[Kea-users] Unable to send DHCPOFFER packet

Dustin Berube dustin.berube at gmail.com
Tue Mar 8 17:23:54 UTC 2022 

Thanks Chad & Bob, I'm replying to the list to update the thread. I double
checked the permissions and went ahead as a test and ran kea as root and
I'm still getting the same error.

ps aux | grep kea
root       13707  0.0  1.2  44312 25060 ?        Ss   17:17   0:00
/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf

getcap /usr/sbin/kea-dhcp4
/usr/sbin/kea-dhcp4 = cap_net_bind_service,cap_net_raw+ep

On Tue, Mar 8, 2022 at 10:46 AM Chad Catlett <> wrote:

> On 3/8/22 08:54, Dustin Berube wrote:
>
> Hello,
>
> I'm running into an issue with Kea that I am unable to send the DHCPOFFER
> packet to the client. After enabling debug I see that I'm getting a
> permission denied error. The server is running Ubuntu 20.04, I've tried
> the isc-kea packages for both 2.0.1 and 2.0.2 with the same results. Does
> anyone have any suggestions on what to try?
>
> 2022-03-08 14:09:14.872 DEBUG [kea-dhcp4.packets/6691.140535278995904]
> DHCP4_BUFFER_RECEIVED received buffer from 10.201.1.6:67 to 10.201.1.2:67
> over interface ens192
> 2022-03-08 14:09:14.872 DEBUG [kea-dhcp4.options/6691.140535278995904]
> DHCP4_BUFFER_UNPACK parsing buffer received from 10.201.1.6 to 10.201.1.2
> over interface ens192
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.packets/6691.140535278995904]
> DHCP4_PACKET_RECEIVED [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: DHCPDISCOVER (type 1)
> received from 10.201.1.6 to 10.201.1.2 on interface ens192
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.packets/6691.140535278995904]
> DHCP4_QUERY_DATA [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20, packet details:
> local_address=10.201.1.2:67, remote_address=10.201.1.6:67,
> msg_type=DHCPDISCOVER (1), transid=0x20,
> options:
>   type=012, len=010: "esx-01-ilo" (string)
>   type=050, len=004: 10.201.1.10 (ipv4-address)
>   type=053, len=001: 1 (uint8)
>   type=055, len=015: 1(uint8) 2(uint8) 3(uint8) 4(uint8) 6(uint8)
> 15(uint8) 28(uint8) 33(uint8) 42(uint8) 43(uint8) 44(uint8) 58(uint8)
> 59(uint8) 100(uint8) 101(uint8)
>   type=060, len=007: "CPQRIB3" (string)
>   type=061, len=010: 00:94:40:c9:40:f4:5c:00:00:00
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.dhcpsrv/6691.140535278995904]
> DHCPSRV_CFGMGR_SUBNET4_ADDR selected subnet 10.201.1.0/24 for packet
> received by matching address 10.201.1.6
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.packets/6691.140535278995904]
> DHCP4_SUBNET_SELECTED [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: the subnet with ID 1 was
> selected for client assignments
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.packets/6691.140535278995904]
> DHCP4_SUBNET_DATA [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: the selected subnet details:
> 10.201.1.0/24
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.hosts/6691.140535278995904]
> HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv4 reservation
> for subnet id 1, identified by hwaddr=9440C940F45C
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.hosts/6691.140535278995904]
> HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using
> identifier: hwaddr=9440C940F45C
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.hosts/6691.140535278995904]
> HOSTS_CFG_GET_ALL_IDENTIFIER_HOST using identifier: hwaddr=9440C940F45C,
> found host: hwaddr=9440C940F45C ipv4_subnet_id=1 hostname=esx-01-ilo
> ipv4_reservation=10.201.1.10 siaddr=(no) sname=(empty) file=(empty)
> key=(empty) ipv6_reservations=(none)
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.hosts/6691.140535278995904]
> HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier hwaddr=9440C940F45C,
> found 1 host(s)
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.hosts/6691.140535278995904]
> HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_HOST using subnet id 1 and
> identifier hwaddr=9440C940F45C, found host: hwaddr=9440C940F45C
> ipv4_subnet_id=1 hostname=esx-01-ilo ipv4_reservation=10.201.1.10
> siaddr=(no) sname=(empty) file=(empty) key=(empty) ipv6_reservations=(none)
