[Kea-users] KEA DHCP and VLANS...

classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|

[Kea-users] KEA DHCP and VLANS...

Talkabout

Hi guys,

 

I am struggling in getting my KEA DHCP Server to work with my VLAN Environment. I was assuming that defining a list of virtual interfaces and subnets matching those is sufficient, but it seems that the „dhcp-socket-type: raw“ is skipping the VLAN handling in the Linux kernel and thus this Information is Kind of lost… I have read a lot About Client classes, shared Networks and so on but I have not found any solution in how to get the DHCP Server to assign correct ip pools based on the VLAN. Here is my configuration:

 

Interfaces:

 

eth0 => physical interface

eth0.30 => virtual interface

eth0.50 => virtual interface

eth0.100 => virtual interface

 

KEA DHCP conf:

 

{

        "Dhcp4": {

                "interfaces-config": {

                        "interfaces": [ "eth0", "eth0.30", "eth0.50", "eth0.100" ],

                        "dhcp-socket-type": "raw"

                },

                "control-socket": {

                        "socket-type": "unix",

                        "socket-name": "/tmp/kea4-ctrl-socket"

                },

                "lease-database": {

               …

                },

                "hosts-database": {

               …

                },

                "sanity-checks": {

                        "lease-checks": "fix-del"

                },

                "valid-lifetime": 28800,

                "rebind-timer": 21600,

                "subnet4": [

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.20.100-192.168.20.200"

                                        }

                                ],

                                "id": 1,

                                "subnet": "192.168.20.0/24",

                                "interface": "eth0",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.30.100-192.168.30.200"

                                        }

                                ],

                                "id": 30,

                                "subnet": "192.168.30.0/24",

                                "interface": "eth0.30",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.50.100-192.168.50.200"

                                        }

                                ],

                                "id": 50,

                                "interface" : "eth0.50",

                                "subnet": "192.168.50.0/24",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.100.100-192.168.100.200"

                                        }

                                ],

                                "id": 100,

                                "subnet": "192.168.100.0/24",

                                "interface": "eth0.100",

                                "option-data": [

                       …

                                ]

                        }

                ],

                "hooks-libraries": [

               …

                ],

                "loggers": [

                        …

                ]

        }

}

 

What do I Need to do to force the DHCP Server to assign an IP address from a subnet based on the tagged VLAN of the request?

 

I am using KEA DHCP Server Version 1.6.1.

 

Help is much appreciated!

 

Thanks!

 

Gesendet von Mail für Windows 10

 


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] KEA DHCP and VLANS...

Talkabout

Hi all,

 

I think the Problem here is the physical interface. It seems that for every virtual interface the dhcp request is also delivered to eth0, which makes the DHCP Server to try to advertise ips from the vlan and lan. Depending on the Client the correct or wrong ip is accepted.

 

Question: is KEA DHCP Server honoring the vlan Tagging? In such a case it should not accept the DHCP requests on eth0 if the request is tagged with a particuar vlan.

 

Thanks!

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Samstag, 1. Februar 2020 12:36
An: [hidden email]
Betreff: [Kea-users] KEA DHCP and VLANS...

 

Hi guys,

 

I am struggling in getting my KEA DHCP Server to work with my VLAN Environment. I was assuming that defining a list of virtual interfaces and subnets matching those is sufficient, but it seems that the „dhcp-socket-type: raw“ is skipping the VLAN handling in the Linux kernel and thus this Information is Kind of lost… I have read a lot About Client classes, shared Networks and so on but I have not found any solution in how to get the DHCP Server to assign correct ip pools based on the VLAN. Here is my configuration:

 

Interfaces:

 

eth0 => physical interface

eth0.30 => virtual interface

eth0.50 => virtual interface

eth0.100 => virtual interface

 

KEA DHCP conf:

 

{

        "Dhcp4": {

                "interfaces-config": {

                        "interfaces": [ "eth0", "eth0.30", "eth0.50", "eth0.100" ],

                        "dhcp-socket-type": "raw"

                },

                "control-socket": {

                        "socket-type": "unix",

                        "socket-name": "/tmp/kea4-ctrl-socket"

                },

                "lease-database": {

               …

                },

                "hosts-database": {

               …

                },

                "sanity-checks": {

                        "lease-checks": "fix-del"

                },

                "valid-lifetime": 28800,

                "rebind-timer": 21600,

                "subnet4": [

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.20.100-192.168.20.200"

                                        }

                                ],

                                "id": 1,

                                "subnet": "192.168.20.0/24",

                                "interface": "eth0",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.30.100-192.168.30.200"

                                        }

                                ],

                                "id": 30,

                                "subnet": "192.168.30.0/24",

                                "interface": "eth0.30",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.50.100-192.168.50.200"

                                        }

                                ],

                                "id": 50,

                                "interface" : "eth0.50",

                                "subnet": "192.168.50.0/24",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.100.100-192.168.100.200"

                                        }

                                ],

                                "id": 100,

                                "subnet": "192.168.100.0/24",

                                "interface": "eth0.100",

                                "option-data": [

                       …

                                ]

                        }

                ],

                "hooks-libraries": [

               …

                ],

                "loggers": [

                        …

                ]

        }

}

 

What do I Need to do to force the DHCP Server to assign an IP address from a subnet based on the tagged VLAN of the request?

