<div dir="ltr"><div>I have a solution.</div><div><br></div><div>This strongswan charon dhcp.conf is working:</div><div>dhcp {<br><br> # Always use the configured server address.<br> # force_server_address = no<br> force_server_address = yes<br><br> # Derive user-defined MAC address from hash of IKE identity and send client<br> # identity DHCP option.<br> # identity_lease = no<br><br> # Interface name the plugin uses for address allocation.</div><div> # interface =<br></div><div> interface = macvlan_vpn<br><br> # Whether to load the plugin. Can also be an integer to increase the<br> # priority of this plugin.<br> load = yes<br><br> # DHCP server unicast or broadcast IP address.<br> # server = 255.255.255.255<br><br> # Use the DHCP server port (67) as source port when a unicast server address<br> # is configured.<br> # use_server_port = no<br>}</div><div><br></div><div>!!!But the config is not compatible with isc-dhcp!!!</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Am Sa., 9. Sept. 2023 um 22:44 Uhr schrieb Sascha Marcel Hacker <<a href="mailto:smhrambo@googlemail.com">smhrambo@googlemail.com</a>>:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>With this charon dhcp.conf:</div><div>dhcp {<br><br> # Always use the configured server address.<br> # force_server_address = no<br><br> # Derive user-defined MAC address from hash of IKE identity and send client<br> # identity DHCP option.<br> # identity_lease = no<br><br> # Interface name the plugin uses for address allocation.<br> interface = macvlan_vpn<br><br> # Whether to load the plugin. Can also be an integer to increase the<br> # priority of this plugin.<br> load = yes<br><br> # DHCP server unicast or broadcast IP address.<br> # server = 255.255.255.255<br><br> # Use the DHCP server port (67) as source port when a unicast server address<br> # is configured.<br> # use_server_port = no<br>}</div><div><br></div><div>I get this swanctl --log:</div><div>09[IKE] peer requested virtual IP %any<br>09[CFG] sending DHCP DISCOVER for 7a:a7:81:22:c3:6e to 255.255.255.255<br>09[IKE] authentication of '10.13.17.1' with EAP successful<br>09[CFG] received DHCP OFFER 10.13.11.201 from 10.13.11.1<br>09[CFG] sending DHCP REQUEST for 10.13.11.201 to 10.13.11.1<br>09[CFG] sending DHCP REQUEST for 10.13.11.201 to 10.13.11.1<br>13[MGR] ignoring request with ID 6, already processing<br>12[MGR] ignoring request with ID 6, already processing<br>09[CFG] sending DHCP REQUEST for 10.13.11.201 to 10.13.11.1<br>07[MGR] ignoring request with ID 6, already processing<br>09[CFG] sending DHCP REQUEST for 10.13.11.201 to 10.13.11.1<br>09[CFG] sending DHCP REQUEST for 10.13.11.201 to 10.13.11.1<br>14[MGR] ignoring request with ID 6, already processing<br>09[CFG] DHCP REQUEST timed out<br>09[IKE] no virtual IP found for %any requested by 'saschahacker'</div><div><br></div><div>It seems to be that kea only answers 255.255.255.255 requests. <br></div><div>But after the offer it stops.