summaryrefslogtreecommitdiffstats
path: root/doc/examples/kea6/all-keys-netconf.json
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-21 14:53:22 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-21 14:53:22 +0000
commit52c021ee0b0c6ad2128ed550c694aad0d11d4c3f (patch)
tree83cf8627b94336cf4bee7479b9749263bbfd3a06 /doc/examples/kea6/all-keys-netconf.json
parentInitial commit. (diff)
downloadisc-kea-52c021ee0b0c6ad2128ed550c694aad0d11d4c3f.tar.xz
isc-kea-52c021ee0b0c6ad2128ed550c694aad0d11d4c3f.zip
Adding upstream version 2.5.7.upstream/2.5.7upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'doc/examples/kea6/all-keys-netconf.json')
-rw-r--r--doc/examples/kea6/all-keys-netconf.json1215
1 files changed, 1215 insertions, 0 deletions
diff --git a/doc/examples/kea6/all-keys-netconf.json b/doc/examples/kea6/all-keys-netconf.json
new file mode 100644
index 0000000..e9254aa
--- /dev/null
+++ b/doc/examples/kea6/all-keys-netconf.json
@@ -0,0 +1,1215 @@
+// WARNING: This example configuration is not meant for production use.
+// The Kea DHCPv6 server will refuse this configuration because it contains
+// mutually exclusive configuration parameters.
+//
+// The primary purpose of the example file is to provide a comprehensive
+// list of parameters supported by the Kea DHCPv6 server along with the brief
+// description of each parameter.
+//
+// This stable version is used for YANG as we do not want to update code
+// and models each time a keyword is added to the syntax.
+{
+ // Kea DHCPv6 server configuration begins here.
+ "Dhcp6": {
+ // Global flag selecting an IP address allocation strategy for all
+ // subnets.
+ "allocator": "iterative",
+
+ // Global flag selecting a delegated prefix allocation strategy
+ // for all subnets.
+ "pd-allocator": "random",
+
+ // Ordered list of client classes used by the DHCPv6 server.
+ "client-classes": [
+ {
+ // Class name.
+ "name": "phones_server1",
+
+ // Class-specific DHCPv6 options list.
+ "option-data": [],
+
+ // Class selection expression. The DHCP packet is assigned to this
+ // class when the given expression evaluates to true.
+ "test": "member('HA_server1')",
+
+ // Class valid lifetime.
+ "valid-lifetime": 6000,
+
+ // Class min valid lifetime.
+ "min-valid-lifetime": 4000,
+
+ // Class max valid lifetime.
+ "max-valid-lifetime": 8000,
+
+ // Class preferred lifetime.
+ "preferred-lifetime": 7000,
+
+ // Class min preferred lifetime.
+ "min-preferred-lifetime": 5000,
+
+ // Class max preferred lifetime.
+ "max-preferred-lifetime": 9000
+ },
+ {
+ // Second class name.
+ "name": "phones_server2",
+
+ // Class-specific DHCPv6 options list.
+ "option-data": [],
+
+ // Class selection expression. The DHCP packet is assigned to this
+ // class when the given expression evaluates to true.
+ "test": "member('HA_server2')"
+ },
+ {
+ // Third class name.
+ "name": "late",
+
+ // Boolean flag indicating whether the class expression is only evaluated
+ // when the class is required, e.g. the selected address pool configuration
+ // includes this class name in its "require-client-classes" list. The
+ // default value false means that the class test expression must
+ // always be evaluated.
+ "only-if-required": true,
+
+ // Class selection expression.
+ "test": "member('ALL')"
+ },
+ {
+ // Fourth class name.
+ "name": "my-template-class",
+
+ // Template class flag that holds the expression used to generate the names for all
+ // the spawned subclasses. In this case, the classes are named after the client ID.
+ "template-test": "substring(option[1].hex, 0, all)"
+ }
+ ],
+
+ // Parameters for triggering behaviors compatible with broken or
+ // non-compliant clients, relays, or other agents
+ "compatibility": {
+ // Parse options more leniently where fields can be deduced
+ // deterministically, even if against RFC or common practice.
+ "lenient-option-parsing": true
+ },
+
+ // Command control socket configuration parameters for the Kea DHCPv6 server.
+ "control-socket": {
+ // Location of the UNIX domain socket file the DHCPv6 server uses
+ // to receive control commands from the Kea Control Agent or the
+ // local server administrator.
+ "socket-name": "/tmp/kea6-ctrl-socket",
+
+ // Control socket type used by the Kea DHCPv6 server. The 'unix'
+ // socket is currently the only supported type.
+ "socket-type": "unix"
+ },
+
+ // Specifies a prefix to be prepended to the generated Client FQDN.
+ // It may be specified at the global, shared-network, and subnet levels.
+ "ddns-generated-prefix": "myhost",
+
+ // Boolean flag indicating whether the server should ignore DHCP client
+ // wishes to update DNS on its own. With that flag set to true,
+ // the server will send DNS updates for both forward and
+ // reverse DNS data. The default value is false, which indicates
+ // that the server will delegate a DNS update to the client when
+ // requested. It may be specified at the global, shared-network,
+ // and subnet levels.