 

I am using KEA DHCP Server Version 1.6.1.

 

Help is much appreciated!

 

Thanks!

 

Gesendet von Mail für Windows 10

 

 


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] KEA DHCP and VLANS...

Dajka Tamás

Hi,

 

it’s never a good idea to mix untagged (native vlan 1) and tagged packets. I suggest you change your network layout, this will prevent you from many more phenomenons.

 

Cheers,

 

               Tom

 

p.s.: if you cannot do it easily, than set up a dhcp-relay for native vlan on the switch and relay it to the KEA in a separate vlan

 

From: Kea-users [mailto:[hidden email]] On Behalf Of Talkabout
Sent: Saturday, February 1, 2020 2:12 PM
To: [hidden email]
Subject: Re: [Kea-users] KEA DHCP and VLANS...

 

Hi all,

 

I think the Problem here is the physical interface. It seems that for every virtual interface the dhcp request is also delivered to eth0, which makes the DHCP Server to try to advertise ips from the vlan and lan. Depending on the Client the correct or wrong ip is accepted.

 

Question: is KEA DHCP Server honoring the vlan Tagging? In such a case it should not accept the DHCP requests on eth0 if the request is tagged with a particuar vlan.

 

Thanks!

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Samstag, 1. Februar 2020 12:36
An: [hidden email]
Betreff: [Kea-users] KEA DHCP and VLANS...

 

Hi guys,

 

I am struggling in getting my KEA DHCP Server to work with my VLAN Environment. I was assuming that defining a list of virtual interfaces and subnets matching those is sufficient, but it seems that the „dhcp-socket-type: raw“ is skipping the VLAN handling in the Linux kernel and thus this Information is Kind of lost… I have read a lot About Client classes, shared Networks and so on but I have not found any solution in how to get the DHCP Server to assign correct ip pools based on the VLAN. Here is my configuration:

 

Interfaces:

 

eth0 => physical interface

eth0.30 => virtual interface

eth0.50 => virtual interface

eth0.100 => virtual interface

 

KEA DHCP conf:

 

{

        "Dhcp4": {

                "interfaces-config": {

                        "interfaces": [ "eth0", "eth0.30", "eth0.50", "eth0.100" ],

                        "dhcp-socket-type": "raw"

                },

                "control-socket": {

                        "socket-type": "unix",

                        "socket-name": "/tmp/kea4-ctrl-socket"

                },

                "lease-database": {

               …

                },

                "hosts-database": {

               …

                },

                "sanity-checks": {

                        "lease-checks": "fix-del"

                },

                "valid-lifetime": 28800,

                "rebind-timer": 21600,

                "subnet4": [

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.20.100-192.168.20.200"

                                        }

                                ],

                                "id": 1,

                                "subnet": "192.168.20.0/24",

                                "interface": "eth0",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.30.100-192.168.30.200"

                                        }

                                ],

                                "id": 30,

                                "subnet": "192.168.30.0/24",

                                "interface": "eth0.30",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.50.100-192.168.50.200"

                                        }

                                ],

                                "id": 50,

                                "interface" : "eth0.50",

                                "subnet": "192.168.50.0/24",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.100.100-192.168.100.200"

                                        }

                                ],

                                "id": 100,

                                "subnet": "192.168.100.0/24",

                                "interface": "eth0.100",

                                "option-data": [

                       …

                                ]

                        }

                ],

                "hooks-libraries": [

               …

                ],

                "loggers": [

                        …

                ]

        }

}

 

What do I Need to do to force the DHCP Server to assign an IP address from a subnet based on the tagged VLAN of the request?

 

I am using KEA DHCP Server Version 1.6.1.

 

Help is much appreciated!

 

Thanks!

 

Gesendet von Mail für Windows 10

 

 


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] KEA DHCP and VLANS...

Talkabout

Hi Tom,

 

thanks for your answer but both suggestions are difficult to accomplish. The first one is disqualified because other components in my Network infrastructure do not support vlan Tagging, the second one because my switch does not provide a dhcp relay Option.