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Am Sa., 9. Sept. 2023 um 18:37 Uhr schrieb Khebchi Abdallah <<a href="mailto:a.khebchi@esi-sba.dz" target="_blank">a.khebchi@esi-sba.dz</a>>:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto">I mean something like 10.11.13.1 , i had similar issues after debuging i found out that kea do not respond to my brd addr </div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Sep 9, 2023, 5:35 PM Khebchi Abdallah <<a href="mailto:a.khebchi@esi-sba.dz" rel="noreferrer" target="_blank">a.khebchi@esi-sba.dz</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto">Use nc to send discover request on your server addr (broadcast) and confirm that it reply to it , if not change it to something like 10.11.1.1 in dhcp charon conf </div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Sep 9, 2023, 1:11 PM Sascha Marcel Hacker <<a href="mailto:smhrambo@googlemail.com" rel="noreferrer noreferrer" target="_blank">smhrambo@googlemail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>Here is my kea-dhcp4.conf</div><div>{<br> "Dhcp4": {<br> # Global values<br> "valid-lifetime": 4000,<br> "renew-timer": 1000,<br> "rebind-timer": 2000,<br> "ip-reservations-unique": false,<br><br> # Interfaces<br> "interfaces-config": {<br> "interfaces": [<br> "macvlan_lan",<br> "macvlan_device",<br> "macvlan_nvr",<br> "macvlan_dmz",<br> "macvlan_guest",<br> "macvlan_echo",<br> "macvlan_printer",<br> "macvlan_voip",<br> "macvlan_media",<br> "macvlan_vpn",<br> "macvlan_iot",<br> "macvlan_private"<br> ]<br> },<br><br> # Logger<br> "loggers": [<br> {<br> "name": "kea-dhcp4",<br> "severity": "DEBUG",<br> "debuglevel": 99,<br> "output_options": [<br> {<br> "output": "/var/log/kea/dhcp4.log",<br> "maxver": 10<br> }<br> ]<br> },<br> {<br> "name": "kea-dhcp4.bad-packets",<br> "severity": "DEBUG",<br> "debuglevel": 99,<br> "output_options": [<br> {<br> "output": "/var/log/kea/dhcp4-bad.log",<br> "maxver": 10<br> }<br> ]<br> },<br> {<br> "name": "kea-dhcp4.packets",<br> "severity": "DEBUG",<br> "debuglevel": 99,<br> "output_options": [<br> {<br> "output": "/var/log/kea/dhcp4-package.log",<br> "maxver": 10<br> }<br> ]<br> },<br> {<br> "name": "kea-dhcp4.dhcpsrv",<br> "severity": "DEBUG",<br> "output_options": [<br> {<br> "output": "/var/log/kea/dhcp4-dhcpsrv.log",<br> "maxver": 10<br> }<br> ]<br> },<br> {<br> "name": "kea-dhcp4.leases",<br> "severity": "DEBUG",<br> "output_options": [<br> {<br> "output": "/var/log/kea/dhcp4-leases.log",<br> "maxver": 10<br> }<br> ]<br> }<br> ],<br><br> "authoritative": true,<br> "dhcp-ddns": {<br> "enable-updates": false<br> },<br><br> "option-def": [<br> {<br> "space": "dhcp4",<br> "name": "local-hostname",<br> "code": 224,<br> "type": "string"<br> }<br> ],<br><br> "subnet4": [<br> # LAN Network<br> {<br> "id": 1,<br> "subnet": "<a href="http://10.13.1.0/24" rel="noreferrer noreferrer noreferrer" target="_blank">10.13.1.0/24</a>",<br> "option-data": [<br> {<br> "name": "domain-name-servers",<br> "data": "10.13.1.4, 10.13.1.1"<br> },<br> {<br> "name": "broadcast-address",<br> "data": "10.13.1.255"<br> },<br> {<br> "name": "routers",<br> "data": "10.13.1.1"<br> },<br> {<br> "name": "ntp-servers",<br> "data": "10.13.1.1"<br> }<br> ],<br> "interface": "macvlan_lan",<br> "pools": [<br> {<br> "pool": "10.13.1.200 - 10.13.1.254"<br> }<br> ]<br> },<br> <br> # DEVICE Network<br> {<br> "id": 2,<br> "subnet": "<a href="http://10.13.3.0/24" rel="noreferrer noreferrer noreferrer" target="_blank">10.13.3.0/24</a>",<br> "option-data": [<br> {<br> "name": "domain-name-servers",<br> "data": "10.13.3.1, 10.13.3.4"<br> },<br> {<br> "name": "domain-name",<br> "data": "device.foo.bar"<br> },<br> {<br> "name": "broadcast-address",<br> "data": "10.13.3.255"<br> },<br> {<br> "name": "routers",<br> "data": "10.13.3.1"<br> },<br> {<br> "name": "ntp-servers",<br> "data": "10.13.3.1"<br> }<br> ],<br> "interface": "macvlan_device",<br> "pools": [<br> {<br> "pool": "10.13.3.200 - 10.13.3.254"<br> }<br> ],<br> "reservations": [<br> ...