[kea-announce] Kea 2.5.8 is available now
Victoria Risk
vicky at isc.org
Tue Apr 30 14:42:24 UTC 2024
Internet Systems Consortium is pleased to announce the release of Kea 2.5.8.
The current stable branch of Kea is Kea 2.4 and its most recent release is 2.4.1.
Releases in the Kea 2.5.x sequence are part of the Kea 2.5 development
branch, where new features are provided for testing and evaluation
before the branch is designated stable and recommended for production use.
Kea source tarballs and packages are available from cloudsmith.io:
https://cloudsmith.io/~isc/repos/kea-2-5/packages/
And from the ISC download page: https://www.isc.org/download/#Kea
Also note that we have recently introduced an experimental Docker image.
Kea Dockers are available in a separate repository on Cloudsmith: https://cloudsmith.io/~isc/repos/docker/packages/
Next month we plan to release a new stable version, Kea 2.6.0, and begin a new development branch, Kea 2.7.
At that point we also plan to reorganize our Cloudsmith repositories.
This is explained in a recent blog post https://www.isc.org/blogs/kea-cloudsmith-updates/.
Regards,
Vicky Risk, Product Manager
# Kea 2.5.8 Release Notes, April 30, 2024
Welcome to Kea 2.5.8, the ninth monthly release of the 2.5 development
series. As with any other development release, use this with caution:
development releases are not recommended for production use.
Kea is a DHCP implementation developed by Internet Systems Consortium
(ISC) that features DHCPv4 and DHCPv6 servers with DNS update and a REST
API; optional database support (MySQL and PostgreSQL); optional RADIUS,
Kerberos, YANG/NETCONF, and GSS-TSIG support; and much more. Kea
provides extensive management capabilities, including but not limited
to: TLS support, Role-Based Access Control, run-time configuration
monitoring and updates via a REST API, host reservations, and client
classification.
The text below references issue numbers. For more details, visit the Kea
GitLab page at https://gitlab.isc.org/isc-projects/kea/-/issues. For
details about Docker issues, visit the page at
https://gitlab.isc.org/isc-projects/kea-docker/-/issues/. For details
about packaging, visit the page at
https://gitlab.isc.org/isc-projects/kea-packaging/-/issues/.
The following bug fixes and features have been implemented since the
previous release, version 2.5.7:
1. **Performance Monitor hook**: A new open source hook is available
that provides insight into Kea performance and might be very useful for
troubleshooting performance bottlenecks. The hook is highly configurable
and allows reporting of many metrics and alarms [#3047, #3297, #3278].
2. **High Availability (HA)**: The HA mechanism is a bit more robust
now. We fixed an inconsistent HA state that occurred when one of the
terminated services was restarted and the other one was not. The
restarted service now waits 10 minutes for the partner to restart; if
the partner is not restarted within that time, the service transitions
to the terminated state to continue responding to DHCP traffic [#3250].
We corrected an issue in processing the `server-name` argument of the
`ha-sync` command; the argument was ignored when the synchronization
with a backup server was performed [#3276].
3. **Delegated-IPv6-Prefix in RADIUS**: The RADIUS hook now supports the
`Delegated-IPv6-Prefix` RADIUS attribute, which can be used to reserve
an IPv6 Prefix Delegation [#2984].
4. **Stash Agent options**: ISC DHCP provided a `stash-agent-options`
mechanism that, when enabled, caused the server to remember options
inserted by a relay agent during the initial exchange with a client.
This mechanism is now supported by Kea. In cases where clients using
relay options on initial address assignment renew by communicating
directly with the server, bypassing the relay, those relay options are
now preserved for use during renewal. [#2976].
5. **Better transaction ID logging**: Several loggers (`alloc-engine`,
`bad-packets`, `ddns`, `eval`, `leases`, `options`, `packets`) were
extended to provide more information about transaction-id, hardware
address, and client-id details in existing log messages [#2820].
6. **Security**: It is now possible to configure Kea to read a TSIG
secret from a file on disk [#3133].
