[Kea-users] kea and stongswan dhcp not working Posteingang
Sascha Marcel Hacker
smhrambo at googlemail.com
Sat Sep 9 20:50:42 UTC 2023
I have a solution.
This strongswan charon dhcp.conf is working:
dhcp {
# Always use the configured server address.
# force_server_address = no
force_server_address = yes
# Derive user-defined MAC address from hash of IKE identity and send
client
# identity DHCP option.
# identity_lease = no
# Interface name the plugin uses for address allocation.
# interface =
interface = macvlan_vpn
# Whether to load the plugin. Can also be an integer to increase the
# priority of this plugin.
load = yes
# DHCP server unicast or broadcast IP address.
# server = 255.255.255.255
# Use the DHCP server port (67) as source port when a unicast server
address
# is configured.
# use_server_port = no
}
!!!But the config is not compatible with isc-dhcp!!!
Am Sa., 9. Sept. 2023 um 22:44 Uhr schrieb Sascha Marcel Hacker <
smhrambo at googlemail.com>:
> With this charon dhcp.conf:
> dhcp {
>
> # Always use the configured server address.
> # force_server_address = no
>
> # Derive user-defined MAC address from hash of IKE identity and send
> client
> # identity DHCP option.
> # identity_lease = no
>
> # Interface name the plugin uses for address allocation.
> interface = macvlan_vpn
>
> # Whether to load the plugin. Can also be an integer to increase the
> # priority of this plugin.
> load = yes
>
> # DHCP server unicast or broadcast IP address.
> # server = 255.255.255.255
>
> # Use the DHCP server port (67) as source port when a unicast server
> address
> # is configured.
> # use_server_port = no
> }
>
> I get this swanctl --log:
> 09[IKE] peer requested virtual IP %any
> 09[CFG] sending DHCP DISCOVER for 7a:a7:81:22:c3:6e to 255.255.255.255
> 09[IKE] authentication of '10.13.17.1' with EAP successful
> 09[CFG] received DHCP OFFER 10.13.11.201 from 10.13.11.1
> 09[CFG] sending DHCP REQUEST for 10.13.11.201 to 10.13.11.1
> 09[CFG] sending DHCP REQUEST for 10.13.11.201 to 10.13.11.1
> 13[MGR] ignoring request with ID 6, already processing
> 12[MGR] ignoring request with ID 6, already processing
> 09[CFG] sending DHCP REQUEST for 10.13.11.201 to 10.13.11.1
> 07[MGR] ignoring request with ID 6, already processing
> 09[CFG] sending DHCP REQUEST for 10.13.11.201 to 10.13.11.1
> 09[CFG] sending DHCP REQUEST for 10.13.11.201 to 10.13.11.1
> 14[MGR] ignoring request with ID 6, already processing
> 09[CFG] DHCP REQUEST timed out
> 09[IKE] no virtual IP found for %any requested by 'saschahacker'
>
> It seems to be that kea only answers 255.255.255.255 requests.
> But after the offer it stops.
>
> Am Sa., 9. Sept. 2023 um 18:37 Uhr schrieb Khebchi Abdallah <
> a.khebchi at esi-sba.dz>:
>
>> I mean something like 10.11.13.1 , i had similar issues after debuging i
>> found out that kea do not respond to my brd addr
>>
>> On Sat, Sep 9, 2023, 5:35 PM Khebchi Abdallah <a.khebchi at esi-sba.dz>
>> wrote:
>>
>>> Use nc to send discover request on your server addr (broadcast) and
>>> confirm that it reply to it , if not change it to something like 10.11.1.1
