From 52c021ee0b0c6ad2128ed550c694aad0d11d4c3f Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 21 Apr 2024 16:53:22 +0200 Subject: Adding upstream version 2.5.7. Signed-off-by: Daniel Baumann --- doc/examples/kea6/reservations.json | 171 ++++++++++++++++++++++++++++++++++++ 1 file changed, 171 insertions(+) create mode 100644 doc/examples/kea6/reservations.json (limited to 'doc/examples/kea6/reservations.json') diff --git a/doc/examples/kea6/reservations.json b/doc/examples/kea6/reservations.json new file mode 100644 index 0000000..c793cb8 --- /dev/null +++ b/doc/examples/kea6/reservations.json @@ -0,0 +1,171 @@ +// This is an example configuration file for DHCPv6 server in Kea +// that showcases how to do host reservations. It is +// assumed that one subnet (2001:db8:1::/64) is available directly +// over eth0 interface. A number of hosts have various combinations +// of addresses and prefixes reserved for them. + +{ "Dhcp6": + +{ +// Kea is told to listen on eth0 interface only. + "interfaces-config": { + "interfaces": [ "eth0" ] + }, + +// We need to specify the database used to store leases. As of +// June 2022, three database backends are supported: MySQL, +// PostgreSQL and the in-memory database, Memfile. +// We'll use memfile because it doesn't require any prior set up. + "lease-database": { + "type": "memfile", + "lfc-interval": 3600 + }, + +// This is pretty basic stuff, it has nothing to do with reservations. + "preferred-lifetime": 3000, + "valid-lifetime": 4000, + "renew-timer": 1000, + "rebind-timer": 2000, + +// Kea supports three types of identifiers in DHCPv6: hw-address (hardware/MAC +// address of the client), duid (DUID inserted by the client) and flex-id +// (flexible identifier available when flex_id hook library is loaded) When told +// to do so, Kea can check for each of these identifier types, but it takes a +// costly database lookup to do so. It is therefore useful from a performance +// perspective to use only the reservation types that are actually used in a +// given network. + "host-reservation-identifiers": [ "duid", "hw-address", "flex-id" ], + +// The following list defines subnets. Subnet, pools and interface definitions +// are the same as in the regular scenario, without host reservations. +// least subnet and pool entries. + "subnet6": [ + { + "id": 1, + + "subnet": "2001:db8:1::/48", + + // This directive tells Kea that reservations may be made both in-pool + // and out-of-pool. For improved performance, you may move all reservations + // out of the dynamic pool and change reservation-mode to "out-of-pool". + // Kea will then be able to skip querying for host reservations when + // assigning leases from dynamic pool. + // "reservation-mode": "all", + // It is replaced by the "reservations-global", "reservations-in-subnet" + // and "reservations-out-of-pool" parameters. + + // Specify whether the server should look up global reservations. + "reservations-global": false, + + // Specify whether the server should look up in-subnet reservations. + "reservations-in-subnet": true, + + // Specify whether the server can assume that all reserved addresses + // are out-of-pool. + // Ignored when reservations-in-subnet is false. + // If specified, it is inherited by "shared-networks" and + // "subnet6" levels. + "reservations-out-of-pool": false, + + "pools": [ { "pool": "2001:db8:1::/120" } ], + + "pd-pools": [ + { + "prefix": "2001:db8:1:8000::", + "prefix-len": 56, + "delegated-len": 64 + } + ], + "interface": "eth0", + +// Host reservations. Define several reservations, note that +// they are all within the range of the pool of the dynamically +// allocated address. The server will exclude the addresses from this +// pool and only assign them to the client which has a reservation for +// them. + "reservations": [ +// This is a simple host reservation. The host with DUID matching +// the specified value will get an address of 2001:db8:1::100. + { + "duid": "01:02:03:04:05:0A:0B:0C:0D:0E", + "ip-addresses": [ "2001:db8:1::100" ] + }, +// This is similar to the previous one, but this time the reservation +// is done based on hardware/MAC address. The server will do its best to +// extract the hardware/MAC address from received packets (see +// 'mac-sources' directive for details). This particular reservation +// also specifies two extra options to be available for this client. If +// there are options with the same code specified in a global, subnet or +// class scope, the values defined at host level take precedence. + { + "hw-address": "00:01:02:03:04:05", + "ip-addresses": [ "2001:db8:1::101" ], + "option-data": [ + { + "name": "dns-servers", + "data": "3000:1::234" + }, + { + "name": "nis-servers", + "data": "3000:1::234" + } ], + "client-classes": [ "special_snowflake", "office" ] + }, +// This is a bit more advanced reservation. The client with the specified +// DUID will get a reserved address, a reserved prefix and a hostname. +// This reservation is for an address that it not within the dynamic pool. +// Finally, this reservation features vendor specific options for CableLabs, +// which happen to use enterprise-id 4491. Those particular values will +// be returned only to the client that has a DUID matching this reservation. + { + "duid": "01:02:03:04:05:06:07:08:09:0A", + "ip-addresses": [ "2001:db8:1:cafe::1" ], + "prefixes": [ "2001:db8:2:abcd::/64" ], + "hostname": "foo.example.com", + "option-data": [ { + "name": "vendor-opts", + "data": "4491" + }, + { + "name": "tftp-servers", + "space": "vendor-4491", + "data": "3000:1::234" + } ] + + }, +// This reservation is using flexible identifier. Instead of relying +// on specific field, sysadmin can define an expression similar to what +// is used for client classification, +// e.g. substring(relay[0].option[17],0,6). Then, based on the value of +// that expression for incoming packet, the reservation is matched. +// Expression can be specified either as hex or plain text using single +// quotes. +// Note: flexible identifier requires flex_id hook library to be +// loaded to work. + { + "flex-id": "'somevalue'", + "ip-addresses": [ "2001:db8:1:cafe::2" ] + } + + ] + } + ], + +// The following configures logging. It assumes that messages with at +// least informational level (info, warn, error and fatal) should be +// logged to stdout. + "loggers": [ + { + "name": "kea-dhcp6", + "output-options": [ + { + "output": "stdout" + } + ], + "debuglevel": 0, + "severity": "INFO" + } + ] +} + +} -- cgit v1.2.3