7. **Bug fixes**: A bug was fixed when `reservation-del` was used to
delete IPv6 reservations on Postgres [#3294]. We fixed a bug where
omitting the `response-filters` parameter for the RBAC hook
configuration resulted in commands being rejected [#3314]. A crash in
the performance monitor hook, which occurred when no subnet was
assigned, was fixed [#3347]. A crash was fixed that could manifest
itself if start-up failed and there were at least two hooks loaded
[#3308]. We added better IO service handling in a multi-threaded
environment [#3315]. The `-T` command-line parameter used to test
configuration is now a bit more robust [#3305]. The Postgres schema was
corrected: a DHCPv4 index now points correctly to the DHCPv4 table
[#2957]. Earlier Kea versions dropped the whole packet if an invalid
FQDN option was received; this is now corrected and only the option is
ignored, rather than the whole packet [#3289]. We fixed a potential
heap-use-after-free bug in the ping check hook [#3281]. An issue that
could cause kea-dhcp-ddns to stop processing queued requests was
addressed [#3295].
8. **Documentation**: The ARM was updated to clearly state that the
behavioral parameters for DDNS are obeyed, even if DDNS updates
themselves are disabled [#3098]. An invalid JSON example was corrected
[#3336].
9. **Build improvements**: Hammer, the Kea build tool, now works on
Rocky Linux [#3247]. The git commit hash for both the open source and
premium repositories is now available in the config report [#3254].
Several sections of old code were refactored and dead code was removed
[#3316, #3317, #3318, #3319, #3320, #3321]. A new script was added to
check header and library dependencies in Makefiles [#1763]. A circular
dependency in src/lib/log was fixed [#1743].
10. **Testing**: The test class for Host Backend is now thread-safe
[#3298]. Several improvements were made to multi-threading-enabled
RADIUS unit tests [#3299].
## Incompatible Changes
No incompatible changes were introduced in 2.5.8.
## Other
The Cloudsmith repository for the 2.5 releases will be phased out
following the public availability of the stable 2.6.0 release.
Beginning with the 2.7.X release series, we will be launching a new
repository on Cloudsmith, named kea-dev, which will host the 2.7.X
release alongside all future development releases.
Repositories for stable releases will remain unaffected.
## License
This version of Kea is released under the Mozilla Public License,
version 2.0.
https://www.mozilla.org/en-US/MPL/2.0
Some Kea hook libraries are provided under the MPL 2.0; others are
licensed with the [Kea Hooks Basic Commercial End User
License](https://www.isc.org/kea-premium-license/). The source for each
hook library includes the applicable license.
## Download
Pre-built ISC packages for current versions of the most popular Linux
operating systems are available at:
https://cloudsmith.io/~isc/repos/
Pre-built Docker images as well as Docker files are available. For
details, see:
https://gitlab.isc.org/isc-projects/kea-docker
The Kea source and PGP signature for this release may be downloaded from:
https://www.isc.org/download
The signature was generated with the ISC code-signing key, which is
available at:
https://www.isc.org/pgpkey
ISC provides detailed documentation, including installation instructions
and usage tutorials, in the Kea Administrator Reference Manual.
Documentation is included with the installation or at
https://kea.readthedocs.io/en/latest/index.html in HTML, PDF, or EPUB
formats. ISC maintains a public open source code tree, wiki, issue
tracking system, milestone planner, and roadmap at
https://gitlab.isc.org/isc-projects/kea.
Limitations and known issues with this release can be found at
https://gitlab.isc.org/isc-projects/kea/-/wikis/known-issues-list.
We ask users of this software to please let us know how it worked for
you and what operating system you tested on. Feel free to share your
feedback on the Kea Users mailing list
(https://lists.isc.org/mailman/listinfo/kea-users). We would also like
to hear whether the documentation is adequate and accurate. Please open
tickets in the Kea GitLab project for bugs, documentation omissions and
errors, and enhancement requests. We want to hear from you even if
everything worked.
## Support
Professional support for Kea is available from ISC. We encourage all
professional users to consider this option; Kea maintenance is funded
with support subscriptions. For more information on ISC's Kea software
support, see https://www.isc.org/support/.