>>> in dhcp charon conf
>>>
>>> On Sat, Sep 9, 2023, 1:11 PM Sascha Marcel Hacker <
>>> smhrambo at googlemail.com> wrote:
>>>
>>>> Here is my kea-dhcp4.conf
>>>> {
>>>> "Dhcp4": {
>>>> # Global values
>>>> "valid-lifetime": 4000,
>>>> "renew-timer": 1000,
>>>> "rebind-timer": 2000,
>>>> "ip-reservations-unique": false,
>>>>
>>>> # Interfaces
>>>> "interfaces-config": {
>>>> "interfaces": [
>>>> "macvlan_lan",
>>>> "macvlan_device",
>>>> "macvlan_nvr",
>>>> "macvlan_dmz",
>>>> "macvlan_guest",
>>>> "macvlan_echo",
>>>> "macvlan_printer",
>>>> "macvlan_voip",
>>>> "macvlan_media",
>>>> "macvlan_vpn",
>>>> "macvlan_iot",
>>>> "macvlan_private"
>>>> ]
>>>> },
>>>>
>>>> # Logger
>>>> "loggers": [
>>>> {
>>>> "name": "kea-dhcp4",
>>>> "severity": "DEBUG",
>>>> "debuglevel": 99,
>>>> "output_options": [
>>>> {
>>>> "output": "/var/log/kea/dhcp4.log",
>>>> "maxver": 10
>>>> }
>>>> ]
>>>> },
>>>> {
>>>> "name": "kea-dhcp4.bad-packets",
>>>> "severity": "DEBUG",
>>>> "debuglevel": 99,
>>>> "output_options": [
>>>> {
>>>> "output": "/var/log/kea/dhcp4-bad.log",
>>>> "maxver": 10
>>>> }
>>>> ]
>>>> },
>>>> {
>>>> "name": "kea-dhcp4.packets",
>>>> "severity": "DEBUG",
>>>> "debuglevel": 99,
>>>> "output_options": [
>>>> {
>>>> "output": "/var/log/kea/dhcp4-package.log",
>>>> "maxver": 10
>>>> }
>>>> ]
>>>> },
>>>> {
>>>> "name": "kea-dhcp4.dhcpsrv",
>>>> "severity": "DEBUG",
>>>> "output_options": [
>>>> {
>>>> "output": "/var/log/kea/dhcp4-dhcpsrv.log",
>>>> "maxver": 10
>>>> }
>>>> ]
>>>> },
>>>> {
>>>> "name": "kea-dhcp4.leases",
>>>> "severity": "DEBUG",
>>>> "output_options": [
>>>> {
>>>> "output": "/var/log/kea/dhcp4-leases.log",
>>>> "maxver": 10
>>>> }
>>>> ]
>>>> }
>>>> ],
>>>>
>>>> "authoritative": true,
>>>> "dhcp-ddns": {
>>>> "enable-updates": false
>>>> },
>>>>
>>>> "option-def": [
>>>> {
>>>> "space": "dhcp4",
>>>> "name": "local-hostname",
>>>> "code": 224,
>>>> "type": "string"
>>>> }
>>>> ],
>>>>
>>>> "subnet4": [
>>>> # LAN Network
>>>> {
>>>> "id": 1,
>>>> "subnet": "10.13.1.0/24",
>>>> "option-data": [
>>>> {
>>>> "name": "domain-name-servers",
>>>> "data": "10.13.1.4, 10.13.1.1"
>>>> },
>>>> {
>>>> "name": "broadcast-address",
>>>> "data": "10.13.1.255"
>>>> },
>>>> {
>>>> "name": "routers",
>>>> "data": "10.13.1.1"
>>>> },
>>>> {
>>>> "name": "ntp-servers",
>>>> "data": "10.13.1.1"
>>>> }
>>>> ],
>>>> "interface": "macvlan_lan",
>>>> "pools": [
>>>> {
>>>> "pool": "10.13.1.200 - 10.13.1.254"
>>>> }
>>>> ]
>>>> },
>>>>
>>>> # DEVICE Network
>>>> {
>>>> "id": 2,
>>>> "subnet": "10.13.3.0/24",
>>>> "option-data": [
>>>> {
>>>> "name": "domain-name-servers",
>>>> "data": "10.13.3.1, 10.13.3.4"
>>>> },
>>>> {
>>>> "name": "domain-name",
>>>> "data": "device.foo.bar"
>>>> },
>>>> {
>>>> "name": "broadcast-address",
>>>> "data": "10.13.3.255"
>>>> },
>>>> {
>>>> "name": "routers",
>>>> "data": "10.13.3.1"
>>>> },
>>>> {
>>>> "name": "ntp-servers",
>>>> "data": "10.13.3.1"
>>>> }
>>>> ],
>>>> "interface": "macvlan_device",
>>>> "pools": [
>>>> {
>>>> "pool": "10.13.3.200 - 10.13.3.254"
>>>> }
>>>> ],
>>>> "reservations": [
>>>> ...
