[Kea-users] i do not understand the concept of shared networks

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

[Kea-users] i do not understand the concept of shared networks

Giso
Hi Folks,

I work with kea 1.6.1

I really do not understand the concept or at leased the documentation
regarding shared-networks.
Do i need shared-networks or not?
I do not have the problem that I have networks that grew out of there
original definition.

https://kea.readthedocs.io/en/latest/arm/dhcp4-srv.html

lets say i have 50+ subnet4 that will ask the kea dhcp server over dhcp
relayhosts (a swtich).

All these subnet4 will hold only server that have a IP-reservation.

Do i need multi shard networks?
Can or do i have to put these 50+ networks in multi shared networks?
Do i have to use different interfaces  for each shared network?

I would be very thankful for some enlightenment.

Best
Giso


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] i do not understand the concept of shared networks

Bob Harold

On Tue, Mar 10, 2020 at 9:15 AM Giso Kegel <[hidden email]> wrote:
Hi Folks,

I work with kea 1.6.1

I really do not understand the concept or at leased the documentation
regarding shared-networks.
Do i need shared-networks or not?
I do not have the problem that I have networks that grew out of there
original definition.

https://kea.readthedocs.io/en/latest/arm/dhcp4-srv.html

lets say i have 50+ subnet4 that will ask the kea dhcp server over dhcp
relayhosts (a swtich).

All these subnet4 will hold only server that have a IP-reservation.

Do i need multi shard networks?
Can or do i have to put these 50+ networks in multi shared networks?
Do i have to use different interfaces  for each shared network?

I would be very thankful for some enlightenment.

Best
Giso

"Shared networks" are layer 3 subnets in the same layer 2 broadcast domain (physical wire or VLAN).  If the same router port has multiple subnets on it, and they are not 'tagged' differently, then they are "shared networks".  Otherwise, they are not shared.
Does that help?

-- 
Bob Harold
 

_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] i do not understand the concept of shared networks

Satish Patel
In reply to this post by Giso
This what i did, I have 2 subnet on VLAN100 (sharing same vlan) and i
have specified both subnet inside shared-networks, I believe you have
to do the same for all 50+ subnets.

"shared-networks": [
        {
            "name": "Public-networks",
            "interface": "ens256",
        "subnet4": [
          {
             "subnet": "172.16.102.0/23",
                "id": 100,
                "pools": [
                        {
                        "pool": "172.16.102.15 - 172.16.103.127"
                        }
                ],
                        "option-data": [
                        {
                        "name": "routers",
                        "data": "172.16.102.1"
                        },
                        {
                        "name": "domain-name-servers",
                        "data": "10.0.0.10, 10.0.0.11"
                        },
                        {
                        "name": "domain-name",
                        "data": "pub1.example.net"
                        }
                ]
          },
          {
           "subnet": "172.16.106.0/24",
            "id": 101,
            "pools": [
                {
                    "pool": "172.16.106.15 - 172.16.106.127"
                }
             ],
            "option-data": [
                {
                    "name": "routers",
                    "data": "172.16.106.1"
                },
                {
                   "name": "domain-name-servers",
                    "data": "10.0.0.10, 10.00.0.11"
                },
                {
                    "name": "domain-name",
                    "data": "foo.example.net"
                }
            ]
         }
       ]
      // You can add more subnets there (put comma on last bracket)
     } ] // end of shared-networks

On Tue, Mar 10, 2020 at 9:15 AM Giso Kegel <[hidden email]> wrote:

>
> Hi Folks,
>
> I work with kea 1.6.1
>
> I really do not understand the concept or at leased the documentation
> regarding shared-networks.
> Do i need shared-networks or not?
> I do not have the problem that I have networks that grew out of there
> original definition.
>
> https://kea.readthedocs.io/en/latest/arm/dhcp4-srv.html
>
> lets say i have 50+ subnet4 that will ask the kea dhcp server over dhcp
> relayhosts (a swtich).
>
> All these subnet4 will hold only server that have a IP-reservation.
>
> Do i need multi shard networks?
> Can or do i have to put these 50+ networks in multi shared networks?
> Do i have to use different interfaces  for each shared network?
>
> I would be very thankful for some enlightenment.
>
> Best
> Giso
>
>
> _______________________________________________
> Kea-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/kea-users
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] i do not understand the concept of shared networks

Giso
In reply to this post by Bob Harold

Hi Bob,

thanks yes that makes sense.
That means my 50+ networks are NOT shared networks because thy are all in a different Vlan behind a relay host?
So i could live with simply subnet4 definitions without shared networks?

