[Kea-users] kea dhcp4 - configuration of local listening IP addr ?

Thu Sep 4 11:19:06 UTC 2014

Nicolas,

Thanks again for spending your time on testing Kea. Please see my
answers inline.

Marcin

On 04/09/14 11:45, Chaigneau, Nicolas wrote:
>  
> 
> Additionally, if an interface has 2 IP addresses:
> 
>  
> 
> When kea receives a message on the interface (whatever the IP address
> used), it will handle it twice (one for each IP address).

Yes, this use case requires additional configuration parameter to
specify what address on the interface the server should listen.
Currently, Kea configuration doesn't provide this parameter and it
creates sockets for all addresses regardless if this is the same or
different interface. I will submit a ticket for this feature.

> 
> Hence, two leases will be offered at the same time.
> 
>  
> 
> This doesn’t seem right.
> 
> 

Agreed.

> 
>  
> 
> *De :*kea-users-bounces at lists.isc.org
> [mailto:kea-users-bounces at lists.isc.org] *De la part de* Chaigneau, Nicolas
> *Envoyé :* jeudi 4 septembre 2014 11:36
> *À :* kea-users at lists.isc.org
> *Objet :* [Kea-users] kea dhcp4 - configuration of local listening IP addr ?
> 
>  
> 
> Hello,
> 
>  
> 
>  
> 
> I have a question about kea-dhcp4 configuration related to server local
> address.
> 
>  
> 
>  
> 
> Kea administration guide explains that you can specify a list of
> interfaces on which the server will listen, such as:
> 
> "interfaces": [ "eth0", "eth1" ],
> 
>  
> 
> Is it possible to restrict this to a single IP address for a given
> interface ?
> 
>  

As I stated above: it is not possible. For DHCPv6 we use the following
notation to bind sockets to global unicast addresses (in addition to the
sockets bound to All_DHCP_Servers_and_Relay_Agents multicast address):

"interfaces": [ "eth0/2001:db8:1::1", "eth1/3001::1" ]

I think we could use similar notation to restrict the DHCPv4 server to
listen on selected IPv4 addresses:

"interfaces": [ "eth0/10.1.2.3" ]

> 
>  
> 
> With ISC’s dhcpd, this was achieved with the configuration item
> “local-address”.
> 
> This allowed to start multiple servers on the same host, using the same
> interface, but each having its own local IP address.
> 
>  
> 
> I did not find a similar option with kea ; did I miss something ?
> 
>  
> 
>  
> 
> I tested the following scenario:
> 
> - Start a dhcpd, which listens on a given interface, and binds to a
> specific local IP addr
> 
> - Start kea-dhcp4, with the same interface as used by dhcpd
> 
> Kea starts, but compains that it cannot bind to the IP addr used by dhcpd:
> 
> 2014-09-04 11:15:23.386 WARN  [kea-dhcp4.dhcp4/7595]
> DHCP4_OPEN_SOCKET_FAIL failed to open socket: failed to open socket on
> interface eth0.102, reason: failed to bind fallback socket to address
> 10.163.216.229, port 67, reason: Address already in use - is another
> DHCP server running?
> 

Kea is not meant to bind to addresses in use. So, if there is another
DHCP server running and listening on the particular interface (and
address), Kea should complain and not open a socket. I think that was
also an intent for dhcpd.

>  
> 
> Then, if a DHCP message is sent by a relay to dhcpd local IP addr, two
> responses are sent back: both dhcpd and kea manage to answer! (even
> though kea couldn’t bind to this IP address, apparently the interface is
> enough)

Hm, is there any other interface that Kea is listening on and can
receive relayed messages?

Would it be possible to get the traffic capture that shows this behavior?

> 
> This is weird.
> 
>  
> 
>  
> 
> On the opposite, if I start first kea, then dhcpd, dhcpd fails to start
> because it cannot bind on the local address:
> 
> Can't bind to dhcp address: Address already in use
> 
>  
> 
>  
> 
>  
> 
> Is this the intended behavior ?
> 
>  