 

I am wondering why KEA DHCP is not supporting such a configuration. Currently I am using dnsmasq and there I have no issues. Theoretically only a check is missing whether a particular packet is tagged, if so, do not consider the physical device for dhcp…

 

Can I assume that such an infrastructure will never be supported by KEA DHCP Server? If so this is really bad luck, I like the functionalities of this Software…

 

Thanks!

Bye

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Samstag, 1. Februar 2020 17:43
An: [hidden email]; [hidden email]
Betreff: RE: [Kea-users] KEA DHCP and VLANS...

 

Hi,

 

it’s never a good idea to mix untagged (native vlan 1) and tagged packets. I suggest you change your network layout, this will prevent you from many more phenomenons.

 

Cheers,

 

               Tom

 

p.s.: if you cannot do it easily, than set up a dhcp-relay for native vlan on the switch and relay it to the KEA in a separate vlan

 

From: Kea-users [mailto:[hidden email]] On Behalf Of Talkabout
Sent: Saturday, February 1, 2020 2:12 PM
To: [hidden email]
Subject: Re: [Kea-users] KEA DHCP and VLANS...

 

Hi all,

 

I think the Problem here is the physical interface. It seems that for every virtual interface the dhcp request is also delivered to eth0, which makes the DHCP Server to try to advertise ips from the vlan and lan. Depending on the Client the correct or wrong ip is accepted.

 

Question: is KEA DHCP Server honoring the vlan Tagging? In such a case it should not accept the DHCP requests on eth0 if the request is tagged with a particuar vlan.

 

Thanks!

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Samstag, 1. Februar 2020 12:36
An: [hidden email]
Betreff: [Kea-users] KEA DHCP and VLANS...

 

Hi guys,

 

I am struggling in getting my KEA DHCP Server to work with my VLAN Environment. I was assuming that defining a list of virtual interfaces and subnets matching those is sufficient, but it seems that the „dhcp-socket-type: raw“ is skipping the VLAN handling in the Linux kernel and thus this Information is Kind of lost… I have read a lot About Client classes, shared Networks and so on but I have not found any solution in how to get the DHCP Server to assign correct ip pools based on the VLAN. Here is my configuration:

 

Interfaces:

 

eth0 => physical interface

eth0.30 => virtual interface

eth0.50 => virtual interface

eth0.100 => virtual interface

 

KEA DHCP conf:

 

{

        "Dhcp4": {

                "interfaces-config": {

                        "interfaces": [ "eth0", "eth0.30", "eth0.50", "eth0.100" ],

                        "dhcp-socket-type": "raw"

                },

                "control-socket": {

                        "socket-type": "unix",

                        "socket-name": "/tmp/kea4-ctrl-socket"

                },

                "lease-database": {

               …

                },

                "hosts-database": {

               …

                },

                "sanity-checks": {

                        "lease-checks": "fix-del"

                },

                "valid-lifetime": 28800,

                "rebind-timer": 21600,

                "subnet4": [

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.20.100-192.168.20.200"

                                        }

                                ],

                                "id": 1,

                                "subnet": "192.168.20.0/24",

                                "interface": "eth0",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.30.100-192.168.30.200"

                                        }

                                ],

                                "id": 30,

                                "subnet": "192.168.30.0/24",

                                "interface": "eth0.30",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.50.100-192.168.50.200"

                                        }

                                ],

                                "id": 50,

                                "interface" : "eth0.50",

                                "subnet": "192.168.50.0/24",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.100.100-192.168.100.200"

                                        }

                                ],

                                "id": 100,

                                "subnet": "192.168.100.0/24",

                                "interface": "eth0.100",

                                "option-data": [

                       …

                                ]

                        }

                ],

                "hooks-libraries": [

               …

                ],

                "loggers": [

                        …

                ]

        }

}

 

What do I Need to do to force the DHCP Server to assign an IP address from a subnet based on the tagged VLAN of the request?

 

I am using KEA DHCP Server Version 1.6.1.

 

Help is much appreciated!

 

Thanks!

 

Gesendet von Mail für Windows 10

 

 

 


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] KEA DHCP and VLANS...

Dajka Tamás

Have you tried setting the IPs also for the interfaces (both in interface-configs and pools), like this one

 

"interfaces": [ "eth0/192.168.20.1", "eth0.30192.168.30.1"]

 

 

"interface": "eth0/192.168.20.1",

 

The dirty workaround for native vlan 1 is to have a cross-cable connected between two ports of the same switch. One port is set to native untagged vlan, the other port is set to vlan 20 (new vlan, access port, so untagged also). Don’t forget to remove the native vlan from the KEA’s port in this case, otherwise you’ll create a loop.

