[Kea-users] Need help assigning subnets by class with host reservations

Thomas Markwalder tmark at isc.org
Wed Nov 9 15:56:41 UTC 2016 

On 11/9/16 4:20 AM, mrobti at insiberia.net wrote:
> On 2016-11-08 15:44, mrobti at insiberia.net wrote:
>> I want to assign a client-class using hwaddr, from MySQL backend, and
>> restrict a subnet for that client-class. In other words, only allow
>> clients with known MAC addresses to use the subnet they are trying to
>> connect to.
>>
>> DB hosts table has an entry for the client:
>> dhcp4_subnet_id = 1
>> dhcp_identifier_type = 0
>> dhcp_identifier = UNHEX(REPLACE('aa:bb:cc:dd:ee:ff', ':', ''))
>> hostname = test.local
>> dhcp4_client_classes = test_class
>>
>> Config file has:
>> "client-classes": [ {
>>   "name": "test_class"
>> } ],
>> "subnet4": [ {
>>   "id": 1,
>>   "subnet": "192.168.1.0/24",
>>   "pools": [ { "pool": "192.168.1.10 - 192.168.1.20" } ],
>>   "client-class": "test_class"
>> } ],
>>
>> But Kea says (debug level 50):
>> : client packet has been assigned to the following class(es):
>> VENDOR_CLASS_MSFT 5.0
>> : failed to select subnet for the client
>> : no suitable subnet configured for a direct client
>>
>> It works if I remove "client-class" from the subnet definition, so
>> something is not synchronizing the class somewhere.
>>
>> Could it be a problem that the DB hosts entry has no ipv4_address
>> listed? (that column is NULL)  I don't have any other ideas.
>
> I've found this in the logs:
>
> : HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using
> identifier: hwaddr=aa:bb:cc:dd:ee:ff
> : HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier
> hwaddr=aa:bb:cc:dd:ee:ff, found 0 host(s)
>
> Why would this happen? Yes, I double checked the MAC address. I
> enabled MySQL logging, and I can't match up timestamps exactly, but I
> do find a query:
>
> SELECT host_id, dhcp_identifier, dhcp_identifier_type,
> dhcp4_subnet_id, dhcp6_subnet_id, ipv4_address, hostname,
> dhcp4_client_classes, dhcp6_client_classes FROM hosts WHERE
> dhcp4_subnet_id = ? AND dhcp_identifier_type = ?    AND
> dhcp_identifier = ?
>
> I don't know if it's possible to see the executed version of this
> prepared query(?). Is it possible that the value Kea is placing in the
> query is not the correct binary string?
> _______________________________________________
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users

Hello:

We are looking into this for you.  As you probably know,  Kea will look
first for hosts defined its configuration file and then within the hosts
database (if it is specified).  Any log statements you see that contain
"HOSTS_CFG_" pertain to looking at hosts defined via the configuration
file.  In your case, since there are none, you see none found.  When Kea
accesses the host database the logs should contain
HOSTS_MGR_ALTERNATIVE_.   The following is a snippet from of the log in
a setup I am testing with:

2016-11-09 10:18:45.018 DEBUG [kea-dhcp4.hosts/24940]
HOSTS_CFG_GET_ONE_SUBNET_ID_ADDRESS4 get one host with reservation for
subnet id 1 and IPv4 address 178.16.1.101
2016-11-09 10:18:45.018 DEBUG [kea-dhcp4.hosts/24940]
HOSTS_CFG_GET_ALL_ADDRESS4 get all hosts with reservations for IPv4
address 178.16.1.101
2016-11-09 10:18:45.018 DEBUG [kea-dhcp4.hosts/24940]
HOSTS_CFG_GET_ALL_ADDRESS4_COUNT using address 178.16.1.101, found 0 host(s)
2016-11-09 10:18:45.018 DEBUG [kea-dhcp4.hosts/24940]
HOSTS_CFG_GET_ONE_SUBNET_ID_ADDRESS4_NULL host not found using subnet id
1 and address 178.16.1.101
2016-11-09 10:18:45.018 DEBUG [kea-dhcp4.hosts/24940]
HOSTS_MGR_ALTERNATE_GET4_SUBNET_ID_ADDRESS4 trying alternate source for
host using subnet id 1 and address 178.16.1.101

The last log statement indicates that Kea is looking in MySQL for hosts
that have the allocated address.  It just so happens that Kea actually
conducted a search in MySQL prior to the last one show above.  This
search is done by subnet id and dhcp identifier.   However the function
that performs this search happens to be missing a log entry.  This is
why you see  the two selects  you cited in the MySQL log but only one
log message against the alternate.   The original function we used
was deprecated without the new one getting a log message.  Sorry about
that. 

On the surface, it looks like Kea should be matching your host, we're
still researching it.  You might try defining your host in the
configuration file, for testing purposes.   Do you have a packet capture
and what version of Kea are you running?


Thanks

Thomas Markwalder
ISC Software Engineering

More information about the Kea-users mailing list