[kea-announce] Kea 2.3.2, a new development release of Kea, is now available

Everett B. Fulton ebf at isc.org
Wed Oct 26 14:04:50 UTC 2022 

Internet Systems Consortium is pleased to announce the release of Kea 2.3.2.

Releases in the Kea 2.3.x sequence are part of the Kea 2.3 development
branch, where new features are provided for testing and evaluation
before the branch is designated stable and recommended for production use.

The current stable branch of Kea is Kea 2.2 and its most recent release
is 2.2.0

Kea source tarball are available from cloudsmith.io:

 
https://dl.cloudsmith.io/public/isc/kea-2-2/raw/versions/2.2.0/kea-2.2.0.tar.gz

 
https://dl.cloudsmith.io/public/isc/kea-2-3/raw/versions/2.3.2/kea-2.3.2.tar.gz

And from the ISC download page:

         https://www.isc.org/download

---

# Kea 2.3.2, October 26 2022, Release Notes

Welcome to Kea 2.3.2, the third monthly release of the 2.3 development
series. As with any other development release, use this with caution:
development releases are not recommended for production use.

Kea is a DHCP implementation developed by Internet Systems Consortium
(ISC) that features DHCPv4 and DHCPv6 servers with DNS updating and a
REST API; optional database support (MySQL and PostgreSQL); optional
RADIUS, Kerberos, and YANG/NETCONF support; and much more. Kea provides
extensive management capabilities, including but not limited to: TLS
support, run-time configuration monitoring and updates via a REST API,
host reservations, client classification, and more.

The text below references issue numbers. For more details, visit the Kea
GitLab page at https://gitlab.isc.org/isc-projects/kea/issues.

This month the Kea team focused on fixing bugs and improving our build
process. The following bugfixes and features have been implemented since
the previous release, version 2.3.1:

1. **NETCONF and Sysrepo**: The support for NETCONF/Yang received a
major overhaul; the Kea code has been migrated to libyang 2.x/Sysrepo
2.x from the previously supported 1.x versions. Both the libyang and
Sysrepo dependencies continue to evolve substantially, so this update
required over 2500 lines of code to be changed. **Be advised that the
recent libyang 2 and Sysrepo 2.x require a compiler that supports the
c++20 standard.** However, this is only required if you compile Kea with
NETCONF support [#2311]. In addition, the interaction with Sysrepo has
been updated: instead of retrieving configuration elements one by one,
the whole configuration is retrieved in one step and then dissected by
Kea. The larger your configuration is, the greater this performance
improvement should be: for our test configuration with 60,000 entries,
the configuration took 9 minutes and 30 seconds with the older code and
just 3 seconds with this new change. For more details, see [#2400] and
its merge request [!1824]. Since this is a radical change in the logic,
NETCONF support is considered experimental.

2. **Package improvements**: Kea's official APK, Deb, and RPM packages
have been restructured and made to follow a consistent packaging
standard. Some of the package names have been modified, and some
packages have been
consolidated into larger packages as a result of these changes.	Kea now
runs under a service user on RPM systems. Upgrading Kea on Debian and
Ubuntu systems should be done with ``apt dist-upgrade`` when upgrading
to this release or later, as some packages need to be removed before
being reinstalled. Depending on how Kea was previously installed,
upgrading to this release or later on Debian or Ubuntu systems could
cause the DHCPv6 and/or the DDNS
server, as well as the open-source hooks, to be removed. To ensure they
are properly installed, either install the ``isc-kea`` metapackage, or
install the packages explicitly by name. Further details can be found in
[#2220] and [#2398].

3. **Template classes**: Work is underway to implement a template class
mechanism, similar to spawning classes in ISC DHCP. The code for this
functionality has been merged, but the documentation explaining how to
use it is not, and it has only been very lightly tested. As such, the
feature's status is currently experimental and undocumented. For more
adventurous users, it is now possible to define an expression using
`template-test` in a class. The expression should evaluate to a string;
if evaluated to a non-empty value, the packet is assigned to a
`SPAWN_<class-name>_<value-of-the-evaluated-expression>` class. Proper
documentation is expected in the next release [#2568].

