%general-entities; ]> Kea &kea-dhcp-version; Kea Introduction to ISC Kea The ISC Kea package contains the server programs for DHCP. It is the successor of the server which is end-of-life since December 2022. &lfs113_checked; Package Information Download (HTTP): Download (FTP): Download MD5 sum: &kea-md5sum; Download size: &kea-size; Estimated disk space required: &kea-buildsize; Estimated build time: &kea-time; Kea Dependencies Required , Optional , , , Optional database backends or MySQL, User Notes: Kernel Configuration You must have Packet Socket support. IPv6 support is optional. [*] Networking support ---> [CONFIG_NET] Networking options ---> <*> Packet socket [CONFIG_PACKET] <*> The IPv6 Protocol ---> [CONFIG_IPV6] Kea Installation of ISC Kea DHCP Install ISC Kea DHCP by running the following commands: ./configure --prefix=/usr \ --sysconfdir=/etc \ --docdir=/usr/share/doc/kea-&kea-dhcp-version; \ --localstatedir=/var \ --enable-shell \ --with-openssl && make To test the results, issue: make check. To install the ISC Kea DHCP suite, issue the following commands as the root user: make -j1 install Command Explanations --with-pgsql or --with-mysql: ISC Kea can store the leases on a database. This might be useful in large environments running a cluster of DHCP servers. Using the memfile backend (which is a CSV file stored locally) is possible anyhow. make -j1 install: ISC does not recommend any form of parallel or job server options when doing the install. Configuring ISC Kea DHCP The support of IPv4, IPv6 and DDNS has been splitted into separate servers which runs independently from each other. Each of them has its own configuration file. Additional configuration files come from the keactrl agent which is uses to control the servers in an easy way. Consult the Kea Administrator Reference Manual for detailled information about the configuration of ISC Kea as it is a quite capable system. The configuration shown a bare minimum to get a DHCP server running but it already includes configuration for DDNS (Dynamic DNS). That setup might be working for small networks with a few clients and low traffic. For greater installations with thousands of clients, ISC Kea can be configured to use databases (mariadb or postgresql) to store the leases and build a cluster with multiple nodes. It can be integrated to ISC Stork which is a management dashboard to ISC Kea. Config Files /etc/kea/keactrl.conf, /etc/kea/kea-ctrl-agent.conf, /etc/kea/kea-dhcp4.conf, /etc/kea/kea-dhcp6.conf and /etc/kea/kea-dhcp-ddns.conf /etc/kea/keactrl.conf /etc/kea/kea-dhcp4.conf /etc/kea/kea-dhcp-ddns.conf Kea Control Configuration keactrl is used to control the independend servers (IPv4, IPv6, DDNS). Its configuration file /etc/kea/keactrl.conf is installed by default and includes many path settings which are defined due to the configure at build time. It also includes settings to specify which of the servers should be started. IPv4 DHCP server This daemon handles requests for IPv4 addresses. Set dhcp4=yes to start it, set dhcp4=no in case DHCP service for IPv4 is not wanted. IPv6 DHCP server This daemon handles requests for IPv6 addresses. Set dhcp6=yes to start it, set dhcp6=no in case DHCP service for IPv6 is not wanted. Dynamic DNS This daemon is used to update a DNS server dynamically when Kea assignes an IP address to a device. Set dhcp_ddns=yes to enable it, set dhcp_ddns=no in case dynamic DNS updates are not wanted. Control Agent The Control Agent is a daemon which allows the (re)configuration of the Kea DHCP service via REST API. Set ctrl_agent=yes to start the control agent (service providing a REST API), set ctrl_agent=no in case the control agent is not needed. The Netconf service is not installed because required dependencies are not covered by the current BLFS book. With the following command, Kea will be configured to start the dhcp service for IPv4 and the dynamic DNS update, while the control agent and the dhcp service for IPv6 remains down. Tweak the command to match your needs on started services and execute as the root user: sed -e "s/^dhcp4=.