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.dhcp4/6691.140535278995904]
> DHCP4_CLASS_ASSIGNED [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: client packet has been
> assigned to the following class(es): KNOWN
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.dhcp4/6691.140535278995904]
> DHCP4_CLASS_ASSIGNED [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: client packet has been
> assigned to the following class(es): ALL, VENDOR_CLASS_CPQRIB3, KNOWN
> 2022-03-08 14:09:14.873 DEBUG [kea-dhcp4.ddns/6691.140535278995904]
> DHCP4_CLIENT_HOSTNAME_PROCESS [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: processing client's Hostname
> option
> 2022-03-08 14:09:14.874 DEBUG [kea-dhcp4.ddns/6691.140535278995904]
> DHCP4_CLIENT_HOSTNAME_DATA [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: client sent Hostname option:
> esx-01-ilo
> 2022-03-08 14:09:14.874 DEBUG [kea-dhcp4.ddns/6691.140535278995904]
> DHCP4_RESERVED_HOSTNAME_ASSIGNED [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: server assigned reserved
> hostname esx-01-ilo.flagler.cloud
> 2022-03-08 14:09:14.874 DEBUG [kea-dhcp4.dhcpsrv/6691.140535278995904]
> DHCPSRV_MYSQL_GET_CLIENTID obtaining IPv4 leases for client ID
> 00:94:40:c9:40:f4:5c:00:00:00
> 2022-03-08 14:09:14.874 DEBUG [kea-dhcp4.dhcpsrv/6691.140535278995904]
> DHCPSRV_MYSQL_GET_HWADDR obtaining IPv4 leases for hardware address
> hwtype=1 94:40:c9:40:f4:5c
> 2022-03-08 14:09:14.874 DEBUG
> [kea-dhcp4.alloc-engine/6691.140535278995904] ALLOC_ENGINE_V4_DISCOVER_HR
> client [hwtype=1 94:40:c9:40:f4:5c], cid=[00:94:40:c9:40:f4:5c:00:00:00],
> tid=0x20 sending DHCPDISCOVER has reservation for the address 10.201.1.10
> 2022-03-08 14:09:14.874 DEBUG [kea-dhcp4.dhcpsrv/6691.140535278995904]
> DHCPSRV_MYSQL_GET_ADDR4 obtaining IPv4 lease for address 10.201.1.10
> 2022-03-08 14:09:14.875 INFO  [kea-dhcp4.leases/6691.140535278995904]
> DHCP4_LEASE_ADVERT [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: lease 10.201.1.10 will be
> advertised
> 2022-03-08 14:09:14.875 DEBUG [kea-dhcp4.options/6691.140535278995904]
> DHCP4_PACKET_PACK [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: preparing on-wire format of
> the packet to be sent
> 2022-03-08 14:09:14.875 DEBUG [kea-dhcp4.packets/6691.140535278995904]
> DHCP4_PACKET_SEND [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: trying to send packet
> DHCPOFFER (type 2) from 10.201.1.2:67 to 255.255.255.255:68 on interface
> ens192
> 2022-03-08 14:09:14.875 DEBUG [kea-dhcp4.packets/6691.140535278995904]
> DHCP4_RESPONSE_DATA [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: responding with packet
> DHCPOFFER (type 2), packet details: local_address=10.201.1.2:67,
> remote_address=255.255.255.255:68, msg_type=DHCPOFFER (2), transid=0x20,
> options:
>   type=001, len=004: 4294967040 (uint32)
>   type=003, len=004: 10.201.1.1
>   type=006, len=008: 10.203.255.11 10.203.255.12
>   type=012, len=024: "esx-01-ilo.flagler.cloud" (string)
>   type=015, len=013: "flagler.cloud" (string)
>   type=042, len=004: 10.203.255.13
>   type=051, len=004: 604800 (uint32)
>   type=053, len=001: 2 (uint8)
>   type=054, len=004: 10.201.1.2
>   type=058, len=004: 64800 (uint32)
>   type=059, len=004: 129600 (uint32)
>   type=061, len=010: 00:94:40:c9:40:f4:5c:00:00:00
> 2022-03-08 14:09:14.875 ERROR [kea-dhcp4.packets/6691.140535278995904]
> DHCP4_PACKET_SEND_FAIL [hwtype=1 94:40:c9:40:f4:5c],
> cid=[00:94:40:c9:40:f4:5c:00:00:00], tid=0x20: failed to send DHCPv4
> packet: pkt4 send failed: sendmsg() returned  with an error: Permission
> denied
>
>
> Thanks,
> Dustin
>
>
> Dustin,
>
> Ensure that Kea is running proper permissions. Not being able to send the
> offer makes me think Kea isn't running as root and needs additional
> permissions to send raw packets. If running on Linux, check out
> https://kea.readthedocs.io/en/kea-2.0.2-doc/arm/install.html#running-kea-from-a-non-root-account-on-linux
> .
>
>
> Chad
>
> --
> Chad Catlett
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20220308/87a35ae8/attachment.htm>

More information about the Kea-users mailing list