[Kea-users] Option-18 flex-id not matching incoming values
Darren Ankney
darren.ankney at gmail.com
Tue Mar 5 19:29:32 UTC 2024
Hi Andrew,
It looks like your option 18 isn't being attached by the relay agent.
it seems to be in the DHCP packet proper. Perhaps try this?
"identifier-expression": "option[18].hex"
I'm not sure if that will work or not. I think option 18 is supposed
to be attached by the relay agent:
https://www.rfc-editor.org/rfc/rfc8415#section-21.18
Your packet log messages shows option 18 before it prints the relay
part. This could easily be checked with wireshark, btw, where you
could look to see if 18 was in the collapsable DHCP6 part or in the
enclosing DHCP6 relay part. In any case, this is a lab so it wouldn't
hurt to try.
Note that I omitted the substring since you were starting at position
0 and specifying "ALL" anyway.
Thank you,
Darren Ankney
On Tue, Mar 5, 2024 at 4:18 AM Andrew Mulheirn via Kea-users
<kea-users at lists.isc.org> wrote:
>
> I hope someone can help me with this issue. I am using Kea 2.4
>
>
>
> I am trying to get option-18 to match a DHCPv6 static reservation, but Kea is evaluating the option to "" and no address is being allocated. We have purchased the premium hooks package. I have got the same result on two different servers in the lab but can't work out what I am doing wrong.
>
>
>
> Here is the configuration in use:
>
> {
>
> "Dhcp6": {
>
> "server-tag": "kea-01",
>
> "config-control": {
>
> "config-databases": [{
>
> "type": "postgresql",
>
> "name": "retaildhcp",
>
> "user": "vorboss",
>
> "password": "vorboss",
>
> "host": "127.0.0.1",
>
> "port": 5432
>
> }],
>
> "config-fetch-wait-time": 20
>
> },
>
> "hooks-libraries": [
>
> {
>
> "library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_flex_id.so",
>
> "parameters": {
>
> "identifier-expression": "substring(relay6[0].option[18].hex,0,all)"
>
> }
>
> },
>
> {
>
> "library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_pgsql_cb.so"
>
> }
>
> ],
>
> "host-reservation-identifiers": ["flex-id", "duid"],
>
> "interfaces-config": {
>
> "interfaces": [ "eth1/2a00:e340:1100::32"]
>
> },
>
>
>
> "control-socket": {
>
> "socket-type": "unix",
>
> "socket-name": "/tmp/kea6-ctrl-socket"
>
> },
>
>
>
> "lease-database": {
>
> # "type": "memfile",
>
> "lfc-interval": 3600,
>
> "type" : "postgresql",
>
> "name": "retaildhcp" ,
>
> "host": "127.0.0.1" ,
>
> "connect-timeout" : 5,
>
> "user": "vorboss",
>
> "password": "testingonly",
>
> },
>
>
>
> "hosts-database": {
>
> "type": "postgresql",
>
> "name": "retaildhcp",
>
> "user": "vorboss",
>
> "password": "testingonly",
>
> "host": "localhost",
>
> "port": 5432
>
> },
>
> "expired-leases-processing": {
>
> "reclaim-timer-wait-time": 10,
>
> "flush-reclaimed-timer-wait-time": 25,
>
> "hold-reclaimed-time": 3600,
>
> "max-reclaim-leases": 100,
>
> "max-reclaim-time": 250,
>
> "unwarned-reclaim-cycles": 5
>
> },
>
>
>
> "renew-timer": 1000,
>
> "rebind-timer": 2000,
>
> "preferred-lifetime": 3000,
>
> "valid-lifetime": 4000,
>
> "reservations-global": false,
>
> "reservations-in-subnet": true,
>
> "subnet6": [
>
> {
>
> "subnet": "2a00:e300:1102::/64",
>
> "option-data": [
>
> {
>
> "name": "dns-servers",
>
> "data": "2001:db8:2::dead:beef, 2001:db8:2::cafe:babe"
>
> }
>
> ],
>
> "reservations": [
>
> {
>
> "flex-id": "'vlan-100'",
>
> "ip-addresses": [ "2a00:e300:1102::2" ],
>
> "option-data": [
>
> {
>
> "name": "dns-servers",
>
> "data": "3000:1::234"
>
> }
>
> ]
>
> },
>
> {
>
> "flex-id": "'xe-0/0/1:rsw001'",
>
> "ip-addresses": [ "2a00:e300:1102::3" ]
>
> },
>
> {
>
> "flex-id": "'xe-0/0/2:rsw001'",
>
> "ip-addresses": [ "2a00:e300:1102::4" ]
>
> }
>
> ]
>
> }
>
> ],
>
>
>
> "loggers": [
>
> {
>
> "name": "kea-dhcp6",
>
> "output_options": [
>
> {
>
> "output": "/var/log/dhcp6",
>
> "pattern": "%-5p %m\n",
>
> }
>
> ],
>
> "severity": "DEBUG",
>
> "debuglevel": 99
>
> }
>
> ]
>
> }
>
> }
>
>
>
>
>
> I have tried setting flex-id to a double/single quoted string and also to a double-quoted hex value but no luck. If you look at the debug below, you can see the hex value coming in as a type 18. If you take that value and put it into a hex to ascii converter, you get the port number and switch name back successfully. But kea thinks option 18 has a value of 0x.
