecated [-W#pragma-messages]
BOTAN_DEPRECATED_HEADER(lookup.h)
^
/usr/local/Cellar/botan/2.12.1/include/botan-2/botan/compiler.h:104:42: note: expanded from macro 'BOTAN_DEPRECATED_HEADER'
#define BOTAN_DEPRECATED_HEADER(hdr) _Pragma("message \"this header is deprecated\"")
^
<scratch space>:214:2: note: expanded from here
message "this header is deprecated"
^
1 warning generated.
In file included from botan_hmac.cc:14:
/usr/local/Cellar/botan/2.12.1/include/botan-2/botan/hmac.h:14:1: warning: this header will be made internal in the future [-W#pragma-messages]
BOTAN_FUTURE_INTERNAL_HEADER(hmac.h)
^
/usr/local/Cellar/botan/2.12.1/include/botan-2/botan/compiler.h:107:49: note: expanded from macro 'BOTAN_FUTURE_INTERNAL_HEADER'
#define BOTAN_FUTURE_INTERNAL_HEADER(hdr) _Pragma("message \"this header will be made internal in the future\"")
^
<scratch space>:214:2: note: expanded from here
message "this header will be made internal in the future"
^
In file included from botan_hmac.cc:15:
/usr/local/Cellar/botan/2.12.1/include/botan-2/botan/lookup.h:35:1: warning: this header is deprecated [-W#pragma-messages]
BOTAN_DEPRECATED_HEADER(lookup.h)
^
/usr/local/Cellar/botan/2.12.1/include/botan-2/botan/compiler.h:104:42: note: expanded from macro 'BOTAN_DEPRECATED_HEADER'
#define BOTAN_DEPRECATED_HEADER(hdr) _Pragma("message \"this header is deprecated\"")
^
<scratch space>:216:2: note: expanded from here
message "this header is deprecated"
^
2 warnings generated.
```
BTW these warnings are only displayed: the quote is from a --with-werror build.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/993Remove bad use of NULL or nullptr from Kea C++ code.2019-12-05T16:52:19ZFrancis DupontRemove bad use of NULL or nullptr from Kea C++ code.For the second we decided a long time ago to not use it. For the first it is far simpler: NULL simply does not exist in C++ (and BTW some systems do not define it for C++ which is with type problems from the cast another source of errors...For the second we decided a long time ago to not use it. For the first it is far simpler: NULL simply does not exist in C++ (and BTW some systems do not define it for C++ which is with type problems from the cast another source of errors with NULL).outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/995500 IPv4 address limit2022-11-02T15:10:17ZGhost User500 IPv4 address limit**Describe the bug**
When more than 500 IPv4 addresses are configured on NICs that KEA uses, no configuration changes can be made using hooks. kea-dhcp4 goes to 100% CPU load.
**To Reproduce**
Steps to reproduce the behavior:
1. Run Kea...**Describe the bug**
When more than 500 IPv4 addresses are configured on NICs that KEA uses, no configuration changes can be made using hooks. kea-dhcp4 goes to 100% CPU load.
**To Reproduce**
Steps to reproduce the behavior:
1. Run Kea (dhcpv4) with MySQL backend for CB, leases and hosts and configured to use a NIC with 500+ IPv4 addresses on it
2. Try to change configuration for example like:
curl -X POST -H "Content-Type: application/json" -d '{ "command": "remote-network4-set", "service": [ "dhcp4" ], "arguments": { "shared-networks": [ { "name": "test-1", "interface": "ens37", "valid-lifetime": 60 } ], "remote": { "type": "mysql" }, "server-tags": [ "all" ] } }' http://localhost:8080/
or
curl -X POST -H "Content-Type: application/json" -d '{ "command": "reservation-add", "service": [ "dhcp4" ], "arguments": { "reservation": { "subnet-id": 20001, "hw-address": "1a:2b:3c:4d:5e:6f", "ip-address": "10.0.1.2" } } }' http://localhost:8080/
3. The server then goes to 100% CPU load and does not change the configuration as requested.
4. Response: [ { "result": 1, "text": "unable to forward command to the dhcp4 service: Operation canceled. The server is likely to be offline" } ]
**Expected behavior**
A clear and concise description of what you expected to happen:
The server should change the configuration as requested and not keep using 100% CPU.
**Environment:**
- Kea version: 1.6.0
- OS: Debian 10.1 x64
- MySQL backend 8.2, library 10.3.17, Memfile backend 2.1
- libdhcp_mysql_cb.so, libdhcp_cb_cmds.so, libdhcp_host_cmds.so are loaded
**Additional Information**
Everything works as expected with up to 499 IPv4 addresses on the NIC used by KEA. We did not test IPv6. We also did not test if the server is still able to answer to DHCP requests in the failed state.
**Contacting you**
You can send me an e-mail to stephan@bahr-it.combackloghttps://gitlab.isc.org/isc-projects/kea/-/issues/997Remove commit and rollback methods from lease and host manager APIs.2022-11-02T15:10:18ZFrancis DupontRemove commit and rollback methods from lease and host manager APIs.They are unused so useless. Note they make sense only with transactions which span over more than one service method and such transactions (nor a way to manage them) do not exist.They are unused so useless. Note they make sense only with transactions which span over more than one service method and such transactions (nor a way to manage them) do not exist.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1001configure tweaks2022-02-21T16:09:52ZTomek Mrugalskiconfigure tweaksThere are several things we could tweak in the configure script:
- several help instances show defaults in double brackets `[[default=no]]`, but others show in single brackets `[default=no]` and others as `(default=no)` , e.g. --with-we...There are several things we could tweak in the configure script:
- several help instances show defaults in double brackets `[[default=no]]`, but others show in single brackets `[default=no]` and others as `(default=no)` , e.g. --with-werror.