4. **Optional link selection suboption**: The link selection suboption
is now optional; previously, Kea always tried to use it when it was
present in a packet. Right now, its use is enabled by default, but it
can be disabled using the `ignore-rai-link-selection` parameter [#2543].

5. **Affinity for released leases**: Unless specifically told not to,
Kea now keeps leases for a period of time after they are released. This
is useful for devices that send RELEASE on reboot, so they are very
likely to get the same lease after after their reboot is complete. This
behavior is controlled by `flush-reclaimed-timer-wait-time` and
`hold-reclaimed-time`. If both are non-zero, when the client sends a
release message the lease is expired; previously, it was deleted from
lease storage. The default values are 25 and 3600 respectively,
effectively changing the default server behavior [#2548].

5. **Bulk Leasequery (BLQ)**: The long-term effort to implement BLQ is
nearing a critical phase. While the functionality itself is not yet
active, we have most of the building blocks in place, and we expect to
have some working capability soon. Our focus is to make memfile for
DHCPv6 operational first and then gradually extend this to other
backends and DHCPv4. In this release many BLQ-related tickets were
merged: we fixed warnings in MySQL [#2604]; improved lease extended info
storage, so Kea can now retain more information that is necessary for
BLQ to function properly [#2595]; implemented the code that retrieves
leases as requested by BLQ from the memfile v6 storage [#2585]; extended
the definitions for RAI suboptions, which is a necessary step to parse
suboptions used in BLQ [#2357]; updated the user context structure in
leases to avoid negative interactions between various hooks that use
context [#2587]; changed the reclaimLeaseInDatabase command so it now
clears the user context [#2588]; created memfile v6 storage that is more
friendly to BLQ queries [#2584]; modified the extended info store so it
now stores explicit relay sub-option values [#2573]; and moved the
ThreadPool code from libhttp to the asiolink library. This refactor is
the first step towards reusing existing connection management (which
currently is only used in HTTP) to be more generic. In the near future,
it will also be used to handle incoming BLQ connections [#2573].

6. **RADIUS**: The `reservation-get-page` API command now returns an
empty list instead of an error when querying the RADIUS backend. The
RADIUS protocol does not allow returning more than one entity, so it is
impossible to implement this functionality; it simply signals that the
requested operation cannot be completed [#2566].

7. **Bug fixes**: A crash in the limits hook code has been fixed [#2614].

## Incompatible Changes

Many of the native packages have been substantially updated. See item 2
above for a brief overview, and the new `Installation From Cloudsmith
Packages` and `Caveats for Upgrading Kea Packages` sections in the [Kea
ARM](https://kea.readthedocs.io/en/latest/arm/intro.html) for more
details.

The `reservation-get-page` API command now returns an empty list instead
of an error when querying the RADIUS backend.

The released leases are now, by default, kept for a period of time in
case a rebooting device comes back. See item 5 above for details.

The layout of extended information optionally stored in the lease user
context was changed. Kea handles the transition automatically, but
external systems that interact with user context in leases may need to
be updated. For details, see [#2587].

## License

This version of Kea is released under the Mozilla Public License,
version 2.0.

https://www.mozilla.org/en-US/MPL/2.0

The premium and subscriber-only hook libraries are provided under the
terms of a Kea Hooks Basic Commercial End User License Agreement.

## Download

Pre-built ISC packages for current versions of the most popular Linux
operating systems are available at:

https://cloudsmith.io/\~isc/repos/

The Kea source and PGP signature for this release may be downloaded from:

https://www.isc.org/download, as well as from the Cloudsmith repository.

The signature was generated with the ISC code signing key, which is
available at:

https://www.isc.org/pgpkey

ISC provides detailed documentation, including installation instructions
and usage tutorials, in the Kea Administrator Reference Manual.
Documentation is included with the installation or at
https://kea.readthedocs.io/en/latest/index.html.

Limitations and known issues with this release can be found at
https://gitlab.isc.org/isc-projects/kea/wikis/known-issues-list.

