[Kea-users] Kea-dhcp6 always warns with ALLOC_ENGINE_V6_ALLOC_FAIL_SUBNET when allocating reserved address
Darren Ankney
darren.ankney at gmail.com
Sun Jan 7 11:58:17 UTC 2024
Hi Andrew,
You might try setting this ("ddns-update-on-renew": false) to true for
a while to see if the client update is sent to ddns, as this is based
on what the server thinks is a renewal not the client. So even if you
see the client SOLICIT the server will consider this a renewal if it
finds an existing lease, I believe. It won't hurt anything to try.
Just some extra ddns traffic.
Thank you,
Darren Ankney
On Fri, Jan 5, 2024 at 9:42 AM Andrew Rowson via Kea-users
<kea-users at lists.isc.org> wrote:
>
> Of course.
>
> {
> "Dhcp6": {
> "control-socket": {
> "socket-name": "/run/kea/kea-dhcp6.socket",
> "socket-type": "unix"
> },
> "ddns-override-client-update": true,
> "ddns-qualifying-suffix": "subdomain.example.com.",
> "ddns-update-on-renew": false,
> "dhcp-ddns": {
> "enable-updates": true,
> "server-ip": "::1"
> },
> "expired-leases-processing": {
> "flush-reclaimed-timer-wait-time": 25,
> "hold-reclaimed-time": 3600,
> "max-reclaim-leases": 100,
> "max-reclaim-time": 250,
> "reclaim-timer-wait-time": 10,
> "unwarned-reclaim-cycles": 5
> },
> "interfaces-config": {
> "interfaces": [
> "enp1s0.2"
> ]
> },
> "lease-database": {
> "lfc-interval": 1800,
> "name": "/var/lib/kea/kea-leases6.csv",
> "type": "memfile"
> },
> "reservations-global": false,
> "reservations-in-subnet": true,
> "reservations-out-of-pool": true,
> "option-data": [],
> "option-def": [
> {
> "code": 1,
> "name": "unifi-address",
> "space": "ubnt",
> "type": "ipv4-address"
> },
> {
> "array": false,
> "code": 6,
> "name": "PXEDiscoveryControl",
> "space": "vendor-encapsulated-options-space",
> "type": "uint8"
> },
> {
> "array": false,
> "code": 10,
> "name": "PXEMenuPrompt",
> "record-types": "uint8,string",
> "space": "vendor-encapsulated-options-space",
> "type": "record"
> },
> {
> "array": false,
> "code": 9,
> "name": "PXEBootMenu",
> "record-types": "uint16,uint8,string",
> "space": "vendor-encapsulated-options-space",
> "type": "record"
> }
> ],
> "host-reservation-identifiers":["duid"],
> "subnet6": [
> {
> "interface": "enp1s0.2",
> "option-data": [
> {
> "data": "2001:123:456:e8b0::1b",
> "name": "sntp-servers"
> }
> ],
> "pools": [
> {
> "pool": "2001:123:456:e8b0:beef:f00f::/112"
> }
> ],
> "subnet": "2001:123:456:e8b0::/64",
> "reservations": [
> {
> "duid": "00:03:00:01:b8:27:eb:bf:db:dd",
> "hostname": "adsbbot",
> "ip-addresses": [
> "2001:123:456:e8b0::f"
> ]
> },
> ]
> }
> ]
> }
> }
>
> kea-dhcp-ddns.conf:
>
> {
> "DhcpDdns": {
> "forward-ddns": {
> "ddns-domains": [
> {
> "dns-servers": [
> {
> "ip-address": "::1",
> "port": 5333
> }
> ],
> "key-name": "my-key",
> "name": "subdomain.example.com."
> }
> ]
> },
> "ip-address": "::1",
> "port": 53001,
> "reverse-ddns": {
> "ddns-domains": [
> {
> "dns-servers": [
> {
> "ip-address": "::1",
> "port": 5333
> }
> ],
> "key-name": "my-key",
> "name": "168.192.in-addr.arpa."
> },
> {
> "dns-servers": [
> {
> "ip-address": "::1",
> "port": 5333
> }
> ],
> "key-name": "my-key",
> "name": "6.5.4.0.3.2.1.0.1.0.0.2.ip6.arpa."
