[Kea-users] Is Interface mandate in kea-DHCPv6 section
Kraishak Mahtha
kraishak.edu at gmail.com
Fri Feb 21 05:29:45 UTC 2025
Hi Darren & Owen DeLong
Thanks for your reply and for sharing the information. I have trouble
dealing with multiple subnets in kea-dhcpv6 mode.
Previously, I used ISC DHCPv6, where I successfully obtained leases from
both 2001:470:edb5:200::/64 and 2001:470:edb5:300::/64 subnets. In this
setup, the OPNsense router was configured as a relay with the IP
2001:470:edb5:200::23.(server IP, not router IP)
After migrating to Kea DHCPv6, leases are being assigned correctly within
the local subnet, but clients from 2001:470:edb5:300::/64 are unable to
obtain addresses. No relevant logs appear in kea-dhcp6-packets.log when a
client requests a lease from the relayed subnet. However, a network traffic
capture confirms that packets are being forwarded correctly, yet my Kea
server does not respond.
### Troubleshooting Steps Attempted:
1. Configured the `relay-ip` statement in the 2001:470:edb5:300::/64
subnet, using the Kea server's IP address → No success.
2. Updated the `relay-ip` statement in the ......300::/64 subnet to match
2001:470:edb5:300::1, as observed in the packet capture → No success.
A comparison of network traffic between ISC DHCPv6 and Kea DHCPv6 shows
identical behavior, yet Kea is not assigning leases for the relayed subnet.
Here is my config
*{ "Dhcp6": { "interfaces-config": { "interfaces": ["ens192"] #
The network interface the DHCPv6 server listens on },
"multi-threading": { "packet-queue-size": 28,
"enable-multi-threading": true, "thread-pool-size": 4 },
"lease-database": { "name": "/XXXXX/XXXXXX/XXXXX/XXXX/dhcp6.leases",
"type": "memfile", # In-memory lease database (useful for testing)
"persist": true # Save leases to disk },
"preferred-lifetime": 3000, "valid-lifetime": 4000,
"renew-timer": 1000, "rebind-timer": 2000, "option-data": [ {
"name": "dns-servers", "data": "2001:470:edb5:200::23" # Define
DNS servers for clients }, { "name": "domain-search",
"data": "tester.com <http://tester.com>" # Domain search list }
], "subnet6": [ { "subnet": "2001:470:edb5:200::/64", # The
subnet from which addresses are allocated "interface": "ens192",
"pools": [ {"pool":
"2001:470:edb5:200::2-2001:470:edb5:200::15"}, {"pool":
"2001:470:edb5:200::3e-2001:470:edb5:200::51"}, {"pool":
"2001:470:edb5:200::52-2001:470:edb5:200::65"} ],
"preferred-lifetime": 600, "valid-lifetime": 1200,
"option-data": [ { "name": "dns-servers",
"data": "2001:470:edb5:200::23" # Override DNS servers for this subnet
}, { "name": "domain-search", "data":
"tester.com <http://tester.com>" } ] }, {
"subnet": "2001:470:edb5:300::/64", # The subnet from which addresses are
allocated "pools": [ {"pool":
"2001:470:edb5:300::16-2001:470:edb5:300::1f"}, {"pool":
"2001:470:edb5:300::2-2001:470:edb5:300::b"}, {"pool":
"2001:470:edb5:300::c-2001:470:edb5:300::15"} ],"relay": {
"ip-addresses": ["2001:470:edb5:300::1" ] },
"preferred-lifetime": 600, "valid-lifetime": 1200,
"option-data": [ { "name": "dns-servers",
"data": "2001:470:edb5:200::23" # Override DNS servers for this subnet
}, { "name": "domain-search", "data":
"tester.com <http://tester.com>" } ] } ], #
Logging configuration "loggers": [{ "name": "kea-dhcp6",
"output_options": [{ "output":
"/var/log/kea-dhcp6.log" }], "severity": "INFO",
"debuglevel": 99 }, { "debuglevel": 99,
"severity": "DEBUG", "output_options": [{
"output": "/var/log/kea-dhcp6-packets.log", "maxver": 5,
"flush": true, "maxsize": 10240000
}], "name": "kea-dhcp6.packets" }, {
"debuglevel": 55, "severity": "DEBUG",
"output_options": [{ "output":
"/var/log/kea-dhcp6-leases.log", "maxver": 5,
"flush": true, "maxsize": 10240000 }],
"name": "kea-dhcp6.leases" }] }}*
Traffic capture screenshot of kea
[image: image.png]
Traffic capture screenshot of ISC(ISC granted lease)
[image: image.png]
Would appreciate insights on potential configuration mistakes, if any, in
my Kea DHCPv6 config,
Thanks in Advance
Kraishak
On Fri, Feb 21, 2025 at 2:46 AM Darren Ankney <darren.ankney at gmail.com>
wrote:
> Hi Kraishak,
>
> > Q)
> > 1)Is it mandatory to add the interface line in every subnet6 section,
> unlike subnet4
>
> subnet4 will most likely need the interface specified for a local
> subnet as well (see here:
>
> https://kea.readthedocs.io/en/latest/arm/dhcp4-srv.html#how-the-dhcpv4-server-selects-a-subnet-for-the-client
> ).
>
> > 2)If that is mandatory, how can I use multiple subnets? Let's say I have
> one more network range using the same DHCPv6 appliance, but I don't have
> any interface on the box. How can we use that
>
> It is indeed mandatory, for the same reason (see here:
>
> https://kea.readthedocs.io/en/latest/arm/dhcp6-srv.html#ipv6-subnet-selection
> ).
>
> If you have another subnet to which the DHCP server has no interface
> attached, then there will be a relay agent forwarding the traffic to
> the DHCP server. Then you will use the "relay: {}" mechanism (see
> here:
> https://kea.readthedocs.io/en/latest/arm/dhcp6-srv.html#using-a-specific-relay-agent-for-a-subnet
> ).
> But you may not have to if the relay agent source IP is actually part
> of one of the subnets configured on your DHCP server.
>
> Thank you,
> Darren Ankney
> --
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20250221/8068e418/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 175753 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20250221/8068e418/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 130284 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20250221/8068e418/attachment-0003.png>
More information about the Kea-users
mailing list