From ead10d569b06ba857ff9f63fda8db75c89c4d1f9 Mon Sep 17 00:00:00 2001 From: Thomas Trepl Date: Sun, 11 Jun 2023 13:54:16 +0200 Subject: [PATCH] Updates in text, add DDNS config --- networking/connect/kea.xml | 300 +++++++++++++++++++++++++------------ 1 file changed, 204 insertions(+), 96 deletions(-) diff --git a/networking/connect/kea.xml b/networking/connect/kea.xml index 64e226031b..2e45c0c12b 100644 --- a/networking/connect/kea.xml +++ b/networking/connect/kea.xml @@ -10,6 +10,7 @@ + ]> @@ -26,7 +27,7 @@ Introduction to ISC Kea - The ISC Kea package contains the + The ISC Kea package contains the server programs for DHCP. It is the successor of the server which is end-of-life since December 2022. @@ -73,7 +74,7 @@ - + User Notes: @@ -135,20 +136,30 @@ make - + Configuring ISC Kea DHCP - Consult the - Kea Administrator Reference Manual - for detailled information about the configuration of Kea. + Consult the + Kea Administrator Reference Manual + for detailled information about the configuration of ISC Kea + as it is a quite capable system. The configuration shown a bare + minimum to get a DHCP server running but it already includes + configuration for DDNS (Dynamic DNS). That setup might be working + for small networks with a few clients and low traffic. For greater + installations with thousands of clients, ISC Kea + can be configured to use databases (mariabd or postgresql) to store + the leases and build a cluster with multiple nodes. It can + be integrated to Stork + which is a management dashboard to ISC Kea. + The support of IPv4, IPv6 and DDNS has been splitted into separate servers which runs independently from each other. Each of them has its own configuration file. Additional configuration files come from the keactrl agent which is uses to control the servers in an easy way. - + Config Files @@ -175,11 +186,10 @@ make /etc/kea/kea-dhcp6.conf - +--> /etc/kea/kea-dhcp-ddns.conf ---> @@ -197,22 +207,22 @@ make IPv4 DHCP server This daemon handles requests for IPv4 addresses. - Set dhcp4=yes to start it, set + Set dhcp4=yes to start it, set dhcp4=no in case DHCP service for IPv4 is not wanted. IPv6 DHCP server This daemon handles requests for IPv6 addresses. - Set dhcp6=yes to start it, set + Set dhcp6=yes to start it, set dhcp6=no in case DHCP service for IPv6 is not wanted. Dynamic DNS This daemon is used to update a DNS server dynamically - when Kea assignes an IP address to a device. - Set dhcp_ddns=yes to enable it, set + when Kea assignes an IP address to a device. + Set dhcp_ddns=yes to enable it, set dhcp_ddns=no in case dynamic DNS updates are not wanted. @@ -231,7 +241,7 @@ make dependencies are not covered by the current BLFS book. With the following command, Kea will be configured to - start the dhcp service for IPv4 and the + start the dhcp service for IPv4 and the dynamic DNS update, while the control agent and the dhcp service for IPv6 remains down. Tweak the command to match your needs on started services and execute as the @@ -247,88 +257,7 @@ make - IPv4 Server Configuration - - - A sample configuration file is created in /etc/kea/kea-dhcpd4.conf. - Adjust the file to suit your needs or overwrite it by using - the following sample as the root - user: - - -cat > /etc/kea/kea-dhcpd4.conf << "EOF" -// Begin /etc/kea/kea-dhcpd4.conf -{ -"Dhcp4": { - "interfaces-config": { - "interfaces": [ "eth0" ] - }, - "control-socket": { - "socket-type": "unix", - "socket-name": "/run/kea/kea4-ctrl-socket" - }, - "lease-database": { - "type": "memfile", - "lfc-interval": 3600 - }, - "renew-timer": 900, - "rebind-timer": 1800, - "valid-lifetime": 3600, - "option-data": [ - { - "name": "domain-name-servers", - "data": "192.168.2.1, 192.168.2.2" - }, - { - "name": "domain-search", - "data": "mydomain.example.org, example.org" - } - ], - "subnet4": [ - { - "subnet": "192.168.2.0/24", - "pools": [ - { - "pool": "192.168.2.16 - 192.168.2.64" - } - ], - "option-data": [ - { - "name: "routers", - "value": "192.168.2.254" - } - ], - "reservations": [ - { - "hw-address": "00:11:22:33:44:55", - "ip-address": "192.168.2.65", - "hostname": "host-2-65" - }, - { - "hw-address": "00:00:00:00:00:01", - "ip-address": "192.168.2.253", - "hostname": "special-host", - "option-data": [ - { - "name": "domain-name-servers", - "data": "192.168.1.1" - } - ] - } - ] - } - ] -} -} -// End /etc/kea/kea-dhcpd4.conf -EOF - - - The double braces at the end of the config is not a typo. - - - The configuration for IPv6 is similar to the configuration - of IPv4. The configuration file is /etc/kea/kea-dhcpd6.conf. + IPv4 DHCP Server Configuration If you want to start the DHCP Server at boot, install the @@ -343,6 +272,185 @@ EOF make install-kea-dhcpd + + A sample configuration file is created in /etc/kea/kea-dhcpd4.conf. + Adjust the file to suit your needs or overwrite it by using + the following sample as the root + user: + + +cat > /etc/kea/kea-dhcpd4.conf << "EOF" +// Begin /etc/kea/kea-dhcpd4.conf +{ +"Dhcp4": { + // Add names of your network interfaces to listen on. + "interfaces-config": { + "interfaces": [ "eth0", "eth2" ] + }, + + "control-socket": { + "socket-type": "unix", + "socket-name": "/tmp/kea4-ctrl-socket" + }, + + "lease-database": { + "type": "memfile", + "lfc-interval": 3600 + }, + + "expired-leases-processing": { + "reclaim-timer-wait-time": 10, + "flush-reclaimed-timer-wait-time": 25, + "hold-reclaimed-time": 3600, + "max-reclaim-leases": 100, + "max-reclaim-time": 250, + "unwarned-reclaim-cycles": 5 + }, + + "renew-timer": 900, + "rebind-timer": 1800, + "valid-lifetime": 3600, + + // Enable DDNS - Kea will dynamically update the DNS + "ddns-send-updates" : true, + "ddns-qualifying-suffix": "your.domain.tld", + "dhcp-ddns" : { + "enable-updates": true + }, + + "subnet4": [ + { + "subnet": "192.168.56.0/24", + "pools": [ { "pool": "192.168.56.16 - 192.168.56.254" } ], + "option-data": [ + { + "name": "domain-name", + "data": "your.domain.tld" + }, + { + "name": "domain-name-servers", + "data": "192.168.56.2, 192.168.3.7" + }, + { + "name": "domain-search", + "data": "your.domain.tld" + }, + { + "name": "routers", + "data": "192.168.56.2" + } + ] + } + ], + + "loggers": [ + { + "name": "kea-dhcp4", + "output_options": [ + { + "output": "/var/log/kea-dhcp4.log", + "pattern": "%D{%Y-%m-%d %H:%M:%S.%q} %-5p %m\n" + } + ], + "severity": "INFO", + "debuglevel": 0 + } + ] +} +} +// End /etc/kea/kea-dhcpd4.conf +EOF + + + The double braces at the end of the config is not a typo. + This is because the inner "dhcp4" block is not indented as is + should be because the configuration data would move too much + to the right. + + + The configuration for IPv6 is similar to the configuration + of IPv4. The configuration file is /etc/kea/kea-dhcpd6.conf. + + + + + Dynamic DNS Configuration + + + If there is a server running, ISC Kea + can update the DNS when it gives an IP address to a client. + A sample configuration file is created in /etc/kea/kea-dhcp-ddns.conf. + Adjust the file to suit your needs or overwrite it by using + the following sample as the root + user: + + +cat > /etc/kea/kea-dhcp-ddns.conf << "EOF" +// Begin /etc/kea/kea-dhcp-ddns.conf +{ +"DhcpDdns": { + "ip-address": "127.0.0.1", + "port": 53001, + "control-socket": { + "socket-type": "unix", + "socket-name": "/tmp/kea-ddns-ctrl-socket" + }, + + "tsig-keys": [ + { + "name" : "rndc-key", + "algorithm" : "hmac-sha256", + "secret" : "1FU5hD7faYaajQCjSdA54JkTPQxbbPrRnzOKqHcD9cM=" + } + ], + + "forward-ddns" : { + "ddns-domains" : [ + { + "name" : "your.domain.tld.", + //"key-name" : "rndc-key", + "dns-servers" : [ + { + "ip-address" : "127.0.0.1", + "port" : 53 + } + ] + } + ] + }, + + "reverse-ddns" : { + "ddns-domains" : [ + { + "name" : "56.168.192.in-addr.arpa.", + //"key-name" : "rndc-key", + "dns-servers" : [ + { + "ip-address" : "127.0.0.1", + "port" : 53 + } + ] + } + ] + }, + + "loggers": [ + { + "name": "kea-dhcp-ddns", + "output_options": [ + { + "output": "/var/log/kea-ddns.log" + "pattern": "%D{%Y-%m-%d %H:%M:%S.%q} %-5p %m\n" + } + ], + "severity": "INFO", + "debuglevel": 0 + } + ] +} +} +// End /etc/kea/kea-dhcp-ddns.conf +EOF