>>>> ]
>>>> },
>>>>
>>>> # NVR Network
>>>> {
>>>> "id": 3,
>>>> "subnet": "10.13.4.0/24",
>>>> "option-data": [
>>>> {
>>>> "name": "domain-name-servers",
>>>> "data": "10.13.4.1, 10.13.4.4"
>>>> },
>>>> {
>>>> "name": "domain-name",
>>>> "data": "nvr.foo.bar"
>>>> },
>>>> {
>>>> "name": "broadcast-address",
>>>> "data": "10.13.4.255"
>>>> },
>>>> {
>>>> "name": "routers",
>>>> "data": "10.13.4.1"
>>>> },
>>>> {
>>>> "name": "ntp-servers",
>>>> "data": "10.13.4.1"
>>>> }
>>>> ],
>>>> "interface": "macvlan_nvr",
>>>> "pools": [
>>>> {
>>>> "pool": "10.13.4.200 - 10.13.4.254"
>>>> }
>>>> ],
>>>> "reservations": [
>>>> ...
>>>> ]
>>>> },
>>>>
>>>> # DMZ Network
>>>> {
>>>> "id": 4,
>>>> "subnet": "10.13.5.0/24",
>>>> "option-data": [
>>>> {
>>>> "name": "domain-name-servers",
>>>> "data": "10.13.5.1, 10.13.5.4"
>>>> },
>>>> {
>>>> "name": "domain-name",
>>>> "data": "dmz.foo.bar"
>>>> },
>>>> {
>>>> "name": "broadcast-address",
>>>> "data": "10.13.5.255"
>>>> },
>>>> {
>>>> "name": "routers",
>>>> "data": "10.13.5.1"
>>>> },
>>>> {
>>>> "name": "ntp-servers",
>>>> "data": "10.13.5.1"
>>>> }
>>>> ],
>>>> "interface": "macvlan_dmz",
>>>> "pools": [
>>>> {
>>>> "pool": "10.13.5.200 - 10.13.5.254"
>>>> }
>>>> ],
>>>> "reservations": [
>>>> ...
>>>> ]
>>>> },
>>>>
>>>> # Guest Network
>>>> {
>>>> "id": 5,
>>>> "subnet": "10.13.6.0/24",
>>>> "option-data": [
>>>> {
>>>> "name": "domain-name-servers",
>>>> "data": "10.13.6.1, 10.13.6.4"
>>>> },
>>>> {
>>>> "name": "domain-name",
>>>> "data": "guest.foo.bar"
>>>> },
>>>> {
>>>> "name": "broadcast-address",
>>>> "data": "10.13.6.255"
>>>> },
>>>> {
>>>> "name": "routers",
>>>> "data": "10.13.6.1"
>>>> },
>>>> {
>>>> "name": "ntp-servers",
>>>> "data": "10.13.6.1"
>>>> }
>>>> ],
>>>> "interface": "macvlan_guest",
>>>> "pools": [
>>>> {
>>>> "pool": "10.13.6.200 - 10.13.6.254"
>>>> }
>>>> ]
>>>> },
>>>>
>>>> # Echo Network
>>>> {
>>>> "id": 6,
>>>> "subnet": "10.13.7.0/24",
>>>> "option-data": [
>>>> {
>>>> "name": "domain-name-servers",
>>>> "data": "10.13.7.1, 10.13.7.4"
>>>> },
>>>> {
>>>> "name": "domain-name",
>>>> "data": "echo.foo.bar"
>>>> },
>>>> {
>>>> "name": "broadcast-address",
>>>> "data": "10.13.7.255"
>>>> },
>>>> {
>>>> "name": "routers",
>>>> "data": "10.13.7.1"
>>>> },
>>>> {
>>>> "name": "ntp-servers",
>>>> "data": "10.13.7.1"
>>>> }
>>>> ],
>>>> "interface": "macvlan_echo",
>>>> "pools": [
>>>> {
>>>> "pool": "10.13.7.200 - 10.13.7.254"
>>>> }
>>>> ],
>>>> "reservations": [
>>>> ...