 

Cheers,

 

               Tom

 

From: Talkabout [mailto:[hidden email]]
Sent: Saturday, February 1, 2020 5:58 PM
To: Dajka Tamás <[hidden email]>; [hidden email]
Subject: AW: [Kea-users] KEA DHCP and VLANS...

 

Hi Tom,

 

thanks for your answer but both suggestions are difficult to accomplish. The first one is disqualified because other components in my Network infrastructure do not support vlan Tagging, the second one because my switch does not provide a dhcp relay Option.

 

I am wondering why KEA DHCP is not supporting such a configuration. Currently I am using dnsmasq and there I have no issues. Theoretically only a check is missing whether a particular packet is tagged, if so, do not consider the physical device for dhcp…

 

Can I assume that such an infrastructure will never be supported by KEA DHCP Server? If so this is really bad luck, I like the functionalities of this Software…

 

Thanks!

Bye

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Samstag, 1. Februar 2020 17:43
An: [hidden email]; [hidden email]
Betreff: RE: [Kea-users] KEA DHCP and VLANS...

 

Hi,

 

it’s never a good idea to mix untagged (native vlan 1) and tagged packets. I suggest you change your network layout, this will prevent you from many more phenomenons.

 

Cheers,

 

               Tom

 

p.s.: if you cannot do it easily, than set up a dhcp-relay for native vlan on the switch and relay it to the KEA in a separate vlan

 

From: Kea-users [[hidden email]] On Behalf Of Talkabout
Sent: Saturday, February 1, 2020 2:12 PM
To: [hidden email]
Subject: Re: [Kea-users] KEA DHCP and VLANS...

 

Hi all,

 

I think the Problem here is the physical interface. It seems that for every virtual interface the dhcp request is also delivered to eth0, which makes the DHCP Server to try to advertise ips from the vlan and lan. Depending on the Client the correct or wrong ip is accepted.

 

Question: is KEA DHCP Server honoring the vlan Tagging? In such a case it should not accept the DHCP requests on eth0 if the request is tagged with a particuar vlan.

 

Thanks!

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Samstag, 1. Februar 2020 12:36
An: [hidden email]
Betreff: [Kea-users] KEA DHCP and VLANS...

 

Hi guys,

 

I am struggling in getting my KEA DHCP Server to work with my VLAN Environment. I was assuming that defining a list of virtual interfaces and subnets matching those is sufficient, but it seems that the „dhcp-socket-type: raw“ is skipping the VLAN handling in the Linux kernel and thus this Information is Kind of lost… I have read a lot About Client classes, shared Networks and so on but I have not found any solution in how to get the DHCP Server to assign correct ip pools based on the VLAN. Here is my configuration:

 

Interfaces:

 

eth0 => physical interface

eth0.30 => virtual interface

eth0.50 => virtual interface

eth0.100 => virtual interface

 

KEA DHCP conf:

 

{

        "Dhcp4": {

                "interfaces-config": {

                        "interfaces": [ "eth0", "eth0.30", "eth0.50", "eth0.100" ],

                        "dhcp-socket-type": "raw"

                },

                "control-socket": {

                        "socket-type": "unix",

                        "socket-name": "/tmp/kea4-ctrl-socket"

                },

                "lease-database": {

               …

                },

                "hosts-database": {

               …

                },

                "sanity-checks": {

                        "lease-checks": "fix-del"

                },

                "valid-lifetime": 28800,

                "rebind-timer": 21600,

                "subnet4": [

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.20.100-192.168.20.200"

                                        }

                                ],

                                "id": 1,

                                "subnet": "192.168.20.0/24",

                                "interface": "eth0",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.30.100-192.168.30.200"

                                        }

                                ],

                                "id": 30,

                                "subnet": "192.168.30.0/24",

                                "interface": "eth0.30",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.50.100-192.168.50.200"

                                        }

                                ],

                                "id": 50,

                                "interface" : "eth0.50",

                                "subnet": "192.168.50.0/24",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.100.100-192.168.100.200"

                                        }

                                ],

                                "id": 100,

                                "subnet": "192.168.100.0/24",

                                "interface": "eth0.100",

                                "option-data": [

                       …

                                ]

                        }

                ],

                "hooks-libraries": [

               …

                ],

                "loggers": [

                        …

                ]

        }

}

 

What do I Need to do to force the DHCP Server to assign an IP address from a subnet based on the tagged VLAN of the request?

 

I am using KEA DHCP Server Version 1.6.1.

 

Help is much appreciated!

 

Thanks!

 

Gesendet von Mail für Windows 10

 

 

 


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] KEA DHCP and VLANS...

oehlrich9
Hey 
Bevor switching to a dhcp relay we had a similar problem 

We used openvswitch to create virtual nics which then served the taged vlan traffic as untaged traffic through them.

