APPENDIX: Example Linux KEA DHCP Server Configuration Used for Testing
We’ve used an Ubuntu 22.04 VM as we needed KEA DHCP to listen to socket-interfaces, which is not available in versions of KEA prior to 2.0. Make sure the KEA DHCP server is on version 2.0 or higher.
The configuration to determine the original VLAN is based on the “client-classes” configuration. There, we analyse the option 82 sub-option 1 field containing the original VLAN ID and map that to a “name” attribute. This attribute then must be referenced as a “client-class” attribute in the “subnet4” configuration for each VLAN. In our example, the attribute parsing happens as hex values of the original VLAN ID string example:
- VLAN ID = “1099” sent as “option[82].option[1]” field string.
- The ASCII values of each character in decimal are 49+48+57+57.
- The ASCII values of each character in hex are 31+30+39+39 hence
you parse for 0x31303939.
apt-get install -y kea net-tools bridge-utils kea-shell -v 2.0.2 cat <<EOF >/etc/kea/kea-api-password juniper123 EOF chmod 0640 /etc/kea/kea-api-password chown root /etc/kea/kea-api-password chgrp _kea /etc/kea/kea-api-password ls -l /etc/kea/kea-api-password dpkg-reconfigure kea-ctrl-agent cp /etc/kea/kea-dhcp4.conf /etc/kea/kea-dhcp4.conf.orig cat <<EOF >/etc/kea/kea-dhcp4.conf { "Dhcp4": { "interfaces-config": { "interfaces": [ "*" ], "dhcp-socket-type": "udp" }, "control-socket": { "socket-type": "unix", "socket-name": "/tmp/kea4-ctrl-socket" }, "lease-database": { "type": "memfile", "lfc-interval": 3600 }, "expired-leases-processing": { "reclaim-timer-wait-time": 10, "flush-reclaimed-timer-wait-time": 25, "hold-reclaimed-time": 3600, "max-reclaim-leases": 100, "max-reclaim-time": 250, "unwarned-reclaim-cycles": 5 }, "renew-timer": 900, "rebind-timer": 1800, "valid-lifetime": 3600, "option-data": [ { "name": "domain-name-servers", "data": "8.8.8.8, 9.9.9.9" } ], "client-classes": [ { "name": "vlan1099", "test": "option[82].option[1].hex == 0x31303939" }, { "name": "vlan1088", "test": "option[82].option[1].hex == 0x31303838" }, { "name": "vlan1033", "test": "option[82].option[1].hex == 0x31303333" } ], "subnet4": [ { "id": 1, "subnet": "10.99.99.0/24", "pools": [ { "pool": "10.99.99.10 - 10.99.99.250" } ], "option-data": [ { "name": "routers", "data": "10.99.99.1" } ], "client-class": "vlan1099" }, { "id": 2, "subnet": "10.88.88.0/24", "pools": [ { "pool": "10.88.88.10 - 10.88.88.250" } ], "option-data": [ { "name": "routers", "data": "10.88.88.1" } ], "client-class": "vlan1088" }, { "id": 3, "subnet": "10.33.33.0/24", "pools": [ { "pool": "10.33.33.10 - 10.33.33.250" } ], "option-data": [ { "name": "routers", "data": "10.33.33.1" } ], "client-class": "vlan1033" } ], "loggers": [ { "name": "kea-dhcp4", "output_options": [ { "output": "syslog" } ], "severity": "DEBUG", "debuglevel": 0 } ] } } EOF systemctl restart kea-dhcp4-server tail -f /var/log/syslog systemctl status kea-dhcp4-server * kea-dhcp4-server.service - Kea IPv4 DHCP daemon Loaded: loaded (/lib/systemd/system/kea-dhcp4-server.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2024-04-22 14:30:39 UTC; 1min 33s ago Docs: man:kea-dhcp4(8) Main PID: 2342 (kea-dhcp4) Tasks: 5 (limit: 2220) Memory: 2.6M CPU: 17ms CGroup: /system.slice/kea-dhcp4-server.service └─2342 /usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf netstat -tunap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:8000 0.0.0.0:* LISTEN 1598/kea-ctrl-agent udp 0 0 192.168.122.12:67 0.0.0.0:* 2083/kea-dhcp4