[Kea-users] Multiple mac-addresses for the same IP

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[Kea-users] Multiple mac-addresses for the same IP

iztok Gregori
Hi to all!

First apologize me if the topic was already covered in other
discussions, I've briefly searched the archives with no luck.

We are in the process to migrate our ISC DHCPD servers to KEA (using
mariadb as backend). Everything worked fine until we tried to insert 2
different mac-addresses, belonging to a unique host (wifi and wired
interfaces) with the same IP/subnet as we used to do on DHCPD. The
insert returned and error:

Duplicate entry '2355692056-14010520' for key
'key_dhcp4_ipv4_address_subnet_id'

I've checked the database and saw that the
'key_dhcp4_ipv4_address_subnet_id' is a UNIQUE index, therfor having
multiple mac-addresses for the same IP is not possible.

Now comes my questions:

- First, am I wrong to conclude that aving multiple mac-addresses for
the same IP is not possible?

- Second, if this is true what is the rationale behind it?

- Third, there is a workaround or a better solution for our problem (we
like to have the same IP for the same host regardless if it's on
wireless or wired)?

- Third and a half, changing the index to NON unique is a possible
workaround? What are the consequences?

Thank you for your time.

Cheers
Iztok
_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] Multiple mac-addresses for the same IP

Tomek Mrugalski-2
I was reviewing old posts and found this one. The original poster surely
moved on, but perhaps the answers will be of use to some readers.

On 24.06.2020 08:52, iztok Gregori wrote:

> We are in the process to migrate our ISC DHCPD servers to KEA (using
> mariadb as backend). Everything worked fine until we tried to insert 2
> different mac-addresses, belonging to a unique host (wifi and wired
> interfaces) with the same IP/subnet as we used to do on DHCPD. The
> insert returned and error:
>
> Duplicate entry '2355692056-14010520' for key
> 'key_dhcp4_ipv4_address_subnet_id'
>
> I've checked the database and saw that the
> 'key_dhcp4_ipv4_address_subnet_id' is a UNIQUE index, therfor having
> multiple mac-addresses for the same IP is not possible.
>
> Now comes my questions:
>
> - First, am I wrong to conclude that aving multiple mac-addresses for
> the same IP is not possible?
It was not possible. It's still not possible in the default
configuration, but now you can enable it *if* you really want to in
1.9.1 or later.

> - Second, if this is true what is the rationale behind it?
Because in normal deployment it doesn't make sense. Imagine this
scenario. Device 1 with mac1 comes on-line and gets the IP address.
Now, device 2 with mac2 comes on-line and... what exactly is Kea
supposed to do? It can't grant the address, because there's a lease for
a different interface. Kea has no way of knowing if the other interface
is the same device or not. You may say "I don't care, grant it", but
then the device 1 wouldn't know about this change and would continue to
use it. Kea has a conflict resolution mechanism for dealing with
"careless" admins that reserved an address that is used by another
device. (Careless is maybe not the best word as there are cases when
this makes sense). It works roughly as this. Device 1 has an address
leased, but it's reserved for device 2. Kea can't revoke it instantly,
so it waits for the device 1 to renew, then NAKs it. If the device 2
comes in before that happens, it gets a different address temporarily.
Anyway, if we tried to use that mechanism for the same address assigned
to multiple interfaces, it would kept flipping between them.

But there's a mechanism to possibly consider here. Kea 1.9.1 introduced
an ability to have multiple reservations for the same IP. The caveat
here is that user is supposed to ensure that only one of them will be
active at any given time. The use case it was developed for was a server
with 2 physical interfaces with only one of them being plugged.

https://gitlab.isc.org/isc-projects/kea/-/wikis/release%20notes/release-notes-1.9.1

Finally, the whole logic can be flipped. Why do you need this anyway?
Having the same IP address assigned to two devices breaks the
fundamental rule of DHCP - once an address is assigned, it's your and
yours alone for the time it was granted to you.

> - Third, there is a workaround or a better solution for our problem (we
> like to have the same IP for the same host regardless if it's on
> wireless or wired)?
See above. Also, make sure you test it thoroughly for case when both are
connected. I think the addresses will keep flipping.

> - Third and a half, changing the index to NON unique is a possible
> workaround? What are the consequences?
See 1.9.1. For earlier versions, this is asking for trouble. Kea code
makes some assumptions, such as "there's unique index, so we can assume
there's at most one address returned for a query". If you start tweaking
schema, all bets are off.

Tomek
_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users