- unknown (e.g. misspelled) parameters are ignored (e.g. `--with-gtest-sources=..`). There's a warning at the top, but it should either be error or at least made more prominent.
- sphinx-build is being printed twice
- the expression "building docs in PDF" is awkward, should be "building PDF docs"
- there are old checks for __SUNPRO_CC - we don't and won't support Solaris
- with-aix-soname - why do we have option like this?
- the options are split into "optional features" and "optional packages" in seemingly random fashion (perfdhcp, static link and disable-rpath are in packages section, mysql, werror checking and some weird AIX options in "packages")outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1009Provide a standard queue choice for packet queue2019-12-12T16:57:24ZFrancis DupontProvide a standard queue choice for packet queueToday we have only the ring but even with an infinite (0) capacity it is not the same than a queue.
Whether this should stay internal to the dhcp library or available to DHCP server syntaxes is still a subject for discussion.Today we have only the ring but even with an infinite (0) capacity it is not the same than a queue.
Whether this should stay internal to the dhcp library or available to DHCP server syntaxes is still a subject for discussion.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1012Add a require at least version in config syntax2019-12-12T16:59:48ZFrancis DupontAdd a require at least version in config syntaxThis feature will provide a way to say the configuration file requires at least a specified Kea version. Useful for Keama and Stork, or in general for any tool which builds configuration files.This feature will provide a way to say the configuration file requires at least a specified Kea version. Useful for Keama and Stork, or in general for any tool which builds configuration files.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1018statistic-remove-all removes also total-addresses and similar statistics2022-11-02T15:10:19ZFrancis Dupontstatistic-remove-all removes also total-addresses and similar statisticsNot very consistent but not critical too. Just should be addressed before using stats contexts.Not very consistent but not critical too. Just should be addressed before using stats contexts.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1027Database reconnect settings ignored during startup2023-11-18T09:34:42ZChrisDatabase reconnect settings ignored during startup**Describe the bug**
During startup if the database is unreachable (which is easily possible during boot since there is, understandably, no dependency/ordering on sql servers in the default systemd unit) kea-server will immediately shut...**Describe the bug**
During startup if the database is unreachable (which is easily possible during boot since there is, understandably, no dependency/ordering on sql servers in the default systemd unit) kea-server will immediately shut down despite reconnect settings.
Since there is a chance for the SQL database to be available after kea is being started this can lead to kea not running after boot despite being expected to.
**To Reproduce**
Steps to reproduce the behavior:
1. Configure Kea with mysql leases/reservations including reconnect options ("max-reconnect-tries": 10,"reconnect-wait-time": 1000)
2. Stop and start kea + mysql, kea before mysql
```
service isc-kea-dhcp4-server stop; service mysql stop; service isc-kea-dhcp4-server start; service mysql start; sleep 1; service isc-kea-dhcp4-server status;
```
3. See that no reconnect attempts were made
**Expected behavior**
Kea to use the reconnect options during startup
**Environment:**
- Kea version: 1.6.0
- OS: Ubuntu 18.04 x64
- From ISC Kea repository
- If/which hooks where loaded in: lease-commands, haoutstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1028New classification design.2023-07-31T11:54:22ZFrancis DupontNew classification design.Some proposals for a new classification design:
- replace the list+set by a multi-index
- replace the required-xxx by a more direct add-client-classes.
- add this new add-client-classes to host reservations as an alias of the existing...Some proposals for a new classification design:
- replace the list+set by a multi-index
- replace the required-xxx by a more direct add-client-classes.
- add this new add-client-classes to host reservations as an alias of the existing client-classes (same entry with the same behavior for all objects which add a class to the query)
- complete the list of class evaluation points:
* new points after the deferred unpack, pkt*_receive hook, etc
* make clear in the doc that which a classification point is for:
+ dependency on a packet procession phase (e.g. KNOWN/UNKNOWN)
+ usage for the next packet processing step (e.g. subnet selection, pool guard, output option)
* add an enum (vs a few flags) for the point where a class must be evaluated
* add a meta-data with the value of its enum and make it visible to users
- same rules on dependency (use of member in expression):
* no forward reference (the user class in a member clause must be already defined)
* get the last classification point
* perhaps a new built-in class for instance for the pkt*_receive hook
- document the way to switch from expired-* to this new stuff (but do not develop a tool to translate configurations)
- (next steps?) new uses of classes (e.g. lifetime), new expressions (e.g. in the response vs the query): in almost all cases this means new classification pointsnext-stable-3.0https://gitlab.isc.org/isc-projects/kea/-/issues/1029New built-in client class for incomplete unpacking2020-01-09T16:56:32ZFrancis DupontNew built-in client class for incomplete unpackingCurrent Kea accepts packets which have a not fatal error during unpacking. I believe it was added by @tmark: in such case the SkipRemainingOptionsError exception is thrown and processing continue.
