[Kea-announce] Kea 2.1.1, a new development release of Kea, is now available
cathya at isc.org
Thu Nov 25 17:47:57 UTC 2021
Internet Systems Consortium is pleased to announce the release of Kea 2.1.1.
Releases in the Kea 2.1.x sequence are part of the Kea 2.1 development
branch, where new features are provided for testing and evaluation
before the branch is designated stable and recommended for production
The current stable branch of Kea is Kea 2.0 and its most recent release
The latest releases from each branch are available via the ISC downloads
# Kea 2.1.1, Nov 24th 2021, Release Notes
Welcome to Kea 2.1.1, the second monthly release of the 2.1 development
branch. As with any other development release, use this with caution:
development releases are not recommended for production use.
Kea is a DHCP implementation developed by Internet Systems Consortium
(ISC) that features DHCPv4 and DHCPv6 servers with DNS updating and a
REST API; optional database support (MySQL and PostgreSQL); optional
RADIUS, Kerberos, and Yang/NETCONF support; and much more. Kea provides
extensive management capabilities, including but not limited to: TLS
support, run-time configuration monitoring and updates via a REST API,
host reservations, client classification, and more.
The text below references issue numbers. For more details, visit the Kea
GitLab page at
The following bugfixes and features have been implemented since the Kea
1. **GSS-TSIG hook**. The development of subscriber-only GSS-TSIG hooks
coming to an end. Additional safety checks for DNS update and TKEY
exchange [#2121]. It's now possible to control the key regeneration
(rekey) using new commands (`gss-tsig-rekey-all`, `gss-tsig-purge`) has
been implemented [#2127], new timers (`rekey-interval`,
`retry-interval`) are now configurable [#2138, #2175], the TKEY exchange
is now cleaned up properly during shutdown [#2170], the Kea ARM section
has now been expanded [#2173], the exchange timeout is now configurable
[#2174], the old GSS-TSIG keys are now removed [#2177] and the Kea ARM
now provides better guidance for integration with Microsoft Active
2. **Debian 11 packages**. Native DEB packages for recently released
Debian 11 Bullseye are now available [#2042, #2193].
3. **Netconf YANG modules updated**. The YANG modules used in NETCONF
has been substantially updated and are now in sync with the regular Kea
JSON configuration. Fixed `store-extended-info`, it was an operational
node instead of a config node. Added several containers and leaves:
`compatibility`, `lenient-option-parsing`, `multi-threading`,
`enable-multi-threading`, `packet-queue-size`, `thread-pool-size`,
`valid-lifetime`, `min-valid-lifetime`, `max-valid-lifetime`,
`max-preferred-lifetime`, `cache-max-age`, `cache-threshold`,
`ddns-replace-client-name`, `ddns-send-updates`, `ddns-update-on-renew`,
`parked-packet-limit`, `reservations-global`, `reservations-in-subnet`,
`statistic-default-sample-count`, `store-extended-info`, `on-fail`
4. **Empty Tuple Handling in VIVCO options**. Previously Kea refused to
handle options, which have empty tuples (sub-options like fragments of
complex options). This fixes some incompatibilities with vendor
independent vendor class options (code 124), but may improve
compatibility with other similar options, such as VIVSO (code 125) or
vendor specific (code 43) [#2021].
5. **Postgresql Config-Backend**. The work on PostgreSQL-based Config
Backend is picking up pace. The ultimate goal of this work is to be able
to store Kea configuration in a PostgreSQL database, similar to how it
is possible now with MySQL. While the solution is not functional yet,
this release introduces two major components. First is a schema change
that adds many new tables, constraints, and stored procedures that are
necessary to maintain CB data consistency. The tables are available now,
but Kea will not use them yet. The second component is a skeleton
PostgreSQL CB hook. It is not functional yet. This work will continue in
upcoming releases [#1848, #2159, #2166].
6. **Build improvements**. Several improvements has been made in the
`hammer` build tool [#2111, #2112], make check runs are more robust and
no longer erroneously fail if Kea was compiled without gtest support
7. **Definition of maxsize**. The maximum limit of the `maxsize`
parameter that controls the maximum size of log file, before it is
rotated, has been increased from 2GB to 2PB [#2130].
8. **keactrl improvements**. `keactrl` tool now prints some statuses
9. **Documentation**. Logging formatting is now documented [#2134],
introduced many editorial changes in the ARM [#2139], a documentation
build on readthedocs service has been fixed [#2161].
## Incompatible Changes
1. The schema for PostgreSQL database has been substantially expanded.
There are no changes to existing tables, but many new tables were added.
