[Kea-users] Configuring two separate subnets with PD pool and address pool

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

[Kea-users] Configuring two separate subnets with PD pool and address pool

Brandon Cazander
I'm trying to configure two separate subnets in kea, one with a prefix delegation pool and another with an address pool and running into some difficulties. I am following the guide for 1.4.0 here (and running kea 1.4.0-P1): https://ftp.isc.org/isc/kea/1.4.0/doc/kea-guide.html#dhcp6-address-config

With the following configuration, my client can successfully request prefix delegation, but if they try to do IA_NA the server responds with "Sorry, no address could be allocated." The odd part about this is that if I swap the ordering of the subnets below (i.e., 2001:db8:2::/64 comes first with its corresponding pool), the client will be able to do IA_NA but not prefix delegation with the error "Sorry, no prefixes could be allocated."

I have some debug logs below for the two cases. It appears as though the second subnet is ignored in each case, but the kea admin guide seems to indicate that this is a valid configuration choice.

{
    "Dhcp6": {
        "lease-database": {
            "type": "memfile",
            "persist": true,
            "name": "/var/run/kea-leases6.csv",
            "lfc-interval": 1800
        },
        "interfaces-config": {
            "interfaces": [
                "eth0/2001:db8::1",
                "eth0/2001:db8::2",
            ]
        },
        "subnet6": [
            {
                "subnet": "2001:db8:1::/64",
                "pd-pools": [
                    {
                        "prefix": "3000:1::",
                        "prefix-len": 64,
                        "delegated-len": 96
                    }
                ],
                "interface": "eth0",
                "option-data": []
            },
            {
                "subnet": "2001:db8:2::/64",
                "pools": [
                    {
                        "pool": "2001:db8:2::/64"
                    }
                ],
                "interface": "eth0",
                "option-data": []
            }
        ]
    }
}

With the 2001:db8:2::/64 address pool first, a PD request from client logs:
---------------------------------------------------------------
2018-11-15 07:55:21.708 DEBUG [kea-dhcp6.packets/2110445] DHCP6_BUFFER_RECEIVED received buffer from fe80::f2ff:fe40:f5d:546 to ff02::1:2:0 over interface eth0
2018-11-15 07:55:21.708 DEBUG [kea-dhcp6.options/2110445] DHCP6_BUFFER_UNPACK parsing buffer received from fe80::f2ff:fe40:f5d to ff02::1:2 over interface eth0
2018-11-15 07:55:21.708 DEBUG [kea-dhcp6.packets/2110445] DHCP6_PACKET_RECEIVED duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0xf29805: SOLICIT (type 1) received from fe80::f2ff:fe40:f5d to ff02::1:2 on interface eth0                                                                                                                                                            
2018-11-15 07:55:21.708 DEBUG [kea-dhcp6.packets/2110445] DHCP6_QUERY_DATA duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0xf29805, packet details: localAddr=[ff02::1:2]:0 remoteAddr=[fe80::f2ff:fe40:f5d]:546                                                                                                                                                                      
msgtype=1(SOLICIT), transid=0xf29805
type=00001, len=00014: 00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d
type=00006, len=00004: 23(uint16) 24(uint16)
type=00008, len=00002: 762 (uint16)
type=00025(IA_PD), len=00012: iaid=4064284509, t1=3600, t2=5400
No relays traversed.