I'd like to put such packets in a new b...Current Kea accepts packets which have a not fatal error during unpacking. I believe it was added by @tmark: in such case the SkipRemainingOptionsError exception is thrown and processing continue.
I'd like to put such packets in a new built-in class so a "not option[xxx].exist" can't be mislead: it will be enough to add "add not member("<new-class-name>')".
This allows too to classify such packets in the DROP class so by configuration accept or drop them.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1030client class added by hooks and expressions2020-01-16T16:36:32ZFrancis Dupontclient class added by hooks and expressionsA client class added by a hook in pkt4_receive can't be used in an expression because the main classification is done before the callout. This means it can be used only directly for subnet selection, e.g. if the hook adds the class "foo"...A client class added by a hook in pkt4_receive can't be used in an expression because the main classification is done before the callout. This means it can be used only directly for subnet selection, e.g. if the hook adds the class "foo" you can guard a subnet by "foo" but not by a class "not-foo" defined by the expression "not member('foo')".
The case of pool guard is more complex because it is possible to move to the host identifier classification point using "KNOWN" or "UNKNOWN" in the expression. Of course it is simpler for required classes which are evaluated late.
This is not beyond repair but if we want to change this IMHO it is better to reconsider the whole classification design as explained in #1028.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1039avoiding race conditions when sharing database between processes or threads2021-10-20T10:31:31ZRazvan Becheriuavoiding race conditions when sharing database between processes or threadsthis ticket is intended to clarify the design needed to make 2 servers using the same database function properly.
the main problem is that, by having 2 separate servers or threads, one could insert/delete/update one lease at the same tim...this ticket is intended to clarify the design needed to make 2 servers using the same database function properly.
the main problem is that, by having 2 separate servers or threads, one could insert/delete/update one lease at the same time the other does some similar action.
this ticket is no related to multi-threading but the MT design relies on the fact that the functionality of 2 servers sharing the database is handled properlyoutstandingRazvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/1045Implement wipe commands for PgSQL and MySQL2020-04-29T10:35:15ZTomek MrugalskiImplement wipe commands for PgSQL and MySQL@fdupont reported that wipe commands for MySQL and PgSQL are not implemented. This is an unfortunate omission.
We need to implement them.
One thing to do is to look at older branches. Perhaps there's some code there. I vaguely recall t...@fdupont reported that wipe commands for MySQL and PgSQL are not implemented. This is an unfortunate omission.
We need to implement them.
One thing to do is to look at older branches. Perhaps there's some code there. I vaguely recall they were being discussed with some code written, but I may be misremembering.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1054The new status-get command may report that the servers are in touch even if t...2022-11-02T15:10:19ZMarcin SiodelskiThe new status-get command may report that the servers are in touch even if they aren'tThis is the followup ticket to https://gitlab.isc.org/isc-projects/kea/issues/1041
The new status-get command returns HA status which includes `in-touch` flag indicating if the status of the partner was gathered via successful heartbeat...This is the followup ticket to https://gitlab.isc.org/isc-projects/kea/issues/1041
The new status-get command returns HA status which includes `in-touch` flag indicating if the status of the partner was gathered via successful heartbeat. That also how we document it. However, this flag is set based on the current status of the partner which is assumed to be negative if no heartbeat went through. The truth is though that the server assumes the state "unavailable" if it can't communicate with the partner and sets the in-touch flag to true. That defeats the purpose of this flag, so should be corrected. However, the impact of this is low as this is really a corner case situation.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1084Kea does not recover from interface down when Kea starts2024-02-08T14:35:31ZRob AusteinKea does not recover from interface down when Kea startsProblem scenario: Debian 9 server running Kea 1.7.1 package, server has three interfaces: eth1 serves directly connected hosts, eth2 and eth3 serve via DHCP relays, so must use "raw" rather than "udp" configuration. Problem is: server i...Problem scenario: Debian 9 server running Kea 1.7.1 package, server has three interfaces: eth1 serves directly connected hosts, eth2 and eth3 serve via DHCP relays, so must use "raw" rather than "udp" configuration. Problem is: server is part of a large rack of equipment, and we have no control over the order in which things come up, not to mention various replacement and reinstall scenarios. Kea quietly fails to listen on interfaces that show no carrier at the time Kea first starts, and never notices when they come up.
So far I have not thought of anything better than a separate process which monitors link states (eg with PyRoute2) and sends a config-reload control message whenever any of the interfaces comes up. This seems kind of lame.
Is this a known issue? Note that this is not the "new interface" problem: we know all the interfaces and list them in the config file, we just can't guarantee that they'll be up (and in some cases they *can't* come up until after Kea does because they're waiting for a DHCP lease in order to install the software that will eventually bring up the other end of the link).
Is this something ISC is likely to be able to fix anytime soon? Is there a better workaround?