>>>> ]
>>>> },
>>>>
>>>> # Printer Network
>>>> {
>>>> "id": 7,
>>>> "subnet": "10.13.8.0/24",
>>>> "option-data": [
>>>> {
>>>> "name": "domain-name-servers",
>>>> "data": "10.13.8.1, 10.13.8.4"
>>>> },
>>>> {
>>>> "name": "domain-name",
>>>> "data": "printer.foo.bar"
>>>> },
>>>> {
>>>> "name": "broadcast-address",
>>>> "data": "10.13.8.255"
>>>> },
>>>> {
>>>> "name": "routers",
>>>> "data": "10.13.8.1"
>>>> },
>>>> {
>>>> "name": "ntp-servers",
>>>> "data": "10.13.8.1"
>>>> }
>>>> ],
>>>> "interface": "macvlan_printer",
>>>> "pools": [
>>>> {
>>>> "pool": "10.13.8.200 - 10.13.8.254"
>>>> }
>>>> ],
>>>> "reservations": [
>>>> ...
>>>> ]
>>>> },
>>>>
>>>> # VoIP Network
>>>> {
>>>> "id": 8,
>>>> "subnet": "10.13.9.0/24",
>>>> "option-data": [
>>>> {
>>>> "name": "domain-name-servers",
>>>> "data": "10.13.9.1, 10.13.9.4"
>>>> },
>>>> {
>>>> "name": "domain-name",
>>>> "data": "voip.foo.bar"
>>>> },
>>>> {
>>>> "name": "broadcast-address",
>>>> "data": "10.13.9.255"
>>>> },
>>>> {
>>>> "name": "routers",
>>>> "data": "10.13.9.1"
>>>> },
>>>> {
>>>> "name": "ntp-servers",
>>>> "data": "10.13.9.1"
>>>> }
>>>> ],
>>>> "interface": "macvlan_voip",
>>>> "pools": [
>>>> {
>>>> "pool": "10.13.9.200 - 10.13.9.254"
>>>> }
>>>> ],
>>>> "reservations": [
>>>> ...
>>>> ]
>>>> },
>>>>
>>>> # Multimedia Network
>>>> {
>>>> "id": 9,
>>>> "subnet": "10.13.10.0/24",
>>>> "option-data": [
>>>> {
>>>> "name": "domain-name-servers",
>>>> "data": "10.13.10.1, 10.13.10.4"
>>>> },
>>>> {
>>>> "name": "domain-name",
>>>> "data": "media.foo.bar"
>>>> },
>>>> {
>>>> "name": "broadcast-address",
>>>> "data": "10.13.10.255"
>>>> },
>>>> {
>>>> "name": "routers",
>>>> "data": "10.13.10.1"
>>>> },
>>>> {
>>>> "name": "ntp-servers",
>>>> "data": "10.13.10.1"
>>>> }
>>>> ],
>>>> "interface": "macvlan_media",
>>>> "pools": [
>>>> {
>>>> "pool": "10.13.10.200 - 10.13.10.254"
>>>> }
>>>> ],
>>>> "reservations": [
>>>> ...
>>>> ]
>>>> },
>>>>
>>>> # VPN Network
>>>> {
>>>> "id": 10,
>>>> "subnet": "10.13.11.0/24",
>>>> "option-data": [
>>>> {
>>>> "name": "domain-name-servers",
>>>> "data": "10.13.11.1, 10.13.11.4"
>>>> },
>>>> {
>>>> "name": "domain-name",
>>>> "data": "vpn.foo.bar"
>>>> },
>>>> {
>>>> "name": "broadcast-address",
>>>> "data": "10.13.11.255"
>>>> },
>>>> {
>>>> "name": "routers",
>>>> "data": "10.13.11.1"
>>>> },
>>>> {
>>>> "name": "ntp-servers",
>>>> "data": "10.13.11.1"
>>>> }
>>>> ],
>>>> "interface": "macvlan_vpn",
>>>> "pools": [
>>>> {
>>>> "pool": "10.13.11.200 - 10.13.11.254"
>>>> }
>>>> ]
>>>> },
>>>>
>>>> # IoT Network
>>>> {
>>>> "id": 11,
>>>> "subnet": "10.13.12.0/22",
>>>> "option-data": [
>>>> {
>>>> "name": "domain-name-servers",
>>>> "data": "10.13.12.1, 10.13.12.4"
>>>> },
>>>> {
>>>> "name": "domain-name",
>>>> "data": "iot.foo.bar"
>>>> },
>>>> {
>>>> "name": "broadcast-address",
>>>> "data": "10.13.15.255"
>>>> },
>>>> {
>>>> "name": "routers",
>>>> "data": "10.13.12.1"
>>>> },
>>>> {
>>>> "name": "ntp-servers",
>>>> "data": "10.13.12.15, 10.13.12.1"
>>>> }
>>>> ],
>>>> "interface": "macvlan_iot",
>>>> "pools": [
>>>> {
>>>> "pool": "10.13.12.200 - 10.13.12.254"
>>>> }
>>>> ],
>>>> "reservations": [
>>>> ...
