I am trying to configure the following setup. I have a dhcp relay, a kea dhcp
server, and a freeradius server. Requests come into the relay, then sent to the
kea server, authorized by the radius server and address assigned by kea. I also
want to have address reservations assigned by the radius framed-ip attribute
using the radius hook in kea.
I have the following config (disregard the client class section, not using it)
but the service fails to start. Any obvious issues with it?
{
"Dhcp4": {
"host-reservation-identifiers": ["hw-address"],
"interfaces-config": {
"interfaces": [ "ens33" ]
},
"control-socket": {
"socket-type": "unix",
"socket-name": "kea4-ctrl-socket"
},
"lease-database": {
"type": "mysql",
"name": "dhcp",
"user": "kea",
"password": "abcdefghijk",
"host": "localhost",
"port": 3306
},
"expired-leases-processing": {
"reclaim-timer-wait-time": 10,
"flush-reclaimed-timer-wait-time": 25,
"hold-reclaimed-time": 3600,
"max-reclaim-leases": 100,
"max-reclaim-time": 250,
"unwarned-reclaim-cycles": 5
},
"renew-timer": 900,
"rebind-timer": 1800,
"valid-lifetime": 3600,
"option-data": [
{
"name": "domain-name-servers",
"data": "8.8.8.8"
}
],
"client-classes": [
{
"name": "voip",
"test": "substring(option[60].hex,0,6) == 'Aastra'",
"next-server": "192.0.2.254",
"server-hostname": "hal9000",
"boot-file-name": "/dev/null"
}
],
"hooks-libraries": [
{
"library": "/usr/lib64/kea/hooks/libdhcp_lease_cmds.so"
},
{
"library": "/usr/lib64/kea/hooks/libdhcp_mysql.so"
},
{
"library": "/usr/lib64/kea/hooks/libdhcp_host_cache.so"
},
{
"library": "/usr/lib64/kea/hooks/libdhcp_radius.so",
"parameters": {
"identifier-type4": "hw-address",
"reselect-subnet-address": false,
"access": {
"servers": [
{
"name":"10.0.95.34",
"port":1812,
"secret":"testing123"
}
],
"attributes": [
{
"name": "User-Name",
"expr":
"concat(concat(concat(concat(substring(hexstring(pkt4.mac, ''), 0, 4), '.'),
substring(hexstring(pkt4.mac, ''), 4, 4)), '.'), substring(hexstring(pkt4.mac,
''), 8, 4))"
}
]
}
}
}
],
"subnet4": [
{
"id": 1,
"subnet": "192.168.1.0/24",
"pools": [ { "pool": "192.168.1.5 - 192.168.1.255" } ],
"option-data": [
{
"name": "routers",
"data": "192.168.3.1"
}
],
"relay": {
"ip-addresses": ["192.168.3.1"]
}
},
{
"id": 2,
"subnet": "192.168.2.0/24",
"pools": [ { "pool": "192.168.2.5 - 192.168.2.255" } ],
"option-data": [
{
"name": "routers",
"data": "192.168.3.1"
}
],
"relay": {
"ip-addresses": ["192.168.3.1"]
}
}
],
"loggers": [
{ "name": "kea-dhcp4.radius-hooks",
"output-options": [
{
"output": "/var/log/kea/radius-hooks.log"
}
],
"severity": "DEBUG",
"debuglevel": 99
},
{
"name": "kea-dhcp4",
"severity": "DEBUG",
"output_options": [
{
"output": "/var/log/kea/dhcp4.log",
"maxver": 10
}
]
},
{
"name": "kea-dhcp4.dhcpsrv",
"severity": "DEBUG",
"output_options": [
{
"output": "/var/log/kea/dhcp4-dhcpsrv.log",
"maxver": 10
}
]
},
{
"name": "kea-dhcp4.leases",
"severity": "DEBUG",
"output_options": [
{
"output": "/var/log/kea/dhcp4-leases.log",
"maxver": 10
}
]
}
]
}
}
This message is intended only for the use of the individual or entity to which
it is addressed and may contain information that is privileged, confidential,
and exempt from disclosure under applicable law. Unintentional recipients are
prohibited from disseminating, distributing, or copying the content of this
message. If you have received this message in error, please delete it
immediately and notify the sender.
--
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users
