[Kea-announce] Kea 1.9.9, a new development release of Kea, is now available

Michael McNally mcnally at isc.org
Wed Jun 30 17:38:32 UTC 2021

Internet Systems Consortium is pleased to announce the release of Kea 1.9.9.

Releases in the Kea 1.9.x sequence are part of the Kea 1.9 development branch,
where new features are provided for testing and evaluation before the branch
is designated stable and recommended for production use.

The current stable branch of Kea is Kea 1.8 and its most recent release is 1.8.2

The latest releases from each branch are available via the ISC downloads page:



# Kea 1.9.9, June 30th 2021, Release Notes

Welcome to Kea 1.9.9, the tenth monthly release of the 1.9 development
branch. As with any other development release, use this with caution:
development releases are not recommended for production use.

As the 2.0.0 release approaches, we are adding fewer and less
significant new features. Instead, there are more bug fixes,
documentation edits, and small improvements that are expected from
stable software. The most notable changes introduced in this version are:

1. **New GSS-TSIG premium hook** - There is work in progress to
implement a GSS-TSIG extension, to integrate DNS updates with Windows
Active Directory. This subscriber-only hook is not functional yet;
however, it is available as a technology preview for customers who would
like to take an early look. It provides support for two Kerberos
implementations: MIT and Heimdal. It is the first hook that can be
loaded by the D2 (dhcp-ddns) daemon [#1884, #1909, #1880].

2. **dhcp-server-identifier in client class** - Kea now allows the
definition of a `dhcp-server-identifier` in a class scope. This
capability is typically not needed, but may be used by advanced users to
segregate their traffic based on device types [#1836].

3. **The Cassandra lease backend is now deprecated** - See the
Incompatible Changes section below [#1892].

4. **Improvements** - Kea now prints much more detailed information
about the subnet, when the allocation engine fails to allocate an
address. This extra information makes it easier to investigate any
problems [#1915]. A new debug level 15 has been introduced; log messages
are now more consistent regardless of the reason for a drop [#1916].
Suboption 1 is treated as PRL/ORO only for DOCSIS packets [#1894]. The
documentation now builds with older Sphinx versions [#1937]. The
Kea-admin tool now produces more useful error messages [#1653]. The run
script hook now has more parameters [#1840]. The run script hook now
handles signals better [#1720].

5. **Bug fixes** - The IOService is now destroyed in a safer manner
during shutdown, preventing rare crashes during shutdown [#1948]. The
HA+MT client now correctly logs the number of threads [#1902]. A race
condition in the database reconnect code has been eliminated [#1861].
One case where the run script hook could have left zombie processes in
the background has been fixed [#1878]. A problem where the PSID field in
the MAP option could be set incorrectly under certain conditions has
been fixed [#1858]. Many previously uninitialized members are now
initialized properly [#1845, #1906]. Several thread sanitizer warnings
have been addressed in the HTTP client tests [#1817]. Several
compilation warnings have been fixed [#1899].

6. **Documentation** The ARM has a new appendix dedicated to Kea
configuration files. All possible configuration parameters in DHCPv4,
DHCPv6, D2, CA, and NETCONF daemons are presented as BNF notation and
are generated automatically, which should ensure that this list is kept
up to date [#504, #745]. Many corrections have been made to the Kea ARM
[#1917]. The outdated note about HA+MT being in active development has
been removed [#1901]. Examples in the forensic logging v4 section in the
ARM have been fixed [#1862]. Duplicate forensic logging documentation
sections have been removed [#1864].

7. **Test improvements** Several test improvements have been made
[#1913, #1941]. The perfdhcp testing tool is now able to send RELEASE
packets in DHCPv4 [#1119]. Hammer, our build tool, now supports FreeBSD
13, Fedora 34, Ubuntu 21.04, and Alpine 3.13 [#1921, #1658]. A
mixedSignal unit-test failure on CentOS 7 has been fixed [#1769].

8. **Community** The Kea project would like to make it easier for people
to participate in the software's development, so we chose some tickets
that should be easy for newcomers to work on. Look for the `beginner`
label in our GitLab project. Also, we added the Linux Foundation's
Developer's Certificate of Origin to the project. It's a very short
statement by which contributors confirm that they are allowed to
contribute code [#1895].

9. **Config Backend for Postgres**. We are working on a Configuration
Backend implementation that will use PostgreSQL rather than MySQL. It is
unclear whether this feature will be complete in time for 2.0.0; as
such, the partial changes made so far are not part of this release.
However, since this work was done during the 1.9.9 timeframe, it is
mentioned here. Anyone who is interested may take a look at the
`feature-pg-cb` branch here:
https://gitlab.isc.org/isc-projects/kea/-/tree/feature-pg-cb. So far the
only feature is the 7.0 schema, which is available in the
`src/share/database/scripts/pgsql` directory.