<br> ]<br> },<br><br> # NVR Network<br> {<br> "id": 3,<br> "subnet": "<a href="http://10.13.4.0/24" rel="noreferrer noreferrer noreferrer" target="_blank">10.13.4.0/24</a>",<br> "option-data": [<br> {<br> "name": "domain-name-servers",<br> "data": "10.13.4.1, 10.13.4.4"<br> },<br> {<br> "name": "domain-name",<br> "data": "nvr.foo.bar"<br> },<br> {<br> "name": "broadcast-address",<br> "data": "10.13.4.255"<br> },<br> {<br> "name": "routers",<br> "data": "10.13.4.1"<br> },<br> {<br> "name": "ntp-servers",<br> "data": "10.13.4.1"<br> }<br> ],<br> "interface": "macvlan_nvr",<br> "pools": [<br> {<br> "pool": "10.13.4.200 - 10.13.4.254"<br> }<br> ],<br> "reservations": [<br> ...<br> ]<br> },<br><br> # DMZ Network<br> {<br> "id": 4,<br> "subnet": "<a href="http://10.13.5.0/24" rel="noreferrer noreferrer noreferrer" target="_blank">10.13.5.0/24</a>",<br> "option-data": [<br> {<br> "name": "domain-name-servers",<br> "data": "10.13.5.1, 10.13.5.4"<br> },<br> {<br> "name": "domain-name",<br> "data": "dmz.foo.bar"<br> },<br> {<br> "name": "broadcast-address",<br> "data": "10.13.5.255"<br> },<br> {<br> "name": "routers",<br> "data": "10.13.5.1"<br> },<br> {<br> "name": "ntp-servers",<br> "data": "10.13.5.1"<br> }<br> ],<br> "interface": "macvlan_dmz",<br> "pools": [<br> {<br> "pool": "10.13.5.200 - 10.13.5.254"<br> }<br> ],<br> "reservations": [<br> ...<br> ]<br> },<br><br> # Guest Network<br> {<br> "id": 5,<br> "subnet": "<a href="http://10.13.6.0/24" rel="noreferrer noreferrer noreferrer" target="_blank">10.13.6.0/24</a>",<br> "option-data": [<br> {<br> "name": "domain-name-servers",<br> "data": "10.13.6.1, 10.13.6.4"<br> },<br> {<br> "name": "domain-name",<br> "data": "guest.foo.bar"<br> },<br> {<br> "name": "broadcast-address",<br> "data": "10.13.6.255"<br> },<br> {<br> "name": "routers",<br> "data": "10.13.6.1"<br> },<br> {<br> "name": "ntp-servers",<br> "data": "10.13.6.1"<br> }<br> ],<br> "interface": "macvlan_guest",<br> "pools": [<br> {<br> "pool": "10.13.6.200 - 10.13.6.254"<br> }<br> ]<br> },<br><br> # Echo Network<br> {<br> "id": 6,<br> "subnet": "<a href="http://10.13.7.0/24" rel="noreferrer noreferrer noreferrer" target="_blank">10.13.7.0/24</a>",<br> "option-data": [<br> {<br> "name": "domain-name-servers",<br> "data": "10.13.7.1, 10.13.7.4"<br> },<br> {<br> "name": "domain-name",<br> "data": "echo.foo.bar"<br> },<br> {<br> "name": "broadcast-address",<br> "data": "10.13.7.255"<br> },<br> {<br> "name": "routers",<br> "data": "10.13.7.1"<br> },<br> {<br> "name": "ntp-servers",<br> "data": "10.13.7.1"<br> }<br> ],<br> "interface": "macvlan_echo",<br> "pools": [<br> {<br> "pool": "10.13.7.200 - 10.13.7.254"<br> }<br> ],<br> "reservations": [<br> ...<br> ]<br> },<br><br> # Printer Network<br> {<br> "id": 7,<br> "subnet": "<a href="http://10.13.8.0/24" rel="noreferrer noreferrer noreferrer" target="_blank">10.13.8.0/24</a>",<br> "option-data": [<br> {<br> "name": "domain-name-servers",<br> "data": "10.13.8.1, 10.13.8.4"<br> },<br> {<br> "name": "domain-name",<br> "data": "printer.foo.bar"<br> },<br> {<br> "name": "broadcast-address",<br> "data": "10.13.8.255"<br> },<br> {<br> "name": "routers",<br> "data": "10.13.8.1"<br> },<br> {<br> "name": "ntp-servers",<br> "data": "10.13.8.1"<br> }<br> ],<br> "interface": "macvlan_printer",<br> "pools": [<br> {<br> "pool": "10.13.8.200 - 10.13.8.254"<br> }<br> ],<br> "reservations": [<br> ...