+ "ddns-override-client-update": false,
+
+ // Boolean flag indicating whether the server should override the DHCP
+ // client's wish to not update the DNS. With this parameter
+ // set to true, the server will send a DNS update even when
+ // the client requested no update. It may be specified at the
+ // global, shared-network, and subnet levels.
+ "ddns-override-no-update": false,
+
+ // Suffix appended to the partial name sent to the DNS. The
+ // default value is an empty string, which indicates that no
+ // suffix is appended. It may be specified at the global,
+ // shared-network, and subnet levels.
+ "ddns-qualifying-suffix": "",
+
+ // Enumeration specifying whether the server should honor
+ // the hostname or Client FQDN sent by the client or replace
+ // this name. The acceptable values are: "never" (use the
+ // name the client sent), "always" (replace the name the
+ // client sent), "when-present" (replace the name the client
+ // sent, but do not generate one when the client didn't send
+ // the name), "when-not-present" (generate the name when
+ // client didn't send one, otherwise leave the name the
+ // client sent). The default value is "never". It may be
+ // specified at the global, shared-network, and subnet levels.
+ "ddns-replace-client-name": "never",
+
+ // Boolean flag which enables or disables DDNS updating. It
+ // defaults to true. It may be specified at the global, shared-
+ // network, and subnet levels. It works in conjunction with
+ // dhcp-ddns:enable-updates, which must be true to enable connectivity
+ // to kea-dhcp-ddns.
+ "ddns-send-updates": true,
+
+ // Boolean flag, which when true instructs the server to always
+ // update DNS when leases are renewed, even if the DNS information
+ // has not changed. The server's default behavior (i.e. flag is false)
+ // is to only update DNS if the DNS information has changed. It
+ // may be specified at the global, shared-network, and subnet levels.
+ "ddns-update-on-renew": true,
+
+ // Boolean flag which is passed to kea-dhcp-ddns with each DDNS
+ // update request, to indicate whether DNS update conflict
+ // resolution as described in RFC 4703 should be employed for the
+ // given update request. The default value for this flag is true.
+ // It may be specified at the global, shared-network, and subnet levels.
+ "ddns-use-conflict-resolution": true,
+
+ // When greater than 0.0, it is the percent of the lease's lifetime
+ // to use for the DNS TTL.
+ "ddns-ttl-percent": 0.75,
+
+ // Time in seconds specifying how long a declined lease should be
+ // excluded from DHCP assignments. The default value is 24 hours.
+ "decline-probation-period": 86400,
+
+ // Name Change Request forwarding configuration for the Kea DHCPv6 server.
+ // NCRs are sent to the Kea D2 module to update DNS upon allocation of
+ // DHCP leases.
+ "dhcp-ddns": {
+ // Boolean flag indicating whether Kea DHCPv6 server should connect to
+ // kea-dhcp-ddns. This must be true for NCRs to be created and
+ // sent to kea-dhcp-ddns. By default, NCRs are not generated.
+ "enable-updates": false,
+
+ // Specifies maximum number of NCRs to queue waiting to be sent
+ // to the Kea D2 server.
+ "max-queue-size": 1024,
+
+ // Packet format to use when sending NCRs to the Kea D2 server.
+ // Currently, only JSON format is supported.
+ "ncr-format": "JSON",
+
+ // Socket protocol to use when sending NCRs to D2. Currently,
+ // only UDP is supported.
+ "ncr-protocol": "UDP",
+
+ // IP address that the Kea DHCPv6 server should use to send
+ // NCRs to D2. The default value of zero indicates that Kea
+ // should pick a suitable address.
+ "sender-ip": "::1",
+
+ // Port number that the Kea DHCPv6 server should use to send
+ // NCRs to D2. The default value of zero indicates that Kea
+ // should pick a suitable port.
+ "sender-port": 0,
+
+ // IP address on which D2 listens for NCRs.
+ "server-ip": "::1",
+
+ // Port number on which D2 listens for NCRs.
+ "server-port": 53001,
+
+ // The following parameters are DEPRECATED. They have been
+ // replaced with parameters that may be set at the global,
+ // shared-network, and subnet6 scopes. They are listed here
+ // as configuration parsing still accepts them. Eventually
+ // support for them will be removed.
+ "generated-prefix": "myhost",
+ "hostname-char-replacement": "x",
+ "hostname-char-set": "[^A-Za-z0-9.-]",
+ "override-client-update": false,
+ "override-no-update": false,
+ "qualifying-suffix": "",
+ "replace-client-name": "never"
+ },
+
+ // Specifies the first of the two consecutive ports of the UDP
+ // sockets used for communication between DHCPv6 and DHCPv4
+ // servers. See RFC 7341.
+ "dhcp4o6-port": 0,
+
+ // Collection of Kea DHCPv6 server parameters configuring how
+ // the server should process expired DHCP leases.
+ "expired-leases-processing": {
+ // Specifies the number of seconds since the last removal of
+ // the expired leases, when the next removal should occur.
+ // If both "flush-reclaimed-timer-wait-time" and
+ // "hold-reclaimed-time" are not 0, when the client sends a release
+ // message the lease is expired instead of being deleted from
+ // lease storage.
+ "flush-reclaimed-timer-wait-time": 25,
+
+ // Specifies the length of time in seconds to keep expired
+ // leases in the lease database (lease affinity).