## Incompatible Changes

1. **Deprecate Cassandra** - Cassandra support is now deprecated. If you
use it - don't panic. The only technical change for now is that Kea
prints a warning about the feature being deprecated, but it otherwise
functions as before. Cassandra code will remain intact in the remainder
of the development 1.9.x and upcoming stable 2.0.x series. We are
looking at removing it sometime during the development 2.1.x series.
Version 2.2.x is foreseen to be the first stable branch with Cassandra
support removed. This effectively means that users have well over a year
to think about their migration strategy. There is a new Section `3.8
Deprecated Features` in the ARM that discusses the technical and
business reasons why we decided to deprecate Cassandra. Briefly,
Cassandra's very different data model compared to other backends, namely
MySQL and PostgreSQL, made it an ongoing maintenance and development
challenge; some concepts simply could not be implemented as it was not
the right tool to solve some DHCP problems. Also, there are many warning
signs that the Cassandra project is having difficulties: packages for
popular systems are not available, the C++ wrapper has a note about
being in maintenance only for a while, the release versions of Cassandra
require obsolete Python 2 (with Python 3 support being available in
unreleased alpha versions of Cassandra), they don't work with Java 11
(and require outdated Java 8), and more. It was also by far the least
popular backend.

## Known Issues

For details on known issues, visit:


And for the list of issues marked as bugs:


## Release Model

The Kea project has a significant production deployment base with users
who are looking for stability, rather than a constant stream of new
"bleeding-edge" features. At the same time, we want to continue
developing the software and add some new powerful, but
difficult-to-implement, features. To meet these requirements we have
both Stable and Development branches.

Stable releases are what you would expect: stable, released
infrequently, without new features or significant changes, very
well-tested. These can be identified by an even-numbered minor version
number. The current stable release is 1.8.2. The older stable version of
1.6.3 is also available. If we discover important bugs that require
fixing, we may release additional maintenance versions on the 1.8
branch, but that will be determined on a case-by-case basis. The next
major stable version will be 2.0.0.

Development releases can be easily identified by an odd minor version
number: for example, 1.9.0 is a development release. Subsequent releases
on the same minor release branch get numbered with 1.9.1, 1.9.2, and so

Our goal is to make the development release available on the last
Wednesday of each month. There may be exceptions (such as during
holidays), but that's the general plan.

We encourage users to test the development releases and report back
their findings.

For more details on the plan, see ISC's Software Support Policy at:


## Kea Overview

Kea is a DHCP implementation developed by Internet Systems Consortium
that features fully functional DHCPv4 and DHCPv6 servers, a dynamic DNS
update daemon, a Control Agent (CA) that provides a REST API to control
the DHCP and DNS update servers, an example shell client to connect to
the CA, a daemon that is able to retrieve YANG configuration and updates
from Sysrepo, and a DHCP performance-measurement tool. Both DHCP servers
support server discovery, address assignment, renewal, rebinding,
release, decline, information request, DNS updates, client
classification, and host reservations. The DHCPv6 server also supports
prefix delegation. Lease information is stored in a CSV file by default;
it can optionally be stored in a MySQL, PostgreSQL, or Cassandra (now
deprecated) database instead. Host reservations can be stored in a
configuration file, or in a MySQL, PostgreSQL, or Cassandra (now
deprecated) database. They can also be retrieved from a RADIUS server,
although this functionality is somewhat limited. Kea DHCPv4 and DHCPv6
daemons provide support for YANG models, which are stored in a Sysrepo
datastore and can be configured via the NETCONF protocol.

This text references issue numbers. For more details, visit the Kea
GitLab page at:


## License

This version of Kea is released under the Mozilla Public License,
version 2.0.


The premium and subscriber-only hooks libraries are provided in source
code form, under the terms of an End User License Agreement (you will
get the source code that you can modify freely, but you are not
permitted to redistribute it).

## Download

Pre-built ISC packages for current versions of the most popular Linux
operating systems are available at:


The Kea source and PGP signature for this release may be downloaded from:


The signature was generated with the ISC code-signing key which is
available at:


ISC provides detailed documentation, including installation instructions
and usage tutorials, in the Kea Administrator Reference Manual (ARM).
Documentation is included with the installation, at:

* https://kea.readthedocs.io/en/latest/
* or via https://kb.isc.org/docs/kea-administrator-reference-manual in
HTML, plain text, or PDF formats

ISC maintains a public open source code tree, a wiki, an issue tracking
system, milestone planning, and a roadmap at:


We ask users of this software to please let us know how it worked for
you and what operating system you tested on. Feel free to share your
feedback on the Kea Users mailing list at:


We would also like to hear whether the documentation is adequate and
accurate. Please open tickets in the Kea GitLab project for bugs,
documentation omissions and errors, and enhancement requests. We want to
hear from you even if everything worked.