>>>> ]
>>>> },
>>>>
>>>> # Private Network
>>>> {
>>>> "id": 12,
>>>> "subnet": "10.13.16.0/20",
>>>> "option-data": [
>>>> {
>>>> "name": "domain-name-servers",
>>>> "data": "10.13.16.1, 10.13.16.4"
>>>> },
>>>> {
>>>> "name": "domain-name",
>>>> "data": "private.foo.bar"
>>>> },
>>>> {
>>>> "name": "broadcast-address",
>>>> "data": "10.13.31.255"
>>>> },
>>>> {
>>>> "name": "routers",
>>>> "data": "10.13.16.1"
>>>> },
>>>> {
>>>> "name": "ntp-servers",
>>>> "data": "10.13.16.1"
>>>> }
>>>> ],
>>>> "interface": "macvlan_private",
>>>> "pools": [
>>>> {
>>>> "pool": "10.13.16.200 - 10.13.16.254"
>>>> }
>>>> ],
>>>> "reservations": [
>>>> ...
>>>> ]
>>>> }
>>>> ],
>>>>
>>>> "host-reservation-identifiers": [
>>>> "hw-address"
>>>> ]
>>>> }
>>>> }
>>>>
>>>> kea log:
>>>> 2023-09-07 01:40:40.010 DEBUG [kea-dhcp4.options/23400.281473524985888]
>>>> DHCP4_BUFFER_UNPACK parsing buffer received from 10.13.12.80 to 10.13.12.1
>>>> over interface macvlan_iot
>>>> 2023-09-07 01:40:40.011 DEBUG [kea-dhcp4.hosts/23400.281473524985888]
>>>> HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv4 reservation
>>>> for subnet id 11, identified by hwaddr=XXXXXXXXXXXX
>>>> 2023-09-07 01:40:40.011 DEBUG [kea-dhcp4.hosts/23400.281473524985888]
>>>> HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using
>>>> identifier: hwaddr=XXXXXXXXXXXX
>>>> 2023-09-07 01:40:40.012 DEBUG [kea-dhcp4.hosts/23400.281473524985888]
>>>> HOSTS_CFG_GET_ALL_IDENTIFIER_HOST using identifier: hwaddr=XXXXXXXXXXXX,
>>>> found host: hwaddr=XXXXXXXXXXXX ipv4_subnet_id=11 hostname=LEAD-LEDPanel
>>>> ipv4_reservation=10.13.12.80 siaddr=(no) sname=(empty) file=(empty)
>>>> key=(empty) ipv6_reservations=(none)
>>>> 2023-09-07 01:40:40.012 DEBUG [kea-dhcp4.hosts/23400.281473524985888]
>>>> HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier hwaddr=XXXXXXXXXXXX,
>>>> found 1 host(s)
>>>> 2023-09-07 01:40:40.012 DEBUG [kea-dhcp4.hosts/23400.281473524985888]
>>>> HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_HOST using subnet id 11 and
>>>> identifier hwaddr=XXXXXXXXXXXX, found host: hwaddr=XXXXXXXXXXXX
>>>> ipv4_subnet_id=11 hostname=LEAD-LEDPanel ipv4_reservation=10.13.12.80
>>>> siaddr=(no) sname=(empty) file=(empty) key=(empty) ipv6_reservations=(none)
>>>> 2023-09-07 01:40:40.012 DEBUG [kea-dhcp4.dhcp4/23400.281473524985888]
>>>> DHCP4_CLASS_ASSIGNED [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info],
>>>> tid=0xabcd0ed3: client packet has been assigned to the following class(es):
>>>> KNOWN
>>>> 2023-09-07 01:40:40.012 DEBUG [kea-dhcp4.dhcp4/23400.281473524985888]
>>>> DHCP4_CLASS_ASSIGNED [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info],
>>>> tid=0xabcd0ed3: client packet has been assigned to the following class(es):
>>>> ALL, KNOWN
>>>> 2023-09-07 01:40:40.012 DEBUG [kea-dhcp4.ddns/23400.281473524985888]
>>>> DHCP4_CLIENT_HOSTNAME_PROCESS [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info],
>>>> tid=0xabcd0ed3: processing client's Hostname option
>>>> 2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.ddns/23400.281473524985888]
>>>> DHCP4_CLIENT_HOSTNAME_DATA [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info],
>>>> tid=0xabcd0ed3: client sent Hostname option: HF-LPB100
>>>> 2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.ddns/23400.281473524985888]