+ // If both "flush-reclaimed-timer-wait-time" and
+ // "hold-reclaimed-time" are not 0, when the client sends a release
+ // message the lease is expired instead of being deleted from
+ // lease storage.
+ "hold-reclaimed-time": 3600,
+
+ // Specifies the maximum number of expired leases that can be
+ // processed in a single attempt to clean up expired leases
+ // from the lease database. If there are more
+ // expired leases, they will be processed during the next
+ // cleanup attempt.
+ "max-reclaim-leases": 100,
+
+ // Specifies the maximum time in milliseconds that a single attempt
+ // to clean up expired leases from the lease database may take.
+ "max-reclaim-time": 250,
+
+ // Specifies the length of time in seconds since the last attempt
+ // to process expired leases before initiating the next attempt.
+ "reclaim-timer-wait-time": 10,
+
+ // Specifies the maximum number of expired lease-processing cycles
+ // which didn't result in full cleanup of exired leases from the
+ // lease database, after which a warning message is issued.
+ "unwarned-reclaim-cycles": 5
+ },
+
+ // List of hook libraries and their specific configuration parameters
+ // to be loaded by Kea DHCPv4 server.
+ "hooks-libraries": [
+ {
+ // Location of the hook library to be loaded.
+ "library": "/opt/lib/kea/hooks/libdhcp_lease_cmds.so",
+
+ // Hook library-specific configuration parameters.
+ "parameters": { }
+ }
+ ],
+
+ // List of access credentials to external sources of IPv6 reservations,
+ "hosts-databases": [
+ {
+ // Name of the database to connect to.
+ "name": "keatest",
+
+ // Host on which the database resides.
+ "host": "localhost",
+
+ // Database password.
+ "password": "keatest",
+
+ // Port on which the database is available.
+ "port": 3306,
+
+ // Type of database, e.g. "mysql", "postgresql".
+ "type": "mysql",
+
+ // Username to be used to access the database.
+ "user": "keatest",
+
+ // Read-only mode.
+ "readonly": false,
+
+ // The next entries are for OpenSSL support in MySQL.
+
+ // Trust anchor aka certificate authority file or directory.
+ "trust-anchor": "my-ca",
+
+ // Client certificate file name.
+ "cert-file": "my-cert",
+
+ // Private key file name.
+ "key-file": "my-key",
+
+ // Cipher list (see the OpenSSL ciphers command manual).
+ "cipher-list": "AES",
+
+ // Connection reconnect wait time.
+ // This parameter governs how long Kea waits before attempting
+ // to reconnect. Expressed in milliseconds. The default is 0
+ // (disabled) for MySQL and PostgreSQL.
+ "reconnect-wait-time": 3000,
+
+ // Connection maximum reconnect tries.
+ "max-reconnect-tries": 3,
+
+ // Action to take when connection recovery fails.
+ // Supported values: stop-retry-exit, serve-retry-exit,
+ // serve-retry-continue
+ "on-fail": "stop-retry-exit",
+
+ // Connection connect timeout in seconds.
+ "connect-timeout": 100,
+
+ // Timeout of database read operations in seconds.
+ "read-timeout": 120,
+
+ // Timeout of database write operations in seconds.
+ "write-timeout": 180
+ },
+ {
+ // Name of the database to connect to.
+ "name": "keatest",
+
+ // Host on which the database resides.
+ "host": "localhost",
+
+ // Database password.
+ "password": "keatest",
+
+ // Port on which the database is available.
+ "port": 5432,
+
+ // Type of database, e.g. "mysql", "postgresql".
+ "type": "postgresql",
+
+ // Username to be used to access the database.
+ "user": "keatest",
+
+ // TCP user timeout while communicating with the database.
+ // It is specified in seconds.
+ "tcp-user-timeout": 100
+ }
+ ],
+
+ // List of host reservation identifier types to be used by the
+ // Kea DHCPv6 server to fetch static reservations for
+ // DHCP clients. All identifiers are used by default, which
+ // means that the server will issue multiple queries to the
+ // database to find if there is a reservation for a particular
+ // client. If a particular deployment uses only a subset, e.g.
+ // one identifier type, this identifier should be only listed
+ // here to prevent unnecessary queries to the database.
+ "host-reservation-identifiers": [
+ "hw-address",
+ "duid",
+ "flex-id"
+ ],
+
+ // Specifies configuration of interfaces on which the Kea DHCPv6
+ // server is listening to the DHCP queries.
+ "interfaces-config": {
+ // Specifies a list of interfaces on which the Kea DHCPv6
+ // server should listen to DHCP requests.
+ "interfaces": [
+ "eth0"
+ ],
+
+ // Boolean flag indicating whether the available interfaces should
+ // be re-detected upon server reconfiguration. The default value
+ // is true, which means that the interfaces are always
+ // re-detected.
+ "re-detect": true,
+
+ // Kea tries to bind the service sockets during initialization, but it may
+ // fail due to a port being already opened or a misconfiguration. Kea can
+ // suppress these errors and only log them. This flag prevents starting
+ // the DHCP server without binding all sockets. If unspecified, it
+ // defaults to false.
+ "service-sockets-require-all": true,
+
+ // Kea tries to bind the service sockets during initialization. This
+ // option specifies how many times binding to interface will be retried.
+ // The default value is 0, which means that the operation will not be
+ // repeated.