2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.dhcpsrv/2110445] DHCPSRV_CFGMGR_SUBNET6_IFACE selected subnet 2001:db8:2::/64 for packet received over interface eth0
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.packets/2110445] DHCP6_SUBNET_SELECTED duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0xf29805: the subnet with ID 1 was selected for client assignments                                                                                                                                                                                     
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.packets/2110445] DHCP6_SUBNET_DATA duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0xf29805: the selected subnet details: 2001:db8:2::/64
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv6 reservation for subnet id 1, identified by hwaddr=0200F2400F5D
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using identifier: hwaddr=0200F2400F5D
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier hwaddr=0200F2400F5D, found 0 host(s)
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_NULL host not found using subnet id 1 and identifier hwaddr=0200F2400F5D
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv6 reservation for subnet id 1, identified by duid=000100012378A1980200F2400F5D                                                                                                                                                                                           
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using identifier: duid=000100012378A1980200F2400F5D
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier duid=000100012378A1980200F2400F5D, found 0 host(s)
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_NULL host not found using subnet id 1 and identifier duid=000100012378A1980200F2400F5D
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.dhcp6/2110445] DHCP6_CLASS_ASSIGNED duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0xf29805: client packet has been assigned to the following class(es): UNKNOWN                                                                                                                                                                             
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.leases/2110445] DHCP6_PROCESS_IA_PD_REQUEST duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0xf29805: server is processing IA_PD option with iaid=4064284509 and hint=(no hint)                                                                                                                                                               
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.dhcpsrv/2110445] DHCPSRV_MEMFILE_GET_IAID_DUID obtaining IPv6 leases for IAID 4064284509 and DUID 00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d and lease type IA_PD                                                                                                                                                                                    
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.alloc-engine/2110445] ALLOC_ENGINE_V6_ALLOC_UNRESERVED no static reservations available - trying to dynamically allocate leases for client duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0xf29805                                                                                                                                           
2018-11-15 07:55:21.709 WARN  [kea-dhcp6.alloc-engine/2110445] ALLOC_ENGINE_V6_ALLOC_FAIL duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0xf29805: failed to allocate an IPv6 address after 0 attempt(s)                                                                                                                                                                              
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.leases/2110445] DHCP6_PD_LEASE_ADVERT_FAIL duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0xf29805: failed to advertise a prefix lease for iaid=4064284509                                                                                                                                                                                   
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.options/2110445] DHCP6_ADD_STATUS_CODE_FOR_IA duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0xf29805: adding Status Code to IA with iaid=4064284509: NoPrefixAvail(6) "Sorry, no prefixes could be allocated."                                                                                                                              
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.dhcp6/2110445] DHCP6_CLASS_ASSIGNED duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0xf29805: client packet has been assigned to the following class(es): ALL, UNKNOWN                                                                                                                                                                        
2018-11-15 07:55:21.709 DEBUG [kea-dhcp6.packets/2110445] DHCP6_RESPONSE_DATA responding with packet type 2 data is localAddr=[ff02::1:2]:547 remoteAddr=[fe80::f2ff:fe40:f5d]:546
msgtype=2(ADVERTISE), transid=0xf29805
type=00001, len=00014: 00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d
type=00002, len=00014: 00:01:00:01:23:78:a1:07:02:00:d0:26:ab:4e
type=00025(IA_PD), len=00056: iaid=4064284509, t1=0, t2=0,
options:
  type=00013, len=00040: NoPrefixAvail(6) "Sorry, no prefixes could be allocated."
No relays traversed.

With the 2001:db8:1::/64 PD pool first, an IA_NA request from client logs:
---------------------------------------------------------------
2018-11-15 07:57:27.876 DEBUG [kea-dhcp6.packets/2110445] DHCP6_BUFFER_RECEIVED received buffer from fe80::f2ff:fe40:f5d:546 to ff02::1:2:0 over interface eth0
2018-11-15 07:57:27.876 DEBUG [kea-dhcp6.options/2110445] DHCP6_BUFFER_UNPACK parsing buffer received from fe80::f2ff:fe40:f5d to ff02::1:2 over interface eth0
2018-11-15 07:57:27.876 DEBUG [kea-dhcp6.packets/2110445] DHCP6_PACKET_RECEIVED duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0x1ae9c4: SOLICIT (type 1) received from fe80::f2ff:fe40:f5d to ff02::1:2 on interface eth0                                                                                                                                                            
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.packets/2110445] DHCP6_QUERY_DATA duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0x1ae9c4, packet details: localAddr=[ff02::1:2]:0 remoteAddr=[fe80::f2ff:fe40:f5d]:546                                                                                                                                                                      
msgtype=1(SOLICIT), transid=0x1ae9c4
type=00001, len=00014: 00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d
type=00003(IA_NA), len=00012: iaid=4064284509, t1=3600, t2=5400
type=00006, len=00004: 23(uint16) 24(uint16)
type=00008, len=00002: 687 (uint16)
No relays traversed.