>
>
>
>
>
> Here is the debug:
> DEBUG DHCP6_BUFFER_RECEIVED received buffer from 2a00:e340:1100::31:547 to 2a00:e340:1100::32:0 over interface eth1
>
> DEBUG DHCP6_BUFFER_UNPACK parsing buffer received from 2a00:e340:1100::31 to 2a00:e340:1100::32 over interface eth1
>
> DEBUG DHCP6_PACKET_RECEIVED duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae: REQUEST (type 3) received from 2a00:e340:1100::31 to 2a00:e340:1100::32 on interface eth1
>
> DEBUG DHCP6_QUERY_DATA duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae, packet details: localAddr=[2a00:e340:1100::32]:0 remoteAddr=[2a00:e340:1100::31]:547
>
> msgtype=3(REQUEST), transid=0xe8d2ae
>
> type=00001, len=00010: 00:03:00:01:4c:6d:58:7d:33:77
>
> type=00002, len=00014: 00:01:00:01:2c:03:74:26:00:15:5d:2b:85:0c
>
> type=00003(IA_NA), len=00012: iaid=0, t1=4294967295, t2=4294967295
>
> type=00006, len=00008: 17(uint16) 59(uint16) 60(uint16) 56(uint16)
>
> type=00018, len=00015: 78:65:2d:30:2f:30:2f:31:3a:72:73:77:30:30:31
>
> 1 relay(s):
>
> relay[0]: msg-type=12(RELAY_FORWARD), hop-count=0,
>
> link-address=2a00:e340:1102::, peer-address=fe80::4e6d:5800:327d:f777, 1 option(s)
>
> type=00037, len=00014: 6527 (uint32) 000300014C6D587D3377 (binary)
>
>
>
> DEBUG HOOKS_CALLOUTS_BEGIN begin all callouts for hook pkt6_receive
>
> DEBUG HOOKS_CALLOUT_CALLED hooks library with index 1 has called a callout on hook pkt6_receive that has address 0x7f85f1572380 (callout duration: 0.006 ms)
>
> DEBUG HOOKS_CALLOUTS_COMPLETE completed callouts for hook pkt6_receive (total callouts duration: 0.006 ms)
>
> DEBUG DHCPSRV_CFGMGR_SUBNET6 retrieved subnet 2a00:e340:1102::/64 for address hint 2a00:e340:1102::
>
> DEBUG DHCP6_SUBNET_SELECTED duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae: the subnet with ID 1 was selected for client assignments
>
> DEBUG DHCP6_SUBNET_DATA duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae: the selected subnet details: 2a00:e340:1102::/64
>
> DEBUG HOOKS_CALLOUTS_BEGIN begin all callouts for hook host6_identifier
>
> DEBUG EVAL_DEBUG_OPTION Pushing option 18 with value 0x
>
> DEBUG EVAL_DEBUG_STRING Pushing text string '0'
>
> DEBUG EVAL_DEBUG_STRING Pushing text string 'all'
>
> DEBUG EVAL_DEBUG_SUBSTRING_EMPTY Popping length all, start 0, string 0x pushing result 0x
>
> DEBUG FLEX_ID_EXPRESSION_EVALUATED Expression evaluated for packet to "" (size: 0)
>
> DEBUG HOOKS_CALLOUT_CALLED hooks library with index 1 has called a callout on hook host6_identifier that has address 0x7f85f15719c0 (callout duration: 0.038 ms)
>
> DEBUG HOOKS_CALLOUTS_COMPLETE completed callouts for hook host6_identifier (total callouts duration: 0.038 ms)
>
> DEBUG HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv6 reservation for subnet id 1, identified by duid=000300014C6D587D3377
>
> DEBUG HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using identifier: duid=000300014C6D587D3377
>
> DEBUG HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier duid=000300014C6D587D3377, found 0 host(s)
>
> DEBUG HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_NULL host not found using subnet id 1 and identifier duid=000300014C6D587D3377
>
> DEBUG HOSTS_MGR_ALTERNATE_GET6_SUBNET_ID_IDENTIFIER get one host with IPv6 reservation for subnet id 1, identified by duid=000300014C6D587D3377
>
> DEBUG HOSTS_MGR_ALTERNATE_GET6_SUBNET_ID_IDENTIFIER_NULL host not found using subnet id 1 and identifier duid=000300014C6D587D3377
>
> DEBUG DHCP6_CLASS_ASSIGNED duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae: client packet has been assigned to the following class(es): UNKNOWN
>