+ "service-sockets-max-retries": 5,
+
+ // The time interval in milliseconds to wait before the next attempt to
+ // retry opening a service socket.
+ "service-sockets-retry-wait-time": 5000
+ },
+
+ // Boolean parameter which controls whether an early global host
+ // reservations lookup should be performed. This lookup takes place
+ // before subnet selection and when a global reservation is found
+ // with some client classes, it triggers a second phase classification.
+ // It can also be used to drop queries using host reservations as a
+ // decision table indexed by reservation identifiers.
+ "early-global-reservations-lookup": true,
+
+ // Boolean parameter which controls the DHCP server's behavior with respect
+ // to creating host reservations for the same IP address or delegated
+ // prefix. By default this flag is set to true in which case the server
+ // prevents creation of multiple host reservations for the same IP address
+ // or delegated prefix. When this parameter is set to false, the server
+ // allows for creating multiple reservations for the same IP address or
+ // delegated prefix within a subnet. This setting is useful in deployments
+ // in which a given host may be communicating with a DHCP server over
+ // multiple interfaces and depending on the chosen interface different
+ // MAC address (or other identifier) will be used to identify the host.
+ // Note that some host backends do not support the mode in which multiple
+ // reservations for the same IP address or delegated prefix are used.
+ // If these backends are in use and this setting is attempted a
+ // configuration error will occur. The MySQL and PostgreSQL backends do
+ // support this mode.
+ "ip-reservations-unique": true,
+
+ // Boolean parameter which controls whether host reservations lookup
+ // should be performed before lease lookup. This parameter has effect
+ // only when multi-threading is disabled. When multi-threading is
+ // enabled, host reservations lookup is always performed first to avoid
+ // lease-lookup resource locking.
+ "reservations-lookup-first": true,
+
+ // Specifies credentials to access lease database.
+ "lease-database": {
+ // memfile backend-specific parameter specifying the interval
+ // in seconds at which the lease file should be cleaned up (outdated
+ // lease entries are removed to prevent the lease file from growing
+ // infinitely).
+ "lfc-interval": 3600,
+
+ // Maximum number of lease-file read errors allowed before
+ // loading the file is abandoned. Defaults to 0 (no limit).
+ "max-row-errors": 100,
+
+ // Name of the lease file. In the case of a database it specifies the
+ // database name.
+ "name": "/tmp/kea-dhcp6.csv",
+
+ // memfile-specific parameter indicating whether leases should
+ // be saved on persistent storage (disk) or not. The true value
+ // is the default and it indicates that leases are stored in
+ // persistent storage. This setting must be used in production.
+ // The false value should only be used for testing purposes
+ // because non-stored leases will be lost upon Kea server restart.
+ "persist": true,
+
+ // Lease database backend type, i.e. "memfile", "mysql" or
+ // "postgresql".
+ "type": "memfile"
+ },
+
+ // List of parameters indicating how the client's MAC address can be
+ // inferred from the DHCP query. Supported values are listed in the
+ // Kea Administrator Reference Manual.
+ "mac-sources": [ "duid" ],
+
+ // List of global DHCP options that the Kea DHCPv6 server assigns to
+ // clients.
+ "option-data": [
+ {
+ // Boolean flag indicating whether the given option is always
+ // sent in response or only when requested. The default
+ // value of false indicates that it is only sent when
+ // requested.
+ "always-send": false,
+
+ // Option code. It is not required if the option name is
+ // provided.
+ "code": 23,
+
+ // Boolean value indicating whether the option data specified
+ // in the "data" field is specified as a string of hexadecimal
+ // digits or in human-readable CSV format.
+ "csv-format": true,
+
+ // Option data to be stored in the option payload.
+ "data": "2001:db8:2::45, 2001:db8:2::100",
+
+ // Option name. It is not required if the option code is
+ // provided.
+ "name": "dns-servers",
+
+ // Boolean flag indicating whether the given option is never
+ // sent in response. The default value of false indicates
+ // that it is sent when it should be. When true, the option
+ // is not sent despite any other setting, i.e. it is
+ // a final flag.
+ "never-send": false,
+
+ // Option space. The default is the "dhcp6" option space which
+ // groups top-level DHCPv6 options.
+ "space": "dhcp6"
+ }
+ ],
+
+ // List of global option definitions, i.e. option formats, that the
+ // Kea DHCPv6 server is using.
+ "option-def": [
+ {
+ // Boolean flag indicating whether the option definition comprises
+ // an array of values of some type, e.g. an array of IPv6 addresses.
+ // The default value of false means that the option does not
+ // comprise an array of values.
+ "array": false,
+
+ // Option code.
+ "code": 6,
+
+ // Holds a name of the option space encapsulated by this option.
+ // All options that belong to this option space will be sent
+ // as sub-options of this option. An empty string means that this
+ // option doesn't encapsulate any option.
+ "encapsulate": "",
+
+ // Option name.
+ "name": "my-option",
+
+ // Specifies the types of fields within the option if the option
+ // is said to be a "record" (see "type"). In this particular example
+ // this option comprises two fields, 1 byte and 2 bytes long.
+ "record-types": "uint8, uint16",
+
+ // Name of the option space to which this option belongs.
+ "space": "my-space",
+
+ // Option type. All possible types are listed in the Kea
+ // Administrator Reference Manual.