<br> ]<br> },<br><br> # VoIP Network<br> {<br> "id": 8,<br> "subnet": "<a href="http://10.13.9.0/24" rel="noreferrer noreferrer noreferrer" target="_blank">10.13.9.0/24</a>",<br> "option-data": [<br> {<br> "name": "domain-name-servers",<br> "data": "10.13.9.1, 10.13.9.4"<br> },<br> {<br> "name": "domain-name",<br> "data": "voip.foo.bar"<br> },<br> {<br> "name": "broadcast-address",<br> "data": "10.13.9.255"<br> },<br> {<br> "name": "routers",<br> "data": "10.13.9.1"<br> },<br> {<br> "name": "ntp-servers",<br> "data": "10.13.9.1"<br> }<br> ],<br> "interface": "macvlan_voip",<br> "pools": [<br> {<br> "pool": "10.13.9.200 - 10.13.9.254"<br> }<br> ],<br> "reservations": [<br> ...<br> ]<br> },<br><br> # Multimedia Network<br> {<br> "id": 9,<br> "subnet": "<a href="http://10.13.10.0/24" rel="noreferrer noreferrer noreferrer" target="_blank">10.13.10.0/24</a>",<br> "option-data": [<br> {<br> "name": "domain-name-servers",<br> "data": "10.13.10.1, 10.13.10.4"<br> },<br> {<br> "name": "domain-name",<br> "data": "media.foo.bar"<br> },<br> {<br> "name": "broadcast-address",<br> "data": "10.13.10.255"<br> },<br> {<br> "name": "routers",<br> "data": "10.13.10.1"<br> },<br> {<br> "name": "ntp-servers",<br> "data": "10.13.10.1"<br> }<br> ],<br> "interface": "macvlan_media",<br> "pools": [<br> {<br> "pool": "10.13.10.200 - 10.13.10.254"<br> }<br> ],<br> "reservations": [<br> ...<br> ]<br> },<br><br> # VPN Network<br> {<br> "id": 10,<br> "subnet": "<a href="http://10.13.11.0/24" rel="noreferrer noreferrer noreferrer" target="_blank">10.13.11.0/24</a>",<br> "option-data": [<br> {<br> "name": "domain-name-servers",<br> "data": "10.13.11.1, 10.13.11.4"<br> },<br> {<br> "name": "domain-name",<br> "data": "vpn.foo.bar"<br> },<br> {<br> "name": "broadcast-address",<br> "data": "10.13.11.255"<br> },<br> {<br> "name": "routers",<br> "data": "10.13.11.1"<br> },<br> {<br> "name": "ntp-servers",<br> "data": "10.13.11.1"<br> }<br> ],<br> "interface": "macvlan_vpn",<br> "pools": [<br> {<br> "pool": "10.13.11.200 - 10.13.11.254"<br> }<br> ]<br> },<br><br> # IoT Network<br> {<br> "id": 11,<br> "subnet": "<a href="http://10.13.12.0/22" rel="noreferrer noreferrer noreferrer" target="_blank">10.13.12.0/22</a>",<br> "option-data": [<br> {<br> "name": "domain-name-servers",<br> "data": "10.13.12.1, 10.13.12.4"<br> },<br> {<br> "name": "domain-name",<br> "data": "iot.foo.bar"<br> },<br> {<br> "name": "broadcast-address",<br> "data": "10.13.15.255"<br> },<br> {<br> "name": "routers",<br> "data": "10.13.12.1"<br> },<br> {<br> "name": "ntp-servers",<br> "data": "10.13.12.15, 10.13.12.1"<br> }<br> ],<br> "interface": "macvlan_iot",<br> "pools": [<br> {<br> "pool": "10.13.12.200 - 10.13.12.254"<br> }<br> ],<br> "reservations": [<br> ...<br> ]<br> },<br><br> # Private Network<br> {<br> "id": 12,<br> "subnet": "<a href="http://10.13.16.0/20" rel="noreferrer noreferrer noreferrer" target="_blank">10.13.16.0/20</a>",<br> "option-data": [<br> {<br> "name": "domain-name-servers",<br> "data": "10.13.16.1, 10.13.16.4"<br> },<br> {<br> "name": "domain-name",<br> "data": "private.foo.bar"<br> },<br> {<br> "name": "broadcast-address",<br> "data": "10.13.31.255"<br> },<br> {<br> "name": "routers",<br> "data": "10.13.16.1"<br> },<br> {<br> "name": "ntp-servers",<br> "data": "10.13.16.1"<br> }<br> ],<br> "interface": "macvlan_private",<br> "pools": [<br> {<br> "pool": "10.13.16.200 - 10.13.16.254"<br> }<br> ],<br> "reservations": [<br> ...