2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.dhcpsrv/2110445] DHCPSRV_CFGMGR_SUBNET6_IFACE selected subnet 2001:db8:1::/64 for packet received over interface eth0
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.packets/2110445] DHCP6_SUBNET_SELECTED duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0x1ae9c4: the subnet with ID 1 was selected for client assignments                                                                                                                                                                                     
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.packets/2110445] DHCP6_SUBNET_DATA duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0x1ae9c4: the selected subnet details: 2001:db8:1::/64
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv6 reservation for subnet id 1, identified by hwaddr=0200F2400F5D
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using identifier: hwaddr=0200F2400F5D
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier hwaddr=0200F2400F5D, found 0 host(s)
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_NULL host not found using subnet id 1 and identifier hwaddr=0200F2400F5D
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv6 reservation for subnet id 1, identified by duid=000100012378A1980200F2400F5D                                                                                                                                                                                           
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using identifier: duid=000100012378A1980200F2400F5D
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier duid=000100012378A1980200F2400F5D, found 0 host(s)
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.hosts/2110445] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_NULL host not found using subnet id 1 and identifier duid=000100012378A1980200F2400F5D
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.dhcp6/2110445] DHCP6_CLASS_ASSIGNED duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0x1ae9c4: client packet has been assigned to the following class(es): UNKNOWN                                                                                                                                                                             
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.leases/2110445] DHCP6_PROCESS_IA_NA_REQUEST duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0x1ae9c4: server is processing IA_NA option with iaid=4064284509 and hint=(no hint)                                                                                                                                                               
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.dhcpsrv/2110445] DHCPSRV_MEMFILE_GET_IAID_DUID obtaining IPv6 leases for IAID 4064284509 and DUID 00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d and lease type IA_NA                                                                                                                                                                                    
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.alloc-engine/2110445] ALLOC_ENGINE_V6_ALLOC_UNRESERVED no static reservations available - trying to dynamically allocate leases for client duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0x1ae9c4                                                                                                                                           
2018-11-15 07:57:27.877 WARN  [kea-dhcp6.alloc-engine/2110445] ALLOC_ENGINE_V6_ALLOC_FAIL duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0x1ae9c4: failed to allocate an IPv6 address after 0 attempt(s)                                                                                                                                                                              
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.leases/2110445] DHCP6_LEASE_ADVERT_FAIL duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0x1ae9c4: failed to advertise an address lease for iaid=4064284509                                                                                                                                                                                    
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.options/2110445] DHCP6_ADD_STATUS_CODE_FOR_IA duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0x1ae9c4: adding Status Code to IA with iaid=4064284509: NoAddrsAvail(2) "Sorry, no address could be allocated."                                                                                                                                
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.dhcp6/2110445] DHCP6_CLASS_ASSIGNED duid=[00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d], tid=0x1ae9c4: client packet has been assigned to the following class(es): ALL, UNKNOWN                                                                                                                                                                        
2018-11-15 07:57:27.877 DEBUG [kea-dhcp6.packets/2110445] DHCP6_RESPONSE_DATA responding with packet type 2 data is localAddr=[ff02::1:2]:547 remoteAddr=[fe80::f2ff:fe40:f5d]:546
msgtype=2(ADVERTISE), transid=0x1ae9c4
type=00001, len=00014: 00:01:00:01:23:78:a1:98:02:00:f2:40:0f:5d
type=00002, len=00014: 00:01:00:01:23:78:a1:07:02:00:d0:26:ab:4e
type=00003(IA_NA), len=00055: iaid=4064284509, t1=0, t2=0,
options:
  type=00013, len=00039: NoAddrsAvail(2) "Sorry, no address could be allocated."
No relays traversed.


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] Configuring two separate subnets with PD pool and address pool

Francis Dupont
Your problem is Kea does not have enough informations to select the
second subnet so it always selects the first one. There are two ways
to fix that:
 - find a way to select the right subnet
 - simply merge the two subnets inot one (you can have an address pool
  and a prefix pool in the same subnet in Kea).

Regards

Francis Dupont <[hidden email]>
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] Configuring two separate subnets with PD pool and address pool

Brandon Cazander

Thanks, that is enlightening. I have found the relevant section of the admin guide that talks about selecting subnets.


As a follow up, I'm having trouble following another section of the documentation regarding multiple pools that can be found here https://ftp.isc.org/isc/kea/1.4.0/doc/kea-guide.html#dhcp6-address-config.


