<div dir="ltr">Suggest removing the HA portion first to confirm the ideal host lease scheme is working correctly.<div><br></div><div>We are trying to change the Kea behaviour of lease allocations - being based purely on source MAC address, to instead include source MAC + option 82 information. This syntax appears to be valid but testing has been mixed in our limited experience, further debugging is needed but maybe this approach would work for you too.<div><br></div><div><font face="courier new, monospace">    "Dhcp4": {<br></font></div><div><font face="courier new, monospace">        "match-client-id": true,<br>        "reservation-mode": "disabled",</font></div><div><font face="courier new, monospace">...</font></div><div><font face="courier new, monospace">                "library": "/usr/lib64/kea/hooks/libdhcp_flex_id.so",<br>                "parameters": {<br>                    "identifier-expression": "concat(relay4[1].hex, hexstring(pkt4.mac, ':'))",<br>                    "replace-client-id": true<br></font><div><br></div><div>--Matt</div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, May 9, 2019 at 9:02 AM Bjørn Skovlund <<a href="mailto:skovlund@gmail.com">skovlund@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr">Hi again,<div><br></div><div>I haven't debugged the logic completely, but it seems a bit inconsistent.</div><div><br></div><div>If I have two DHCP servers in HA mode, using flex-id to map to client-id with a value that's the same for two clients, they will get a lease each - one from each server I believe. Whichever one last did the REQUEST, will be the only entry in the database, as the client-id is the same.</div><div><br></div><div>What I was hoping to get to, is that a specific client-id can only ever take up one IP, which the client changing hwaddr will result in being offered the same IP as the client-id had with the first hwaddr. Is this a possibility?</div><div><br></div><div>Would an active-standby scenario work better for this use-case?</div><div><br></div><div>Config for test bed is attached below:</div><div><div>{</div><div>    "Dhcp4": {</div><div>        "control-socket": {</div><div>            "socket-name": "/opt/run/kea-dhcp4/kea.socket",</div><div>            "socket-type": "unix"</div><div>        },</div><div>        "dhcp-ddns": {</div><div>            "enable-updates": false</div><div>        },</div><div>        "expired-leases-processing": {</div><div>            "flush-reclaimed-timer-wait-time": 25,</div><div>            "hold-reclaimed-time": 3600,</div><div>            "max-reclaim-leases": 100,</div><div>            "max-reclaim-time": 250,</div><div>            "reclaim-timer-wait-time": 10,</div><div>            "unwarned-reclaim-cycles": 5</div><div>        },</div><div>        "hooks-libraries": [</div><div>            {</div><div>                "library": "/usr/local/lib/hooks/libdhcp_lease_cmds.so",</div><div>                "parameters": {}</div><div>            },</div><div>            {</div><div>                "library": "/usr/local/lib/hooks/libdhcp_host_cmds.so",</div><div>                "parameters": {}</div><div>            },</div><div>            {</div><div>                "library": "/usr/local/lib/hooks/libdhcp_legal_log.so",</div><div>                "parameters": {</div><div>                    "base-name": "kea-forensic4",</div><div>                    "path": "/var/kea/log"</div><div>                }</div><div>            },</div><div>            {</div><div>                "library": "/usr/local/lib/hooks/libdhcp_flex_id.so",</div><div>                "parameters": {</div><div>                    "identifier-expression": "relay4[9].hex",</div><div>                    "replace-client-id": true</div><div>                }</div><div>            },</div><div>            {</div><div>                "library": "/usr/local/lib/hooks/libdhcp_ha.so",</div><div>                "parameters": {</div><div>                    "high-availability": [</div><div>                        {</div><div>                            "heartbeat-delay": 1000,</div><div>                            "max-ack-delay": 5000,</div><div>                            "max-response-delay": 10000,</div><div>                            "max-unacked-clients": 0,</div><div>                            "mode": "load-balancing",</div><div>                            "peers": [</div><div>                                {</div><div>                                    "name": "<a href="http://dhcp-01.test.site.fastspeed.dk" target="_blank">dhcp-01.test.site.fastspeed.dk</a>",</div><div>                                    "role": "primary",</div><div>                                    "url": "<a href="http://172.16.1.2:8079" target="_blank">http://172.16.1.2:8079</a>"</div><div>                                },</div><div>                                {</div><div>                                    "name": "<a href="http://dhcp-02.test.site.fastspeed.dk" target="_blank">dhcp-02.test.site.fastspeed.dk</a>",</div><div>                                    "role": "secondary",</div><div>                                    "url": "<a href="http://172.16.1.3:8079" target="_blank">http://172.16.1.3:8079</a>"</div><div>                                }</div><div>                            ],</div><div>                            "sync-timeout": 60000,</div><div>                            "this-server-name": "<a href="http://dhcp-02.test.site.fastspeed.dk" target="_blank">dhcp-02.test.site.fastspeed.dk</a>"</div><div>                        }</div><div>                    ]</div><div>                }</div><div>            }</div><div>        ],</div><div>        "host-reservation-identifiers": [</div><div>            "client-id"</div><div>        ],</div><div>        "hosts-database": {</div><div>            "host": "snip",</div><div>            "name": "kea",</div><div>            "password": "snip",</div><div>            "type": "mysql",</div><div>            "user": "kea"</div><div>        },</div><div>        "interfaces-config": {</div><div>            "dhcp-socket-type": "udp",</div><div>            "interfaces": [</div><div>                "*"</div><div>            ]</div><div>        },</div><div>        "lease-database": {</div><div>            "host": "snip",</div><div>            "name": "kea",</div><div>            "password": "snip",</div><div>            "type": "mysql",</div><div>            "user": "kea"</div><div>        },</div><div>        "match-client-id": true,</div><div>        "next-server": "0.0.0.0",</div><div>        "option-data": [</div><div>            {</div><div>                "data": "8.8.8.8, 8.8.4.4",</div><div>                "name": "domain-name-servers"</div><div>            }</div><div>        ],</div><div>        "rebind-timer": 600,</div><div>        "renew-timer": 300,</div><div>        "subnet4": [</div><div>            {</div><div>                "id": 1684209664,</div><div>                "option-data": [</div><div>                    {</div><div>                        "data": "100.99.0.1",</div><div>                        "name": "routers"</div><div>                    },</div><div>                    {</div><div>                        "data": "8.8.8.8, 8.8.4.4",</div><div>                        "name": "domain-name-servers"</div><div>                    },</div><div>                    {</div><div>                        "data": "172.16.1.3",</div><div>                        "name": "dhcp-server-identifier"</div><div>                    }</div><div>                ],</div><div>                "pools": [</div><div>                    {</div><div>                        "client-class": "HA_dhcp-01",</div><div>                        "pool": "100.99.0.2 - 100.99.0.247"</div><div>                    },</div><div>                    {</div><div>                        "client-class": "HA_dhcp-02",</div><div>                        "pool": "100.99.0.248 - 100.99.1.238"</div><div>                    }</div><div>                ],</div><div>                "subnet": "<a href="http://100.99.0.0/23" target="_blank">100.99.0.0/23</a>"</div><div>            }</div><div>        ],</div><div>        "valid-lifetime": 1200</div><div>    }</div><div>}</div></div><div><br></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, May 2, 2019 at 2:44 PM Bjørn Skovlund <<a href="mailto:skovlund@gmail.com" target="_blank">skovlund@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr">Hi Francis,<div><br></div><div>Thanks for the prompt reply!</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, May 2, 2019 at 12:48 PM Francis Dupont <<a href="mailto:fdupont@isc.org" target="_blank">fdupont@isc.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">> It seems this would be possible with a host reservation on the client-id,<br></blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
> but I'm trying to avoid having to copy the lease information into host<br>
> reservations.<br>
<br>
=> host reservations are of course the only way to really reserve an address.<br>
But you can play with lifetime and expired-leases-processing timers to<br>
make more likely a client to get the same IP address.<br></blockquote><div><br></div><div>I'm not that concerned about getting the same IP, but more concerned about not handing out multiple addresses to the same client-id.</div><div><br></div><div>I think my problem, and misunderstanding of the client-id when it comes to lease allocation, may stem from having an active-active HA setup. It seems I am limited to two IP addresses, one from each of the servers. It could look a bit like my replication of IP addresses broke when I enabled the flex-id.</div><div><br></div><div>I'll have a closer look at those.</div><div><br></div><div>Thanks for your help.</div><div><br></div><div>Best, Bjorn </div></div></div>
</blockquote></div>
_______________________________________________<br>
Kea-users mailing list<br>
<a href="mailto:Kea-users@lists.isc.org" target="_blank">Kea-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/kea-users" rel="noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/kea-users</a><br>
</blockquote></div>