Hi Stefan, I imagine your socket file is being removed during routine OS cleaning of /tmp/ I would not store it there in production (I do often do that in testing, however). If the socket file gets removed, Kea will not recreate it until a restart.
Thank you, Darren Ankney On Fri, Jun 23, 2023 at 4:21 AM Stefan G. Weichinger <li...@xunil.at> wrote: > > Am 22.06.23 um 19:35 schrieb Eric Graham: > > Check the permissions of the control socket on your server: > > > > * Confirm that the Kea control agent can read it * Confirm that > > SELinux is not denying the attempt > > Eric, thanks for your help. > > If it works most of the time ... why wouldn't the permissions be OK then? > > OK: > > root@adc1:/etc/kea# ls -l /tmp/kea4* > srwxr-xr-x 1 _kea _kea 0 22. Jun 07:35 /tmp/kea4-ctrl-socket > -rw------- 1 _kea _kea 0 22. Jun 07:35 /tmp/kea4-ctrl-socket.lock > > > root@adc2:/etc/kea# ls -l /tmp/kea4* > srwxr-xr-x 1 _kea _kea 0 17. Mai 08:18 /tmp/kea4-ctrl-socket > -rw------- 1 _kea _kea 0 17. Mai 08:18 /tmp/kea4-ctrl-socket.lock > > SElinux: don't know how to check that right now ... > > > > Your control agent on the other server isn't configured to connect to > > the socket for dhcp4 on your primary server, correct? > > As far as I understand, no. > > I add the whole file just to be safe here: > > root@adc1:/etc/kea# cat kea-ctrl-agent.conf > // This is a basic configuration for the Kea Control Agent. > // > // This is just a very basic configuration. Kea comes with large suite > (over 30) > // of configuration examples and extensive Kea User's Guide. Please refer to > // those materials to get better understanding of what this software is > able to > // do. Comments in this configuration file sometimes refer to sections > for more > // details. These are section numbers in Kea User's Guide. The version > matching > // your software should come with your Kea package, but it is also available > // in ISC's Knowledgebase (https://kea.readthedocs.io; the direct link for > // the stable version is https://kea.readthedocs.io/). > // > // This configuration file contains only Control Agent's configuration. > // If configurations for other Kea services are also included in this > file they > // are ignored by the Control Agent. > { > > // This is a basic configuration for the Kea Control Agent. > // RESTful interface to be available at http://127.0.0.1:8000/ > "Control-agent": { > "http-host": "10.0.0.231", > // If enabling HA and multi-threading, the 8000 port is used by the HA > // hook library http listener. When using HA hook library with > // multi-threading to function, make sure the port used by dedicated > // listener is different (e.g. 8001) than the one used by CA. Note > // the commands should still be sent via CA. The dedicated listener > // is specifically for HA updates only. > "http-port": 8000, > > "authentication": { > "type": "basic", > "realm": "kea-control-agent", > "clients": [ > { > "user": "admin", > "password": "X-dEldmfRz" > } ] > }, > > // Specify location of the files to which the Control Agent > // should connect to forward commands to the DHCPv4, DHCPv6 > // and D2 servers via unix domain sockets. > "control-sockets": { > "dhcp4": { > "socket-type": "unix", > "socket-name": "/tmp/kea4-ctrl-socket" > } > # "dhcp6": { > # "socket-type": "unix", > # "socket-name": "/tmp/kea6-ctrl-socket" > # }, > # "d2": { > # "socket-type": "unix", > # "socket-name": "/tmp/kea-ddns-ctrl-socket" > # } > }, > > // Specify hooks libraries that are attached to the Control Agent. > // Such hooks libraries should support 'control_command_receive' > // hook point. This is currently commented out because it has to > // point to the existing hooks library. Otherwise the Control > // Agent will fail to start. > "hooks-libraries": [ > // { > // "library": > "/usr/lib/x86_64-linux-gnu/kea/hooks/control-agent-commands.so", > // "parameters": { > // "param1": "foo" > // } > // } > ], > > // Logging configuration starts here. Kea uses different loggers to log > various > // activities. For details (e.g. names of loggers), see Chapter 18. > "loggers": [ > { > // This specifies the logging for Control Agent daemon. > "name": "kea-ctrl-agent", > "output_options": [ > { > // Specifies the output file. There are several special > values > // supported: > // - stdout (prints on standard output) > // - stderr (prints on standard error) > // - syslog (logs to syslog) > // - syslog:name (logs to syslog using specified name) > // Any other value is considered a name of the file > "output": "stdout", > > // Shorter log pattern suitable for use with systemd, > // avoids redundant information > "pattern": "%-5p %m\n" > > // This governs whether the log output is flushed to > disk after > // every write. > // "flush": false, > > // This specifies the maximum size of the file before it is > // rotated. > // "maxsize": 1048576, > > // This specifies the maximum number of rotated files > to keep. > // "maxver": 8 > } > ], > // This specifies the severity of log messages to keep. > Supported values > // are: FATAL, ERROR, WARN, INFO, DEBUG > "severity": "INFO", > > // If DEBUG level is specified, this value is used. 0 is least > verbose, > // 99 is most verbose. Be cautious, Kea can generate lots and lots > // of logs if told to do so. > "debuglevel": 0 > } > ] > } > } > > > It looks at the local socket in /tmp, right? > -- > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > Kea-users mailing list > Kea-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/kea-users -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users