Kea DHCP

Modern, open source DHCPv4 & DHCPv6 server

Why Choose Kea?

ISC distributes TWO full-featured, open source, standards-based DHCP server distributions: Kea DHCP and ISC DHCP. Kea includes all the most-requested features, is far newer, and is designed for a more modern network environment. ISC announced the End of Life for the older ISC DHCP system in 2022. Users of ISC DHCP may find these resources helpful in migrating their DHCP server deployments to the Kea server.

How is the Kea DHCP server different from the older ISC DHCP?
  1. Modular Component Design, Extensible with Hooks Modules. The Kea distribution includes separate daemons for a DHCPv4 server, a DHCPv6 server, and a dynamic DNS (DDNS) module. Many optional features are enabled with dynamically-loaded “Hooks Modules,” which you need run only if you are using them. You can write your own hooks modules (in C++) or try some of the hooks we offer.

  2. On-line Re-configuration with REST API. Kea uses a JSON configuration file that can be modified remotely via set commands and reloaded without stopping and restarting the server, an operation that could take quite a while with ISC DHCP.

  3. Designed to Integrate with Your Existing Systems. Kea allows you to separate the data from the execution environment, enabling new deployment options. Your network data - leases, host reservation definitions, and most configuration data - can be located separately from the DHCP server itself, using a Kea “backend.”

  4. Web-based graphical dashboard. Kea now has a graphical dashboard for monitoring multiple Kea servers. This system, called Stork, uses agents deployed on the Kea servers to relay information to a centralized management platform, providing the administrator with an easy-to-use quick view of system status and activity.

Kea supports two database backends; MySQL and PostgreSQL. Choose to store leases, host reservations, or shared configuration data in a separate database backend. Benefits of this include:

  • Integrate it more easily with your other systems - provisioning systems, IPAMS and so on - by storing critical data in a separate database.
  • Use the same hosts reservations backend for multiple DHCP servers.
  • Administer global options from a centralized configuration backend.
  • Manage large address pools in a database rather than a text file.

The core Kea daemons are open source, shared under MPL2.0 licensing. Kea is developed in the open on ISC’s GitLab; we welcome you to open issues and submit patches there. Kea runs on most Linux and Unix platforms, as well as MacOS. If you don’t want to build from our source distribution, we also provide a repository of pre-built packages for most popular operating systems.

ISC also offers some premium Kea extensions that are not open source. These are licensed under a commercial license. There are three tiers of commercially-licensed hooks; Premium, Subscriber, and Enterprise.

  • Hooks in the Premium package include: DDNS Tuning, Flexible Identifiers, Forensic Logging, and Host Commands. The Premium hooks can be purchased, without technical support, on this website.
  • ISC Support Subscribers receive all our Premium Kea hook libraries, PLUS several additional libraries that will be most useful in larger deployments. The hooks included in the Subscriber package are: Client Classification, Configuration Backend, GSS-TSIG, Limits, Leasequery, Ping Check, RADIUS, and Subnet Management.
  • The Enterprise features are reserved for customers with Silver or Gold support from ISC. This top tier adds the Role-based Access Control feature.

Contact ISC for Support

Getting Started

1.

Design

Your major design decisions are whether to deploy in pairs for High Availability and use the default csv file for host and lease data, or to install a separate database for a Kea data “backend.” Some of these decisions can limit your performance. See our Knowledgebase for advice on designing for optimal performance.

2.

Installation

Instructions are available for building and installing Kea from the source packages downloadable below. ISC provides pre-built packages for RHEL, Fedora, Ubuntu, and Debian. If you are using any Kea hook libraries, you will also need to install and configure those.

3.

Configuration

The Kea Administrator Reference Manual (ARM) is the primary reference for Kea configuration. The extensive set of example configuration filesin the project repo and our knowledgebase may help you get started. If you are migrating from an existing ISC DHCP deployment, try the Kea Migration Assistant (a special feature of the ISC DHCP distribution). This will enable you to save your current ISC DHCP server configuration as a Kea configuration file. It will still need some manual adjustment, but this tool should translate the bulk of your configuration.

4.

Maintenance

Most users will benefit from joining the kea-users mailing list. Consider joining our Kea project GitLab to log issues, see what we’re working on, submit patches, and participate in development. You might want to read about our Premium and Subscriber-only Kea libraries, which extend Kea’s management interface. Consider deploying Stork for a graphical management dashboard. If your DHCP is critical to your business, we recommend you subscribe for technical support from ISC.

screenshot of stork graphical web-based management tool for Kea, showing a list of subnets and their utilization, monitored servers and their current uptime status

Stork Dashboard for Kea

Monitor both the machine and the application

Stork aggregates data about the health of the system hosting Kea, as well as the status and activity level of Kea itself. Parameters reported include memory, CPU utilization, software versions, and uptime.

