[Kea-users] kea-dhcp failover not working
Darren Ankney
darren.ankney at gmail.com
Thu Apr 20 17:13:00 UTC 2023
Hi Kraishak,
Without the classes, your Kea servers in load-balance HA mode will not
split the leases up among the separate pools. This can lead to server
1 allocating the same address that server 2 allocates to multiple
clients. It is somewhat unlikely because they do communicate but it
might happen if the timing was just right. To guard against this
possibility, simply split your pools in two and add "client-class" :
"HA_server1" to one of the pools and "client-class" : "HA_server2" to
the other. Something like this perhaps:
"pools": [
{
"pool": "4.0.0.25 - 4.0.0.37",
"client-class": "HA_server1"
},
{
"pool": "4.0.0.38 - 4.0.0.49",
"client-class": "HA_server2"
},
{
"pool": "4.0.0.52 - 4.0.0.101",
"client-class": "HA_server1"
},
{
"pool": "4.0.0.102 - 4.0.0.150",
"client-class": "HA_server2"
},
{
"pool": "4.0.0.165 - 4.0.0.206",
"client-class": "HA_server1"
},
{
"pool": "4.0.0.207 - 4.0.0.247",
"client-class": "HA_server2"
}
]
Thank you,
Darren Ankney
On Thu, Apr 20, 2023 at 9:15 AM Kraishak Mahtha <kraishak.edu at gmail.com> wrote:
>
> Hi Darren,
>
> Thanks for the suggestions,
> I tried this way of adding a subnet without any classes.
>
> "subnet4": [
> {
> "subnet": "4.0.0.0/16",
> "valid-lifetime": 86400,
> "option-data": [
> {
> "data": "8.8.8.8, 8.8.8.4",
> "name": "domain-name-servers"
> },
> {
> "data": "86400",
> "name": "dhcp-lease-time"
> },
> {
> "data": "4.0.0.1",
> "name": "routers"
> }
> ],
> "pools": [
> {
> "pool": "4.0.0.25 - 4.0.0.49"
> },
> {
> "pool": "4.0.0.52 - 4.0.0.150"
> },
> {
> "pool": "4.0.0.165 - 4.0.0.247"
> }
> ]
> }
>
> ]
>
> It didn't give me any issues and it did work fine for now, not sure what I would be losing or missing without adding that class statement in the subnet config.
>
> "load-balancing" is really not necessary--> yes but due to traffic load I need to add a distributed case in my environment, yes I agree during the failure case only one should be handling the traffic but again it would be for only some time until its peer gets fixed
>
> Thanks
> Kraishak
>
> On Thu, Apr 20, 2023 at 4:01 PM Darren Ankney <darren.ankney at gmail.com> wrote:
>>
>> Hi Kraishak,
>>
>> You do need to split up the pools that way and use classes (though I
>> believe the classes are automatically created) but only if you use the
>> "load-balancing" mode. If you stick to "hot-standby" then you won't
>> need to do that. "load-balancing" is really not necessary (in my
>> humble opinion) as in the event of a failure, any of your Kea servers
>> need to be able to handle 100% of the client load and you could
>> unknowingly get to a situation where that isn't the case only to find
>> out during an outage. ISC DHCP didn't have a "hot-standby" mode so
>> you were forced to load balance (which introduced problems with the
>> sharing of addresses between the servers sometimes).
>>
>> Thank you,
>>
>> Darren Ankney
>>
>> On Thu, Apr 20, 2023 at 1:20 AM Kraishak Mahtha <kraishak.edu at gmail.com> wrote:
>> >>
>> >>
>> >> Hi Dareen,
>> >>
>> >> Thanks for sharing the answers, yes yesterday while I was exploring more about the Kea-HA, I came to know that if we use multithreading then we don't need to use a kea-control agent and I did try the test case it worked well for me.
>> >>
>> >> You can log kea-ctrl-agent.http in the kea-ctrl-agent config and probably kea-dhcp4.ha-hooks will contain the kea-dhcp4 perspective.
>> >>
>> >> --> ok sure
>> >>
>> >> >>In any case, after Kea loses contact with the other server it won't answer clients until max-unacked-clients is reached. -> Got it
>> >>
>> >> One more question regarding the load balancing HA mode, in the document (https://kea.readthedocs.io/en/kea-2.2.0/arm/hooks.html#supported-configurations) it says that
>> >>
>> >> However, it is not always clear to the operators that using the load-balancing mode requires manually splitting the address pools between two Kea instances using client classification, to preclude both servers from allocating the same address to different clients. Such a split is not needed in the hot-standby mode
>> >>
>> >> --->So do we need to manually split the scope in the load balancing configuration by associating the classes in HA mode for load balancing type like this ?`
>> >>
>> >> Config:
>> >
>> > "subnet4": [{
>> >
>> > "subnet": "192.0.3.0/24",
>> > "pools": [{
>> > "pool": "192.0.3.100 - 192.0.3.150",
>> > "client-class": "HA_server1"
>> > }, {
>> > "pool": "192.0.3.200 - 192.0.3.250",
>> > "client-class": "HA_server2"
>> > }],
>> >
>> > "option-data": [{
>> > "name": "routers",
>> > "data": "192.0.3.1"
>> > }],
>> >>
>> >> Something like this: HA_Server1 and HA_Server2?`
>> >>
>> >> I am asking because I have around 5 to 6 DHCP pairs with hundreds of subnets configured on each failover peer in ISC DHCP. Most of the subnets have multiple scopes, ranging from 5 to 6 and with different ranges. For example, the first scope may have 17 IPs, the second 35, and the third around 200. This is in a spread-out environment where we use ISC.
>> >>
>> >> Generally, in ISC, we define the scopes and split percentages, and DHCP takes care of sharing the IPs between them. However, in Kea, there doesn't seem to be a similar mechanism, or I could be wrong. Could you please let me know if the process of manual splitting should be done in Kea when migrating from ISC to Kea? Or do we have any other configuration parameter that makes the Kea DHCP server automatically split the IPs 50-50% from all available scopes of the subnet?
>> >
>> >
>> > Thanks
>> > Kraishak
>> --
>> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>>
>> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>>
>> Kea-users mailing list
>> Kea-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/kea-users
More information about the Kea-users
mailing list