[Kea-users] kea-dhcp6 : KNOWN class setting vs mac-sources and DUIDs types
Jan Rovner
jan.rovner at diadema.cz
Tue Apr 8 16:05:47 UTC 2025
Hello,
I am running dhcp6 server with strict policy that KEA talks only to clients with known MACs (Reservations) and provides only a static config for them. All clients are operating via DHCPv6 relay and the relay should pass client's MAC option 79 RFC 6939 for KEA to be used via client-link-addr-option.
This is a working except from my kea-dhcp6.conf. All it works fine, if client uses DUID-LLT or DUID-LL, where MAC address can be determined from DUID.
...
"client-classes": [
{
"name": "DROP",
"test": "not member('KNOWN')"
}
...
"host-reservation-identifiers": [ "hw-address", "duid" ],
"mac-sources": [ "client-link-addr-option", "remote-id", "subscriber-id", "ipv6-link-local", "duid" ],
...
"subnet6": [
{
"reservations": [
{
"hw-address": "xx:xx:xx:xx:xx:xx",
"ip-addresses": [ "xxxx:xxxx:xxxx:1::2" ],
etc.
...
However, if client uses another DUID type, this happens - "Expression DROP is evaluated to true" and the request is dropped.
INFO DHCP6_QUERY_LABEL received query: duid=[00:02:00:00:d2:6d:8e:83:64:d4:6c:e7:26:8e], [no hwaddr info], tid=0x2621c
INFO EVAL_RESULT duid=[00:02:00:00:d2:6d:8e:83:64:d4:6c:e7:26:8e], [no hwaddr info], tid=0x2621c: Expression DROP evaluated to true
DEBUG DHCP6_PACKET_DROP_DROP_CLASS2 dropped as member of the special class 'DROP' after host reservation lookup: duid=[00:02:00:00:d2:6d:8e:83:64:d4:6c:e7:26:8e], [no hwaddr info] local_address=[xxxx:xxxx:xxxx:x::x]:0, remote_address=[xxxx:xxxx:xxxx:xxxx::1]:547, msg_type=SOLICIT (1),
It looks like that host reservation lookup was probably not performed with correct MAC (that was told to the KEA via option 79).
Any ideas to fix it?
Thank you very much.
Sincerely,
Jan Rovner
More information about the Kea-users
mailing list