We then configured kea to use these virtual nics.

I hope that helps you to solve your problem.

Cheers,
Ben

Dajka Tamás <[hidden email]> schrieb am Sa. 1. Feb. 2020 um 22:17:

Have you tried setting the IPs also for the interfaces (both in interface-configs and pools), like this one

 

"interfaces": [ "eth0/192.168.20.1", "eth0.30192.168.30.1"]

 

 

"interface": "eth0/192.168.20.1",

 

The dirty workaround for native vlan 1 is to have a cross-cable connected between two ports of the same switch. One port is set to native untagged vlan, the other port is set to vlan 20 (new vlan, access port, so untagged also). Don’t forget to remove the native vlan from the KEA’s port in this case, otherwise you’ll create a loop.

 

Cheers,

 

               Tom

 

From: Talkabout [mailto:[hidden email]]
Sent: Saturday, February 1, 2020 5:58 PM
To: Dajka Tamás <[hidden email]>; [hidden email]
Subject: AW: [Kea-users] KEA DHCP and VLANS...

 

Hi Tom,

 

thanks for your answer but both suggestions are difficult to accomplish. The first one is disqualified because other components in my Network infrastructure do not support vlan Tagging, the second one because my switch does not provide a dhcp relay Option.

 

I am wondering why KEA DHCP is not supporting such a configuration. Currently I am using dnsmasq and there I have no issues. Theoretically only a check is missing whether a particular packet is tagged, if so, do not consider the physical device for dhcp…

 

Can I assume that such an infrastructure will never be supported by KEA DHCP Server? If so this is really bad luck, I like the functionalities of this Software…

 

Thanks!

Bye

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Samstag, 1. Februar 2020 17:43
An: [hidden email]; [hidden email]
Betreff: RE: [Kea-users] KEA DHCP and VLANS...

 

Hi,

 

it’s never a good idea to mix untagged (native vlan 1) and tagged packets. I suggest you change your network layout, this will prevent you from many more phenomenons.

 

Cheers,

 

               Tom

 

p.s.: if you cannot do it easily, than set up a dhcp-relay for native vlan on the switch and relay it to the KEA in a separate vlan

 

From: Kea-users [[hidden email]] On Behalf Of Talkabout
Sent: Saturday, February 1, 2020 2:12 PM
To: [hidden email]
Subject: Re: [Kea-users] KEA DHCP and VLANS...

 

Hi all,

 

I think the Problem here is the physical interface. It seems that for every virtual interface the dhcp request is also delivered to eth0, which makes the DHCP Server to try to advertise ips from the vlan and lan. Depending on the Client the correct or wrong ip is accepted.

 

Question: is KEA DHCP Server honoring the vlan Tagging? In such a case it should not accept the DHCP requests on eth0 if the request is tagged with a particuar vlan.

 

Thanks!

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Samstag, 1. Februar 2020 12:36
An: [hidden email]
Betreff: [Kea-users] KEA DHCP and VLANS...

 

Hi guys,

 

I am struggling in getting my KEA DHCP Server to work with my VLAN Environment. I was assuming that defining a list of virtual interfaces and subnets matching those is sufficient, but it seems that the „dhcp-socket-type: raw“ is skipping the VLAN handling in the Linux kernel and thus this Information is Kind of lost… I have read a lot About Client classes, shared Networks and so on but I have not found any solution in how to get the DHCP Server to assign correct ip pools based on the VLAN. Here is my configuration:

 

Interfaces:

 

eth0 => physical interface

eth0.30 => virtual interface

eth0.50 => virtual interface

eth0.100 => virtual interface

 

KEA DHCP conf:

 

{

        "Dhcp4": {

                "interfaces-config": {

                        "interfaces": [ "eth0", "eth0.30", "eth0.50", "eth0.100" ],

                        "dhcp-socket-type": "raw"

                },

                "control-socket": {

                        "socket-type": "unix",

                        "socket-name": "/tmp/kea4-ctrl-socket"

                },

                "lease-database": {

               …

                },

                "hosts-database": {

               …

                },

                "sanity-checks": {

                        "lease-checks": "fix-del"

                },

                "valid-lifetime": 28800,

                "rebind-timer": 21600,

                "subnet4": [

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.20.100-192.168.20.200"

                                        }

                                ],

                                "id": 1,

                                "subnet": "192.168.20.0/24",

                                "interface": "eth0",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.30.100-192.168.30.200"

                                        }

                                ],

                                "id": 30,

                                "subnet": "192.168.30.0/24",

                                "interface": "eth0.30",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.50.100-192.168.50.200"

                                        }

                                ],

                                "id": 50,

                                "interface" : "eth0.50",

                                "subnet": "192.168.50.0/24",

                                "option-data": [

                       …

                                ]

                        },

                        {

                                "pools": [

                                        {

                                                "pool": "192.168.100.100-192.168.100.200"

                                        }

                                ],

                                "id": 100,

                                "subnet": "192.168.100.0/24",

                                "interface": "eth0.100",

                                "option-data": [

                       …

                                ]

                        }

                ],

                "hooks-libraries": [

               …

                ],

                "loggers": [

                        …

                ]

        }

}

 

What do I Need to do to force the DHCP Server to assign an IP address from a subnet based on the tagged VLAN of the request?