> DEBUG DHCP6_CLASS_ASSIGNED duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae: client packet has been assigned to the following class(es): ALL, UNKNOWN
>
> DEBUG DHCP6_PROCESS_IA_NA_REQUEST duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae: server is processing IA_NA option with iaid=0 and hint=(no hint)
>
> DEBUG DHCPSRV_PGSQL_GET_IAID_DUID obtaining IPv4 leases for IAID 0 and DUID 00:03:00:01:4c:6d:58:7d:33:77, lease type 0
>
> DEBUG ALLOC_ENGINE_V6_ALLOC_UNRESERVED no static reservations available - trying to dynamically allocate leases for client duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae
>
> WARN ALLOC_ENGINE_V6_ALLOC_FAIL_SUBNET duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae: failed to allocate an IPv6 lease in the subnet 2a00:e340:1102::/64, subnet-id 1, shared network (none)
>
> WARN ALLOC_ENGINE_V6_ALLOC_FAIL_NO_POOLS duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae: no pools were available for the lease allocation
>
> WARN ALLOC_ENGINE_V6_ALLOC_FAIL_CLASSES duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae: Failed to allocate an IPv6 address for client with classes: ALL, UNKNOWN
>
> DEBUG DHCP6_LEASE_ALLOC_FAIL duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae: failed to grant an address lease for iaid=0
>
> DEBUG DHCP6_ADD_STATUS_CODE_FOR_IA duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae: adding Status Code to IA with iaid=0: NoAddrsAvail(2) "Sorry, no address could be allocated."
>
> DEBUG HOOKS_CALLOUTS_BEGIN begin all callouts for hook pkt6_send
>
> DEBUG HOOKS_CALLOUT_CALLED hooks library with index 1 has called a callout on hook pkt6_send that has address 0x7f85f156fbe0 (callout duration: 0.006 ms)
>
> DEBUG HOOKS_CALLOUTS_COMPLETE completed callouts for hook pkt6_send (total callouts duration: 0.006 ms)
>
> DEBUG DHCP6_PACKET_SEND duid=[00:03:00:01:4c:6d:58:7d:33:77], tid=0xe8d2ae: trying to send packet REPLY (type 7) from [2a00:e340:1100::32]:547 to [2a00:e340:1100::31]:547 on interface eth1
>
> DEBUG DHCP6_RESPONSE_DATA responding with packet type 7 data is localAddr=[2a00:e340:1100::32]:547 remoteAddr=[2a00:e340:1100::31]:547
>
> msgtype=7(REPLY), transid=0xe8d2ae
>
> type=00001, len=00010: 00:03:00:01:4c:6d:58:7d:33:77
>
> type=00002, len=00014: 00:01:00:01:2c:03:74:26:00:15:5d:2b:85:0c
>
> type=00003(IA_NA), len=00055: iaid=0, t1=0, t2=0,
>
> options:
>
> type=00013, len=00039: NoAddrsAvail(2) "Sorry, no address could be allocated."
>
> 1 relay(s):
>
> relay[0]: msg-type=13(RELAY_REPLY), hop-count=0,
>
> link-address=2a00:e340:1102::, peer-address=fe80::4e6d:5800:327d:f777, 0 option(s)
>
>
>
>
>
>
> Any help appreciated!
>
> Kind regards,
>
> Andy
>
>
>
>
> Andrew Mulheirn
>
> Senior Network Architect
>
> M: +44 (0) 74 3654 8126
>
> E: andrew.mulheirn at vorboss.com
>
> vorboss.com
>
>
> Not sure who currently provides your internet?
> Find out here and take our speed test.
>
>
> Disclaimer: This message is private and confidential. If you have received this message in error, please remove it from your system and notify us at sysadmin at vorboss.net or by telephone +44(0)20 3582 8500. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. Privacy Note: Vorboss Limited may monitor email traffic data and also the content of email for the purposes of security. This email does not create or vary any contractual obligations between Vorboss Limited and the intended recipient.
>
> Vorboss Limited is a limited company registered in England and Wales. Registered number: 05678571. Registered Office: Vorboss Limited, Broadwalk House, 5 Appold Street, London, EC2A 2AG, UNITED KINGDOM.
>
> --
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
More information about the Kea-users
mailing list