[Kea-users] yet another question about multiple subnets %)

Tue Nov 15 10:35:50 UTC 2022

> Francis Dupont <fdupont at isc.org>
>> sorry, guys, but i'm going to ask the most popular question again, to which t
>> here is still no working answer: how to set multiple subnets on a same interf
>> ace so that a client receives an address from each network?

=>> if I understand well you have a physical network directly attached to
> the server with multiple IPv6 prefixes. As it is a common case in IPv6
> of course it is supported by Kea but not so easy.

> The first thing (which is not strictly necessary) is to use a shared network
> to represent the physical network. This mainly allows to share common
> properties of the different subnets e.g. the interface.

> The second thing is more technical and is system dependent: the server must
> have an address on the interface for each prefix and instead of leaving
> it to use the first not link-local address of the interface you should bind
> to each address of the interface so replace if the interface is eth0:
>  "eth0" by "eth0/2001::...", etc. See the ARM "9.2.4. Interface Configuration"
> for the details.

> Thanks

> Francis Dupont <fdupont at isc.org>

some of us don't understand what he's talking about %) "shared network" is not about how to allocate multiple addresses(it doesn't matter if we have one pool or several), but about how to combine several pools into one. i don't know english very well, but in my opinion, about this is stated very clearly in the documentation:
--------
A client connected to a shared network may be assigned a lease (address or prefix) from any of the pools defined within the subnets belonging to the shared network. Internally, the server selects one of the subnets belonging to a shared network and tries to allocate a lease from this subnet. If the server is unable to allocate a lease from the selected subnet (e.g., due to pool exhaustion), it uses another subnet from the same shared network and tries to allocate a lease from this subnet. The server typically allocates all leases available in a given subnet before it starts allocating leases from other subnets belonging to the same shared network. 
--------
but i want several addresses AT THE SAME TIME. this is stated in rfc8415. and here is what is said about rfc8415 in the kea documentation:
--------
The server will allocate, renew, or rebind a maximum of one lease for a particular IA option (IA_NA or IA_PD) sent by a client. RFC 8415 allows for multiple addresses or prefixes to be allocated for a single IA.
--------
MAXIMUM ONE! ;) but of course i tried, since i don't have a mailing address ending in "isc.org" ;) here is the config for the test:
--------
vport0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:00:00:00:00:01
        index 10 priority 0 llprio 3
        groups: vport
        inet 192.168.85.1 netmask 0xffffff00 broadcast 192.168.85.255
        inet6 fe80::200:ff:fe00:1%vport0 prefixlen 64 scopeid 0xa
        inet6 302:e594:4a01:512a::1 prefixlen 64
        inet6 fc00:0:0:85::1 prefixlen 64
--------
this is openbsd, don't be scared ;)
--------
{
        "Dhcp6":
        {
                "server-id":{"type":"LL","persist":false},
                "control-socket":{"socket-type":"unix","socket-name":"/var/run/kea6-ctrl-socket"},
                "lease-database":{"type":"memfile","name":"/var/db/dhcp6.lease","lfc-interval":1800},
                "data-directory":"/etc/kea",
                "multi-threading":{"enable-multi-threading":true},
                "mac-sources":["raw","ipv6-link-local","any"],
                "interfaces-config":{"interfaces":["vport0/302:E594:4A01:512A::1","vport0/FC00:0:0:85::1"]},
                "ip-reservations-unique":false,
                "reservations-lookup-first":true,
                "subnet6":
                [
                        {
                                "id":1,
                                "interface":"vport0",
                                "subnet":"302:E594:4A01:512A::/64",
                                "pools":[{"pool":"302:E594:4A01:512A::2-302:E594:4A01:512A::FFFF"}],
                                "reservations-in-subnet":true,
                                "option-data":
                                [
                                        {"name":"dns-servers","data":"FE80::200:FF:FE00:1"},
                                ],
                        },
                        {
                                "id":2,
                                "interface":"vport0",
                                "subnet":"FC00:0:0:85::/64",
                                "pools":[{"pool":"FC00:0:0:85::5-FC00:0:0:85::FFFF"}],
                                "reservations-in-subnet":true,
                                "option-data":
                                [
                                        {"name":"dns-servers","data":"FE80::200:FF:FE00:1"},
                                ],
                        }
                ],
                "loggers":[{"name":"kea-dhcp6","output_options":[{"output":"stderr"}],"severity":"WARN"}]
        }
}
--------
* i can't specify an unicast address in the "interface" option too because the config does not load with an error.

the behavior of the server has changed, now there are two "solicit" requests and two "advertise" responses, but each response has one IA_NA. it seems that this is not what it should be according to rfc8415. the trouble is that although the proposed addresses in each response are different(go in order), but they are both from the same (first in the config) network, and the windows client selects the last one from them.
what am i wrong about?

ps: version is 2.2.0, but i looked at the changelog and there are no changes on this issue