Thanks! (Obligatory note: on the whole I'm very happy with Kea as a replacement for isc-dhcpd, don't think I'm complaining about the new thing... I just need to find a solution to this problem.)outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1092legal logging hook should save state of lease added via lease4/6-add commands2022-11-02T15:10:19ZWlodzimierz Wencellegal logging hook should save state of lease added via lease4/6-add commandsFound out while I was working on isc-projects/kea#1022
Lease4/6-add commands are related to legal logging hook. If administrator is able to add lease with different states - it should be logged when legal logging hook is enabled. e.g.:
...Found out while I was working on isc-projects/kea#1022
Lease4/6-add commands are related to legal logging hook. If administrator is able to add lease with different states - it should be logged when legal logging hook is enabled. e.g.:
commands and result:
```
'{"command": "lease6-add","arguments": {"state": 2, "subnet-id": 1,"ip-address": "2001:db8:1::1","duid": "1a:1b:1c:1d:1e:1f:20:21:22:23:24","iaid": 1234}}'
{
"result": 0,
"text": "Lease for address 2001:db8:1::1, subnet-id 1 added."
}
'{"command": "lease6-add","arguments": {"state": 1, "subnet-id": 1,"ip-address": "2001:db8:1::2","duid": "1a:1b:1c:1d:1e:1f:20:21:22:23:24","iaid": 1234}}'
{
"result": 0,
"text": "Lease for address 2001:db8:1::2, subnet-id 1 added."
}
'{"command": "lease6-add","arguments": {"state": 0, "subnet-id": 1,"ip-address": "2001:db8:1::3","duid": "1a:1b:1c:1d:1e:1f:20:21:22:23:24","iaid": 1234}}'
{
"result": 0,
"text": "Lease for address 2001:db8:1::3, subnet-id 1 added."
}
```
and even if we added 3 different leases, legal logging saved this:
```
2020-01-24 05:49:42 PST Administrator added a lease of address: 2001:db8:1::1 to a device with DUID: 1a:1b:1c:1d:1e:1f:20:21:22:23:24
2020-01-24 05:49:42 PST Administrator added a lease of address: 2001:db8:1::2 to a device with DUID: 1a:1b:1c:1d:1e:1f:20:21:22:23:24
2020-01-24 05:49:42 PST Administrator added a lease of address: 2001:db8:1::3 to a device with DUID: 1a:1b:1c:1d:1e:1f:20:21:22:23:24
```backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1099Support for hostname-char like parameters in the CB2022-11-02T15:10:19ZMarcin SiodelskiSupport for hostname-char like parameters in the CBThe ticket #946 added support for some DDNS specific parameters into the Config Backend. However, it did not include the following two:
- hostname-char-replacement
- hostname-char-set
Those two must be added as well at global, subnet an...The ticket #946 added support for some DDNS specific parameters into the Config Backend. However, it did not include the following two:
- hostname-char-replacement
- hostname-char-set
Those two must be added as well at global, subnet and shared network level.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1117Mix of physical and virtual interfaces (VLAN) does not work2024-03-14T10:45:38ZTalkaboutMix of physical and virtual interfaces (VLAN) does not work**Describe the bug**
Setting up KEA DHCP server on a system to listen to a physical interface and one or multiple virtual interfaces causes wrong IP pools to be assigned.
**To Reproduce**
Steps to reproduce the behavior:
1. Set up a vir...**Describe the bug**
Setting up KEA DHCP server on a system to listen to a physical interface and one or multiple virtual interfaces causes wrong IP pools to be assigned.
**To Reproduce**
Steps to reproduce the behavior:
1. Set up a virtual interface as VLAN interface connected to a physical interface
2. Configure KEA DHCP server to listen to physical interface and virtual interface in "raw" mode
3. Try to request an IP from the pool assigned to the VLAN
4. KEA DHCP server gets confused and handles the request on both devices advertising different ips
**Expected behavior**
Proper IP pools should be assigned. VLAN requests must not be handled on physical device.
**Environment:**
- Kea version: 1.6.1
- OS: Debian 10
- Which features were compiled in (in particular which backends): mysql
- If/which hooks where loaded in: libdhcp_stat_cmds.so, libdhcp_ha.so, libdhcp_lease_cmds.so
**Additional Information**
Config file:
```
{
"Dhcp4": {
"interfaces-config": {
"interfaces": [ "eth0", "eth0.30", "eth0.50", "eth0.100" ],
"dhcp-socket-type": "raw"
},
"control-socket": {
"socket-type": "unix",
"socket-name": "/tmp/kea4-ctrl-socket"
},
"lease-database": {
…
},
"hosts-database": {
…
},
"sanity-checks": {
"lease-checks": "fix-del"
},
"valid-lifetime": 28800,
"rebind-timer": 21600,
"subnet4": [
{
"pools": [
{
"pool": "192.168.20.100-192.168.20.200"
}
],
"id": 1,
"subnet": "192.168.20.0/24",
"interface": "eth0",
"option-data": [
…
]
},
{
"pools": [
{
"pool": "192.168.30.100-192.168.30.200"
}
],
"id": 30,
"subnet": "192.168.30.0/24",
"interface": "eth0.30",
"option-data": [
…
]
},
{
"pools": [
{
"pool": "192.168.50.100-192.168.50.200"
}
],
"id": 50,
"interface" : "eth0.50",
"subnet": "192.168.50.0/24",
"option-data": [
…
]
},
{
"pools": [
{
"pool": "192.168.100.100-192.168.100.200"
}
],
"id": 100,
"subnet": "192.168.100.0/24",
"interface": "eth0.100",
"option-data": [
…
]
}
],
"hooks-libraries": [
…
],
"loggers": [
…
]
}
}
```
Currently I have a temporary solution in place by creating a "macvlan" device (also virtual) to handle traffic from the physical device. But this is not an optimal solution.
