[Kea-users] Host Reservation Problem

Bob Harold rharolde at umich.edu
Tue Jan 14 17:48:40 UTC 2020 

On Tue, Jan 14, 2020 at 8:51 AM krdoor <kristof.vandoorsselaere at hogent.be>
wrote:

> Dear Kea Users List,
>
> I'm working for a university college and I'm in the process of trying to
> migrate the current ISC dhcp to Kea DHCP.
>
> On the current ISC DHCP we have been using ldap as a backend for host
> reservations. Since the ldap server is phased out, we are planning to
> migrate reservations to mysql.
>
> Some facts about our current implementation:
>
> basically we have "2 types" of subnets:
>
> 1. Reservation only:
>
> --> only registered client get an ip address, this can be either a dynamic
> or fixed address (Most devices just have a dynamic address, only for some
> special use cases static ip's are assigned)
> --> in ISC cfg, this is accomplished by: deny unknown-clients
>

You probably do not need "deny unknown-clients", and it could cause
problems.
You just need:  allow members of "my-pool";
and that changes the default rule to denied for that subnet.  (At least for
ISC DHCPD)

I don't know how that works in Kea, but if you include your Kea config,
someone here might be able to help.

-- 
Bob Harold


> --> byod devices are ignored and don't get an IP address (I know poor man
> security)
>
> 2. Allow everyone:
> --> here every device gets an dynamic IP address, used for byod networks
> where 802.1x has been applied for example wifi but also wired 802.1x
>
>
> When trying to get this done in KEA DHCP, I always run into trouble.
>
> For the first reserved only subnets:
>
> For the dynamic assigned ip's: I can define them globally, so I only have
> to
> add it once
>
> For the static ip assignments: When defining a static ip in the global
> reservation, this works in the subnet of the static ip, but when this
> client
> roams to another subnet, no dynamic ip is assigned (this is different in
> ISC
> old dhcp)
>
> Is the only work around to register these reservations (both dynamic and
> static) on a per subnet basis? Or is there another approach?
>
> Thanks in advance,
> Kristof
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20200114/8af70171/attachment.htm>

More information about the Kea-users mailing list