We ask users of this software to please let us know how it worked for
you and what operating system you tested on. Feel free to share your
feedback on the Kea Users mailing list
(https://lists.isc.org/mailman/listinfo/kea-users. We would also like to
hear whether the documentation is adequate and accurate. Please open
tickets in the Kea GitLab project for bugs, documentation omissions and
errors, and enhancement requests. We want to hear from you even if
everything worked.

## Support

Professional support for Kea is available from ISC. We encourage all
professional users to consider this option; Kea maintenance is funded
with support subscriptions. For more information on ISC's Kea and DHCP
software support see https://www.isc.org/support/.

Free best-effort support is provided by our user community via a mailing
list. Information on all public email lists is available at
https://www.isc.org/community/mailing-list.

## Changes

The following summarizes changes and important upgrade notes since the
2.3.1 release for Kea core:

2073.	[build]		razvan
	The library version numbers have been bumped for the Kea 2.3.2
	development release.
	(Gitlab #2607)

2072.	[func]		razvan
	If both "flush-reclaimed-timer-wait-time" and
	"hold-reclaimed-time" are non-zero, when the client sends a
	release message the lease is expired. Previously it was deleted
	from the lease storage. The default values are 25 and 3600
	respectively, effectively changing the default server behavior.
	(Gitlab #2548)

2071.	[perf]		andrei
	Significantly improved the performance of editing configuration
	with kea-netconf. Instead of making a request to the sysrepo
	datastore for each leaf and leaf-list node, a single request is
	done and the config is translated from the received data node.
	This approach is considered experimental.
	(Gitlab #2400)

2070.	[func]		andrei
	kea-netconf now requires libyang v2 and sysrepo v2 to compile and
	run. Suport for libyang v1 and sysrepo v1 has been dropped.
	(Gitlab #2311)

2069.	[func]		fdupont
	Added a new sanity checker named "extended-info-checks"
	which checks and eventually upgrades lease extended
	info which store into lease user context in DHCPv4
	the dhcp-agent-options content and in DHCPv6 the
	relay-msg fields and options.
	(Gitlab #2595)

2068.	[func]		djt
	Kea's official APK, Deb, and RPM packages have been restructured
	and made to follow a consistent packaging standard. Some of the
	package names have been modified, and some packages have been
	consolidated into larger packages as a result of these changes.
	Kea now runs under a service user on RPM systems. Upgrading Kea
	on Debian and Ubuntu systems should be done with ``apt
	dist-upgrade`` when upgrading to this release or later, as some
	packages need to be removed before being reinstalled. Depending
	on how Kea was installed, upgrading to this release or later on
	Debian or Ubuntu systems could cause the DHCPv6 and/or the DDNS
	server, as well as the open-source hooks to be removed. In order
	to ensure they are properly installed, either install the
	``isc-kea`` metapackage, or install the packages explicitly by
	name. Further details can be found in the Gitlab issue.
	(Gitlab #2220)

2067.	[func]		fdupont
	Updated the layout of extended information optionally
	stored in lease user context to add remote and relay
	identifier (sub-)options.
	(Gitlab #2587)

2066.	[bug]		fdupont
	Fixed lease reuse process to clear the user context
	when the lease expired and was reclaimed.
	(Gitlab #2588)

2065.	[func]		djt
	A compatibility config option called ignore-rai-link-selection
	has been added to the DHCPv4 config allow operators to ignore
	Link Selection suboption data in Relay Agent information options.
	When this configuration value is set to true, Kea will no longer
	use data provided in the suboption for subnet selection.
	(Gitlab #2543)

And for Kea premium:

158.	[func]		razvan
	Added support for template classes. The limits hooks library is
	able to handle restrictions on subclasses spawned at runtime by
	template classes.
	(Gitlab #248)

157.	[bug]		fdupont
	Updated the RADIUS code to no longer throw on methods returning
	host collections: instead it does not contribute to the final
	result. For instance the command "reservation-get-all" no
	longer fails but it still can't be used to retrieve RADIUS
	or host cache content.
	(Gitlab #2566)

See https://gitlab.isc.org/isc-projects/kea/-/wikis/Release-Notes for a
complete list of release notes.

Thank you again to everyone who assisted us in making this release
possible.

We look forward to receiving your feedback.

-- 
Everett B. Fulton
ISC Support

More information about the kea-announce mailing list