**Contacting you**
talk.about@gmx.deoutstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1125rebuild statistic-get-all response2021-10-19T07:37:07ZWlodzimierz Wencelrebuild statistic-get-all responseAt this point this is what kea is sending back:
```
{
"command": "statistic-get-all",
"arguments": {
"declined-addresses": [ [ 0, "2019-07-30 10:04:28.386733" ] ],
"reclaimed-declined-addresses": [ [ 0, "2019-07-3...At this point this is what kea is sending back:
```
{
"command": "statistic-get-all",
"arguments": {
"declined-addresses": [ [ 0, "2019-07-30 10:04:28.386733" ] ],
"reclaimed-declined-addresses": [ [ 0, "2019-07-30 10:04:28.386735" ] ],
"reclaimed-leases": [ [ 0, "2019-07-30 10:04:28.386736" ] ],
"subnet[1].assigned-addresses": [ [ 0, "2019-07-30 10:04:28.386740" ] ],
"subnet[1].declined-addresses": [ [ 0, "2019-07-30 10:04:28.386743" ] ],
"subnet[1].reclaimed-declined-addresses": [ [ 0, "2019-07-30 10:04:28.386745" ] ],
"subnet[1].reclaimed-leases": [ [ 0, "2019-07-30 10:04:28.386747" ] ],
"subnet[1].total-addresses": [ [ 200, "2019-07-30 10:04:28.386719" ] ]
},
"result": 0
}
```
I want to focus on a prat with subnets, which is really hard to parse. Biggest issue is that subnet id is in key name, not as value. And this is completely flat.
I am proposing to return statistics like that:
```
{
"command": "statistic-get-all",
"arguments": {
"declined-addresses": [ [ 0, "2019-07-30 10:04:28.386733" ] ],
"reclaimed-declined-addresses": [ [ 0, "2019-07-30 10:04:28.386735" ] ],
"reclaimed-leases": [ [ 0, "2019-07-30 10:04:28.386736" ] ],
"subnets": { [
"subnet-id": 1,
"assigned-addresses": [ [ 0, "2019-07-30 10:04:28.386740" ] ],
"declined-addresses": [ [ 0, "2019-07-30 10:04:28.386743" ] ],
"reclaimed-declined-addresses": [ [ 0, "2019-07-30 10:04:28.386745" ] ],
"reclaimed-leases": [ [ 0, "2019-07-30 10:04:28.386747" ] ],
"total-addresses": [ [ 200, "2019-07-30 10:04:28.386719" ] ]
],
[
"subnet-id": 2,
"assigned-addresses": [ [ 0, "2019-07-30 10:04:28.386740" ] ],
"declined-addresses": [ [ 0, "2019-07-30 10:04:28.386743" ] ],
"reclaimed-declined-addresses": [ [ 0, "2019-07-30 10:04:28.386745" ] ],
"reclaimed-leases": [ [ 0, "2019-07-30 10:04:28.386747" ] ],
"total-addresses": [ [ 200, "2019-07-30 10:04:28.386719" ] ]
]
}
},
"result": 0
}
```
I came up on this issue while working recently with performance testing of a setup with ~500 subnets.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1345Ability to always-respond to all requests in HA active-active mode to support...2021-01-22T13:30:51ZEwald van GeffenAbility to always-respond to all requests in HA active-active mode to support anycast DHCPMy impression is that ISC KEA doesn't always respond to all requests. I think this is due to the 1/n split.
I run two KEA instances sharing a single BGP anycast /32 IP prefix. DHCP Requests get routed via a DHCP relay towards the closes...My impression is that ISC KEA doesn't always respond to all requests. I think this is due to the 1/n split.
I run two KEA instances sharing a single BGP anycast /32 IP prefix. DHCP Requests get routed via a DHCP relay towards the closest ISC KEA instance according to BGP. Load balancing is externally handled. This means KEA should respond to all requests it receives and not impose any load-balancing logic.
I think this is where the magic happens [1]
From my understanding active_servers needs to reflect the current server instance id (pri,sec).
[1] https://github.com/isc-projects/kea/blob/457111f9db051723ff9f8e7fb621872d0aa10363/src/hooks/dhcp/high_availability/query_filter.cc#L316outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1133Modify perfdhcp to track stats per subnet, when mulitple subnets are targetted2022-11-02T15:10:20ZThomas MarkwalderModify perfdhcp to track stats per subnet, when mulitple subnets are targettedIt would be handy if perfdhcp could track statistics for each subnet it has been told to send target.It would be handy if perfdhcp could track statistics for each subnet it has been told to send target.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1135Kea on NetBSD 9.0 report2021-06-18T09:47:41ZFrancis DupontKea on NetBSD 9.0 reportlibtool is still broken: I had to remove -lgcc from postdeps variable to get dynamic libraries.
watchedThreadClassBasics (lib util) and JSONFileBackendTest.configBackendPullCommandWithTimer (dhcp4 and dhcp6) unit tests failed.
Note as ...libtool is still broken: I had to remove -lgcc from postdeps variable to get dynamic libraries.
watchedThreadClassBasics (lib util) and JSONFileBackendTest.configBackendPullCommandWithTimer (dhcp4 and dhcp6) unit tests failed.
