[Kea-users] Ignore non-reserved hosts

Mark Moseley moseleymark at gmail.com
Tue Jun 8 02:03:50 UTC 2021


Thanks for the quick reply!

I gave that a try, but I'm still sending out lots of NACKs. There aren't
any pools in my config and I added 'authoritative' as false (and tried
different permutations of both globally under 'Dhcp4' and inside the
subnets), but no luck.

That did lead me to this though, which might be an issue:
https://gitlab.isc.org/isc-projects/kea/-/issues/1584

I installed the stock Ubuntu Focal 1.6.2 to see if that would make a diff
but I see those same NACKs, even with authoritative set to false.

I did however try 1.8.2 with the patch in
https://gitlab.isc.org/isc-projects/kea/-/issues/1584 and that prevents the
NAKs from getting sent.

Thanks for pointing me in the right direction :)

On Mon, Jun 7, 2021 at 3:53 PM Gibbins, John (IM&T, Black Mountain)
<John.Gibbins at csiro.au> wrote:

> My (limited) understanding is that it should not send a NAK unless you
> have told the server that it is authoritative.  See
> https://kea.readthedocs.io/en/kea-1.6.2/arm/dhcp4-srv.html#authoritative-dhcpv4-server-behavior
> .
>
>
>
> If I’m reading this correctly you would need to remove any authoritative
> directive or replace it with a value of false.  As long as you don’t have
> any pools, it should then only respond to machines with known MACs.
>
>
>
> *From:* Kea-users <kea-users-bounces at lists.isc.org> *On Behalf Of *Mark
> Moseley
> *Sent:* Tuesday, 8 June 2021 8:41 AM
> *To:* kea-users at lists.isc.org
> *Subject:* [Kea-users] Ignore non-reserved hosts
>
>
>
> I've been scouring the manual and google for this but have finally reached
> the point of giving up and bugging the list :)
>
>
>
> I'm trying to migrate our DHCP from dhcpd to Kea. I've got an existing
> DHCP server that it will need to live alongside Kea for a little bit.
> Server is Ubuntu Focal, with Kea 1.8.2, with mysql host reservation backend.
>
>
>
> I've been trying to figure out how to tell Kea to ignore any hosts that
> don't appear in the host reservation. I.e. I want Kea to only respond to
> DHCP requests from MAC addresses that I have configured in the Kea MySQL
> 'hosts' table.
>
>
>
> Currently, Kea is churning out a steady stream of DHCP NAK's to the
> non-reserved hosts (which are 'reserved' on the legacy dhcpd server but
> will eventually be migrated to Kea), when those hosts renew their lease.
> I'd like Kea to silently drop the unrecognized DHCP requests.
>
>
>
> I think this would be the equivalent of dhcpd's "deny unknown-clients".
> keama didn't know what to do with that directive (it created a 'statement'
> clause that kea-dhcpd4 did not recognize).
>
>
>
> Is it doable/possible to configure Kea to ignore any hosts that don't
> appear in the host reservations?
>
>
>
> Thanks!
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20210607/a7ee31e0/attachment-0001.htm>


More information about the Kea-users mailing list