[Kea-users] KEA lease-limit feature... again :D

Philippe Maechler pmaechler-ml at glattnet.ch
Wed Jan 15 14:51:07 UTC 2020 

Hello ISC, DHCP and KEA users

We as a small to medium sized ISP wan't to migrate our ISC-DHCPd to KEA, but
are facing some typical ISP problems ;)

Our customers are allowed to get, depending on the subscription they have,
something between 1 or 3 public ip addresses by dhcp.

In ISC-DHCP we do the following:

# One class for the cpe-management
class "CATV_00xxxx_Port" { 
	match if ( substring ( option agent.circuit-id, 0, 25 )      =
"gaswPOP001 eth 000016/014" ); 
	match hardware;
}

# one class for voice
class "CATV_00xxxx_Voice" { 
	match if ( substring ( option agent.circuit-id, 0, 30 )    =
"gaswPOP001 eth 000016/014:0802" ); 
	spawn with option agent.circuit-id; 
	lease limit 2;
}

# one class for the customers gear, because the customer can use our modem
either as a router or as a bridge, we do not know the mac address whos is
asking for the ip
class "CATV_00xxxx_CPE_DHCP"   { 
	match if ( substring ( option agent.circuit-id, 0, 30 )       =
"gaswDIE001 eth 000016/014:0804" ); 
	spawn with option agent.circuit-id; 
	lease limit 1;
}

The management and the voice class is not a problem. there we use private ip
ranges and if a customer gets more than one lease... we don't care (unless
the one customer is using all the available leses)
IPv6 is also not a problem (yet) because there are enough ip addresses
available ;)
The culprit is the CPE_DHCP pool or class, there we use public ip addresses


This topic was already discussed in the mailinglist. 
One approach is to use a reserved leases per customer. I don't like this
because then we need at least one ip address per customer, regardless if the
client is on- or offline.
A second approach is to use a class per customer and create one pool per
customer. This solution has more or less the same drawbacks as the above one
and additionaly we get lots of pools

An idea that I have is to create a hook. If a request comes in, we check if
the given option-82 already has an ip address and if so, we abort lease
allocation and/or send a NAK and if the option-82 doesn't have an address,
we proceed with the normal lease asignement.
Can someone with more knowledge about KEA say, 
 - how big the impact on performance would be?
 - if this is at all possible?
 - does something like this already exist?


We are using a lease time of 3600s and our server is processing about 200
requests per second

Best regards
Philippe

More information about the Kea-users mailing list