## Support

Professional support for Kea is available from ISC. We encourage all
professional users to consider this option; Kea development and
maintenance are funded with support subscriptions. For more information
on ISC's Kea and DHCP software support see:


Free best-effort support is provided by our user community via a mailing
list. Information on all public email lists is available at:


If you have any comments or questions about working with Kea, please
share them on the Kea Users List:


Bugs and feature requests may be submitted via GitLab at:


## Changes

The following summarizes changes since the previous release of 1.9.8:

### In the core package

1920.	[build]		andrei
	Bump library versions for the Kea 1.9.9 development release.
	(Gitlab #1947)

1919.	[bug]		razvan
	Fix the run script hook library leaving behind defunct processes.
	(Gitlab #1878)

1918.	[bug]		razvan
	When parsed, PSID was incorrectly ignoring the PSID value when
	psid-len was 16 instead of ignoring it when the values is 0 as
	per the RFC.
	(Gitlab #1858)

1917.	[func]		tomek
	DHCPv4 and DHCPv6 are now more consistent when logging the
	reasons	why a packet was dropped. This information is now
	available on debuglevel 15. Also added a section in the ARM
	discussing the debug levels. The subnet selection failed log
	message now provides more useful information about the subnet.
	(Gitlab #1915, #1916)

1916.	[func]		razvan
	The Kea DHCPv4 server accepts requests using server identifier
	configured at client class level.
	(Gitlab #1836)

1915.	[func]		andrei
	DOCSIS options are no longer offered to any vendor other than
	Cable Labs (vendor-id == 4491). This was not an explicit check
	previously and the match to the vendor relied on a technicality
	such that other vendors could have received these options under
	certain conditions.
	(Gitlab #1894)

1914.	[func]*		tomek
	The Cassandra (CQL) support is being deprecated, both for
	leases and host backends. For the time being the features
	will produce a warning, but will otherwise function normally.
	However, the functionality will be removed in the future
	Kea releases.
	(Gitlab #1892)

1913.	[doc]		tomek
	Kea adopted Developer Certificate of Origin for incoming
	contributions. Please see the CONTRIBUTING.md file for details.
	(Gitlab #1895)

1912.	[doc]		fdupont, tomek
	The Kea configuration syntax is now documented in BNF notation.
	See new appendix in the ARM.
	(Gitlab #504, #745)

1911.	[bug]		andrei
	Fixed a minor regression where kea-admin and keactrl would output
	technical errors like "unbound variable" instead of more helpful
	messages like "missing backend" because of the undefined variable
	checks introduced in 1.9.4. Added tests to further prevent it.
	(Gitlab #1653)

1910.	[func]		andrei
	Extended perfdhcp to send v4 DHCPRELEASE messages via -F flag.
	(Gitlab #1119)

1909.	[build]		fdupont
	Experimental support for Heimdal implementation of GSS-API
	with Kerberos 5 added.
	(Gitlab #1909)

1908.	[func]		razvan
	Added export for V4 option 82 (DHO_DHCP_AGENT_OPTIONS) and
	respective suboptions 1 (RAI_OPTION_AGENT_CIRCUIT_ID) and
	suboption 2 (RAI_OPTION_REMOTE_ID) in the run script hooks
	(Gitlab #1840)

1907.	[doc]		peterd, andrei, razvan
	Many Kea ARM corrections and updates.
	(Gitlab #1917)

1906.	[func]		fdupont
	Added support for the TKEY DNS resource record.
	(Gitlab #1880)

1905.	[build]		fdupont
	Added an optional --with-gssapi switch to the configure
	script. It checks for the presence and suitability of
	packages pertinent to GSS-TSIG. This has been added in
	anticipation of future work and does not add any
	functionality to Kea.
	(Gitlab #1884)

### In the premium package

124.	[bug]		razvan
	Fix the forensic logging hook library leaving behind defunct
	processes when configured with prerotate and postrotate
	(Gitlab #1878)

123.	[func]		razvan
	The lease query hooks library accepts requests using server
	identifier configured at client class level.
	(Gitlab #1836)

122.	[func]*		tomek
	The Cassandra (CQL) support is being deprecated, for Forensic
	Logging log storage. For the time being the feature
	will produce a warning, but will otherwise function normally.
	However, the functionality will be removed in the future
	Kea releases.
	(Gitlab #1892)

121.	[func]		fdupont
	Created GSS-API C++ bindings for the new gss_tsig D2 hook
	(Gitlab #1909)

Thank you again to everyone who assisted us in making this release

We look forward to receiving your feedback.

More information about the Kea-announce mailing list