> }
> ]
> },
> "tsig-keys": [
> {
> "algorithm": "hmac-sha512",
> "name": "my-key",
> "secret": "KEY"
> }
> ]
> }
> }
>
> Andrew
>
> On Fri, 5 Jan 2024, at 2:19 PM, Darren Ankney wrote:
> > Hi Andrew,
> >
> > The configuration you provided was very simple. I don't see a problem
> > with it (other than the deprecated stuff already mentioned). Can you
> > provide an updated configuration including the DDNS settings
> > (obviously with sensitive bits obfuscated)?
> >
> > Thank you,
> >
> > Darren Ankney
> >
> > On Fri, Jan 5, 2024 at 8:48 AM Andrew Rowson via Kea-users
> > <kea-users at lists.isc.org> wrote:
> >>
> >> Thanks for the advice / pointers. I've updated the config (behaviour is the same).
> >>
> >> One thing I've also noticed is that if I add in a ddns configuration, DHCP requests from the reserved host doesn't trigger a ddns update, whereas other requests do. I wonder if that's related?
> >>
> >> Andrew
> >>
> >> On Thu, 4 Jan 2024, at 9:51 PM, Darren Ankney wrote:
> >> > Hi Andrew,
> >> >
> >> > This is also probably not the solution to these logs, but I notice you
> >> > also have: "reservation-mode": "out-of-pool", See here:
> >> > https://kea.readthedocs.io/en/kea-2.4.1/arm/dhcp6-srv.html#fine-tuning-dhcpv6-host-reservation
> >> > where it explains that this is deprecated: "Since Kea 1.9.1, the
> >> > reservation-mode parameter is replaced by the reservations-global,
> >> > reservations-in-subnet and reservations-out-of-pool flags. The flags
> >> > can be activated independently and can produce various combinations,
> >> > some of them being unsupported by the deprecated reservation-mode."
> >> >
> >> > Additionally, you may want to move the reservations-global,
> >> > reservations-in-subnet and reservations-out-of-pool flags to the
> >> > global area. Their intention is to make allocations happen with less
> >> > CPU by telling Kea where it might find reservations. So, at least the
> >> > "reservations-global": false, parameter should be global to prevent
> >> > kea from wasting time looking there for a reservation.
> >> >
> >> > You can, of course, suppress these log messages by setting a specific
> >> > logger for kea-dhcp6.alloc-engine and setting severity to ERROR which
> >> > will cause only ERROR and FATAL messages from the
> >> > kea-dhcp6.alloc-engine logger to be logged see here:
> >> > https://kb.isc.org/docs/kea-logging-configuration and here:
> >> > https://kea.readthedocs.io/en/kea-2.4.1/arm/logging.html for further
> >> > information.
> >> >
> >> > Thank you,
> >> >
> >> > Darren Ankney
> >> >
> >> > On Thu, Jan 4, 2024 at 12:51 PM Andrew Rowson via Kea-users
> >> > <kea-users at lists.isc.org> wrote:
> >> >>
> >> >> My bad - typo in the email. It's correct on the server:
> >> >>
> >> >> "subnet": "2001:123:456:e8b0::/64",
> >> >> "reservations-global": false,
> >> >> "reservations-in-subnet": true,
> >> >> "reservations-out-of-pool": true,
> >> >> "reservations": [
> >> >>
> >> >> On Thu, 4 Jan 2024, at 5:17 PM, Bob Harold wrote:
> >> >> > On Thu, Jan 4, 2024 at 12:10 PM Andrew Rowson via Kea-users
> >> >> > <kea-users at lists.isc.org> wrote:
> >> >> >> Hi,
> >> >> >>
> >> >> >> I'm using isc-kea-dhcp6 (2.4.1-isc20231123184533) on Debian bookworm and am having a minor logging issue. I've got a minimal config that defines a single subnet, an allocatable pool within that subnet and a single reservation.
> >> >> >>
> >> >> >> The host gets its reserved IP successfully, but there's always a WARN log dance in the kea logs with ALLOC_ENGINE_V6_ALLOC_FAIL_SUBNET, ALLOC_ENGINE_V6_ALLOC_FAIL_NO_POOLS and ALLOC_ENGINE_V6_ALLOC_FAIL_CLASSES.
> >> >> >>
> >> >> >> Are these warnings expected, or have I misunderstood something about the configuration?