 

I am using KEA DHCP Server Version 1.6.1.

 

Help is much appreciated!

 

Thanks!

 

Gesendet von Mail für Windows 10

 

 

 

_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
--

_____________________________________

Benedikt Oehlrich

Weststudent

mobil: +

[hidden email]

codemanufaktur.com


codemanufaktur GmbH
zentral: <a href="tel:%2B49%209131%20972%20939%200" target="_blank">+49 9131 972 939 0
Nägelsbachstraße 26
91052 Erlangen


Sitz: Erlangen. Registergericht: Amtsgericht Fürth, HRB 12944

Geschäftsführer: Vit Matousek

_____________________________________


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] KEA DHCP and VLANS...

Talkabout

Hi Ben,

 

this sounds interesting. Can you give some more Information how you configured your System to work that way? I am running Debian Buster Linux Distribution and openvswitch seems to be available in the repos. In my case what I Need is Forwarding untagged traffic from eth0 to a new interface eth0.x which is tagged and can be used by KEA to handle DHCP requests.

 

Thanks!

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Samstag, 1. Februar 2020 22:26
An: [hidden email]
Cc: [hidden email]; [hidden email]
Betreff: Re: [Kea-users] KEA DHCP and VLANS...

 

Hey 

Bevor switching to a dhcp relay we had a similar problem 

 

We used openvswitch to create virtual nics which then served the taged vlan traffic as untaged traffic through them.

 

We then configured kea to use these virtual nics.

 

I hope that helps you to solve your problem.

 

Cheers,

Ben


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] KEA DHCP and VLANS...

oehlrich9
Hey,

I sadly don't have any information about the openvswitch configuration, as I started to work on our DHCP when we migrated to the relay based solution.
But from my understanding you will get multiple interfaces e.g vlan30, vlan100 etc. where you only get the traffic from the specified vlans. That means if you have one connection from your switch to your dhcp server where all tagged vlan traffic is going through, you can get the untagged traffic separated into the openvswitch interfaces.
These interfaces will then be handled like in your first emails kea configuration.

Cheers,


Am Sa., 1. Feb. 2020 um 23:15 Uhr schrieb Talkabout <[hidden email]>:

Hi Ben,

 

this sounds interesting. Can you give some more Information how you configured your System to work that way? I am running Debian Buster Linux Distribution and openvswitch seems to be available in the repos. In my case what I Need is Forwarding untagged traffic from eth0 to a new interface eth0.x which is tagged and can be used by KEA to handle DHCP requests.

 

Thanks!

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Samstag, 1. Februar 2020 22:26
An: [hidden email]
Cc: [hidden email]; [hidden email]
Betreff: Re: [Kea-users] KEA DHCP and VLANS...

 

Hey 

Bevor switching to a dhcp relay we had a similar problem 

 

We used openvswitch to create virtual nics which then served the taged vlan traffic as untaged traffic through them.

 

We then configured kea to use these virtual nics.

 

I hope that helps you to solve your problem.

 

Cheers,

Ben



--

_____________________________________

Benedikt Oehlrich

Weststudent

mobil: +

[hidden email]

codemanufaktur.com


codemanufaktur GmbH
zentral: <a href="tel:%2B49%209131%20972%20939%200" target="_blank">+49 9131 972 939 0
Nägelsbachstraße 26
91052 Erlangen


Sitz: Erlangen. Registergericht: Amtsgericht Fürth, HRB 12944

Geschäftsführer: Vit Matousek

_____________________________________


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] KEA DHCP and VLANS...

Talkabout

Hi Ben,

 

in my case I think the prerequisite is a Little bit different. I already have 3 vlans on the dhcp Server, and if I configure only those for dhcp then everything works as expected. The Problem occurs when I want to add the physical device (eth0, untagged) to dhcp, because then, as KEA dhcp Server binds in „raw“ mode, untagged and tagged traffic is delivered via this interface. Because the implementation in KEA dhcp Server does not correctly handle this „mixed“ (untagged/tagged) traffic, it is assigning incorrect ips. I am not sure if using openvswitch can solve that for me.