Free best-effort support is provided by our user community via a mailing
list. Information on all public email lists is available at
https://www.isc.org/community/mailing-list. If you have any comments or
questions about working with Kea, please share them to the Kea Users
list (https://lists.isc.org/mailman/listinfo/kea-users). Bugs and
feature requests may be submitted via GitLab at
https://gitlab.isc.org/isc-projects/kea/-/issues.
## Changes
The following summarizes changes and important upgrades since the 2.5.6
release.
2228. [build] piotrek
The library version numbers have been bumped up for the Kea 2.5.8
development release.
(Gitlab #3355)
2227. [func] fdupont
Implemented the stash-agent-options global parameter
for DHCPv4 (new feature from ISC DHCP allowing to
renew reserved address when the host reservation identifier
is based on the dhcp-agent-options option added by a relay.
(Gitlab #2976)
2226. [func] piotrek
Added information about transaction ID in all possible
places in loggers: alloc-engine, bad-packets, ddns,
eval, leases, options, packets.
(Gitlab #2820)
2225. [func] marcin
Ensure backward compatibility of High Availability
between Kea 2.5.8+ and earlier versions. It introduces
a new origin-id argument to the dhcp-enable, dhcp-disable
and ha-sync-complete-notify commands. It is ignored by the
earlier Kea versions. The origin argument is sent in addition
to the origin-id and has the format recognizable by the old
Kea versions.
(Gitlab #3344)
2224. [func] andrei
Printing the version now mentions if premium is included and
shows the git commit hash for the premium source code repository
if the executable is built from sources.
(Gitlab #3254)
2223. [bug] tmark
Fixed an issue in PerfMon hook library which causes
the kea6_server to crash when the server responds
to a client query for which no subnet was selected.
(Gitlab #3347)
2222. [bug] piotrek
Fixed a bug in host_cmds. When PostgreSQL was used as
hosts database storage, reservation-del command called
with given IPv6 host address and the subnet Id deleted
all IPv6 hosts in given subnet.
Corrected the issue so that now only given host
reservation is deleted.
(Gitlab #3294)
2221. [bug] tmark
Corrected an index on the dhcp4_servers table
in the PostgreSQL schema.
(Gitlab #2957)
2220. [bug] marcin
Exclude packets ignored during load balancing from the
pkt6-receive-drop statistics. The packets dropped by the
HA hook library during subnet selection are counted in
the pkt4-receive-drop and pkt6-receive-drop statistics.
(Gitlab #3125)
2219. [bug] marcin
Corrected an issue in processing the server-name argument
of the ha-sync command. The argument was ignored when the
synchronization with a backup server was performed.
(Gitlab #3276)
2218. [func] marcin
Addressed an inconsistent state of the High Availability
service that occurs when one of the terminated services is
restarted and another one is not. The restarted service waits 10
minutes for the partner restart. If the partner is not restarted
the service transitions to the terminated state to continue
responding to the DHCP traffic.
(Gitlab #3250)
2217. [func] fdupont
Extended the lenient-option-parsing compatibility
flag to ignore DHCPv4 fqdn (81) and DHCPv6 client-fqdn
(39) options with some invalid domain names (e.g.
beginning with an empty label).
(Gitlab #3289)
2216. [func] tmark
PerfMon hook library is now functional. It accumulates
and reports performance data, and supports alarms. Still
lacking are API commands.
(Gitlab #3297)
2215. [bug] tmark
Corrected an issue that can cause kea-dhcp-ddns to
stop processing queued requests. Thanks to Shawn
Routhier from Infoblox for reporting the issue.
(Gitlab #3295)
2214. [func] tmark
PerfMon hook library can now parse its configuration
and the ARM has been updated with more detailed
information. Functionality is still limited.
(Gitlab #3278)
And for Kea premium:
195. [func] fdupont, andrei
The RADIUS Delegated-IPv6-Prefix attribute is now supported.
(Gitlab #2984)
194. [bug] fdupont, tmark
Fixed a bug where commands sent to a control agent
configured with RBAC roles that do not include the
"response-filters" configuration option resulted in
an error log message rather than treating the response
filter list as empty.
Thank you again to everyone who assisted us in making this release
possible.
We look forward to receiving your feedback.
More information about the kea-announce
mailing list