+ "type": "record"
+ }
+ ],
+
+ // Global value which limits the number of client packets (e.g.
+ // REQUESTs,RENEWs...) that may be parked while waiting for
+ // hook library work to complete, prior to a response (e.g. REPLY)
+ // being sent back to the client. A typical example is when kea-dhcp6
+ // parks a REQUEST while it sends the lease update(s) to its
+ // HA peer(s). The packet is unparked once the update(s) have been
+ // acknowledged. This value limits the number of packets that can
+ // be held pending the updates. In times of heavy client traffic,
+ // this value can keep kea-dhcp6 from building an insurmountable
+ // backlog of updates.
+ "parked-packet-limit": 128,
+
+ // Global (default) value of the preferred lifetime.
+ "preferred-lifetime": 50,
+
+ // Global min value of the preferred lifetime.
+ "min-preferred-lifetime": 40,
+
+ // Global max value of the preferred lifetime.
+ "max-preferred-lifetime": 60,
+
+ // Global value for the rebind timer, i.e. the time after which the
+ // DHCP client enters the rebind state if it fails to renew the lease.
+ "rebind-timer": 40,
+
+ // List of relay supplied option codes. See RFC 6422.
+ "relay-supplied-options": [ "110", "120", "130" ],
+
+ // Global value for the renew timer, i.e. the time after which the
+ // DHCP client renews the lease.
+ "renew-timer": 30,
+
+ // Global value to store extended information (e.g. relay agent
+ // information) with each lease.
+ "store-extended-info": true,
+
+ // Statistics keep some samples per observation point.
+ // There are two default values: maximum count and maximum age.
+ // Setting the maximum count to zero disables it.
+ "statistic-default-sample-count": 0,
+
+ // When the maximum count is 0 the maximum age (in seconds) applies.
+ "statistic-default-sample-age": 60,
+
+ // Multi-threading parameters.
+ "multi-threading": {
+ // By default, Kea processes packets on multiple threads if the hardware permits.
+ "enable-multi-threading": true,
+
+ // When multi-threading is enabled, Kea will process packets on a
+ // number of multiple threads configurable through this option. The
+ // value must be a positive integer (0 means auto-detect).
+ "thread-pool-size": 0,
+
+ // When multi-threading is enabled, Kea will read packets from the
+ // interface and append a working item to the thread pool. This
+ // option configures the maximum number of items that can be queued.
+ // The value must be a positive integer (0 means unlimited).
+ "packet-queue-size": 0
+ },
+
+ // Governs how the Kea DHCPv6 server should deal with invalid
+ // data received from the client.
+ "sanity-checks": {
+ // Specifies how the Kea DHCPv6 server should behave when invalid
+ // data is read for a lease from the lease file. The following
+ // values are supported: "none" (don't attempt to correct the
+ // lease information), "warn" (print a warning for subnet-id
+ // related inconsistencies), "fix" (correct the subnet id by
+ // trying to find the suitable subnet), "fix-del" (similar
+ // to "fix" but delete the lease if no suitable subnet found),
+ // "del" (delete the lease if the lease has invalid subnet
+ // identifier value).
+ "lease-checks": "warn",
+
+ // Specifies how Kea DHCPv4 server should behave when invalid
+ // extended info is read for a lease from the lease file, or
+ // whether to upgrade from the old format. The following values
+ // are supported: "none" (don't attempt to correct or upgrade
+ // the extended info), "fix" (fix common inconsistencies and
+ // upgrade from the old format; this is the default), "strict"
+ // (fix inconsistencies with an impact on Leasequery),
+ // "pedantic" (enforce full Kea code format).
+ "extended-info-checks": "fix"
+ },
+
+ // Custom DUID used by the DHCPv6 server.
+ "server-id": {
+ // Type of the DUID. Possible values are "LLT", "EN", and "LL".
+ "type": "EN",
+
+ // Enterprise id used for "EN" duid.
+ "enterprise-id": 2495,
+
+ // Identifier part of the DUID.
+ "identifier": "0123456789",
+
+ // Boolean flag indicating whether the DUID should be persisted on
+ // disk.
+ "persist": false
+ },
+
+ // List of shared networks used by the Kea DHCPv6 server. The shared
+ // networks group subnets together.
+ "shared-networks": [
+ {
+ // A flag selecting an IP address allocation strategy for all
+ // subnets in this shared network.
+ "allocator": "random",
+
+ // A flag selecting a delegated prefix allocation strategy for
+ // all subnets in this shared network.
+ "pd-allocator": "iterative",
+
+ // Restricts this shared network to allow only clients
+ // that belong to a particular client class. If an
+ // empty string is provided, no restriction is applied.
+ "client-class": "",
+
+ // Shared-network level value. See description at the global level.
+ "ddns-generated-prefix": "myhost",
+
+ // Shared-network level value. See description at the global level.
+ "ddns-override-client-update": false,
+
+ // Shared-network level value. See description at the global level.
+ "ddns-override-no-update": false,
+
+ // Shared-network level value. See description at the global level.
+ "ddns-qualifying-suffix": "",
+
+ // Shared-network level value. See description at the global level.
+ "ddns-replace-client-name": "never",
+
+ // Shared-network level value. See description at the global level.
+ "ddns-send-updates": true,
+
+ // Shared-network level value. See description at the global level.