<br> ]<br> }<br> ],<br><br> "host-reservation-identifiers": [<br> "hw-address"<br> ]<br> }<br>}</div><div><br></div><div>kea log:<br></div><div>2023-09-07 01:40:40.010 DEBUG [kea-dhcp4.options/23400.281473524985888] DHCP4_BUFFER_UNPACK parsing buffer received from 10.13.12.80 to 10.13.12.1 over interface macvlan_iot<br>2023-09-07 01:40:40.011 DEBUG [kea-dhcp4.hosts/23400.281473524985888] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv4 reservation for subnet id 11, identified by hwaddr=XXXXXXXXXXXX<br>2023-09-07 01:40:40.011 DEBUG [kea-dhcp4.hosts/23400.281473524985888] HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using identifier: hwaddr=XXXXXXXXXXXX<br>2023-09-07 01:40:40.012 DEBUG [kea-dhcp4.hosts/23400.281473524985888] HOSTS_CFG_GET_ALL_IDENTIFIER_HOST using identifier: hwaddr=XXXXXXXXXXXX, found host: hwaddr=XXXXXXXXXXXX ipv4_subnet_id=11 hostname=LEAD-LEDPanel ipv4_reservation=10.13.12.80 siaddr=(no) sname=(empty) file=(empty) key=(empty) ipv6_reservations=(none)<br>2023-09-07 01:40:40.012 DEBUG [kea-dhcp4.hosts/23400.281473524985888] HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier hwaddr=XXXXXXXXXXXX, found 1 host(s)<br>2023-09-07 01:40:40.012 DEBUG [kea-dhcp4.hosts/23400.281473524985888] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_HOST using subnet id 11 and identifier hwaddr=XXXXXXXXXXXX, found host: hwaddr=XXXXXXXXXXXX ipv4_subnet_id=11 hostname=LEAD-LEDPanel ipv4_reservation=10.13.12.80 siaddr=(no) sname=(empty) file=(empty) key=(empty) ipv6_reservations=(none)<br>2023-09-07 01:40:40.012 DEBUG [kea-dhcp4.dhcp4/23400.281473524985888] DHCP4_CLASS_ASSIGNED [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info], tid=0xabcd0ed3: client packet has been assigned to the following class(es): KNOWN<br>2023-09-07 01:40:40.012 DEBUG [kea-dhcp4.dhcp4/23400.281473524985888] DHCP4_CLASS_ASSIGNED [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info], tid=0xabcd0ed3: client packet has been assigned to the following class(es): ALL, KNOWN<br>2023-09-07 01:40:40.012 DEBUG [kea-dhcp4.ddns/23400.281473524985888] DHCP4_CLIENT_HOSTNAME_PROCESS [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info], tid=0xabcd0ed3: processing client's Hostname option<br>2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.ddns/23400.281473524985888] DHCP4_CLIENT_HOSTNAME_DATA [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info], tid=0xabcd0ed3: client sent Hostname option: HF-LPB100<br>2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.ddns/23400.281473524985888] DHCP4_RESERVED_HOSTNAME_ASSIGNED [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info], tid=0xabcd0ed3: server assigned reserved hostname lead-ledpanel<br>2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.hosts/23400.281473524985888] HOSTS_CFG_GET_ALL_SUBNET_ID_ADDRESS4 get all hosts with reservations for subnet id 11 and IPv4 address 10.13.12.80<br>2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.hosts/23400.281473524985888] HOSTS_CFG_GET_ALL_ADDRESS4 get all hosts with reservations for IPv4 address 10.13.12.80<br>2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.hosts/23400.281473524985888] HOSTS_CFG_GET_ALL_ADDRESS4_HOST using address 10.13.12.80 found host: hwaddr=XXXXXXXXXXXX ipv4_subnet_id=11 hostname=LEAD-LEDPanel