[Kea-users] Lease allocation on option 82
Bjørn Skovlund
skovlund at gmail.com
Thu May 9 16:01:10 UTC 2019
Hi again,
I haven't debugged the logic completely, but it seems a bit inconsistent.
If I have two DHCP servers in HA mode, using flex-id to map to client-id
with a value that's the same for two clients, they will get a lease each -
one from each server I believe. Whichever one last did the REQUEST, will be
the only entry in the database, as the client-id is the same.
What I was hoping to get to, is that a specific client-id can only ever
take up one IP, which the client changing hwaddr will result in being
offered the same IP as the client-id had with the first hwaddr. Is this a
possibility?
Would an active-standby scenario work better for this use-case?
Config for test bed is attached below:
{
"Dhcp4": {
"control-socket": {
"socket-name": "/opt/run/kea-dhcp4/kea.socket",
"socket-type": "unix"
},
"dhcp-ddns": {
"enable-updates": false
},
"expired-leases-processing": {
"flush-reclaimed-timer-wait-time": 25,
"hold-reclaimed-time": 3600,
"max-reclaim-leases": 100,
"max-reclaim-time": 250,
"reclaim-timer-wait-time": 10,
"unwarned-reclaim-cycles": 5
},
"hooks-libraries": [
{
"library": "/usr/local/lib/hooks/libdhcp_lease_cmds.so",
"parameters": {}
},
{
"library": "/usr/local/lib/hooks/libdhcp_host_cmds.so",
"parameters": {}
},
{
"library": "/usr/local/lib/hooks/libdhcp_legal_log.so",
"parameters": {
"base-name": "kea-forensic4",
"path": "/var/kea/log"
}
},
{
"library": "/usr/local/lib/hooks/libdhcp_flex_id.so",
"parameters": {
"identifier-expression": "relay4[9].hex",
"replace-client-id": true
}
},
{
"library": "/usr/local/lib/hooks/libdhcp_ha.so",
"parameters": {
"high-availability": [
{
"heartbeat-delay": 1000,
"max-ack-delay": 5000,
"max-response-delay": 10000,
"max-unacked-clients": 0,
"mode": "load-balancing",
"peers": [
{
"name": "dhcp-01.test.site.fastspeed.dk
",
"role": "primary",
"url": "http://172.16.1.2:8079"
},
{
"name": "dhcp-02.test.site.fastspeed.dk
",
"role": "secondary",
"url": "http://172.16.1.3:8079"
}
],
"sync-timeout": 60000,
"this-server-name": "
dhcp-02.test.site.fastspeed.dk"
}
]
}
}
],
"host-reservation-identifiers": [
"client-id"
],
"hosts-database": {
"host": "snip",
"name": "kea",
"password": "snip",
"type": "mysql",
"user": "kea"
},
"interfaces-config": {
"dhcp-socket-type": "udp",
"interfaces": [
"*"
]
},
"lease-database": {
"host": "snip",
"name": "kea",
"password": "snip",
"type": "mysql",
"user": "kea"
},
"match-client-id": true,
"next-server": "0.0.0.0",
"option-data": [
{
"data": "8.8.8.8, 8.8.4.4",
"name": "domain-name-servers"
}
],
"rebind-timer": 600,
"renew-timer": 300,
"subnet4": [
{
"id": 1684209664,
"option-data": [
{
"data": "100.99.0.1",
"name": "routers"
},
{
"data": "8.8.8.8, 8.8.4.4",
"name": "domain-name-servers"
},
{
"data": "172.16.1.3",
"name": "dhcp-server-identifier"
}
],
"pools": [
{
"client-class": "HA_dhcp-01",
"pool": "100.99.0.2 - 100.99.0.247"
},
{
"client-class": "HA_dhcp-02",
"pool": "100.99.0.248 - 100.99.1.238"
}
],
"subnet": "100.99.0.0/23"
}
],
"valid-lifetime": 1200
}
}
On Thu, May 2, 2019 at 2:44 PM Bjørn Skovlund <skovlund at gmail.com> wrote:
> Hi Francis,
>
> Thanks for the prompt reply!
>
> On Thu, May 2, 2019 at 12:48 PM Francis Dupont <fdupont at isc.org> wrote:
>
>> > It seems this would be possible with a host reservation on the
>> client-id,
>>
> > but I'm trying to avoid having to copy the lease information into host
>> > reservations.
>>
>> => host reservations are of course the only way to really reserve an
>> address.
>> But you can play with lifetime and expired-leases-processing timers to
>> make more likely a client to get the same IP address.
>>
>
> I'm not that concerned about getting the same IP, but more concerned about
> not handing out multiple addresses to the same client-id.
>
> I think my problem, and misunderstanding of the client-id when it comes to
> lease allocation, may stem from having an active-active HA setup. It seems
> I am limited to two IP addresses, one from each of the servers. It could
> look a bit like my replication of IP addresses broke when I enabled the
> flex-id.
>
> I'll have a closer look at those.
>
> Thanks for your help.
>
> Best, Bjorn
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20190509/fc6f6163/attachment.htm>
More information about the Kea-users
mailing list