kea-dhcp4 behaviour question client-class vs reservations

Darren Ankney darren.ankney at gmail.com
Thu May 9 09:45:28 UTC 2024 

Hi Philipp,

It doesn't work that way.  if there is a client-class assigned to pool
B (client-class A) then the pool is restricted to only members of
client-class A.  Members of client-class A would be able to obtain an
IP from either pool.  non-members of client-class A would only be able
to get an ip from pool A.  If a client is a member of client-class A
then the properties of client-class A apply unless there be other
mechanisms used to solve that.

If you want class membership to be determined based on more than just
the "test" line, you can have a look at "only-if-required":
https://kea.readthedocs.io/en/kea-2.4.1/arm/dhcp4-srv.html#required-classification

On Tue, May 7, 2024 at 7:45 AM Jan-Philipp Snizek
<jan-philipp.snizek at business.uzh.ch> wrote:
>
> Hi Darren
>
>
>
> So, if the client belongs to client-class A and all members of client-class A are restricted to pool B then the client will get an IP address from pool B. Unless, a reservation for the MAC address of that client is defined. Then, the reservation has precedence. The properties of client-class A still apply to the client.
>
> Is that correct? This is what I observe with the given config example.
>
>
>
> Thanks,
>
> Philipp
>
>
>
> From: dhcp-users <dhcp-users-bounces at lists.isc.org> on behalf of Darren Ankney <darren.ankney at gmail.com>
> Date: Tuesday, 7 May 2024 at 08:51
> To: Users of ISC DHCP <dhcp-users at lists.isc.org>
> Subject: Re: kea-dhcp4 behaviour question client-class vs reservations
>
> Hi Philipp,
>
> The keyword "client-class" restricts access to the pool to members of
> the class.  It does not assign members of a class to a pool.  See
> here: https://kea.readthedocs.io/en/kea-2.4.1/arm/classify.html#configuring-pools-with-class-information
> where it says "Similar to subnets, in certain cases access to certain
> address or prefix pools must be restricted to only clients that belong
> to a given class, using the client-class when defining the pool.".
>
> Thank you,
> Darren Ankney
>
> On Fri, Apr 26, 2024 at 5:05 AM Jan-Philipp Snizek
> <jan-philipp.snizek at business.uzh.ch> wrote:
> >
> > Hi
> >
> > I would like to ask a question regarding precedence behavior of kea-dhcp4.
> >
> > Let's take this working config:
> >
> >     "client-classes": [
> >        {
> >             "name": "pxeclientx64",
> >             "test": "option[60].text == 'PXEClient:Arch:00007:UNDI:003016'",
> >             "option-data": [
> >                 { "name": "vendor-encapsulated-options", "always-send": false },
> >                 { "name": "boot-file-name", "data": "SMSBoot\\x64\\wdsmgfw.efi" },
> >                 { "name": "tftp-server-name", "code": 66, "data": "my-tftp-server.domain.local" }
> >            ]
> >        }
> >     ],
> >     "subnet4": [
> >         {
> >             "id": 1,
> >             "subnet": "172.20.19.0/24",
> >             "next-server": "172.20.19.1",
> >             "pools": [
> >                         { "pool": "172.20.19.120 - 172.20.19.129" },
> >                         { "pool": "172.20.19.130 - 172.20.19.139", "client-class": "pxeclientx64" }
> >                  ],
> >             "reservation-mode": "out-of-pool",
> >             "reservations": [
> >                 { "hostname": "pxeboot1", "hw-address": "00:e0:4c:68:0a:f1", "ip-address": "172.20.19.150" }
> >             ],
> >             "option-data": [
> >                 { "name": "routers", "data": "172.20.19.1" }
> >             ]
> >         }
> >     ],
> >
> > If the client with the reservation executes a PXE boot it gets the reserved IP .19.150 and successfully boots PXE.
> > The kea-dhcp4 log looks like this:
> > Apr 25 13:53:17 hellbox kea-dhcp4[16858]: INFO  EVAL_RESULT Expression pxeclientx64 evaluated to 1
> > Apr 25 13:53:17 hellbox kea-dhcp4[16858]: INFO  DHCP4_LEASE_ADVERT [hwtype=1 00:e0:4c:68:0a:c1], cid=[no info], tid=0x2223e0e3: lease 172.20.19.150 will be advertised
> > Apr 25 13:53:20 hellbox kea-dhcp4[16858]: INFO  EVAL_RESULT Expression pxeclientx64 evaluated to 1
> > Apr 25 13:53:20 hellbox kea-dhcp4[16858]: INFO  DHCP4_LEASE_ALLOC [hwtype=1 00:e0:4c:68:0a:c1], cid=[no info], tid=0x2223e0e3: lease 172.20.19.150 has been allocated for 3600 seconds
> > As we can see both matches: pxeclientx64 and the reservation. The client successfully boots pxe.
> > I don't understand why the client successfully pxe boots. The client-class "pxeclientx64" is assigned to a pool. It is neither assigned to the subnet4 { id: 1 } subnet declaration nor to the reservation.
> > What has precedence over what? How does inheritance work in kea?
> >
> > Thanks,
> >
> > --
> >
> >   Philipp
> >
> > --
> > ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> >
> > dhcp-users mailing list
> > dhcp-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/dhcp-users
> --
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
> --
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users

More information about the dhcp-users mailing list