Monitor Pool Utilization and High Availability

Stork displays configured pools, with # of addresses provisioned and assigned and even tracks pool utilization across shared networks. Graphical elements highlight areas of high utilization to alert the operator to take actionHigh Availability pairs are monitored and their configured role and status are shown, making it easy to see which servers don’t have a backup established, and when a failover event has occurred.

Manage Host Reservations

Add, update and view DHCPv4 and DHCPv6 host reservations, using a graphical interface to select a host identifier, assign a hostname, reserve an IP address, associate a client class, and configure boot file information and DHCP options.

Support options

Service Options Gold support Gold sticker with the words Most Popular
Silver support
Bronze support Basic (no support) Premium (hooks only)
Kea hook libraries included Enterprise, Subscriber, and Premium Enterprise, Subscriber and Premium Subscriber and Premium Subscriber and Premium Premium
Critical issue response 30 minutes, 24x7 1 hour, 24x7 2 hours, business hours only* not included not included
Standard issue response 4 business hours* 8 business hours* Next business day community support via public mailing list community support via public mailing list
Advance security notifications 5 days 5 days 5 days 3 days not included
Stork support Available Available Available Community support via user mailing list Community support via user mailing list
Purchasing Quotation/Purchase order Quotation/Purchase order Quotation/Purchase order Quotation/Purchase order Credit card, on-line store
* Our regular business hours for support are Monday through Friday, 9 AM - 5 PM ET, with the exception of a few major holidays, which are announced in advance.

Pricing based on deployment size and service level.

Contact ISC for a quote

The Kea distribution includes separate daemons for a DHCPv4 server, a DHCPv6 server, and a dynamic DNS (DDNS) module. Bundled with Kea are a portable DHCP library (libdhcp++), a control agent that provides the REST management interface for Kea, a NETCONF agent that provides a YANG/NETCONF interface, a DHCP benchmarking tool, perfdhcp. The dynamically loadable hook libraries included in the MPL2.0-licensed open source distribution are: Bootp, Flexible Options, High Availability, Lease Commands, PerfMon, Run Script and Stats Command.

Address assignment options

Select direct address assignment (DHCPv4 and DHCPv6) or DHCPv6 prefix delegation, with both dynamic IP addressing and static host reservations. Select an address from a pool within a subnet, or from multiple subnets in a shared network.

Client classification

Classify devices according to vendor class options, expressions, static host reservations, subnets, or shared networks to control access to address pools.

Flexible options library

The Flexible Options library allows you to construct custom option values, such as boot file names.

Dynamic DNS updating

Maintain DNS names automatically using the separate Dynamic DNS module.

Extendable with optional hook libraries

Kea hooks allow administrators to control the assignment of options and even addresses from their own provisioning system. Hooks allow developers to edit information such as the lease parameters (time to renew), the subnet, the address, or options to be delivered.

Run Script Hook

This open source hook library allows you to launch an external application or script at various points in the DHCP processing.

Reconfigure without restart

Add and change subnets and pools without restarting the server.

High-availability mode

Kea high-availability mode provides resilience for either DHCPv4 or DHCPv6, using either a 50/50 load-balancing or active/standby configuration. This feature is implemented with the HA hook library, part of the open source.

Optional lease backend

Leases may be written to a local memfile (default, and the highest-performance option) or to a MySQL or PostgreSQL database. The Lease Commands library provides an API for managing lease records.

Graphical Management Dashboard

The Stork dashboard is a web-based system that displays critical information about service availability, CPU and memory capacity, pool utilization, failover status and DHCP traffic statistics. Stork integrates with the popular Prometheus time-series data store and Grafana visualization system. Stork is available as open source from ISC’s GitLab repository, or in a ready-to-install package from Cloudsmith.io.

Standards-based

Kea supports the IETF DHCPv4 and DHCPv6 standards and should interoperate seamlessly with other standards-compliant DHCP implementations.

Comprehensive documentation

Our Kea Administrator Reference Manual, Kea Developer’s Guide, and Knowledgebase provide complete information for both developers and administrators.

