[Kea-users] Host Reservation Problem

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[Kea-users] Host Reservation Problem

krdoor
Dear Kea Users List,

I'm working for a university college and I'm in the process of trying to
migrate the current ISC dhcp to Kea DHCP.

On the current ISC DHCP we have been using ldap as a backend for host
reservations. Since the ldap server is phased out, we are planning to
migrate reservations to mysql.

Some facts about our current implementation:

basically we have "2 types" of subnets:

1. Reservation only:

--> only registered client get an ip address, this can be either a dynamic
or fixed address (Most devices just have a dynamic address, only for some
special use cases static ip's are assigned)
--> in ISC cfg, this is accomplished by: deny unknown-clients
--> byod devices are ignored and don't get an IP address (I know poor man
security)

2. Allow everyone:
--> here every device gets an dynamic IP address, used for byod networks
where 802.1x has been applied for example wifi but also wired 802.1x


When trying to get this done in KEA DHCP, I always run into trouble.

For the first reserved only subnets:

For the dynamic assigned ip's: I can define them globally, so I only have to
add it once

For the static ip assignments: When defining a static ip in the global
reservation, this works in the subnet of the static ip, but when this client
roams to another subnet, no dynamic ip is assigned (this is different in ISC
old dhcp)

Is the only work around to register these reservations (both dynamic and
static) on a per subnet basis? Or is there another approach?

Thanks in advance,
Kristof



--
Sent from: http://kea-users.7364.n8.nabble.com/
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] Host Reservation Problem

Bob Harold

On Tue, Jan 14, 2020 at 8:51 AM krdoor <[hidden email]> wrote:
Dear Kea Users List,

I'm working for a university college and I'm in the process of trying to
migrate the current ISC dhcp to Kea DHCP.

On the current ISC DHCP we have been using ldap as a backend for host
reservations. Since the ldap server is phased out, we are planning to
migrate reservations to mysql.

Some facts about our current implementation:

basically we have "2 types" of subnets:

1. Reservation only:

--> only registered client get an ip address, this can be either a dynamic
or fixed address (Most devices just have a dynamic address, only for some
special use cases static ip's are assigned)
--> in ISC cfg, this is accomplished by: deny unknown-clients

You probably do not need "deny unknown-clients", and it could cause problems.
You just need:  allow members of "my-pool";
and that changes the default rule to denied for that subnet.  (At least for ISC DHCPD)

I don't know how that works in Kea, but if you include your Kea config, someone here might be able to help.

-- 
Bob Harold
 
--> byod devices are ignored and don't get an IP address (I know poor man
security)

2. Allow everyone:
--> here every device gets an dynamic IP address, used for byod networks
where 802.1x has been applied for example wifi but also wired 802.1x


When trying to get this done in KEA DHCP, I always run into trouble.

For the first reserved only subnets:

For the dynamic assigned ip's: I can define them globally, so I only have to
add it once

For the static ip assignments: When defining a static ip in the global
reservation, this works in the subnet of the static ip, but when this client
roams to another subnet, no dynamic ip is assigned (this is different in ISC
old dhcp)

Is the only work around to register these reservations (both dynamic and
static) on a per subnet basis? Or is there another approach?

Thanks in advance,
Kristof

 

_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users