ipv4_reservation=10.13.12.80 siaddr=(no) sname=(empty) file=(empty) key=(empty) ipv6_reservations=(none)<br>2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.hosts/23400.281473524985888] HOSTS_CFG_GET_ALL_ADDRESS4_COUNT using address 10.13.12.80, found 1 host(s)<br>2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.hosts/23400.281473524985888] HOSTS_CFG_GET_ALL_SUBNET_ID_ADDRESS4_HOST using IPv4 subnet 11 and IPv4 address 10.13.12.80, found host: hwaddr=XXXXXXXXXXXX ipv4_subnet_id=11 hostname=LEAD-LEDPanel ipv4_reservation=10.13.12.80 siaddr=(no) sname=(empty) file=(empty) key=(empty) ipv6_reservations=(none)<br>2023-09-07 01:40:40.013 DEBUG [kea-dhcp4.hosts/23400.281473524985888] HOSTS_CFG_GET_ALL_SUBNET_ID_ADDRESS4_COUNT using IPv4 subnet 11 and IPv4 address 10.13.12.80, found 1 host(s)<br>2023-09-07 01:40:40.014 DEBUG [kea-dhcp4.hosts/23400.281473524985888] HOSTS_MGR_ALTERNATE_GET_ALL_SUBNET_ID_ADDRESS4 trying alternate sources for hosts using subnet id 11 and address 10.13.12.80<br>2023-09-07 01:40:40.014 DEBUG [kea-dhcp4.alloc-engine/23400.281473524985888] ALLOC_ENGINE_V4_REQUEST_EXTEND_LEASE [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info], tid=0xabcd0ed3: extending lifetime of the lease for address 10.13.12.80<br>2023-09-07 01:40:40.014 DEBUG [kea-dhcp4.ddns/23400.281473524985888] DHCP4_NCR_CREATE [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info], tid=0xabcd0ed3: DDNS updates enabled, therefore sending name change requests<br>2023-09-07 01:40:40.014 DEBUG [kea-dhcp4.options/23400.281473524985888] DHCP4_PACKET_PACK [hwtype=1 xx:xx:xx:xx:xx:xx], cid=[no info], tid=0xabcd0ed3: preparing on-wire format of the packet to be sent</div><div><br></div><div>charon dhcp:</div><div>dhcp {<br><br> # Always use the configured server address.<br> # force_server_address = no<br> force_server_address = yes<br><br> # Derive user-defined MAC address from hash of IKE identity and send client<br> # identity DHCP option.<br> # identity_lease = no<br><br> # Interface name the plugin uses for address allocation.<br> # interface =<br><br> # Whether to load the plugin. Can also be an integer to increase the<br> # priority of this plugin.<br> load = yes<br><br> # DHCP server unicast or broadcast IP address.<br> # server = 255.255.255.255<br> server = 10.13.11.255<br><br> # Use the DHCP server port (67) as source port when a unicast server address<br> # is configured.<br> # use_server_port = no<br>}</div><div><br></div><div>swanctrl --log (working isc-dhcp):</div><div>14[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255<br>14[IKE] peer requested virtual IP %any<br>13[MGR] ignoring request with ID 6, already processing<br>14[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255<br>14[CFG] received DHCP OFFER 10.13.11.245 from 10.13.11.1<br>14[CFG] sending DHCP REQUEST for 10.13.11.245 to 10.13.11.1<br>14[CFG] received DHCP ACK for 10.13.11.245<br>14[IKE] assigning virtual IP 10.13.11.245 to peer 'saschahacker'</div><div><br></div><div>swanctrl --log (not working kea):</div><div>16[IKE] peer requested virtual IP %any<br>16[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255<br>16[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255<br>15[MGR] ignoring request with ID 6, already processing<br>10[MGR] ignoring request with ID 6, already processing<br>16[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255<br>04[MGR] ignoring request with ID 