Note as NetBSD is not supported no action is required (created directly in Outstanding).outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1137some configuration related functions should throw exception if called from pa...2021-10-20T11:53:14ZRazvan Becheriusome configuration related functions should throw exception if called from packet processing functions or while processing packets (in MT)outstandingRazvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/1146Perform profiling for MT Kea2023-02-23T09:44:56ZTomek MrugalskiPerform profiling for MT Kea@fdupont proposed to do a profiling for multi-threaded Kea. This is a very good idea. The goal of this ticket is to run profiling and come up with a list of bottlenecks. No code changes needed at this time, just to highlight the problems...@fdupont proposed to do a profiling for multi-threaded Kea. This is a very good idea. The goal of this ticket is to run profiling and come up with a list of bottlenecks. No code changes needed at this time, just to highlight the problems.
I think the result of this work should be a list of code areas that's inefficient.next-stable-2.6https://gitlab.isc.org/isc-projects/kea/-/issues/1153Rewrite the client classification documentation in Kea ARM2022-11-02T15:10:17ZMarcin SiodelskiRewrite the client classification documentation in Kea ARMClient classification is a complex topic. We started simple but over the years we have added more and more feature to client classification. While reviewing the most recent addition to client classification in #1139 we found that certain...Client classification is a complex topic. We started simple but over the years we have added more and more feature to client classification. While reviewing the most recent addition to client classification in #1139 we found that certain paragraphs are unclear. For example, see this thread: https://gitlab.isc.org/isc-projects/kea/-/merge_requests/686#note_115873. We think it may be now good time to rewrite the documentation about the client classification and perhaps add some diagrams explaining how it all works together.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1164kea installed from rpm/deb is returning 'tarball' as version2022-11-02T15:10:17ZWlodzimierz Wencelkea installed from rpm/deb is returning 'tarball' as versionkea installed from deb:
```
wlodek@ubuntu1804-64-2:~$ kea-dhcp6 -V
1.7.6
tarball
linked with:
log4cplus 1.1.2
OpenSSL 1.1.1 11 Sep 2018
database:
MySQL backend 9.1, library 5.7.29
PostgreSQL backend 6.0, library 100012
Memfile backend 2...kea installed from deb:
```
wlodek@ubuntu1804-64-2:~$ kea-dhcp6 -V
1.7.6
tarball
linked with:
log4cplus 1.1.2
OpenSSL 1.1.1 11 Sep 2018
database:
MySQL backend 9.1, library 5.7.29
PostgreSQL backend 6.0, library 100012
Memfile backend 2.1
```
we are versioning deb/rpms a bit differently than tarballs - we could change output of `-V` optionbackloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1168client class erase concern2023-07-31T13:04:35ZFrancis Dupontclient class erase concern#1139 introduced a new client class method erase. I have some concerns about its use:
- first it supposes built-in or added by hook classes are never defined: this is in general true **but** nothing prevents someone to define a class ad...#1139 introduced a new client class method erase. I have some concerns about its use:
- first it supposes built-in or added by hook classes are never defined: this is in general true **but** nothing prevents someone to define a class added by a hook or a built-in class
- second performance can be very bad: complexity is <number of definitions> x <number of classes in the query>
I found some ways to improve the performance and in some cases to fix the first concern too:
- move to a boost multi-index: the problem is with the list part (linear), in a multi-index the interesting node can be found using the unordered set index (logarithm). Note this can be applied to the ClientClasses or the ClientClassDictionary or both.
- if I understand well the code the problem is with member predicates: we can add a flag in definitions when the test expression uses a member predicate. Note we do this in test expression parsing to check if the member predicate refers to an already defined or built-in class so this is a small change: keep the condition in a new field.
- swap the query classes and the definition dictionary in the iteration.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1176investigate MT compatibility of crypto backend2022-11-02T15:10:18ZFrancis Dupontinvestigate MT compatibility of crypto backendKea used Botan and OpenSSL as crypto backends but they are no neutral from the multi-threading point of view even we use only pretty low level functions which should not be critical from this.Kea used Botan and OpenSSL as crypto backends but they are no neutral from the multi-threading point of view even we use only pretty low level functions which should not be critical from this.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1178Spurious semi-colon after namespace closing brace.2021-10-20T09:47:46ZFrancis DupontSpurious semi-colon after namespace closing brace.In this code:
```
namespace foo {
...
};
```
the semi-colon is useless. It seems a version of clang complains so:
- update the coding guide-line
- chase and fix them
- at the occasion (*) fix them in a file where the code is changed
...In this code:
```
namespace foo {
...
};
```
the semi-colon is useless. It seems a version of clang complains so:
- update the coding guide-line
- chase and fix them
- at the occasion (*) fix them in a file where the code is changed
(*) it is clearly unrelated so do it only for **small** MRs so **not** for syntax change MRsoutstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1181serializing config is not consistent2022-02-01T18:33:52ZRazvan Becheriuserializing config is not consistentsome parts of the srv_config are not serialized, so they are stored and presented just as they are received from config
I am suggesting to have a well defined way to serialize/deserialize configsome parts of the srv_config are not serialized, so they are stored and presented just as they are received from config
I am suggesting to have a well defined way to serialize/deserialize configoutstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1183statistic sample limit enabling clean up2022-11-02T15:10:17ZFrancis Dupontstatistic sample limit enabling clean upCurrent code about statistic sample limits has some flaws:
- set the count limit to 0 still enables count limit (and disables age limit) but in applying this limit the code pops the sample it has just pushed...