*/dhcp4=yes/" \ -e "s/^dhcp6=.*/dhcp6=no/" \ -e "s/^dhcp_ddns=.*/dhcp_ddns=yes/" \ -e "s/^ctrl_agent=.*/ctrl_agent=no/" \ -i /etc/kea/keactrl.conf IPv4 DHCP Server Configuration If you want to start the DHCP Server at boot, install the /etc/rc.d/init.d/kea-dhcpd init script kea-dhcpd.service unit included in the package: make install-kea-dhcpd A sample configuration file is created in /etc/kea/kea-dhcpd4.conf. Adjust the file to suit your needs or overwrite it by using the following sample as the root user: cat > /etc/kea/kea-dhcpd4.conf << "EOF" // Begin /etc/kea/kea-dhcpd4.conf { "Dhcp4": { // Add names of your network interfaces to listen on. "interfaces-config": { "interfaces": [ "eth0", "eth2" ] }, "control-socket": { "socket-type": "unix", "socket-name": "/tmp/kea4-ctrl-socket" }, "lease-database": { "type": "memfile", "lfc-interval": 3600 }, "expired-leases-processing": { "reclaim-timer-wait-time": 10, "flush-reclaimed-timer-wait-time": 25, "hold-reclaimed-time": 3600, "max-reclaim-leases": 100, "max-reclaim-time": 250, "unwarned-reclaim-cycles": 5 }, "renew-timer": 900, "rebind-timer": 1800, "valid-lifetime": 3600, // Enable DDNS - Kea will dynamically update the DNS "ddns-send-updates" : true, "ddns-qualifying-suffix": "your.domain.tld", "dhcp-ddns" : { "enable-updates": true }, "subnet4": [ { "subnet": "192.168.56.0/24", "pools": [ { "pool": "192.168.56.16 - 192.168.56.254" } ], "option-data": [ { "name": "domain-name", "data": "your.domain.tld" }, { "name": "domain-name-servers", "data": "192.168.56.2, 192.168.3.7" }, { "name": "domain-search", "data": "your.domain.tld" }, { "name": "routers", "data": "192.168.56.2" } ] } ], "loggers": [ { "name": "kea-dhcp4", "output_options": [ { "output": "/var/log/kea-dhcp4.log", "pattern": "%D{%Y-%m-%d %H:%M:%S.%q} %-5p %m\n" } ], "severity": "INFO", "debuglevel": 0 } ] } } // End /etc/kea/kea-dhcpd4.conf EOF The configuration for IPv6 is similar to the configuration of IPv4. The configuration file is /etc/kea/kea-dhcpd6.conf. Dynamic DNS Configuration If there is a server running, ISC Kea can update the DNS when it gives an IP address to a client. A sample configuration file is created in /etc/kea/kea-dhcp-ddns.conf. Adjust the file to suit your needs or overwrite it by using the following sample as the root user: cat > /etc/kea/kea-dhcp-ddns.conf << "EOF" // Begin /etc/kea/kea-dhcp-ddns.conf { "DhcpDdns": { "ip-address": "127.0.0.1", "port": 53001, "control-socket": { "socket-type": "unix", "socket-name": "/tmp/kea-ddns-ctrl-socket" }, "tsig-keys": [ { "name" : "rndc-key", "algorithm" : "hmac-sha256", "secret" : "1FU5hD7faYaajQCjSdA54JkTPQxbbPrRnzOKqHcD9cM=" } ], "forward-ddns" : { "ddns-domains" : [ { "name" : "your.domain.tld.", "dns-servers" : [ { "ip-address" : "127.0.0.1", "port" : 53 } ] } ] }, "reverse-ddns" : { "ddns-domains" : [ { "name" : "56.168.192.in-addr.arpa.", "dns-servers" : [ { "ip-address" : "127.0.0.1", "port" : 53 } ] } ] }, "loggers": [ { "name": "kea-dhcp-ddns", "output_options": [ { "output": "/var/log/kea-ddns.log" "pattern": "%D{%Y-%m-%d %H:%M:%S.%q} %-5p %m\n" } ], "severity": "INFO", "debuglevel": 0 } ] } } // End /etc/kea/kea-dhcp-ddns.conf EOF The value of secret is just an example. Generate the key for your installation by using the rndc-confgen -a command or the tsig-keygen command which both are provided by . Contents Installed Programs Installed Libraries Installed Directories keactrl, kea-admin, kea-ctrl-agent, kea-dhcp4, kea-dhcp6, kea-dhcp-ddns, kea-lfc, kea-shell libkea-* /etc/kea, /usr/include/kea, /var/lib/kea Short Descriptions keactrl Tool to control the server processes keactrl