What worked until now in my test environment is one shared network with all my 50 reservation subnet in it and one dyn pool.
That one Shared network has the relay option set so that everything need to come from that relay host.
Similar to that example from Satish without the relay host. @Satish Thanks for you response

###
...
  "shared-networks": [

      {
        "name": "device-mgmt",
        "relay": {
                "ip-addresses": [ "10.3.1.3" ]
         },
        "subnet4": [
          {
            "id": 2,
...
###

I now understand it that way that this configuration is wrong because these networks are on separate VLAN and have nothing todo with each other.
There is no network expand an existing one.

Where is my misunderstanding?

---

Giso


Am 10.03.20 um 22:00 schrieb Bob Harold:

On Tue, Mar 10, 2020 at 9:15 AM Giso Kegel <[hidden email]> wrote:
Hi Folks,

I work with kea 1.6.1

I really do not understand the concept or at leased the documentation
regarding shared-networks.
Do i need shared-networks or not?
I do not have the problem that I have networks that grew out of there
original definition.

https://kea.readthedocs.io/en/latest/arm/dhcp4-srv.html

lets say i have 50+ subnet4 that will ask the kea dhcp server over dhcp
relayhosts (a swtich).

All these subnet4 will hold only server that have a IP-reservation.

Do i need multi shard networks?
Can or do i have to put these 50+ networks in multi shared networks?
Do i have to use different interfaces  for each shared network?

I would be very thankful for some enlightenment.

Best
Giso

"Shared networks" are layer 3 subnets in the same layer 2 broadcast domain (physical wire or VLAN).  If the same router port has multiple subnets on it, and they are not 'tagged' differently, then they are "shared networks".  Otherwise, they are not shared.
Does that help?

-- 
Bob Harold
 
-- 
Giso Kegel

Systems Engineer 
Internal Support & Services (IONOS Cloud)

1&1 IONOS SE | Greifswalder Str. 207 | 10405 Berlin | Germany
Phone: 
E-Mail: [hidden email] | Web: www.ionos.de

Hauptsitz Montabaur, Amtsgericht Montabaur, HRB 24498

Vorstand: Dr. Christian Böing, Hüseyin Dogan, Dr. Martin Endreß, Hans-Henning Kettler, Matthias Steinberg, Achim Weiß
Aufsichtsratsvorsitzender: Markus Kadelke


Member of United Internet

Diese E-Mail kann vertrauliche und/oder gesetzlich geschützte Informationen enthalten. Wenn Sie nicht der bestimmungsgemäße Adressat sind oder diese E-Mail irrtümlich erhalten haben, unterrichten Sie bitte den Absender und vernichten Sie diese E-Mail. Anderen als dem bestimmungsgemäßen Adressaten ist untersagt, diese E-Mail zu speichern, weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu verwenden.

This e-mail may contain confidential and/or privileged information. If you are not the intended recipient of this e-mail, you are hereby notified that saving, distribution or use of the content of this e-mail in any way is prohibited. If you have received this e-mail in error, please notify the sender and delete the e-mail.

_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] i do not understand the concept of shared networks

Cathy Almond
In reply to this post by Giso
On 10/03/2020 13:14, Giso Kegel wrote:

> Hi Folks,
>
> I work with kea 1.6.1
>
> I really do not understand the concept or at leased the documentation
> regarding shared-networks.
> Do i need shared-networks or not?
> I do not have the problem that I have networks that grew out of there
> original definition.
>
> https://kea.readthedocs.io/en/latest/arm/dhcp4-srv.html
>
> lets say i have 50+ subnet4 that will ask the kea dhcp server over dhcp
> relayhosts (a swtich).
>
> All these subnet4 will hold only server that have a IP-reservation.
>
> Do i need multi shard networks?
> Can or do i have to put these 50+ networks in multi shared networks?
> Do i have to use different interfaces  for each shared network?
>
> I would be very thankful for some enlightenment.
>
> Best
> Giso

What are shared-networks (and do you need to use them or not)?

They're a way to tell the DHCP server that all of the subnets specified
inside that one shared-network can be considered equal - IP routing of
clients should not be broken if you give any client requesting an
address, any IP address from any of the included subnets.

That's the very simple case - and it's pretty clear that if you ran out
of addresses for a specific site and needed to add a new subnet for it,
running over the same wire and sharing the same local relay, that this
is a primary use case for shared-networks - it doesn't matter which
subnet provides the address to a client, any/all should work just fine.