- the age limit enabled ...Current code about statistic sample limits has some flaws:
- set the count limit to 0 still enables count limit (and disables age limit) but in applying this limit the code pops the sample it has just pushed...
- the age limit enabled flag (first member of the pair) is written but never read
- there is no way to disable statistic i.e. to not add samplesbackloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1186JSON translator tool for CB2024-03-21T12:21:55ZPeter DaviesJSON translator tool for CB---
name: JSON translator tool for CB
about: Importing elements from a json configuration into CB
---
**Some initial questions**
This request looks like an extension to GT [#333](https://gitlab.isc.org/isc-projects/kea/-/issues/333) "pa...---
name: JSON translator tool for CB
about: Importing elements from a json configuration into CB
---
**Some initial questions**
This request looks like an extension to GT [#333](https://gitlab.isc.org/isc-projects/kea/-/issues/333) "parser libraries for servers (for netconf)
**Is your feature request related to a problem? Please describe.**
When migrating from a json based configuration to the Configuration Backend the user must identify each element in the configuration, locate the correct hooks command and apply the appropriate parameters
**Describe the solution you'd like**
A tool which takes a json configuration file as an input. The tool should identify any elements that are CB configurable for the current Kea version and produce a set of command which will create the appropriate elements in the CB.
**Describe alternatives you've considered**
As an extra function of keama
**Additional context**
Customer ticket RT [#16203](https://support.isc.org/Ticket/Display.html?id=16203)next-stable-3.0https://gitlab.isc.org/isc-projects/kea/-/issues/1206throwing exceptions on destructors causes call to terminate and should be fixed2020-08-31T13:29:05ZRazvan Becheriuthrowing exceptions on destructors causes call to terminate and should be fixedas stated in:
http://www.cs.technion.ac.il/users/yechiel/c++-faq/dtors-shouldnt-throw.html
throwing exceptions in destructors can result to calling terminate
although this is hard to control or enforce over time, we should I least try ...as stated in:
http://www.cs.technion.ac.il/users/yechiel/c++-faq/dtors-shouldnt-throw.html
throwing exceptions in destructors can result to calling terminate
although this is hard to control or enforce over time, we should I least try to fix this by always adding 'try catch' block on non-trivial destructors
this ticket should at least handle destructors which call functions accessing singleton instances (which usually are complex)outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1218huge difference of performance gain when memfile is configured with persist f...2022-11-02T15:10:18ZWlodzimierz Wencelhuge difference of performance gain when memfile is configured with persist falseI've executed two tests, multi threading + memfile with persist false (there is no writing to the file).
And results are surprising, revealing possible inefficiency.
results:
* multi threading v6 memfile persist true: 36k leases/s
* mul...I've executed two tests, multi threading + memfile with persist false (there is no writing to the file).
And results are surprising, revealing possible inefficiency.
results:
* multi threading v6 memfile persist true: 36k leases/s
* multi threading v6 memfile persist false: 47k leases/s
* gain: 30%
* multi threading v4 memfile persist true: 20k leases/s
* multi threading v4 memfile persist false: 37k leases/s
* gain: 85%
Please investigate if there is an inefficiency in a way Kea saves v4 leases to the file.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1253subnet inheritance inconsistencies2022-11-02T15:10:18ZFrancis Dupontsubnet inheritance inconsistenciesThere are some inconsistencies (nothing critical so not a bug but lost opportunities to simplify code and improve performance) in the way subnets are handles for at least relay, interface name and v6 interface id:
- relay is a direct fi...There are some inconsistencies (nothing critical so not a bug but lost opportunities to simplify code and improve performance) in the way subnets are handles for at least relay, interface name and v6 interface id:
- relay is a direct field of Network, is derived in syntax parsing and checked for both subnet and parent shared network for subnet selection.
- interface name (getIface) is inherited using getProperty, checked in sharedNetworksSanityChecks after syntax parsing and checked for both subnet and parent shared network for subnet selection.
- interface id (v6 option) is inherited using getProperty and subject of #652.
Ideas are:
- get rid of the syntax derivation when possible (in particular when the other inheritance mechanism applies)
- avoid spurious inheritance in CB cmds (aka #652)
- apply a subset of sharedNetworksSanityChecks in merging
- at the opposite use inheritance to make only subnet level checks in subnet selection (note this means a subnet should be attached to its parent shared network before being added to the global subnet container)
Related to #513 (sharedNetworksSanityChecks not applied to config backend) and #554 (select subnet performance).backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1260avoid more race conditions2021-10-20T10:18:11ZRazvan Becheriuavoid more race conditionsit seems that addLease, updateLease and deleteLease are called in several other places. we should lock the resource there as well:
```
Dhcpv4Srv::processRelease
Dhcpv4Srv::declineLease
Dhcpv6Srv::releaseIA_NA
Dhcpv6Srv::releaseIA_PD
Dh...it seems that addLease, updateLease and deleteLease are called in several other places. we should lock the resource there as well:
```
Dhcpv4Srv::processRelease
Dhcpv4Srv::declineLease
Dhcpv6Srv::releaseIA_NA
Dhcpv6Srv::releaseIA_PD
Dhcpv6Srv::declineLease
Dhcpv6Srv::generateFqdn
LeaseCmdsImpl::lease6BulkApplyHandler - there is a leaseDelete which can cause other races.