>>>> DHCP4_RESERVED_HOSTNAME_ASSIGNED [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no
>>>> info], tid=0xabcd0ed3: server assigned reserved hostname lead-ledpanel
>>>> 2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.hosts/23400.281473524985888]
>>>> HOSTS_CFG_GET_ALL_SUBNET_ID_ADDRESS4 get all hosts with reservations for
>>>> subnet id 11 and IPv4 address 10.13.12.80
>>>> 2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.hosts/23400.281473524985888]
>>>> HOSTS_CFG_GET_ALL_ADDRESS4 get all hosts with reservations for IPv4 address
>>>> 10.13.12.80
>>>> 2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.hosts/23400.281473524985888]
>>>> HOSTS_CFG_GET_ALL_ADDRESS4_HOST using address 10.13.12.80 found host:
>>>> hwaddr=XXXXXXXXXXXX ipv4_subnet_id=11 hostname=LEAD-LEDPanel
>>>> ipv4_reservation=10.13.12.80 siaddr=(no) sname=(empty) file=(empty)
>>>> key=(empty) ipv6_reservations=(none)
>>>> 2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.hosts/23400.281473524985888]
>>>> HOSTS_CFG_GET_ALL_ADDRESS4_COUNT using address 10.13.12.80, found 1 host(s)
>>>> 2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.hosts/23400.281473524985888]
>>>> HOSTS_CFG_GET_ALL_SUBNET_ID_ADDRESS4_HOST using IPv4 subnet 11 and IPv4
>>>> address 10.13.12.80, found host: hwaddr=XXXXXXXXXXXX ipv4_subnet_id=11
>>>> hostname=LEAD-LEDPanel ipv4_reservation=10.13.12.80 siaddr=(no)
>>>> sname=(empty) file=(empty) key=(empty) ipv6_reservations=(none)
>>>> 2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.hosts/23400.281473524985888]
>>>> HOSTS_CFG_GET_ALL_SUBNET_ID_ADDRESS4_COUNT using IPv4 subnet 11 and IPv4
>>>> address 10.13.12.80, found 1 host(s)
>>>> 2023-09-07 01:40:40.014 DEBUG [kea-dhcp4.hosts/23400.281473524985888]
>>>> HOSTS_MGR_ALTERNATE_GET_ALL_SUBNET_ID_ADDRESS4 trying alternate sources for
>>>> hosts using subnet id 11 and address 10.13.12.80
>>>> 2023-09-07 01:40:40.014 DEBUG
>>>> [kea-dhcp4.alloc-engine/23400.281473524985888]
>>>> ALLOC_ENGINE_V4_REQUEST_EXTEND_LEASE [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no
>>>> info], tid=0xabcd0ed3: extending lifetime of the lease for address
>>>> 10.13.12.80
>>>> 2023-09-07 01:40:40.014 DEBUG [kea-dhcp4.ddns/23400.281473524985888]
>>>> DHCP4_NCR_CREATE [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info],
>>>> tid=0xabcd0ed3: DDNS updates enabled, therefore sending name change requests
>>>> 2023-09-07 01:40:40.014 DEBUG [kea-dhcp4.options/23400.281473524985888]
>>>> DHCP4_PACKET_PACK [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info],
>>>> tid=0xabcd0ed3: preparing on-wire format of the packet to be sent
>>>>
>>>> charon dhcp:
>>>> dhcp {
>>>>
>>>> # Always use the configured server address.
>>>> # force_server_address = no
>>>> force_server_address = yes
>>>>
>>>> # Derive user-defined MAC address from hash of IKE identity and
>>>> send client
>>>> # identity DHCP option.
>>>> # identity_lease = no
>>>>
>>>> # Interface name the plugin uses for address allocation.
>>>> # interface =
>>>>
>>>> # Whether to load the plugin. Can also be an integer to increase the
>>>> # priority of this plugin.
>>>> load = yes
>>>>
>>>> # DHCP server unicast or broadcast IP address.
>>>> # server = 255.255.255.255
>>>> server = 10.13.11.255
>>>>
>>>> # Use the DHCP server port (67) as source port when a unicast
>>>> server address
>>>> # is configured.
