[Kea-users] Kea DHCP reservation question

Doug Freed dwfreed at isc.org
Wed Jul 9 22:34:20 UTC 2025 

On 7/9/25 08:58, David via Kea-users wrote:
> I am working on a project that up until now has been using dnsmasq. It 
> can map a hostname to an IP address with this kind of entry:
> 
> dhcp-host=server_name.domain.local,10.1.0.50
> 
> dnsmasq cannot do HS or redundancy easily, so I was asked to check Kea. 
> I’m using version 2.6.3 from the RHEL 9.6 repository. (Using anything 
> else than what is in the official repo causes heartburn with 
> management.) I have Kea HA working and it works fine.
> 
> Q1: Can Kea match a hostname to a IP address in a reservation? Doesn’t 
> seem like it can.
> 
> The DHCP clients are Linux based. As they are OpenShift VMs, the MAC 
> addresses are randomly assigned so I can’t use MAC addresses.
> 
> Thanks.
> 
> *David Pearce*
> 
> *Systems Administrator*
> 
> *Space and Airborne Systems / l3HARRIS Technologies, INC.*
> 
> L3Harris.com <mailto:L3Harris.com>  / david.pearce at L3Harris.com 
> <mailto:david.pearce at L3Harris.com>
> 
> 
> 
> CONFIDENTIALITY NOTICE: This email and any attachments are for the sole 
> use of the intended recipient and may contain material that is 
> proprietary, confidential, privileged or otherwise legally protected or 
> restricted under applicable government laws. Any review, disclosure, 
> distributing or other use without expressed permission of the sender is 
> strictly prohibited. If you are not the intended recipient, please 
> contact the sender and delete all copies without reading, printing, or 
> saving.

Ideally the clients would use a persistent client ID to allow 
identifying them even when their MAC address changes.  This could then 
be used for the host reservations.

It's definitely not recommended, but one could abuse the flex-id hook to 
use any part of the DHCP packet to identify the client.  I'll leave it 
as an exercise to the reader to figure out how to do that for this purpose.

(It's not recommended in this case because the sent hostname is of 
course completely controlled by the client, and so a malicious client 
could steal another client's lease by using the same hostname.  Most 
environments do not have complete control over all their clients, so 
this could be problematic.)

-Doug

More information about the Kea-users mailing list