But there is more to this.  Clients in a shared-network are those who
all reach the DHCP servers via the same route - be it a local interface,
or, more likely, the same relay.  Consider the case of cable modem
provisioning where different types of 'client' will request addresses -
all via the same relays, but with the need to distinguish between them
and allocate them to different subnets.  Typically it will be possible
to separate clients by means of Classification and then use this to
restrict clients within a shared-network to the subnets that they should
be using.  This is the second, and slightly more complex use case.

The basic principles are therefore:
- all the clients are reaching the DHCP server via the same local relays
(or are local to it)
- unless classification is added, it's OK for a client to get an address
from any subnet within the shared-network.

(And in all of the above, I have pretended that host reservations don't
exist.  They can and will of course change how addresses are allocated
to clients, but having got the basics on shared-networks and
classification, now reading the documentation on what's different when
there are also host reservations to consider should be a bit easier...)

Cathy
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] i do not understand the concept of shared networks

Giso
Hi Cathy,

thank you for your time and that description.

The most important sentence here is that
"...In all of the above, there is no mention of Host Reservations..."
for me it is exactly the use case that almost all the subnet definitions
are host reservations.

The second point is
"... it doesn't matter which subnet provides the address to a client,
any/all should work just fine. ..."
That's the point a server should only get an IP from his specific
network via host reservation.

That means i do not need Shared Networks!?

Am 11.03.20 um 12:31 schrieb Cathy Almond:

> On 10/03/2020 13:14, Giso Kegel wrote:
>> Hi Folks,
>>
>> I work with kea 1.6.1
>>
>> I really do not understand the concept or at leased the documentation
>> regarding shared-networks.
>> Do i need shared-networks or not?
>> I do not have the problem that I have networks that grew out of there
>> original definition.
>>
>> https://kea.readthedocs.io/en/latest/arm/dhcp4-srv.html
>>
>> lets say i have 50+ subnet4 that will ask the kea dhcp server over dhcp
>> relayhosts (a swtich).
>>
>> All these subnet4 will hold only server that have a IP-reservation.
>>
>> Do i need multi shard networks?
>> Can or do i have to put these 50+ networks in multi shared networks?
>> Do i have to use different interfaces  for each shared network?
>>
>> I would be very thankful for some enlightenment.
>>
>> Best
>> Giso
> What are shared-networks (and do you need to use them or not)?
>
> They're a way to tell the DHCP server that all of the subnets specified
> inside that one shared-network can be considered equal - IP routing of
> clients should not be broken if you give any client requesting an
> address, any IP address from any of the included subnets.
>
> That's the very simple case - and it's pretty clear that if you ran out
> of addresses for a specific site and needed to add a new subnet for it,
> running over the same wire and sharing the same local relay, that this
> is a primary use case for shared-networks - it doesn't matter which
> subnet provides the address to a client, any/all should work just fine.
>
> But there is more to this.  Clients in a shared-network are those who
> all reach the DHCP servers via the same route - be it a local interface,
> or, more likely, the same relay.  Consider the case of cable modem
> provisioning where different types of 'client' will request addresses -
> all via the same relays, but with the need to distinguish between them
> and allocate them to different subnets.  Typically it will be possible
> to separate clients by means of Classification and then use this to
> restrict clients within a shared-network to the subnets that they should
> be using.  This is the second, and slightly more complex use case.
>
> The basic principles are therefore:
> - all the clients are reaching the DHCP server via the same local relays
> (or are local to it)
> - unless classification is added, it's OK for a client to get an address
> from any subnet within the shared-network.
>
> (And in all of the above, I have pretended that host reservations don't
> exist.  They can and will of course change how addresses are allocated
> to clients, but having got the basics on shared-networks and
> classification, now reading the documentation on what's different when
> there are also host reservations to consider should be a bit easier...)
>
> Cathy
> _______________________________________________
> Kea-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/kea-users

--
Giso Kegel

_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] i do not understand the concept of shared networks

Bob Harold
In reply to this post by Giso
Correct, assuming that the relay host has a different IP in each subnet.  It is probably working because you have mostly reserved.  I assume that the dynamic pool is only in one subnet, so a device connected to another subnet would not be able to work if it got a dynamic address, because it would be the wrong IP address and router (gateway) address.