+ "ddns-update-on-renew": true,
+
+ // Shared-network level value. See description at the global level.
+ "ddns-use-conflict-resolution": true,
+
+ // Shared-network level value. See description at the global level.
+ "ddns-ttl-percent": 0.65,
+
+ // Shared-network level value. See description at the global level.
+ "hostname-char-replacement": "x",
+
+ // Shared-network level value. See description at the global level.
+ "hostname-char-set": "[^A-Za-z0-9.-]",
+
+ // Specifies that this shared network is selected for
+ // requests received on a particular interface.
+ "interface": "eth0",
+
+ // Specifies the content of the interface-id option used
+ // by relays to identify the interface on the relay to
+ // which the response is sent.
+ "interface-id": "",
+
+ // Shared network name.
+ "name": "my-secret-network",
+
+ // List of shared network-specific DHCP options.
+ "option-data": [],
+
+ // Shared network-specific (default) preferred lifetime.
+ "preferred-lifetime": 2000,
+
+ // Shared network-specific min preferred lifetime.
+ "min-preferred-lifetime": 1500,
+
+ // Shared network-specific ma xpreferred lifetime.
+ "max-preferred-lifetime": 2500,
+
+ // Boolean flag indicating whether the server can respond to
+ // a Solicit message including a Rapid Commit option with
+ // the Reply message (See DHCPv6 rapid commit).
+ "rapid-commit": false,
+
+ // List of IPv6 relay addresses for which this shared
+ // network is selected.
+ "relay": {
+ "ip-addresses": []
+ },
+
+ // Shared-network level rebind timer.
+ "rebind-timer": 41,
+
+ // Shared-network level renew timer.
+ "renew-timer": 31,
+
+ // Shared-network level compute T1 and T2 timers.
+ "calculate-tee-times": true,
+
+ // T1 = valid lifetime * .5.
+ "t1-percent": .5,
+
+ // T2 = valid lifetime * .75.
+ "t2-percent": .75,
+
+ // Cache threshold = valid lifetime * .25.
+ "cache-threshold": .25,
+
+ // Cache maximum: when the client last-transmission time
+ // is close enough, the lease is not renewed and the current
+ // lease is returned as it was "cached".
+ "cache-max-age": 1000,
+
+ // Enumeration specifying the server's mode of operation when it
+ // fetches host reservations.
+ // "reservation-mode": "all",
+ // It is replaced by the "reservations-global",
+ // "reservations-in-subnet", and "reservations-out-of-pool"
+ // parameters.
+
+ // Specify whether the server should look up global reservations.
+ "reservations-global": false,
+
+ // Specify whether the server should look up in-subnet reservations.
+ "reservations-in-subnet": true,
+
+ // Specify whether the server can assume that all reserved addresses
+ // are out-of-pool.
+ // Ignored when reservations-in-subnet is false.
+ // If specified, it is inherited by "subnet6" levels.
+ "reservations-out-of-pool": false,
+
+ // List of client classes which must be evaluated when this shared
+ // network is selected for client assignments.
+ "require-client-classes": [ "late" ],
+
+ // Turn off storage of extended information (e.g. relay agent
+ // information) with each lease for this shared network.
+ "store-extended-info": false,
+
+ // List of IPv6 subnets belonging to this shared network.
+ "subnet6": [
+ {
+ // A flag selecting an IP address allocation strategy for
+ // the subnet.
+ "allocator": "iterative",
+
+ // A flag selecting a delegated prefix allocation strategy
+ // for the subnet.
+ "pd-allocator": "iterative",
+
+ // Restricts this subnet to allow only clients that belong
+ // to a particular client class. If an empty string is
+ // provided, no restriction is applied.
+ "client-class": "",
+
+ // Subnet-level value. See description at the global level.
+ "ddns-generated-prefix": "myhost",
+
+ // Subnet-level value. See description at the global level.
+ "ddns-override-client-update": false,
+
+ // Subnet-level value. See description at the global level.
+ "ddns-override-no-update": false,
+
+ // Subnet-level value. See description at the global level.
+ "ddns-qualifying-suffix": "",
+
+ // Subnet-level value. See description at the global level.
+ "ddns-replace-client-name": "never",
+
+ // Subnet-level value. See description at the global level.
+ "ddns-send-updates": true,
+
+ // Subnet-level value. See description at the global level.
+ "ddns-update-on-renew": true,
+
+ // Subnet-level value. See description at the global level.
+ "ddns-use-conflict-resolution": true,
+
+ // Subnet-level value. See description at the global level.
+ "ddns-ttl-percent": 0.55,
+
+ // Subnet-level value. See description at the global level.
+ "hostname-char-replacement": "x",
+
+ // Subnet-level value. See description at the global level.
+ "hostname-char-set": "[^A-Za-z0-9.-]",
+
+ // Subnet unique identifier.
+ "id": 1,
+
+ // Specifies that this subnet is selected for requests
+ // received on a particular interface.
+ "interface": "eth0",
+
+ // Specifies the content of the interface-id option used
+ // by relays to identify the interface on the relay to
+ // which the response is sent.
+ "interface-id": "",
+
+ // Turn on storage of extended information (e.g. relay agent
+ // information) with each lease for this subnet.
+ "store-extended-info": true,
+
+ // Subnet-level list of DHCP options.
