Re: [Kea-users] client getting IP without reservation

Wed, 22 Nov 2023 11:33:37 -0800 

On 11/22/23 13:24, Bob Harold wrote:


On Wed, Nov 22, 2023 at 12:41 PM Jason Keltz <j...@yorku.ca> wrote:

    Hi.

    I have now configured my Kea installation with many subnets, each
    with
    their own reservations.  It's working well.

    There's also one global reservation set for hosts that are configured
    without an IP so they can connect in the dynamic range of any subnet.

    I wanted to do a test of what would happen if a host ether was not
    referenced in either the subnet or global sections.

    I took one host which was getting a reserved IP in a subnet, released
    the IP, then changed the host ethernet address in the Kea config
    file so
    that the host would no longer be recognized.

    When I DHCP renew on the host, I now get an IP in the dynamic range.
    This isn't the behaviour I want.  Since the host doesn't have a
    reservation either in a subnet or in the global pool, I want to be
    denied an IP.

    What option am I missing?

    Jason.


Remove the dynamic range, if you don't want dynamic clients.  DHCP 
Reserved clients should be outside any range.



(or limit it to some class of clients or list of allowed mac addresses 
or other client ids or vendor ids)

... at least that's how it works in dhcpd.

--
Bob Harold


Hi Bob,

Thanks for your response.


Perhaps I'm explaining what I want to do poorly or using the incorrect 
terminology.  My apologies.



Each subnet has host reservations based on ethernet address and IP pairs 
for many hosts.  Each subnet also has a dynamic pool. The IPs 
distributed via host reservation are allocated from outside the dynamic 
pool.



The global reservations section includes ethernet address and not IP for 
hosts that should be able to get an address no matter which subnet they 
plug into.  The IPs distributed for these global reservations should be 
from the dynamic pool ranges attached to each subnet.



Hosts that have neither an entry in the subnet host reservation list, or 
the global reservation list should not be able to get an IP address.



That's what I was doing with ISC DHCPd before.  I'm sure there's a way 
to do this with Kea, but I could just use assistance figuring out which 
options I need.


Thanks!

Jason.

-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users






















					Reply via email to