LeaseCmdsImpl::lease4DelHandler - will cause race
LeaseCmdsImpl::lease6DelHandler - will cause race
AllocEngine::allocateReservedLeases6
from AllocEngine::allocateLeases6
from Dhcpv6Srv::assignIA_NA
from Dhcpv6Srv::assignIA_PD
from AllocEngine::renewLeases6
from Dhcpv6Srv::extendIA_NA
from Dhcpv6Srv::extendIA_PD
AllocEngine::allocateGlobalReservedLeases6
from AllocEngine::allocateReservedLeases6
AllocEngine::removeNonmatchingReservedLeases6
from AllocEngine::allocateLeases6
from Dhcpv6Srv::assignIA_NA
from Dhcpv6Srv::assignIA_PD
from AllocEngine::renewLeases6
from Dhcpv6Srv::extendIA_NA
from Dhcpv6Srv::extendIA_PD
AllocEngine::removeNonmatchingReservedNoHostLeases6
from AllocEngine::removeNonmatchingReservedLeases6
from AllocEngine::allocateLeases6
from Dhcpv6Srv::assignIA_NA
from Dhcpv6Srv::assignIA_PD
from AllocEngine::renewLeases6
from Dhcpv6Srv::extendIA_NA
from Dhcpv6Srv::extendIA_PD
AllocEngine::removeNonreservedLeases6
from AllocEngine::allocateLeases6
from Dhcpv6Srv::assignIA_NA
from Dhcpv6Srv::assignIA_PD
from AllocEngine::renewLeases6
from Dhcpv6Srv::extendIA_NA
from Dhcpv6Srv::extendIA_PD
AllocEngine::reuseExpiredLease
from AllocEngine::allocateUnreservedLeases6
from AllocEngine::allocateLeases6
from Dhcpv6Srv::assignIA_NA
from Dhcpv6Srv::assignIA_PD
from AllocEngine::renewLeases6
from Dhcpv6Srv::extendIA_NA
from Dhcpv6Srv::extendIA_PD
AllocEngine::createLease6
from AllocEngine::allocateUnreservedLeases6
from AllocEngine::allocateLeases6
from Dhcpv6Srv::assignIA_NA
from Dhcpv6Srv::assignIA_PD
from AllocEngine::renewLeases6
from Dhcpv6Srv::extendIA_NA
from Dhcpv6Srv::extendIA_PD
from AllocEngine::allocateReservedLeases6
from AllocEngine::allocateLeases6
from Dhcpv6Srv::assignIA_NA
from Dhcpv6Srv::assignIA_PD
from AllocEngine::renewLeases6
from Dhcpv6Srv::extendIA_NA
from Dhcpv6Srv::extendIA_PD
from AllocEngine::allocateGlobalReservedLeases6
from AllocEngine::allocateLeases6
from Dhcpv6Srv::assignIA_NA
from Dhcpv6Srv::assignIA_PD
from AllocEngine::renewLeases6
from Dhcpv6Srv::extendIA_NA
from Dhcpv6Srv::extendIA_PD
AllocEngine::extendLease6
from AllocEngine::renewLeases6
from Dhcpv6Srv::extendIA_NA
from Dhcpv6Srv::extendIA_PD
AllocEngine::updateLeaseData
from AllocEngine::allocateLeases6
from Dhcpv6Srv::assignIA_NA
from Dhcpv6Srv::assignIA_PD
AllocEngine::deleteExpiredReclaimedLeases6 - will cause race
AllocEngine::deleteExpiredReclaimedLeases4 - will cause race
AllocEngine::reclaimLeaseInDatabase
from AllocEngine::reclaimExpiredLease Lease4Ptr
from AllocEngine::reclaimExpiredLease Lease6Ptr
AllocEngine::reclaimExpiredLease Lease4Ptr
from AllocEngine::reclaimExpiredLeases4 - safe
from AllocEngine::renewLease4
from AllocEngine::reuseExpiredLease4
AllocEngine::reclaimExpiredLease Lease6Ptr
from AllocEngine::reuseExpiredLease
from AllocEngine::extendLease6
from AllocEngine::reclaimExpiredLeases6 - safe
AllocEngine::createLease4
from AllocEngine::allocateOrReuseLease4
from AllocEngine::discoverLease4
from AllocEngine::requestLease4
AllocEngine::requestLease4
from AllocEngine::allocateLease4
from Dhcpv4Srv::assignLease
AllocEngine::renewLease4
from AllocEngine::discoverLease4
from AllocEngine::allocateLease4
from Dhcpv4Srv::assignLease
from AllocEngine::requestLease4
from AllocEngine::allocateLease4
from Dhcpv4Srv::assignLease
AllocEngine::reuseExpiredLease4
from AllocEngine::allocateOrReuseLease4
from AllocEngine::discoverLease4
from AllocEngine::requestLease4
from AllocEngine::allocateUnreservedLease4
from AllocEngine::discoverLease4
from AllocEngine::requestLease4
```outstanding