[Kea-users] Kea 1.5 with static host configuration (reservations only, no pools) and HA - best practice request

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Kea-users] Kea 1.5 with static host configuration (reservations only, no pools) and HA - best practice request

Jan Rovner
Hello, I use Kea in a pure static way, that it responds ONLY to the requests of trusted clients. I did not find any built-in solution, so I have modified user_chk hook example to drop any request that does not come from MAC present server reservations (Kea reservations = trusted MACs).  Is this approach OK? Or would it be possible to achieve the same result in the other way? In my solution, I have a few weird things in the config files - for example "dummy" pools like "pool": "192.168.1.0/32" ("dummy") , because pool declarations are mandatory...

Secondly, I am not sure about HA config, because both of my servers finish with HA_LOCAL_DHCP_ENABLE message. I have two servers (192.168.99.5 called "keadhcp-1" and 192.168.99.6 called "keadhcp-2"), they have exactly the same configuration file except "this-server-name": "keadhcp-x" line, see below. I would like to have as quick failover as possible.

The last thing - I am also unsure how to properly update server config files - I do config file update via API, one server immediately after another, maybe I should wait some time before updating the second server in order to HA to settle somehow ... Or not?

Thank you for any ideas,
Jan

    "library": "/usr/local/lib/hooks/libdhcp_ha.so",
        "parameters": {
          "high-availability": [
            {
              "heartbeat-delay": 5000,
              "max-ack-delay": 5000,
              "max-response-delay": 10000,
              "max-unacked-clients": 0,
              "mode": "hot-standby",
              "peers": [
                {
                  "auto-failover": true,
                  "name": "keadhcp-1",
                  "role": "primary",
                  "url": "http://192.168.99.5:8000"
                },
                {
                  "auto-failover": true,
                  "name": "keadhcp-2",
                  "role": "standby",
                  "url": "http://192.168.99.6:8000"
                }
              ],
              "send-lease-updates": true,
              "sync-leases": true,
              "sync-page-limit": 10000,
              "sync-timeout": 20000,
              "this-server-name": "keadhcp-x"
            }
          ]
        }
      }
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users