 

My hope is that the KEA Team will take care of that and fix it, because in my eyes this is a bug and big Limitation.

 

Thanks!

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Sonntag, 2. Februar 2020 19:25
An: [hidden email]
Cc: [hidden email]; [hidden email]
Betreff: Re: [Kea-users] KEA DHCP and VLANS...

 

Hey,

 

I sadly don't have any information about the openvswitch configuration, as I started to work on our DHCP when we migrated to the relay based solution.

But from my understanding you will get multiple interfaces e.g vlan30, vlan100 etc. where you only get the traffic from the specified vlans. That means if you have one connection from your switch to your dhcp server where all tagged vlan traffic is going through, you can get the untagged traffic separated into the openvswitch interfaces.

These interfaces will then be handled like in your first emails kea configuration.

 

Cheers,

 

 

Am Sa., 1. Feb. 2020 um 23:15 Uhr schrieb Talkabout <[hidden email]>:

Hi Ben,

 

this sounds interesting. Can you give some more Information how you configured your System to work that way? I am running Debian Buster Linux Distribution and openvswitch seems to be available in the repos. In my case what I Need is Forwarding untagged traffic from eth0 to a new interface eth0.x which is tagged and can be used by KEA to handle DHCP requests.

 

Thanks!

 

Gesendet von Mail für Windows 10


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] KEA DHCP and VLANS...

Dajka Tamás

Hi,

 

that’s why I’ve written the dirty workaround. Since you’ve only trouble with the native vlan, than a possible solution is to ’tag’ the native vlan with a crosslink on the swicht (looping back to itself). This way you can tag the native vlan transparently.

 

So you create a new vlan – vlan 20 let’s say – remove the ip from the pysical interface and assign it to interface vlan20. On the switch you cross connect a native vlan port with a vlan 20 access port „bridgeing”  it together (all packets in the native vlan will appear to KEA as vlan 20 packets).

 

With openvswitch you’ll to nearly the same, but virtually. If openvswitch honors the tagged/untagged scenario correctly, than it’ll work.

 

Cheers,

 

               Tom

 

From: Kea-users [mailto:[hidden email]] On Behalf Of Talkabout
Sent: Sunday, February 2, 2020 7:42 PM
To: Oehlrich, Benedikt <[hidden email]>
Cc: [hidden email]
Subject: Re: [Kea-users] KEA DHCP and VLANS...

 

Hi Ben,

 

in my case I think the prerequisite is a Little bit different. I already have 3 vlans on the dhcp Server, and if I configure only those for dhcp then everything works as expected. The Problem occurs when I want to add the physical device (eth0, untagged) to dhcp, because then, as KEA dhcp Server binds in „raw“ mode, untagged and tagged traffic is delivered via this interface. Because the implementation in KEA dhcp Server does not correctly handle this „mixed“ (untagged/tagged) traffic, it is assigning incorrect ips. I am not sure if using openvswitch can solve that for me.

 

My hope is that the KEA Team will take care of that and fix it, because in my eyes this is a bug and big Limitation.

 

Thanks!

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Sonntag, 2. Februar 2020 19:25
An: [hidden email]
Cc: [hidden email]; [hidden email]
Betreff: Re: [Kea-users] KEA DHCP and VLANS...

 

Hey,

 

I sadly don't have any information about the openvswitch configuration, as I started to work on our DHCP when we migrated to the relay based solution.

But from my understanding you will get multiple interfaces e.g vlan30, vlan100 etc. where you only get the traffic from the specified vlans. That means if you have one connection from your switch to your dhcp server where all tagged vlan traffic is going through, you can get the untagged traffic separated into the openvswitch interfaces.

These interfaces will then be handled like in your first emails kea configuration.

 

Cheers,

 

 

Am Sa., 1. Feb. 2020 um 23:15 Uhr schrieb Talkabout <[hidden email]>:

Hi Ben,

 

this sounds interesting. Can you give some more Information how you configured your System to work that way? I am running Debian Buster Linux Distribution and openvswitch seems to be available in the repos. In my case what I Need is Forwarding untagged traffic from eth0 to a new interface eth0.x which is tagged and can be used by KEA to handle DHCP requests.

 

Thanks!

 

Gesendet von Mail für Windows 10


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] KEA DHCP and VLANS...

Talkabout

Hi Tom,

 

let me get this straight:

 

  1. Create VLAN on switch (vlan20)
  2. Create VLAN 20 interface on dhcp server and move the physical address to the new interface
  3. Bridge native VLAN port on swtich to VLAN 20 port on switch

 

The result should be that the dhcp Server gets all packages in VLAN 20. What I am a Little bit confused About is why the „bridging“ causes the packets to arrive as vlan20 tag. Is it because the switch sends received packets on the untagged port, receives them on the tagged port and Forwards them (tagged) again to all ports that are members of the tag? In such a case what I also Need to do is to make sure that the port, where the dhcp Server is connected, is a tagged member of VLAN 1, correct?

