[kea-announce] Kea 2.1.6, a new development release of Kea, is now available
Cathy Almond
cathya at isc.org
Wed May 25 14:29:34 UTC 2022
Internet Systems Consortium is pleased to announce the release of Kea 2.1.6
Releases in the Kea 2.1.x sequence are part of the Kea 2.1 development
branch, where new features are provided for testing and evaluation
before the branch is designated stable and recommended for production
use.
The current stable branch of Kea is Kea 2.0 and its most recent release
is 2.0.2
The latest releases from each branch are available via the ISC downloads
page:
https://www.isc.org/download
______________________________________________________________________
# Kea 2.1.6, May 25 2022, Release Notes
Welcome to Kea 2.1.6, the seventh monthly release of the 2.1 development
branch. As with any other development release, use this with caution:
development releases are not recommended for production use.
Kea is a DHCP implementation developed by Internet Systems Consortium
(ISC) that features DHCPv4 and DHCPv6 servers with DNS updating and a
REST API; optional database support (MySQL and PostgreSQL); optional
RADIUS, Kerberos, and YANG/NETCONF support; and much more. Kea provides
extensive management capabilities, including but not limited to: TLS
support, run-time configuration monitoring and updates via a REST API,
host reservations, client classification, and more.
The text below references issue numbers. For more details, visit the Kea
GitLab page at https://gitlab.isc.org/isc-projects/kea/issues.
The following bugfixes and features have been implemented since the
previous release versioned 2.1.5:
1. **Role Based Access Control**: With the addition of the RBAC hook,
Kea now features a rich capability to fine tune access control for its
REST API. It is possible to control access based on remote IP address,
HTTP authentication username, or several of the TLS certificates fields.
The RBAC hook is available to subscribers only [#1263].
2. **Limits hook (experimental)** - The limits hook library was added as
part of the subscription package. Rate limiting is its first feature,
and momentarily the only one. It can apply a specified limit of a
certain number of packets per time unit to a given client class or
subnet [#562, #1650].
3. **DDNS Tuning hook enhancements** - Fine-grained DNS Updates control
- [#2354]. The expressions are now validated during configuration,
rather than at run-time, allowing for earlier spotting of mistakes
[#2384].
4. **Support for long options in DHCPv4** - RFC 3396 is now partly
implemented, allowing the kea-dhcp4 server to send and receive DHCP
options longer than 255 bytes [#2227].
5. **RHEL8 packages** Packages for RHEL8 and other branching
distributions are available again after they had previously been
interrupted since 2.1.3 due to some internal reliance on CentOS Linux 8
which was left without security support [#2410].
6. **Bug fixes**: wrong subnet-id in reservations in a shared network
[#2409]. A race condition has been fixed in multi-threading code in
DHCPv4 server, when processing a hostname option [#2381]. kea-admin
lease-upload now cleans up the input CSV file of any entries with
duplicate addresses that would have resulted in conflicting database
inserts [#2293].
7. **Documentation updates** - Examples for TLS in HA have been added to
the ARM [#2414].
## Incompatible Changes
None
## License
This version of Kea is released under the Mozilla Public License,
version 2.0.
https://www.mozilla.org/en-US/MPL/2.0
The premium and subscriber-only hook libraries are provided under the
terms of an End User License Agreement.
## Download
Pre-built ISC packages for current versions of the most popular Linux
operating systems are available at:
https://cloudsmith.io/\~isc/repos/
The Kea source and PGP signature for this release may be downloaded from:
https://www.isc.org/download
The signature was generated with the ISC code signing key, which is
available at:
https://www.isc.org/pgpkey
ISC provides detailed documentation, including installation instructions
and usage tutorials, in the Kea Administrator Reference Manual.
Documentation is included with the installation or at
https://kea.readthedocs.io/en/latest/index.html.
Limitations and known issues with this release can be found at
https://gitlab.isc.org/isc-projects/kea/wikis/known-issues-list.
We ask users of this software to please let us know how it worked for
you and what operating system you tested on. Feel free to share your
feedback on the Kea Users mailing list
(https://lists.isc.org/mailman/listinfo/kea-users. We would also like to
hear whether the documentation is adequate and accurate. Please open
tickets in the Kea GitLab project for bugs, documentation omissions and
errors, and enhancement requests. We want to hear from you even if
everything worked.
## Support
Professional support for Kea is available from ISC. We encourage all
professional users to consider this option; Kea maintenance is funded
with support subscriptions. For more information on ISC's Kea and DHCP
software support see https://www.isc.org/support/.
Free best-effort support is provided by our user community via a mailing
list. Information on all public email lists is available at
https://www.isc.org/community/mailing-list.
## Changes
The following summarizes changes and important upgrade notes since the
2.1.5 release for Kea core:
2022. [func] andrei, djt
kea-admin lease-upload now calls the lease file cleanup (LFC)
process to clean up entries with duplicate addresses in the input
CSV file, to avoid a conflict error when inserting the leases in
the database. kea-admin also no longer asks for input on
non-interactive shells. A new -y|--yes flag has been added that
enables automatic overwriting of any file that kea-admin writes
to, when dumping or uploading leases.
(Gitlab #2293)
2021. [build] razvan
The library version numbers have been bumped for the Kea 2.1.6
development release.
(Gitlab #2421)
2020. [doc] andrei
The rate-limiting feature of the new limits hook library has been
documented. It can apply a specified limit of a certain number of
packets per time unit to a given client class or subnet.
(Gitlab #562, #1650)
2019. [func] tmark
A new built-in class, "SKIP_DDNS", was added, which can be used
in conjunction with the ddns-tuning hook library to skip
performing DDNS updates for a given client.
(Gitlab #2354)
2018. [func] razvan
The kea-dhcp4 server now supports portions of RFC 3396, allowing
it to send and receive DHCP options longer than 255 bytes.
(Gitlab #2227)
2017. [bug] marcin
A bug in the allocation engine, which caused it to write an
allocated lease under the wrong subnet ID within a shared
network, has been corrected. This was occurring when multiple
clients matched the same fixed address reservation. The first
client is now assigned the fixed address, while a subsequent
client is then given a dynamically allocated address from a
different subnet in the shared network.
(Gitlab #2409)
2016. [doc] fdupont
Documentation for the role-based access control (RBAC)
premium hook library was added to the ARM.
(Gitlab #1263)
And for Kea premium:
147. [func] andrei
The limits hook library and its rate-limiting feature were added.
It can apply a specified limit of a certain number of packets per
time unit to a given client class or subnet.
(Gitlab #562, #1650)
146. [func] tmark
The ddns-tuning hook library now supports the use of a new
built-in class, "SKIP_DDNS", to skip performing DDNS updates for
a given client.
(Gitlab #2354)
145. [func] fdupont
The RBAC (role-based access control) hook library for the control
agent has been added.
(Gitlab #1263)
144. [func] tmark
Upon reconfiguration or modification of subnets via the config
backend, the ddns-tuning hook library now reparses the
hostname expressions for all configured subnets. This allows
any invalid expressions to be detected up front. Previously,
the expressions were parsed on demand (i.e. lazy init).
(Gitlab #2384)
See https://gitlab.isc.org/isc-projects/kea/-/wikis/Release-Notes for a
complete list of release notes.
Thank you again to everyone who assisted us in making this release
possible.
More information about the kea-announce
mailing list