[Kea-users] NEXT_STEP SKIP and DROP documentation discrepancies

Tomek Mrugalski tomasz at isc.org
Fri Dec 23 15:56:45 UTC 2016


W dniu 19.12.2016 o 14:11, Igor Smitran pisze:
> Hi list,
> 
> If i've interpreted documentation correctly then setting th
> NEXT_STEP_DROP in any of the hooks would immediately drop packet and
> stop any further processing of that packet?
> 
>     enum CalloutNextStep {
>         NEXT_STEP_CONTINUE = 0, ///< continue normally
>         NEXT_STEP_SKIP = 1,     ///< skip the next processing step
>         NEXT_STEP_DROP = 2      ///< drop the packet
>     };
> 
> I was planning to drop the packet if there is no option 82 in it. Hook
> position was pkt4_receive:
> 
> handle.setStatus(CalloutHandle::NEXT_STEP_DROP);
> 
> Kea decided to skip and continue. Computer received an offer.
> 
> Then, after few more tests i decided to change to SKIP:
> 
> and kea droped the packet immediately:
> 
> DHCP4_HOOK_PACKET_RCVD_SKIP [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info],
> tid=0xd7a09a5b: packet is dropped, because a callout set the skip flag.
> 
> Computer didn't receive an offer.
> 
> Is this a bug or i didn't understand the concept?
First of all, this sort of questions would be better addressed at
kea-dev, rather than on kea-users. Second, it's great that people are
using this feature. This is great!

There's a historic reason why drop does not always work. Some time ago
we had a boolean flag called skip and you could either set it to true or
false. This was deemed not sufficiently flexible, so we changed this to
the enum that currently has 3 fields. However, not all of the hook
points were updated, because in some cases (like in pkt4_receive) the
functionality was already there (by using skip).

If you take a look at the pkt4_receive documentation here:

https://jenkins.isc.org/job/Kea_doc/doxygen/de/df3/dhcpv4Hooks.html

You'll find the following text:

"Next step status: If any callout sets the status to SKIP, the server
will drop the packet and start processing the next one. The reason for
the drop will be logged if logging is set to the appropriate debug level."

And that is exactly what the code does.

But you are right. It would be nice if the drop and skip worked the same
in this case. Feel free to submit a ticket for this. I honestly must say
that while such an improvement would be welcome, it will likely be
assigned a low priority. The reason is there's a viable workaround, what
you're trying to do is completely possible and it's mostly a consistency
thing.

Hope that helps,
Tomek Mrugalski
ISC




More information about the Kea-users mailing list