--
Bob Harold



On Wed, Mar 11, 2020 at 6:20 AM Giso Kegel <[hidden email]> wrote:

Hi Bob,

thanks yes that makes sense.
That means my 50+ networks are NOT shared networks because thy are all in a different Vlan behind a relay host?
So i could live with simply subnet4 definitions without shared networks?

What worked until now in my test environment is one shared network with all my 50 reservation subnet in it and one dyn pool.
That one Shared network has the relay option set so that everything need to come from that relay host.
Similar to that example from Satish without the relay host. @Satish Thanks for you response

###
...
  "shared-networks": [

      {
        "name": "device-mgmt",
        "relay": {
                "ip-addresses": [ "10.3.1.3" ]
         },
        "subnet4": [
          {
            "id": 2,
...
###

I now understand it that way that this configuration is wrong because these networks are on separate VLAN and have nothing todo with each other.
There is no network expand an existing one.

Where is my misunderstanding?

---

Giso


Am 10.03.20 um 22:00 schrieb Bob Harold:

On Tue, Mar 10, 2020 at 9:15 AM Giso Kegel <[hidden email]> wrote:
Hi Folks,

I work with kea 1.6.1

I really do not understand the concept or at leased the documentation
regarding shared-networks.
Do i need shared-networks or not?
I do not have the problem that I have networks that grew out of there
original definition.

https://kea.readthedocs.io/en/latest/arm/dhcp4-srv.html

lets say i have 50+ subnet4 that will ask the kea dhcp server over dhcp
relayhosts (a swtich).

All these subnet4 will hold only server that have a IP-reservation.

Do i need multi shard networks?
Can or do i have to put these 50+ networks in multi shared networks?
Do i have to use different interfaces  for each shared network?

I would be very thankful for some enlightenment.

Best
Giso

"Shared networks" are layer 3 subnets in the same layer 2 broadcast domain (physical wire or VLAN).  If the same router port has multiple subnets on it, and they are not 'tagged' differently, then they are "shared networks".  Otherwise, they are not shared.
Does that help?

-- 
Bob Harold
 
-- 
Giso Kegel

Systems Engineer 
Internal Support & Services (IONOS Cloud)

1&1 IONOS SE | Greifswalder Str. 207 | 10405 Berlin | Germany
Phone: 
E-Mail: [hidden email] | Web: www.ionos.de

Hauptsitz Montabaur, Amtsgericht Montabaur, HRB 24498

Vorstand: Dr. Christian Böing, Hüseyin Dogan, Dr. Martin Endreß, Hans-Henning Kettler, Matthias Steinberg, Achim Weiß
Aufsichtsratsvorsitzender: Markus Kadelke


Member of United Internet

Diese E-Mail kann vertrauliche und/oder gesetzlich geschützte Informationen enthalten. Wenn Sie nicht der bestimmungsgemäße Adressat sind oder diese E-Mail irrtümlich erhalten haben, unterrichten Sie bitte den Absender und vernichten Sie diese E-Mail. Anderen als dem bestimmungsgemäßen Adressaten ist untersagt, diese E-Mail zu speichern, weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu verwenden.

This e-mail may contain confidential and/or privileged information. If you are not the intended recipient of this e-mail, you are hereby notified that saving, distribution or use of the content of this e-mail in any way is prohibited. If you have received this e-mail in error, please notify the sender and delete the e-mail.
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users

_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] i do not understand the concept of shared networks

Tomek Mrugalski
In reply to this post by Giso
On 11/03/2020 14:40, Giso Kegel wrote:
> The most important sentence here is that
> "...In all of the above, there is no mention of Host Reservations..."
> for me it is exactly the use case that almost all the subnet definitions
> are host reservations.
I think you are confusing two things. Subnet definitions are NOT host
reservations. Subnets describe the topology of your network. Host
reservations describe special treatment for some devices in your network.

> The second point is
> "... it doesn't matter which subnet provides the address to a client,
> any/all should work just fine. ..."
> That's the point a server should only get an IP from his specific
> network via host reservation.
I don't fully understand your intention here. The following may possibly
help. If you want Kea server to only provide IP addresses to the devices
that are listed in your host reservations, you may want to skip pools
altogether.

Kea would then provide addresses only to those devices that you
explicitly listed. Note this has nothing to do with presence or absence
of shared networks.

> That means i do not need Shared Networks!?
If you don't understand what shared networks do, you absolutely don't
need them. In fact, the general recommendation is to not use shared
networks unless you have a good reason to do that. Without shared
networks the logic Kea has to deal with is simpler, so in general it's
more preferred.

Tomek
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users