[Kea-users] KEA DHCPv6 Server and PD

Meinhard Schneider meini at meini.org
Fri Aug 4 15:17:20 UTC 2023 

Hello,

I am trying to set up the KEA DHCPv6 server with prefix delegation 
pools. I am now so far that the router behind the DHCPv6 obtains 
prefixes for its subnets, but all interfaces have the same prefix.

Here is my setup:
gw-wan0 (server):
Debian/Bookworm
KEA: 2.2.0

$ cat /etc/kea/kea-dhcp6.conf
{
   "Dhcp6": {
     "valid-lifetime": 4000,
     "renew-timer": 1000,
     "rebind-timer": 2000,
     "preferred-lifetime": 3000,

     "control-socket": {
       "socket-type": "unix",
       "socket-name": "/run/kea/kea6-ctrl-socket"
     },

     "option-data": [
       {
         "name": "dns-servers",
         "data": "xxxx:xxxx::1"
       }
     ],

     "interfaces-config": {
       "interfaces": [ "enp2s0" ]
     },

     "lease-database": {
       "type": "memfile",
       "persist": true,
       "name": "/var/lib/kea/kea-leases6.csv",
       "lfc-interval": 3600
     },

     "subnet6": [
       {
         "subnet": "xxxx:xxxx:ff00:ff00::/56",
         "interface": "enp2s0",
         "pd-pools": [
           {
             "prefix": "xxxx:xxxx:ff00:ff00::",
             "prefix-len": 56,
             "delegated-len": 64
           }
         ]
       }
     ],

     "loggers": [
       {
         "name": "kea-dhcp6",
         "output_options": [
           {
             "output": "/var/log/kea/kea-dhcp6.log",
             "maxver": 8,
             "maxsize": 204800,
             "flush": true,
             "pattern": "%d{%j %H:%M:%S.%q} %c %m\n"
           }
         ],
         "severity": "DEBUG",
         "debuglevel": 99
       }
     ]
   }
}


$ ip a s enp2s0
3: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP 
group default qlen 1000
     link/ether 00:0d:b9:55:b8:15 brd ff:ff:ff:ff:ff:ff
     inet x.x.107.4/31 brd 255.255.255.255 scope global enp2s0
        valid_lft forever preferred_lft forever
     inet6 xxxx:xxxx:ff00:ff00::1/56 scope global
        valid_lft forever preferred_lft forever
     inet6 fe80::20d:b9ff:fe55:b815/64 scope link
        valid_lft forever preferred_lft forever


gw-test (client):
Debian/Bookworm
wide-dhcpv6-client: 20080615-23
(for historical reasons and because I'm already running many other 
installations with it, I'm currently testing with WIDE)

$ cat /etc/wide-dhcpv6/dhcp6c.conf
profile default
{
   script "/etc/wide-dhcpv6/radvd";
};

interface enp2s0
{
   send ia-pd 0;
   script "/etc/wide-dhcpv6/radvd";
};

id-assoc pd
{
   prefix-interface enp3s0
   {
     sla-id 1;
   };
   prefix-interface enp4s0
   {
     sla-id 2;
   };
};

$ ip a s enp2s0
3: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP 
group default qlen 1000
     link/ether 00:0d:b9:56:4b:c5 brd ff:ff:ff:ff:ff:ff
     inet x.x.107.5/31 brd x.x.107.5 scope global dynamic enp2s0
        valid_lft 3381sec preferred_lft 3381sec
     inet6 xxxx:xxxx:ff00:0:20d:b9ff:fe56:4bc5/64 scope global dynamic 
mngtmpaddr
        valid_lft 86085sec preferred_lft 14085sec
     inet6 fe80::20d:b9ff:fe56:4bc5/64 scope link
        valid_lft forever preferred_lft forever

$ ip a s enp3s0
4: enp3s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state 
DOWN group default qlen 1000
     link/ether 00:0d:b9:56:4b:c6 brd ff:ff:ff:ff:ff:ff
     inet 192.168.3.1/24 brd 192.168.3.255 scope global enp3s0
        valid_lft forever preferred_lft forever
     inet6 xxxx:xxxx:ff00:ff00:20d:b9ff:fe56:4bc6/64 scope global tentative
        valid_lft forever preferred_lft forever

$ ip a s enp4s0
5: enp4s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state 
DOWN group default qlen 1000
     link/ether 00:0d:b9:56:4b:c7 brd ff:ff:ff:ff:ff:ff
     inet 192.168.4.1/24 brd 192.168.4.255 scope global enp4s0
        valid_lft forever preferred_lft forever
     inet6 xxxx:xxxx:ff00:ff00:20d:b9ff:fe56:4bc7/64 scope global tentative
        valid_lft forever preferred_lft forever


Both devices are directly connected to each other on the enp2s0 interface.

My expectation was that gw-test would get its own /64 IPv6 subnet at the 
KEA DHCPv6 server for each interface defined in the wide-dhcpv6-client 
(i.e. enp3s0 and enp4s0). Instead, both interfaces get the same subnet, 
which makes no sense (or is not the result I have in mind).

Every time I restart the wide-dhcpv6-client, KEA counts up the subnet by 
one. Currently I got the subnet xxxx:xxxx:ff00:ff00::/64 (after emptying 
the lease cache). After the next reboot I get the subnet ff01, then 
ff02, ff03 and so on.

Unfortunately I don't find the documentation on KEA DHCPv6 server and 
prefix delegation pools very comprehensive. I put together my 
configuration from the few examples I found on the internet.


I would be very grateful for any help:
1. why doesn't each interface get its own subnet /64?
2. why does KEA count up the subnets instead of - with a new DHCP 
request - assigning the same subnets again?

Many thanks & best regards
Meinhard

More information about the Kea-users mailing list