lease database. Kea has a mechanism to implement sanity checks for situations
like this.
-Kea supports a configuration scope called ``sanity-checks``. It
-currently allows only a single parameter, called ``lease-checks``, which
+Kea supports a configuration scope called ``sanity-checks``.
+A parameter, called ``lease-checks``,
governs the verification carried out when a new lease is loaded from a
lease file. This mechanism permits Kea to attempt to correct inconsistent data.
purposes. As long as no other purpose also writes an "ISC" element to
``user-context`` there should not be a conflict.
+Extended lease information is also subject to configurable sanity checking.
+The parameter in the ``sanity-checks`` scope is named ``extended-info-checks``
+and supports these levels:
+
+- ``none`` - do no check nor upgrade. This level should be used on when
+ extended info is not used at all or when no badly formatted extended
+ info, including using the old format, is expected.
+
+- ``fix`` - fix some common inconsistencies and upgrade extended info
+ using the old format to the new one. It is the default level and is
+ convenient when Lease Query hook library is not loaded.
+
+- ``strict`` - fix all inconsistencies which have an impact on the (Bulk)
+ Lease Query hook library.
+
+- ``pedantic`` - enforce full conformance to the format produced by the
+ Kea code, for instance no extra entries are allowed at the exception
+ of ``comment``.
+
+.. note::
+
+ Currently this feature is currently implemented for the memfile
+ backend. The sanity check applies to the lease database in memory,
+ not to the lease file, i.e. inconsistent leases will stay in the lease
+ file.
+
.. _dhcp4-multi-threading-settings:
Multi-Threading Settings
lease database. Kea has a mechanism to implement sanity checks for situations
like this.
-Kea supports a configuration scope called ``sanity-checks``. It
-currently allows only a single parameter, called ``lease-checks``, which
+Kea supports a configuration scope called ``sanity-checks``.
+A parameter, called ``lease-checks``,
governs the verification carried out when a new lease is loaded from a
lease file. This mechanism permits Kea to attempt to correct inconsistent data.
container serving multiple purposes. As long as no other purpose also
writes an "ISC" element to ``user-context`` there should not be a conflict.
+Extended lease information is also subject to configurable sanity checking.
+The parameter in the ``sanity-checks`` scope is named ``extended-info-checks``
+and supports these levels:
+
+- ``none`` - do no check nor upgrade. This level should be used on when
+ extended info is not used at all or when no badly formatted extended
+ info, including using the old format, is expected.
+
+- ``fix`` - fix some common inconsistencies and upgrade extended info
+ using the old format to the new one. It is the default level and is
+ convenient when Lease Query hook library is not loaded.
+
+- ``strict`` - fix all inconsistencies which have an impact on the (Bulk)
+ Lease Query hook library.
+
+- ``pedantic`` - enforce full conformance to the format produced by the
+ Kea code, for instance no extra entries are allowed at the exception
+ of ``comment``.
+
+.. note::
+
+ Currently this feature is currently implemented for the memfile
+ backend. The sanity check applies to the lease database in memory,
+ not to the lease file, i.e. inconsistent leases will stay in the lease
+ file.
+
.. _dhcp6-multi-threading-settings:
Multi-Threading Settings
" \"link\": \"2001::2\" } ] } }",
CfgConsistency::EXTENDED_INFO_CHECK_STRICT);
}
+
+// Pedantic requires a peer entry.
+TEST_F(ExtendedInfoChecksTest, noPeerpedantic) {
+ string description = "no peer, pedantic";
+ check6(description,
+ "{ \"ISC\": { \"relay-info\": [ { \"link\": \"2001::2\" } ] } }",
+ "", CfgConsistency::EXTENDED_INFO_CHECK_PEDANTIC,
+ { "DHCPSRV_LEASE6_EXTENDED_INFO_SANITY_FAIL"
+ " extended info for lease 2001::1 failed checks"
+ " (in peer [relay#0] a problem was found:"
+ " no peer)" });
+}
+
+// peer entry with bad type is dropped by pedantic sanity check level.
+TEST_F(ExtendedInfoChecksTest, badTypePeer) {
+ string description = "peer is not a string, pedantic";
+ check6(description,
+ "{ \"ISC\": { \"relay-info\": [ { \"link\": \"2001::2\","
+ " \"peer\": 1 } ] } }", "",
+ CfgConsistency::EXTENDED_INFO_CHECK_PEDANTIC,
+ { "DHCPSRV_LEASE6_EXTENDED_INFO_SANITY_FAIL"
+ " extended info for lease 2001::1 failed checks"
+ " (in peer [relay#0] a problem was found:"
+ " peer is not a string)" });
+}
+
+// peer entry which is not an address is dropped by pedantic sanity check level.