+ "option-data": [
+ {
+ // Boolean flag indicating whether the particular option
+ // should be always sent or sent only when requested.
+ "always-send": false,
+
+ // Option code.
+ "code": 7,
+
+ // Boolean flag indicating whether the option value specified
+ // in "data" is a string of hexadecimal values or human-readable
+ // CSV value.
+ "csv-format": false,
+
+ // Option data to be included in the option payload.
+ "data": "0xf0",
+
+ // Option name.
+ "name": "preference",
+
+ // Boolean flag indicating whether the given option is never
+ // sent in response.
+ "never-send": false,
+
+ // Option space. The default value "dhcp6" designates the
+ // top level option space.
+ "space": "dhcp6"
+ }
+ ],
+
+ // List of pools from which delegated prefixes are assigned to the
+ // clients.
+ "pd-pools": [
+ {
+ // Restricts this prefix pool to be used only for the client
+ // requests belonging to a particular client class.
+ "client-class": "phones_server1",
+
+ // Length of prefixes delegated to clients.
+ "delegated-len": 64,
+
+ // Excluded prefix (address) from client assignments.
+ "excluded-prefix": "2001:db8:1::",
+
+ // Excluded prefix (length) from client assignments.
+ "excluded-prefix-len": 72,
+
+ // Prefix pool level list of DHCP options.
+ "option-data": [],
+
+ // Prefix range (address) used for client assignments.
+ "prefix": "2001:db8:1::",
+
+ // Prefix range (length) used for client assignments.
+ "prefix-len": 48,
+
+ // List of client classes which must be evaluated
+ // when this prefix pool is selected for client assignments.
+ "require-client-classes": []
+ }
+ ],
+
+ // List of IP address pools belonging to the subnet.
+ "pools": [
+ {
+ // Restricts this pool to only be used for client
+ // requests belonging to a particular client class.
+ "client-class": "phones_server1",
+
+ // Pool-level list of DHCP options.
+ "option-data": [],
+
+ // Address range used for client assignments.
+ "pool": "2001:db8:0:1::/64",
+
+ // List of client classes which must be evaluated when this pool
+ // is selected for client assignments.
+ "require-client-classes": [ "late" ]
+ },
+ {
+ // Restricts this pool to only be used for client
+ // requests belonging to a particular client class.
+ "client-class": "phones_server2",
+
+ // Pool-level list of DHCP options.
+ "option-data": [],
+
+ // Address range used for client assignments.
+ "pool": "2001:db8:0:3::/64",
+
+ // List of client classes which must be evaluated when this pool
+ // is selected for client assignments.
+ "require-client-classes": [],
+
+ // Pool identifier used to enable statistics for this pool.
+ // The pool ID does not need to be unique within the subnet
+ // or across subnets.
+ // If not unconfigured, it defaults to 0. The statistics
+ // regarding this pool will be combined with the other statistics
+ // of all other pools with the same pool ID in this subnet.
+ "pool-id": 1
+ }
+ ],
+
+ // Subnet specific (default) preferred lifetime.
+ "preferred-lifetime": 2000,
+
+ // Subnet specific min preferred lifetime.
+ "min-preferred-lifetime": 1500,
+
+ // Subnet specific max referred lifetime.
+ "max-preferred-lifetime": 2500,
+
+ // Boolean flag indicating whether the server can respond to
+ // a Solicit message including a Rapid Commit option with
+ // the Reply message (See DHCPv6 rapid commit).
+ "rapid-commit": false,
+
+ // Subnet-level value of the rebind timer.
+ "rebind-timer": 40,
+
+ // List of IPv6 relay addresses for which this subnet is selected.
+ "relay": {
+ "ip-addresses": [
+ "2001:db8:0:f::1"
+ ]
+ },
+
+ // Subnet-level renew timer.
+ "renew-timer": 30,
+
+ // Enumeration specifying the server's mode of operation when it
+ // fetches host reservations.
+ // "reservation-mode": "all",
+ // It is replaced by the "reservations-global",
+ // "reservations-in-subnet", and
+ // "reservations-out-of-pool" parameters.
+
+ // Specify whether the server should look up global reservations.
+ "reservations-global": false,
+
+ // Specify whether the server should look up in-subnet reservations.
+ "reservations-in-subnet": true,
+
+ // Specify whether the server can assume that all reserved
+ // addresses are out-of-pool.
+ // Ignored when reservations-in-subnet is false.
+ "reservations-out-of-pool": false,
+
+ // Subnet-level compute T1 and T2 timers.
+ "calculate-tee-times": true,
+
+ // T1 = valid lifetime * .5.
+ "t1-percent": .5,
+
+ // T2 = valid lifetime * .75.
+ "t2-percent": .75,
+
+ // Cache threshold = valid lifetime * .25.
+ "cache-threshold": .25,
+
+ // Subnet-level cache maximum.
+ "cache-max-age": 1000,
+
+ // List of static IPv6 reservations assigned to clients belonging
+ // to this subnet. For a detailed example, see reservations.json.
+ "reservations": [
+ {
+ // Identifier used for client matching. Supported values are
+ // "duid", "hw-address" and "flex-id".
+ "duid": "01:02:03:04:05:06:07:08:09:0A",
+
+ // List of reserved IPv6 addresses.
