<div dir="ltr"><div dir="ltr">Hi again,<div><br></div><div>I haven't debugged the logic completely, but it seems a bit inconsistent.</div><div><br></div><div>If I have two DHCP servers in HA mode, using flex-id to map to client-id with a value that's the same for two clients, they will get a lease each - one from each server I believe. Whichever one last did the REQUEST, will be the only entry in the database, as the client-id is the same.</div><div><br></div><div>What I was hoping to get to, is that a specific client-id can only ever take up one IP, which the client changing hwaddr will result in being offered the same IP as the client-id had with the first hwaddr. Is this a possibility?</div><div><br></div><div>Would an active-standby scenario work better for this use-case?</div><div><br></div><div>Config for test bed is attached below:</div><div><div>{</div><div> "Dhcp4": {</div><div> "control-socket": {</div><div> "socket-name": "/opt/run/kea-dhcp4/kea.socket",</div><div> "socket-type": "unix"</div><div> },</div><div> "dhcp-ddns": {</div><div> "enable-updates": false</div><div> },</div><div> "expired-leases-processing": {</div><div> "flush-reclaimed-timer-wait-time": 25,</div><div> "hold-reclaimed-time": 3600,</div><div> "max-reclaim-leases": 100,</div><div> "max-reclaim-time": 250,</div><div> "reclaim-timer-wait-time": 10,</div><div> "unwarned-reclaim-cycles": 5</div><div> },</div><div> "hooks-libraries": [</div><div> {</div><div> "library": "/usr/local/lib/hooks/libdhcp_lease_cmds.so",</div><div> "parameters": {}</div><div> },</div><div> {</div><div> "library": "/usr/local/lib/hooks/libdhcp_host_cmds.so",</div><div> "parameters": {}</div><div> },</div><div> {</div><div> "library": "/usr/local/lib/hooks/libdhcp_legal_log.so",</div><div> "parameters": {</div><div> "base-name": "kea-forensic4",</div><div> "path": "/var/kea/log"</div><div> }</div><div> },</div><div> {</div><div> "library": "/usr/local/lib/hooks/libdhcp_flex_id.so",</div><div> "parameters": {</div><div> "identifier-expression": "relay4[9].hex",</div><div> "replace-client-id": true</div><div> }</div><div> },</div><div> {</div><div> "library": "/usr/local/lib/hooks/libdhcp_ha.so",</div><div> "parameters": {</div><div> "high-availability": [</div><div> {</div><div> "heartbeat-delay": 1000,</div><div> "max-ack-delay": 5000,</div><div> "max-response-delay": 10000,</div><div> "max-unacked-clients": 0,</div><div> "mode": "load-balancing",</div><div> "peers": [</div><div> {</div><div> "name": "<a href="http://dhcp-01.test.site.fastspeed.dk">dhcp-01.test.site.fastspeed.dk</a>",</div><div> "role": "primary",</div><div> "url": "<a href="http://172.16.1.2:8079">http://172.16.1.2:8079</a>"</div><div> },</div><div> {</div><div> "name": "<a href="http://dhcp-02.test.site.fastspeed.dk">dhcp-02.test.site.fastspeed.dk</a>",</div><div> "role": "secondary",</div><div> "url": "<a href="http://172.16.1.3:8079">http://172.16.1.3:8079</a>"</div><div> }</div><div> ],</div><div> "sync-timeout": 60000,</div><div> "this-server-name": "<a href="http://dhcp-02.test.site.fastspeed.dk">dhcp-02.test.site.fastspeed.dk</a>"</div><div> }</div><div> ]</div><div> }</div><div> }</div><div> ],</div><div> "host-reservation-identifiers": [</div><div> "client-id"</div><div> ],</div><div> "hosts-database": {</div><div> "host": "snip",</div><div> "name": "kea",</div><div> "password": "snip",</div><div> "type": "mysql",</div><div> "user": "kea"</div><div> },</div><div> "interfaces-config": {</div><div> "dhcp-socket-type": "udp",</div><div> "interfaces": [</div><div> "*"</div><div> ]</div><div> },</div><div> "lease-database": {</div><div> "host": "snip",</div><div> "name": "kea",</div><div> "password": "snip",</div><div> "type": "mysql",</div><div> "user": "kea"</div><div> },</div><div> "match-client-id": true,</div><div> "next-server": "0.0.0.0",</div><div> "option-data": [</div><div> {</div><div> "data": "8.8.8.8, 8.8.4.4",</div><div> "name": "domain-name-servers"</div><div> }</div><div> ],</div><div> "rebind-timer": 600,</div><div> "renew-timer": 300,</div><div> "subnet4": [</div><div> {</div><div> "id": 1684209664,</div><div> "option-data": [</div><div> {</div><div> "data": "100.99.0.1",</div><div> "name": "routers"</div><div> },</div><div> {</div><div> "data": "8.8.8.8, 8.8.4.4",</div><div> "name": "domain-name-servers"</div><div> },</div><div> {</div><div> "data": "172.16.1.3",</div><div> "name": "dhcp-server-identifier"</div><div> }</div><div> ],</div><div> "pools": [</div><div> {</div><div> "client-class": "HA_dhcp-01",</div><div> "pool": "100.99.0.2 - 100.99.0.247"</div><div> },</div><div> {</div><div> "client-class": "HA_dhcp-02",</div><div> "pool": "100.99.0.248 - 100.99.1.238"</div><div> }</div><div> ],</div><div> "subnet": "<a href="http://100.99.0.0/23">100.99.0.0/23</a>"</div><div> }</div><div> ],</div><div> "valid-lifetime": 1200</div><div> }</div><div>}</div></div><div><br></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, May 2, 2019 at 2:44 PM Bjørn Skovlund <<a href="mailto:skovlund@gmail.com">skovlund@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr">Hi Francis,<div><br></div><div>Thanks for the prompt reply!</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, May 2, 2019 at 12:48 PM Francis Dupont <<a href="mailto:fdupont@isc.org" target="_blank">fdupont@isc.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">> It seems this would be possible with a host reservation on the client-id,<br></blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
> but I'm trying to avoid having to copy the lease information into host<br>
> reservations.<br>
<br>
=> host reservations are of course the only way to really reserve an address.<br>
But you can play with lifetime and expired-leases-processing timers to<br>
make more likely a client to get the same IP address.<br></blockquote><div><br></div><div>I'm not that concerned about getting the same IP, but more concerned about not handing out multiple addresses to the same client-id.</div><div><br></div><div>I think my problem, and misunderstanding of the client-id when it comes to lease allocation, may stem from having an active-active HA setup. It seems I am limited to two IP addresses, one from each of the servers. It could look a bit like my replication of IP addresses broke when I enabled the flex-id.</div><div><br></div><div>I'll have a closer look at those.</div><div><br></div><div>Thanks for your help.</div><div><br></div><div>Best, Bjorn </div></div></div>
</blockquote></div>