[Kea-users] Configuration: Initial setup & verification
Ben Monroe
bendono at gmail.com
Sat Feb 3 10:35:47 UTC 2018
Hi.
I installed Kea and configured the settings.
It seems that it is working, but I am having trouble verifying it.
What makes me suspicious is that client PCs are only receiving one of the
two DNS server defined.
Also, I have tried to verify the the following DHCP test client, but it
fails to detect a response to the DHCP discover broadcast:
https://blog.thecybershadow.net/2013/01/10/dhcp-test-client/
dhcptest v0.7 - Created by Vladimir Panteleev
https://github.com/CyberShadow/dhcptest
Run with --help for a list of command-line options.
Listening for DHCP replies on port 68.
Type "d" to broadcast a DHCP discover packet, or "help" for details.
d
Sending packet:
op=BOOTREQUEST chaddr=53:0D:B0:61:DF:4F hops=0 xid=2946C459 secs=0
flags=8000
ciaddr=0.0.0.0 yiaddr=0.0.0.0 siaddr=0.0.0.0 giaddr=0.0.0.0 sname= file=
1 options:
53 (DHCP Message Type): discover
[Me: After a bit of time, q to quit.]
q
Error on listening thread:
Previously I was doing DHCP on the router, so I disabled that.
There should not be any other DHCP servers on the network.
I start the server:
# keactrl start
INFO/keactrl: Starting /usr/bin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf
INFO/keactrl: Starting /usr/bin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf
INFO/keactrl: Starting /usr/bin/kea-ctrl-agent -c
/etc/kea/kea-ctrl-agent.conf
Here is the status:
# keactrl status
DHCPv4 server: active
DHCPv6 server: active
DHCP DDNS: inactive
Control Agent: active
Kea DHCPv4 configuration file: /etc/kea/kea-dhcp4.conf
Kea DHCPv6 configuration file: /etc/kea/kea-dhcp6.conf
Kea DHCP DDNS configuration file: /etc/kea/kea-dhcp-ddns.conf
Kea Control Agent configuration file: /etc/kea/kea-ctrl-agent.conf
keactrl configuration file: /etc/kea/keactrl.conf
I would expect that it would be listening on UDP port 67.
But when I check, I cannot verify that.
# netstat -tlpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name
tcp 0 0 0.0.0.0:5355 0.0.0.0:* LISTEN
315/systemd-resolve
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN
436/kea-ctrl-agent
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
318/sshd
tcp6 0 0 :::5355 :::* LISTEN
315/systemd-resolve
tcp6 0 0 :::22 :::* LISTEN
318/sshd
Also, when I try to telnet to the DHCP server over port 67 (also tried 68)
it is unsuccessful.
The firewall is disabled on the server:
# systemctl status iptables
* iptables.service - Packet Filtering Framework
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled;
vendor preset: disabled)
Active: inactive (dead)
This is my configuration file.
I modified the default configuration file.
I'm sure it can be improved, but I first want to confirm that it is
generally working.
Comments removed so as to keep the e-mail short.
At this stage, it is hard to stay if it is working or now.
Are there any best practices for testing?
As mentioned above, the client PCs are receiving only one of the two DNS
servers.
Though the above DHCP test client is completely failing, so it may not even
be functional.
It would be great if someone more experience could help review this.
The environment is Arch Linux.
{
"Dhcp4": {
"interfaces-config": {
"interfaces": [ "eth0" ]
},
"control-socket": {
"socket-type": "unix",
"socket-name": "/tmp/kea-dhcp4-ctrl.sock"
},
"lease-database": {
"type": "memfile",
"lfc-interval": 3600
},
"expired-leases-processing": {
"reclaim-timer-wait-time": 10,
"flush-reclaimed-timer-wait-time": 25,
"hold-reclaimed-time": 3600,
"max-reclaim-leases": 100,
"max-reclaim-time": 250,
"unwarned-reclaim-cycles": 5
},
"renew-timer": 900,
"rebind-timer": 1800,
"valid-lifetime": 3600,
"option-data": [
{
"name": "domain-name-servers",
"data": "10.10.10.250, 10.10.10.251"
},
{
"code": 15,
"data": "dono.local"
},
{
"name": "domain-search",
"data": "dono.local"
},
{
"name": "boot-file-name",
"data": "EST5EDT4\\,M3.2.0/02:00\\,M11.1.0/02:00"
},
{
"name": "default-ip-ttl",
"data": "0xf0"
}
],
"client-classes": [
{
"name": "voip",
"test": "substring(option[60].hex,0,6) == 'Aastra'",
"next-server": "192.0.2.254",
"server-hostname": "hal9000",
"boot-file-name": "/dev/null"
}
],
"subnet4": [
{
"subnet": "10.10.10.0/24",
"pools": [ { "pool": "10.10.10.50 - 10.10.10.150" } ],
"option-data": [
{
"name": "routers",
"data": "10.10.10.254"
},
{
"name": "domain-name-servers",
"data": "10.10.10.250"
}
],
"reservations": [
{
"hw-address": "1a:1b:1c:1d:1e:1f",
"ip-address": "192.0.2.201"
},
{
"client-id": "01:11:22:33:44:55:66",
"ip-address": "192.0.2.202",
"hostname": "special-snowflake"
},
{
"duid": "01:02:03:04:05",
"ip-address": "192.0.2.203",
"option-data": [ {
"name": "domain-name-servers",
"data": "10.1.1.202, 10.1.1.203"
} ]
},
{
"client-id": "01:12:23:34:45:56:67",
"ip-address": "192.0.2.204",
"option-data": [
{
"name": "vivso-suboptions",
"data": "4491"
},
{
"name": "tftp-servers",
"space": "vendor-4491",
"data": "10.1.1.202, 10.1.1.203"
}
]
},
{
"client-id": "01:0a:0b:0c:0d:0e:0f",
"ip-address": "192.0.2.205",
"next-server": "192.0.2.1",
"server-hostname": "hal9000",
"boot-file-name": "/dev/null"
},
{
"flex-id": "'s0mEVaLue'",
"ip-address": "192.0.2.206"
}
]
}
]
},
"Logging":
{
"loggers": [
{
"name": "kea-dhcp4",
"output_options": [
{
"output": "/var/log/kea-dhcp4.log"
}
],
"severity": "INFO",
"debuglevel": 0
}
]
}
}
Thank you,
Ben Monroe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20180203/cce9732c/attachment.htm>
More information about the Kea-users
mailing list