+TEST_F(ExtendedInfoChecksTest, notAddressPeer) {
+ string description = "peer is not an address, pedantic";
+ check6(description,
+ "{ \"ISC\": { \"relay-info\": [ { \"link\": \"2001::2\","
+ " \"peer\": \"foo\" } ] } }", "",
+ CfgConsistency::EXTENDED_INFO_CHECK_PEDANTIC,
+ { "DHCPSRV_LEASE6_EXTENDED_INFO_SANITY_FAIL"
+ " extended info for lease 2001::1 failed checks"
+ " (in peer [relay#0] a problem was found:"
+ " Failed to convert string to address 'foo':"
+ " Invalid argument)" });
+}
+
+// peer entry which is an IPv4 (vs IPv6) address is dropped by pedantic sanity
+// check level.
+TEST_F(ExtendedInfoChecksTest, notV6Peer) {
+ string description = "peer is v4, pedantic";
+ check6(description,
+ "{ \"ISC\": { \"relay-info\": [ { \"link\": \"2001::2\","
+ " \"peer\": \"192.128.1.1\" } ] } }", "",
+ CfgConsistency::EXTENDED_INFO_CHECK_PEDANTIC,
+ { "DHCPSRV_LEASE6_EXTENDED_INFO_SANITY_FAIL"
+ " extended info for lease 2001::1 failed checks"
+ " (in peer [relay#0] a problem was found:"
+ " peer is not an IPv6 address)" });
+}
+
+// Pedantic requires a hop entry.
+TEST_F(ExtendedInfoChecksTest, noHop) {
+ string description = "no hop, pedantic";
+ check6(description,
+ "{ \"ISC\": { \"relay-info\": [ { \"link\": \"2001::2\","
+ " \"peer\": \"2001::3\" } ] } }", "",
+ CfgConsistency::EXTENDED_INFO_CHECK_PEDANTIC,
+ { "DHCPSRV_LEASE6_EXTENDED_INFO_SANITY_FAIL"
+ " extended info for lease 2001::1 failed checks"
+ " (in hop [relay#0] a problem was found:"
+ " no hop)" });
+}
+
+// hop entry with bad type is dropped by pedantic sanity check level.
+TEST_F(ExtendedInfoChecksTest, badTypeHop) {
+ string description = "hop is not an integer pedantic";
+ check6(description,
+ "{ \"ISC\": { \"relay-info\": [ { \"link\": \"2001::2\","
+ " \"peer\": \"2001::3\", \"hop\": false } ] } }", "",
+ CfgConsistency::EXTENDED_INFO_CHECK_PEDANTIC,
+ { "DHCPSRV_LEASE6_EXTENDED_INFO_SANITY_FAIL"
+ " extended info for lease 2001::1 failed checks"
+ " (in hop [relay#0] a problem was found:"
+ " hop is not an integer)" });
+}
+
+// Valid relay.
+TEST_F(ExtendedInfoChecksTest, valid6Pedantic) {
+ string description = "valid, pedantic";
+ check6(description,
+ "{ \"ISC\": { \"relay-info\": [ { \"link\": \"2001::2\","
+ " \"peer\": \"2001::3\", \"hop\": 10 } ] } }",
+ "{ \"ISC\": { \"relay-info\": [ { \"link\": \"2001::2\","
+ " \"peer\": \"2001::3\", \"hop\": 10 } ] } }",
+ CfgConsistency::EXTENDED_INFO_CHECK_PEDANTIC);
+}
+
+// Junk entries are dropped at the pedantic level.
+TEST_F(ExtendedInfoChecksTest, junk6pedantic) {
+ string description = "junk entry, pedantic";
+ check6(description,
+ "{ \"ISC\": { \"relay-info\": [ { \"link\": \"2001::2\","
+ " \"peer\": \"2001::3\", \"hop\": 10, \"foo\": 1 } ] } }", "",
+ CfgConsistency::EXTENDED_INFO_CHECK_PEDANTIC,
+ { "DHCPSRV_LEASE6_EXTENDED_INFO_SANITY_FAIL"
+ " extended info for lease 2001::1 failed checks"
+ " (in relay-info [relay#0] a problem was found:"
+ " spurious 'foo' entry)" });
+}
+
+// Same with relays post upgrade checks.
+TEST_F(ExtendedInfoChecksTest, junkRelayspedantic) {
+ string description = "junk entry, pedantic";
+ check6(description,
+ "{ \"ISC\": { \"relays\": [ { \"link\": \"2001::2\","
+ " \"peer\": \"2001::3\", \"hop\": 10, \"foo\": 1 } ] } }", "",
+ CfgConsistency::EXTENDED_INFO_CHECK_PEDANTIC,
+ { "DHCPSRV_LEASE6_EXTENDED_INFO_SANITY_FAIL"
+ " extended info for lease 2001::1 failed checks"
+ " (in relays [relay#0] a problem was found:"
+ " spurious 'foo' entry)" });
+}
projects / thirdparty / kea.git / commitdiff