> >> >> >>
> >> >> >> Thanks,
> >> >> >> Andrew
> >> >> >>
> >> >> >> Config:
> >> >> >>
> >> >> >> {
> >> >> >> "Dhcp6": {
> >> >> >> "interfaces-config": {
> >> >> >> "interfaces": [
> >> >> >> "enp1s0.2",
> >> >> >> ]
> >> >> >> },
> >> >> >> "lease-database": {
> >> >> >> "lfc-interval": 1800,
> >> >> >> "name": "/var/lib/kea/kea-leases6.csv",
> >> >> >> "type": "memfile"
> >> >> >> },
> >> >> >> "subnet6": [
> >> >> >> {
> >> >> >> "interface": "enp1s0.2",
> >> >> >> "reservation-mode": "out-of-pool",
> >> >> >> "pools": [
> >> >> >> {
> >> >> >> "pool": "2001:123:456:e8b0:beef:f00f::/112"
> >> >> >> }
> >> >> >> ],
> >> >> >> "reservations-global": false,
> >> >> >> "reservations-in-subnet": true,
> >> >> >> "eservations-out-of-pool": true,
> >> >> >
> >> >> > Probably not the solution, but the line above seems to be missing the
> >> >> > first letter. Is it that way on the server?
> >> >> >
> >> >> >> "subnet": "2001:123:456:e8b0::/64",
> >> >> >> "reservations": [
> >> >> >> {
> >> >> >> "duid": "00:03:00:01:b8:27:eb:bf:db:dd",
> >> >> >> "hostname": "myhost",
> >> >> >> "ip-addresses": [
> >> >> >> "2001:123:456:e8b0::f"
> >> >> >> ]
> >> >> >> }
> >> >> >> ]
> >> >> >> }
> >> >> >> ],
> >> >> >> "valid-lifetime": 1800
> >> >> >> }
> >> >> >> }
> >> >> >>
> >> >> >> Logs:
> >> >> >>
> >> >> >> INFO [kea-dhcp6.dhcp6/182198.139733472774592] DHCP6_STARTED Kea DHCPv6 server version 2.4.1 started
> >> >> >> INFO [kea-dhcp6.leases/182198.139733433005760] DHCP6_LEASE_ADVERT duid=[00:03:00:01:b8:27:eb:bf:db:dd], tid=0x3e9640: lease for address 2001:123:456:e8b0::f and iaid=1746070577 will be advertised
> >> >> >> WARN [kea-dhcp6.alloc-engine/182198.139733433005760] ALLOC_ENGINE_V6_ALLOC_FAIL_SUBNET duid=[00:03:00:01:b8:27:eb:bf:db:dd], tid=0x3e9640: failed to allocate an IPv6 lease in the subnet 2001:123:456:e8b0::/64, subnet-id 1, shared network (none)
> >> >> >> WARN [kea-dhcp6.alloc-engine/182198.139733433005760] ALLOC_ENGINE_V6_ALLOC_FAIL_NO_POOLS duid=[00:03:00:01:b8:27:eb:bf:db:dd], tid=0x3e9640: no pools were available for the lease allocation
> >> >> >> WARN [kea-dhcp6.alloc-engine/182198.139733433005760] ALLOC_ENGINE_V6_ALLOC_FAIL_CLASSES duid=[00:03:00:01:b8:27:eb:bf:db:dd], tid=0x3e9640: Failed to allocate an IPv6 address for client with classes: ALL, KNOWN
> >> >> >> INFO [kea-dhcp6.leases/182198.139733424613056] DHCP6_LEASE_ALLOC duid=[00:03:00:01:b8:27:eb:bf:db:dd], tid=0x137d91: lease for address 2001:123:456:e8b0::f and iaid=1746070577 has been allocated for 1800 seconds
> >> >> >> --
> >> >> >>
> >> >> > --
> >> >> > Bob Harold
> >> >> --
> >> >> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> >> >>
> >> >> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
> >> >>
> >> >> Kea-users mailing list
> >> >> Kea-users at lists.isc.org
> >> >> https://lists.isc.org/mailman/listinfo/kea-users
> >> > --
> >> > ISC funds the development of this software with paid support
> >> > subscriptions. Contact us at https://www.isc.org/contact/ for more
> >> > information.
> >> >
> >> > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
> >> >
> >> > Kea-users mailing list
> >> > Kea-users at lists.isc.org
> >> > https://lists.isc.org/mailman/listinfo/kea-users
> >> --
> >> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> >>
> >> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
> >>
> >> Kea-users mailing list
> >> Kea-users at lists.isc.org
> >> https://lists.isc.org/mailman/listinfo/kea-users
> > --
> > ISC funds the development of this software with paid support
> > subscriptions. Contact us at https://www.isc.org/contact/ for more
> > information.
> >
> > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
> >
> > Kea-users mailing list
> > Kea-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/kea-users
> --
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
More information about the Kea-users
mailing list