6, already processing<br>16[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255<br>12[NET] received packet: from 10.13.17.1[4500] to 10.13.16.1[4500] (72 bytes)<br>12[IKE] received message ID 6, expected 7, ignored<br>16[CFG] sending DHCP DISCOVER for yy:yy:yy:yy:yy:yy to 10.13.11.255<br>06[MGR] ignoring request with ID 6, already processing<br>16[CFG] DHCP DISCOVER timed out<br>16[IKE] no virtual IP found for %any requested by 'saschahacker'</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Am Fr., 8. Sept. 2023 um 14:21 Uhr schrieb Darren Ankney <<a href="mailto:darren.ankney@gmail.com" rel="noreferrer noreferrer noreferrer" target="_blank">darren.ankney@gmail.com</a>>:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi Sascha,<br>
<br>
I assume you see discovers from other clients? Can you share your Kea<br>
configuration? Be sure and redact any sensitive information. Can you<br>
share some logs of a working client (understand you have no logs of<br>
the Strongswan client)?<br>
<br>
Thank you,<br>
<br>
Darren Ankney<br>
<br>
<br>
On Fri, Sep 8, 2023 at 7:36 AM Sascha Marcel Hacker via Kea-users<br>
<<a href="mailto:kea-users@lists.isc.org" rel="noreferrer noreferrer noreferrer" target="_blank">kea-users@lists.isc.org</a>> wrote:<br>
><br>
> Hi, I migrated my home lab from isc-dhcp to kea.<br>
> But now the strongswan DHCP module is not working.<br>
> When I switch back to isc-dhcp it works as it should.<br>
> I also added a kea debug logger for kea-dhcp4.bad-packets and kea-dhcp4.packet.<br>
> But no DHCP DISCOVER from the strongswan server is logged.<br>
><br>
> Both are on the same host.<br>
><br>
> Any suggestions?<br>
><br>
> thanks in advance<br>
> Sascha<br>
><br>
> Stronswan Version: 5.9.11 (self-compiled) and 5.9.5-2ubuntu2.1 (OS package)<br>
> Kea Version: 2.2.0-5ubuntu4 (OS package)<br>
> ISC DHCP Version: 4.4.1-2.3ubuntu2.4 (OS package)<br>
> OS: Ubuntu 23.04<br>
> Platform: arm64<br>
> --<br>
> ISC funds the development of this software with paid support subscriptions. Contact us at <a href="https://www.isc.org/contact/" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">https://www.isc.org/contact/</a> for more information.<br>
><br>
> To unsubscribe visit <a href="https://lists.isc.org/mailman/listinfo/kea-users" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/kea-users</a>.<br>
><br>
> Kea-users mailing list<br>
> <a href="mailto:Kea-users@lists.isc.org" rel="noreferrer noreferrer noreferrer" target="_blank">Kea-users@lists.isc.org</a><br>
> <a href="https://lists.isc.org/mailman/listinfo/kea-users" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/kea-users</a><br>
-- <br>
ISC funds the development of this software with paid support subscriptions. Contact us at <a href="https://www.isc.org/contact/" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">https://www.isc.org/contact/</a> for more information.<br>
<br>
To unsubscribe visit <a href="https://lists.isc.org/mailman/listinfo/kea-users" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/kea-users</a>.<br>
<br>
Kea-users mailing list<br>
<a href="mailto:Kea-users@lists.isc.org" rel="noreferrer noreferrer noreferrer" target="_blank">Kea-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/kea-users" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/kea-users</a><br>
</blockquote></div>
</blockquote></div>
</blockquote></div>
</blockquote></div>
</blockquote></div>