The Premium package of Kea hook libraries is a low-cost way to extend your open source Kea server with optional, commercially-licensed features. Hooks in the Premium package include: DDNS Tuning, Flexible Identifiers, Forensic Logging, and Host Commands. Contact our friendly sales team to buy these commercially-licensed libraries.

Host Commands library

Host reservations may be stored in a separate database, giving the administrator additional flexibility in creating and managing a large number of host configurations. The Host Commands hook library exposes an API for managing host reservations in the backend.

DDNS Tuning library

The DDNS Tuning Library adds custom behaviors related to Dynamic DNS updates on a per-client basis. Its primary feature is to allow the administrator to calculate the domain name (FQDN) to be assigned using a regular expression.

Flexible Identifiers for Host Reservations

The Flexible Identifier library enables use of almost any available parameter as the identifier for host reservations.

Forensic Logging

The Forensic Logging application creates a separate log that may be useful for meeting law-enforcement data retention requirements. Updated versions of this hook include the ability to create a custom forensic log format, logging the specific information you need to retain.

ISC Support Subscribers receive all our Premium Kea hook libraries, PLUS several additional libraries that will be most useful in larger deployments. This is in addition to expert technical support from the Kea team, at the SLA level you require. The hooks included in the Subscriber package are: Client Classification, Configuration Backend, GSS-TSIG, Limits, Leasequery, Ping Check, RADIUS, and Subnet Management. These hooks are licensed under the ISC HBCEULA. ISC Support is offered as an annual subscription.

Client Classification

The Class Commands library exposes REST commands to list, get details of, add, modify, and delete client classes in Kea.

Configuration Backend

Most Kea configuration data can be stored in a separate MySQL or PostgreSQL configuration backend. Store options, pools, and subnets centrally and tag them based on which servers should “subscribe” for those configuration elements.

GSS-TSIG

The GSS-TSIG library is used to authenticate DDNS updates. This method is typically required for updating an Active Directory. This library is supported with Kea 2.2 and later.

Limits

The Limits library can rate-limit packet processing, to protect the server against over-active clients, and will also support controlling the number of leases per client. This library is supported with Kea 2.2 and later.

Leasequery

The Leasequery library allows you to retrieve a single lease, identified by IP address, hardware address or client identifier. Bulk leasequery is supported with Kea 2.3.5 and later versions.

Ping Check

The Ping Check library adds the ability to perform a ping check of a candidate IPv4 address prior to offering it to a DHCP client. This feature is similar to a behavior available in ISC DHCP and one suggested in RFC 2131. Ping check is supported with Kea 2.5.4 and later versions.

RADIUS Integration

The RADIUS Server Support library, coupled with the Host Cache library, allows Kea to delegate decisions about whether to permit access, and what IP address to assign, to your existing RADIUS server.

Subnet management

The Subnet Commands library allows you to add, remove, and modify subnets via the API, without resending the entire Kea configuration.

The Enterprise features are reserved for customers with Silver or Gold support from ISC. This new tier includes the Role-based Access Control feature. This hooks is licensed under the ISC HBCEULA. Contact our friendly sales team to buy a support plan that includes this commercially-licensed library.

Role-Based Access Control

The RBAC library, supported with Kea 2.2 and later, allows the administrator to control authenticated user access to read and write Kea configuration data.

Kea

VERSION STATUS DOCUMENTATION RELEASE DATE EOL DATE DOWNLOAD
2.6.1 Current Stable Kea ARM ( HTML PDF )
Kea Messages ( HTML PDF )
Release Notes ( TXT )
July 2024 July 2026
2.4.1 Current Stable Kea ARM ( HTML PDF )
Kea Messages ( HTML PDF )
Release Notes ( TXT )
November 2023 July 2025
2.7.3 Development Kea ARM ( HTML PDF )
Kea Messages ( HTML PDF )
Release Notes ( TXT )
September 2024 TBD

Stork

VERSION STATUS DOCUMENTATION RELEASE DATE EOL DATE DOWNLOAD
1.19.0 Development Stork ARM ( HTML )
Release Notes ( TXT )
October 2024 Ongoing development branch

Latest News

Recent Posts on the kea-users mailing list

Mailing List

Join the kea-users mailing list to offer help to or receive advice from other users.

Join Now
Report a Bug

Before submitting a bug report please ensure that you are running a current version. Then log your report as an issue in our Kea GitLab project.

Report
Kea Project Wiki

Our design documents and plans help you understand Kea internals.

Browse
Buy Premium Package

Premium libraries add the Host Reservation API, Flexible Host Identifier, & Forensic Logging.

Buy