Hi Dee-Jay,
In Kea, the subnet is just a label. You should be able to do
something like this:
"subnet4": [
{
"subnet": "192.168.10.0/30",
"id": 1
},
{
"subnet": "192.168.10.1/30",
"id": 2
}
]
However, kea-dhcp4 may then complain about overlapping pools. Please
do try this in a test lab before trying to use in production.
Thank you,
Darren Ankney
On Wed, Oct 1, 2025 at 2:56 AM Dee-Jay Logozzo
<[email protected]> wrote:
>
> Hi All,
>
> I am unable to configure KEA to serve identical subnets to different networks.
>
> We have an MPLS Service-Provider style network I am configuring that would
> benefit from being able to provide DHCP for different segregated network
> segments (vrfs) using overlapping (or possibly duplicate) subnets.
> These segregated vrfs are able to talk back to the KEA instance via
> multi-homed DHCP Relays living in both the customer's vrf, and our
> dhcp-management vrf.
> We are using Option 82 (sub-option 2) set individually by each DHCP relay to
> distinguish between each network within the KEA DHCP server.
> Everything is working as expected with this configuration, the segregated
> DHCP clients are able to receive their specific allocation as per Option 82
> (using flex-id within KEA).
> However, if we configure two different and segregated network pools to use
> the same subnet within the KEA kea-dhcp4.conf configuration file, KEA refuses
> to start with a 'DHCP4_INIT_FAIL failed to initialize Kea server:
> configuration error using file 'kea-dhcp4.conf': subnet with the prefix of
> '192.168.10.0/30' already exists (kea-dhcp4.conf:62:7)' error.
>
> As the IP subnets we use for the different network segments are often
> allocations from our customers, the likelihood for subnet collision is
> inevitable, but as they are segregated networks that does not cause any
> issues.
> The only problem is that KEA refuses to start with such a configuration.
>
> Is this a supported configuration that I am missing the obvious solution for?
> Are there any available workarounds for my use-case? Are there any other
> solutions for such an issue?
> We have considered running multiple distinct KEA instances, one for each
> customer with dedicated configuration, however this is undesirable as it
> greatly increases both the network design and system provisioning logic
> required for the rest of our system, as well as reduces the system resiliency
> as each customer/network-segment would need its own load-balance/HA group
> instead of being able to pool all those server (or vm) resources into one
> larger load-balance/HA group.
> We would much prefer to be able to have one KEA configuration covering
> everything.
>
> Regards.
>
> Dee-Jay
>
>
> Dee-Jay Logozzo
>
> IT Security Architect
>
> URSYS PTY LTD
>
> Level 1 / 459 – 461 Parramatta Road
>
> Leichhardt 2040 NSW
>
> E: [email protected]
>
> T: 02 8745 2841
>
> W: URSYS.com.au
>
>
>
>
> --
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
>
> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
> [email protected]
--
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
[email protected]