Those should not affect existing users, although schema upgrade is
2. The YANG modules used in NETCONF have been updated. If your
deployment is using NETCONF, you need to migrate your configuration to
the updated modules.
This version of Kea is released under the Mozilla Public License,
The premium and subscriber-only hooks libraries are provided under the
terms of an End User License Agreement.
Pre-built ISC packages for current versions of the most popular Linux
operating systems are available at:
The Kea source and PGP signature for this release may be downloaded from:
The signature was generated with the ISC code signing key, which is
ISC provides detailed documentation, including installation instructions
and usage tutorials, in the Kea Administrator Reference Manual.
Documentation is included with the installation or at
.io/en/latest/index.html) in HTML, plain text, or PDF formats. ISC
maintains a public open source code tree, wiki, issue tracking system,
milestone planner, and roadmap at
Limitations and known issues with this release can be found at
We ask users of this software to please let us know how it worked for
you and what operating system you tested on. Feel free to share your
feedback on the Kea Users mailing list
/mailman/listinfo/kea-users)). We would also like to hear whether the
documentation is adequate and accurate. Please open tickets in the Kea
GitLab project for bugs, documentation omissions and errors, and
enhancement requests. We want to hear from you even if everything worked.
Professional support for Kea is available from ISC. We encourage all
professional users to consider this option; Kea maintenance is funded
with support subscriptions. For more information on ISC's Kea and DHCP
software support see
Free best-effort support is provided by our user community via a mailing
list. Information on all public email lists is available at
y/mailing-list). If you have any comments or questions about working
with Kea, please share them to the Kea Users list
/mailman/listinfo/kea-users)). Bugs and feature requests may be
submitted via GitLab at
The following summarizes changes and important upgrade notes since the
2.0.0 release for Kea core:
1970. [build] razvan
Library version numbers bumped for Kea 2.1.1 development
1969. [build] andrei
Fixed "make check -j N" running tests in parallel in src/lib/log.
1968. [build] andrei
Fixed make check failing when googletest support was disabled.
1967. [bug] andrei
Fixed a bug where keactrl did not color the active status code
for kea-dhcp-ddns as it did for the other servers.
1966. [func] djt
Allow Kea to pack opaque data tuples within options with zero
length to accommodate some DHCP clients who have been observed
to send DHCPv4 option 124 with zero length tuples.
1965. [func] andrei
Increase the value that "maxsize" can take from 2GB to 2PB.
1964. [func] wlodek
Added support for Debian 11 in hammer.py.
(Gitlab #2042, #2193)
1963. [func] andrei
hammer.py has had several improvements.
NETCONF and PostgreSQL will be properly configured when running
prepare-system on Fedora and FreeBSD.
vagrant will be automatically upgraded if it is too outdated.
Error messages are more clear when running on unsupported
hammer.py is now able to detect Arch Linux distributions and
offers limited support for it, being able to prepare-system with
freeradius and netconf support.
(Gitlab #2111, #2112)
1962. [func] andrei
kea-netconf updates: fixed store-extended-info, it was an
operational node instead of a config node. Added several
containers and leaves: compatibility, lenient-option-parsing,
multi-threading, enable-multi-threading, packet-queue-size,
thread-pool-size, valid-lifetime, min-valid-lifetime,
max-valid-lifetime, preferred-lifetime, min-preferred-lifetime,
max-preferred-lifetime, cache-max-age, cache-threshold,
ip-reservations-unique, parked-packet-limit, reservations-global,
1961. [func] tomek, tmark
The initial, stubbed version of the PostgreSQL CB hook
library has been created. The library is not yet functional
and does not installed.
1960. [build] andrei
Froze sphinx dependency versions used to build documentation.
Added the update-python-dependencies Makefile rule to bump the
1959. [doc] djt
Move documentation for acceptable format strings into the Kea
ARM. The relevant section of the ARM was previously referring
to a dead link in the Log4cpp documentation.
1958. [func] tomek, tmark
PostgreSQL database schema has been extended with tables for
Config Backend (CB). This is the first step towards PostgreSQL
CB. However, as there is no code yet to use those new tables,
they're not not functional yet.
(Gitlab #90, #2166)
And for Kea premium:
134. [func] razvan
Added exchange-timeout, rekey-interval, retry-interval
configuration entries to GSS-TSIG.
(Gitlab #2138, #2174)
133. [func] fdupont
Added the gss-tsig-rekey and the gss-tsig-rekey-all API commands
to create new GSS-TSIG keys.
itlab.isc.org/isc-projects/kea/-/wikis/Release-Notes) for a complete
list of release notes.
Thank you again to everyone who assisted us in making this release
We look forward to receiving your feedback.
More information about the Kea-announce