 

What are the disadvantages of this „hack“? It seems to me that the Network traffic increases. Basically traffic that was send previously only to untagged ports now will also find its way to all ports tagged with VLAN 1. Is this all or do I have to expect other issues?

 

Thanks!

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Sonntag, 2. Februar 2020 21:14
An: [hidden email]; [hidden email]
Cc: [hidden email]
Betreff: RE: [Kea-users] KEA DHCP and VLANS...

 

Hi,

 

that’s why I’ve written the dirty workaround. Since you’ve only trouble with the native vlan, than a possible solution is to ’tag’ the native vlan with a crosslink on the swicht (looping back to itself). This way you can tag the native vlan transparently.

 

So you create a new vlan – vlan 20 let’s say – remove the ip from the pysical interface and assign it to interface vlan20. On the switch you cross connect a native vlan port with a vlan 20 access port „bridgeing”  it together (all packets in the native vlan will appear to KEA as vlan 20 packets).

 

With openvswitch you’ll to nearly the same, but virtually. If openvswitch honors the tagged/untagged scenario correctly, than it’ll work.

 

Cheers,

 

               Tom

 

From: Kea-users [mailto:[hidden email]] On Behalf Of Talkabout
Sent: Sunday, February 2, 2020 7:42 PM
To: Oehlrich, Benedikt <[hidden email]>
Cc: [hidden email]
Subject: Re: [Kea-users] KEA DHCP and VLANS...

 

Hi Ben,

 

in my case I think the prerequisite is a Little bit different. I already have 3 vlans on the dhcp Server, and if I configure only those for dhcp then everything works as expected. The Problem occurs when I want to add the physical device (eth0, untagged) to dhcp, because then, as KEA dhcp Server binds in „raw“ mode, untagged and tagged traffic is delivered via this interface. Because the implementation in KEA dhcp Server does not correctly handle this „mixed“ (untagged/tagged) traffic, it is assigning incorrect ips. I am not sure if using openvswitch can solve that for me.

 

My hope is that the KEA Team will take care of that and fix it, because in my eyes this is a bug and big Limitation.

 

Thanks!

 

Gesendet von Mail für Windows 10


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] KEA DHCP and VLANS...

Talkabout
In reply to this post by Dajka Tamás

Hi Tom,

 

I tried your „dirty“ solution but unfortunately it is now compatible with my nfsroot boot mechanism. Nevertheless I was able to solve my issue in a different way. For anybody who might have the same Problem in the future:

 

- Create a macvlan device via systemd-networkd:

 

eth1.netdev

[code][NetDev]

Name=eth1

Kind=macvlan

MACAddress=xx:xx:xx:xx:xx:xx (generate a unique mac address and put it here)

 

[MACVLAN]

Mode=bridge[/code]

 

eth1.network

[code][Match]

Name=eth1

 

[Network]

Address=192.168.xx.xx/24 (put a valid ip from your subnet for all 3 values)

Gateway=192.168.xx.x

DNS=192.168.xx.xx

IPForward=yes[/code]

 

- on the physical device definition you need to define that it belongs to the created mac vlan:

[code][Match]

Name=eth0 (your physical device)

 

[Network]

... (keep previous values)

MACVLAN=eth1

...[/code]

 

When now systemd-networkd gets restarted, eth1 device is considered a separate network interface with a valid hardware address and ip. Now creating a "raw" bind on that device does not interfere with the vlan any more and KEA DHCP Server is assigning correct ips.

 

Bye

 

Gesendet von Mail für Windows 10

 

Von: [hidden email]
Gesendet: Sonntag, 2. Februar 2020 21:14
An: [hidden email]; [hidden email]
Cc: [hidden email]
Betreff: RE: [Kea-users] KEA DHCP and VLANS...

 

Hi,

 

that’s why I’ve written the dirty workaround. Since you’ve only trouble with the native vlan, than a possible solution is to ’tag’ the native vlan with a crosslink on the swicht (looping back to itself). This way you can tag the native vlan transparently.

 

So you create a new vlan – vlan 20 let’s say – remove the ip from the pysical interface and assign it to interface vlan20. On the switch you cross connect a native vlan port with a vlan 20 access port „bridgeing”  it together (all packets in the native vlan will appear to KEA as vlan 20 packets).

 

With openvswitch you’ll to nearly the same, but virtually. If openvswitch honors the tagged/untagged scenario correctly, than it’ll work.

 

Cheers,

 

               Tom


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users