>>>> # use_server_port = no
>>>> }
>>>>
>>>> swanctrl --log (working isc-dhcp):
>>>> 14[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255
>>>> 14[IKE] peer requested virtual IP %any
>>>> 13[MGR] ignoring request with ID 6, already processing
>>>> 14[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255
>>>> 14[CFG] received DHCP OFFER 10.13.11.245 from 10.13.11.1
>>>> 14[CFG] sending DHCP REQUEST for 10.13.11.245 to 10.13.11.1
>>>> 14[CFG] received DHCP ACK for 10.13.11.245
>>>> 14[IKE] assigning virtual IP 10.13.11.245 to peer 'saschahacker'
>>>>
>>>> swanctrl --log (not working kea):
>>>> 16[IKE] peer requested virtual IP %any
>>>> 16[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255
>>>> 16[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255
>>>> 15[MGR] ignoring request with ID 6, already processing
>>>> 10[MGR] ignoring request with ID 6, already processing
>>>> 16[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255
>>>> 04[MGR] ignoring request with ID 6, already processing
>>>> 16[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255
>>>> 12[NET] received packet: from 10.13.17.1[4500] to 10.13.16.1[4500] (72
>>>> bytes)
>>>> 12[IKE] received message ID 6, expected 7, ignored
>>>> 16[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255
>>>> 06[MGR] ignoring request with ID 6, already processing
>>>> 16[CFG] DHCP DISCOVER timed out
>>>> 16[IKE] no virtual IP found for %any requested by 'saschahacker'
>>>>
>>>> Am Fr., 8. Sept. 2023 um 14:21 Uhr schrieb Darren Ankney <
>>>> darren.ankney at gmail.com>:
>>>>
>>>>> Hi Sascha,
>>>>>
>>>>> I assume you see discovers from other clients? Can you share your Kea
>>>>> configuration? Be sure and redact any sensitive information. Can you
>>>>> share some logs of a working client (understand you have no logs of
>>>>> the Strongswan client)?
>>>>>
>>>>> Thank you,
>>>>>
>>>>> Darren Ankney
>>>>>
>>>>>
>>>>> On Fri, Sep 8, 2023 at 7:36 AM Sascha Marcel Hacker via Kea-users
>>>>> <kea-users at lists.isc.org> wrote:
>>>>> >
>>>>> > Hi, I migrated my home lab from isc-dhcp to kea.
>>>>> > But now the strongswan DHCP module is not working.
>>>>> > When I switch back to isc-dhcp it works as it should.
>>>>> > I also added a kea debug logger for kea-dhcp4.bad-packets and
>>>>> kea-dhcp4.packet.
>>>>> > But no DHCP DISCOVER from the strongswan server is logged.
>>>>> >
>>>>> > Both are on the same host.
>>>>> >
>>>>> > Any suggestions?
>>>>> >
>>>>> > thanks in advance
>>>>> > Sascha
>>>>> >
>>>>> > Stronswan Version: 5.9.11 (self-compiled) and 5.9.5-2ubuntu2.1 (OS
>>>>> package)
>>>>> > Kea Version: 2.2.0-5ubuntu4 (OS package)
>>>>> > ISC DHCP Version: 4.4.1-2.3ubuntu2.4 (OS package)
>>>>> > OS: Ubuntu 23.04
>>>>> > Platform: arm64
>>>>> > --
>>>>> > ISC funds the development of this software with paid support
>>>>> subscriptions. Contact us at https://www.isc.org/contact/ for more
>>>>> information.
>>>>> >
>>>>> > To unsubscribe visit
>>>>> https://lists.isc.org/mailman/listinfo/kea-users.
>>>>> >
>>>>> > Kea-users mailing list
>>>>> > Kea-users at lists.isc.org
>>>>> > https://lists.isc.org/mailman/listinfo/kea-users
>>>>> --
>>>>> ISC funds the development of this software with paid support
>>>>> subscriptions. Contact us at https://www.isc.org/contact/ for more
>>>>> information.
>>>>>
>>>>> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>>>>>
>>>>> Kea-users mailing list
>>>>> Kea-users at lists.isc.org
>>>>> https://lists.isc.org/mailman/listinfo/kea-users
>>>>>
>>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20230909/b338c3ba/attachment-0001.htm>
More information about the Kea-users
mailing list