If I configure the following as per the documentation above, I get an error when kea starts that seems to imply that the pools must have the same prefix.


"Dhcp6": {
    "subnet6": [
    {
        "subnet": "2001:db8:1::/64",
        "pools": [
            { "pool": "2001:db8:1::1-2001:db8:1::ffff" },
            { "pool": "2001:db8:1:05::/80" }
        ],
        ...
    }
    ]
}

The debug logs show:
2018-11-15 14:49:44.469 ERROR [kea-dhcp6.dhcp6/3739] DHCP6_PARSER_FAIL failed to create or run parser for configuration element subnet6: subnet configuration failed: a pool of type IA_NA, with the following address range: 2001:db8:1:5::-2001:db8:1:5:0:ffff:ffff:ffff does not match the prefix of a subnet: 2001:db8:1::/64 to which it is being added (/var/run/kea.conf:33:6)
2018-11-15 14:49:44.469 ERROR [kea-dhcp6.dhcp6/3739] DHCP6_CONFIG_LOAD_FAIL configuration error using file: /var/run/kea.conf, reason: subnet configuration failed: a pool of type IA_NA, with the following address range: 2001:db8:1:5::-2001:db8:1:5:0:ffff:ffff:ffff does not match the prefix of a subnet: 2001:db8:1::/64 to which it is being added (/var/run/kea.conf:33:6)
2018-11-15 14:49:44.469 ERROR [kea-dhcp6.dhcp6/3739] DHCP6_DYNAMIC_RECONFIGURATION_FAIL dynamic server reconfiguration failed with file: /var/run/kea.conf


From: Francis Dupont <[hidden email]>
Sent: Thursday, November 15, 2018 1:48:03 PM
To: Brandon Cazander
Cc: [hidden email]
Subject: Re: [Kea-users] Configuring two separate subnets with PD pool and address pool
 
Your problem is Kea does not have enough informations to select the
second subnet so it always selects the first one. There are two ways
to fix that:
 - find a way to select the right subnet
 - simply merge the two subnets inot one (you can have an address pool
  and a prefix pool in the same subnet in Kea).

Regards

Francis Dupont <[hidden email]>

_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] Configuring two separate subnets with PD pool and address pool

Francis Dupont
Brandon Cazander writes:

> "Dhcp6": {
>     "subnet6": [
>     {
>         "subnet": "2001:db8:1::/64",
>         "pools": [
>             { "pool": "2001:db8:1::1-2001:db8:1::ffff" },
>             { "pool": "2001:db8:1:05::/80" }
>         ],
>         ...
>     }
>     ]
> }

=> pools must be in the subnet. Here I believe there is a typo:
the second pool is not in the subnet, perhaps it should be:
 "pool": "2001:db8:1:0:5::/80"

Regards

Francis Dupont <[hidden email]>
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] Configuring two separate subnets with PD pool and address pool

Christian Kratzer-2
Hi,

On Fri, 16 Nov 2018, Francis Dupont wrote:

> Brandon Cazander writes:
>> "Dhcp6": {
>>     "subnet6": [
>>     {
>>         "subnet": "2001:db8:1::/64",
>>         "pools": [
>>             { "pool": "2001:db8:1::1-2001:db8:1::ffff" },
>>             { "pool": "2001:db8:1:05::/80" }
>>         ],
>>         ...
>>     }
>>     ]
>> }
>
> => pools must be in the subnet. Here I believe there is a typo:
> the second pool is not in the subnet, perhaps it should be:
> "pool": "2001:db8:1:0:5::/80"

For IA_NA yes.

For IA_PD the pools will always be outside of the subnet the request is coming from.

The relay agent will take care of setting up the route.

Not sure how IA_PD would work if the dhcp server is directly located in the same subnet the request is coming from without going through a relay agent.

Greetings
Christian

--
Christian Kratzer                   CK Software GmbH
Email:   [hidden email]               Wildberger Weg 24/2
Phone:   +49 7032 893 997 - 0       D-71126 Gaeufelden
Fax:     +49 7032 893 997 - 9       HRB 245288, Amtsgericht Stuttgart
Mobile:  +49 171 1947 843           Geschaeftsfuehrer: Christian Kratzer
Web:     http://www.cksoft.de/
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users