+ "ip-addresses": [ "2001:db8:1:cafe::1" ],
+
+ // List of reserved IPv6 prefixes.
+ "prefixes": [ "2001:db8:2:abcd::/64" ],
+
+ // Reserved hostname.
+ "hostname": "foo.example.com",
+
+ // Reservation-specific option data.
+ "option-data": [
+ {
+ // Option name.
+ "name": "vendor-opts",
+
+ // Option value.
+ "data": "4491"
+ }
+ ]
+ }
+ ],
+
+ // List of client classes which must be evaluated when this subnet
+ // is selected for client assignments.
+ "require-client-classes": [ "late" ],
+
+ // Subnet prefix.
+ "subnet": "2001:db8::/32",
+
+ // Subnet-level (default) valid lifetime.
+ "valid-lifetime": 6000,
+
+ // Subnet-level min valid lifetime.
+ "min-valid-lifetime": 4000,
+
+ // Subnet-level max valid lifetime.
+ "max-valid-lifetime": 8000
+ }
+ ],
+
+ // Shared-network level (default) valid lifetime.
+ "valid-lifetime": 6001,
+
+ // Shared-network level min valid lifetime.
+ "min-valid-lifetime": 4001,
+
+ // Shared-network level max valid lifetime.
+ "max-valid-lifetime": 8001
+ }
+ ],
+
+ // List of IPv6 subnets which don't belong to any shared network.
+ "subnet6": [],
+
+ // Global valid lifetime value.
+ "valid-lifetime": 6000,
+
+ // Global min valid lifetime value.
+ "min-valid-lifetime": 4000,
+
+ // Global max valid lifetime value.
+ "max-valid-lifetime": 8000,
+
+ // Reservations (examples are in other files).
+ "reservations": [],
+
+ // Configuration control (currently not used, i.e. this syntax
+ // is already defined but the corresponding feature is not implemented).
+ "config-control": {
+ // Only the configuration databases entry is defined.
+ "config-databases": [
+ {
+ // Name of the database to connect to.
+ "name": "config",
+
+ // Type of database, e.g. "mysql", "postgresql".
+ "type": "mysql"
+ }
+ ],
+ // Interval between attempts to fetch configuration updates
+ // via the configuration backends used.
+ "config-fetch-wait-time": 30
+ },
+
+ // Server tag.
+ "server-tag": "my DHCPv6 server",
+
+ // DHCP queue-control parameters.
+ "dhcp-queue-control": {
+ // Enable queue is mandatory.
+ "enable-queue": true,
+
+ // Queue type is mandatory.
+ "queue-type": "kea-ring6",
+
+ // Capacity is optional.
+ "capacity": 64
+ },
+
+ // Fetches host reservations.
+ // "reservation-mode": "all",
+ // It is replaced by the "reservations-global",
+ // "reservations-in-subnet", and "reservations-out-of-pool" parameters.
+
+ // Specify whether the server should look up global reservations.
+ "reservations-global": false,
+
+ // Specify whether the server should look up in-subnet reservations.
+ "reservations-in-subnet": true,
+
+ // Specify whether the server can assume that all reserved addresses
+ // are out-of-pool.
+ // Ignored when reservations-in-subnet is false.
+ // If specified, it is inherited by "shared-networks" and
+ // "subnet6" levels.
+ "reservations-out-of-pool": false,
+
+ // Data directory.
+ "data-directory": "/tmp",
+
+ // Global compute T1 and T2 timers.
+ "calculate-tee-times": true,
+
+ // T1 = valid lifetime * .5.
+ "t1-percent": .5,
+
+ // T2 = valid lifetime * .75.
+ "t2-percent": .75,
+
+ // Cache threshold = valid lifetime * .25.
+ "cache-threshold": .25,
+
+ // Global cache maximum.
+ "cache-max-age": 1000,
+
+ // String of zero or more characters with which to replace each
+ // invalid character in the Client FQDN. The default
+ // value is an empty string, which will cause invalid characters
+ // to be omitted rather than replaced.
+ "hostname-char-replacement": "x",
+
+ // Regular expression describing the invalid character set in
+ // the Client FQDN.
+ "hostname-char-set": "[^A-Za-z0-9.-]",
+
+ // List of loggers used by the servers using this configuration file.
+ "loggers": [
+ {
+ // Debug level, a value between 0..99. The greater the value
+ // the more detailed the debug log.
+ "debuglevel": 99,
+
+ // Name of the logger.
+ "name": "kea-dhcp6",
+
+ // Configures how the log should be output.
+ "output-options": [
+ {
+ // Determines whether the log should be flushed to a file.
+ "flush": true,
+
+ // Specifies maximum filesize before the file is rotated.
+ "maxsize": 10240000,
+
+ // Specifies the maximum number of rotated files to be kept.
+ "maxver": 1,
+
+ // Specifies the logging destination.
+ "output": "stdout",
+
+ // Specifies log entry content
+ "pattern": "%D{%Y-%m-%d %H:%M:%S.%q} %-5p [%c/%i] %m\n"
+ }
+ ],
+
+ // Specifies logging severity, i.e. "ERROR", "WARN", "INFO", "DEBUG".
+ "severity": "INFO"
+ }
+ ],
+
+ // Look at advanced examples for the use of user-contexts.
+ "user-context": { }
+ }
+}