diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 11:36:04 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 11:36:04 +0000 |
commit | 040eee1aa49b49df4698d83a05af57c220127fd1 (patch) | |
tree | f635435954e6ccde5eee9893889e24f30ca68346 /doc/examples/kea6/classify2.json | |
parent | Initial commit. (diff) | |
download | isc-kea-040eee1aa49b49df4698d83a05af57c220127fd1.tar.xz isc-kea-040eee1aa49b49df4698d83a05af57c220127fd1.zip |
Adding upstream version 2.2.0.upstream/2.2.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'doc/examples/kea6/classify2.json')
-rw-r--r-- | doc/examples/kea6/classify2.json | 146 |
1 files changed, 146 insertions, 0 deletions
diff --git a/doc/examples/kea6/classify2.json b/doc/examples/kea6/classify2.json new file mode 100644 index 0000000..474c393 --- /dev/null +++ b/doc/examples/kea6/classify2.json @@ -0,0 +1,146 @@ +// This is an example configuration file for the DHCPv6 server in Kea. +// The purpose of this example is to showcase how clients can be classified. + +{ "Dhcp6": + +{ +// Kea is told to listen on eth0 interface only. + "interfaces-config": { + "interfaces": [ "eth0" ] + }, + +// Let's use the simplest backend: memfile and use some reasonable values +// for timers. They are of no concern for the classification demonstration. + "lease-database": { + "type": "memfile", + "lfc-interval": 3600 + }, + "renew-timer": 1000, + "rebind-timer": 2000, + "preferred-lifetime": 3000, + "valid-lifetime": 4000, + +// This list defines several classes that incoming packets can be assigned to. +// One packet can belong to zero or more classes. + "client-classes": [ + +// This class is required by the second subnet and is evaluated only +// if it is required. The test expression returns true. +// Note it is not possible to depend on cable-modems class because it +// is not yet defined. + { + "name": "second_subnet", + "only-if-required": true, + "test": "member('ALL')", + "option-data": [{ + "name": "dns-servers", + "data": "2001:db8::1" + }] + }, + +// Let's classify all incoming RENEW (message type 5) to a separate +// class. + { + "name": "renews", + "test": "pkt6.msgtype == 5" + }, + +// Let's pick cable modems. In this simple example we'll assume the device +// is a cable modem if it sends a vendor option with enterprise-id equal +// to 4491. + { + "name": "cable-modems", + "test": "vendor.enterprise == 4491" + }, + +// Both a cable modem (by evaluation or host reservation) and has a host +// reservation. + { + "name": "cable-modem-hosts", + "test": "member('cable-modems') and member('KNOWN')" + } + + ], + + +// The following list defines subnets. Each subnet consists of at +// least subnet and pool entries. + "subnet6": [ + { + "pools": [ { "pool": "2001:db8:1::/80" } ], + "subnet": "2001:db8:1::/64", + "client-class": "cable-modems", + "interface": "eth0" + }, +// The following subnet contains a class reservation for a client using +// DUID 01:02:03:04:05:0A:0B:0C:0D:0E. This client will always be assigned +// to this class. + { + "pools": [ { "pool": "2001:db8:2::/80" } ], + "subnet": "2001:db8:2::/64", + "reservations": [ + { + "duid": "01:02:03:04:05:0A:0B:0C:0D:0E", + "client-classes": [ "cable-modems" ] + } ], + "interface": "eth0", + "require-client-classes": [ "second_subnet" ] + }, +// The following subnet contains a pool with a class constraint: only +// clients which belong to the class are allowed to use this pool. + { + "pools": [ + { + "pool": "2001:db8:4::/80", + "client-class": "cable-modems" + } ], + "subnet": "2001:db8:4::/64", + "interface": "eth1" + }, +// This subnet is divided in two pools for unknown and known +// (i.e. which have a reservation) clients. The built-in KNOWN and +// UNKNOWN classes are set or not at host reservation lookup (KNOWN if +// this returns something, UNKNOWN if this finds nothing) and client +// classes depending on it are evaluated. +// This happens after subnet selection and before address allocation +// from pools. + { + "pools": [ + { + "pool": "2001:db8:8::/64", + "client-class": "UNKNOWN" + }, + { + "pool": "2001:db8:9::/64", + "client-class": "KNOWN" + } + ], + "subnet": "2001:db8:8::/46", + "reservations": [ + { "hw-address": "00:00:00:11:22:33", "hostname": "h1" }, + { "hw-address": "00:00:00:44:55:66", "hostname": "h4" }, + { "hw-address": "00:00:00:77:88:99", "hostname": "h7" }, + { "hw-address": "00:00:00:aa:bb:cc", "hostname": "ha" } + ] + } + + ], + +// The following configures logging. It assumes that messages with at +// least informational level (info, warn, error and fatal) should be +// logged to stdout. + "loggers": [ + { + "name": "kea-dhcp6", + "output_options": [ + { + "output": "stdout" + } + ], + "debuglevel": 0, + "severity": "INFO" + } + ] +} + +} |