Kea may be configured to use a database as storage for leases or as a
source of servers' configurations and host reservations (i.e. static
assignments of addresses, prefixes, options, etc.). Kea
-updates introduce changes to the database schemas to faciliate new
+updates introduce changes to the database schemas to facilitate new
features and correct discovered issues with the existing schemas.
A given version of Kea expects a particular structure in the backend and
Do not do this if the tables were created in Step 4. ``kea-admin``
implements rudimentary checks; it will refuse to initialize a database
that contains any existing tables. To start from scratch,
-all must be removed data manually. (This process is a manual operation
+all data must be removed manually. (This process is a manual operation
on purpose, to avoid possibly irretrievable mistakes by ``kea-admin``.)
.. _mysql-upgrade:
within the shared network to use different relay addresses, this will almost
always lead to a different behavior than what the user would expect. In this
case, the Kea server will initially select one of the subnets by matching
-the relay address in the client's packet with the subnet's conifguration.
+the relay address in the client's packet with the subnet's configuration.
However, it MAY end up using the other subnet (even though it does not match
the relay address) if the client already has a lease in this subnet, has a
host reservation in this subnet or simply the initially selected subnet has no
within the shared network to use different relay addresses, this will almost
always lead to a different behavior than what the user would expect. In this
case, the Kea server will initially select one of the subnets by matching
-the relay address in the client's packet with the subnet's conifguration.
+the relay address in the client's packet with the subnet's configuration.
However, it MAY end up using the other subnet (even though it does not match
the relay address) if the client already has a lease in this subnet, has a
host reservation in this subnet or simply the initially selected subnet has no
cryptographic functions. It is preferable to use OpenSSL (see below).
- ``--with-openssl``
- Replace Botan by the OpenSSL the cryptographic library. By default
+ Replace Botan by the OpenSSL cryptographic library. By default
``configure`` searches for a valid Botan installation. If one is not
found, it searches for OpenSSL. Normally this is not necessary.
- ``--with-site-packages``
Only useful when ``kea-shell`` is enabled. It causes the kea-shell
- python packages to be installed in specified directory. This is
+ python packages to be installed in the specified directory. This is
mostly useful for Debian related distros. While most systems store
python packages in ${prefix}/usr/lib/pythonX/site-packages, Debian
introduced separate directory for packages installed from DEB. Such
is to not build it.
- ``--with-freeradius``
- Build the optional ``RADIUS`` hook. This option specifies path to the
+ Build the optional ``RADIUS`` hook. This option specifies the path to the
patched version of FreeRADIUS client. Available in subscriber only version.
- This option requires subscription-only RADIUS hook.
+ This option requires the subscription-only RADIUS hook.
- ``--with-freeradius-dictionary``
Specify a non-standard location for a FreeRADIUS dictionary file. That
.. note::
- An alternative approach to running Kea with root privileges is to configure Kea to use
- non-privileged ports (i.e. those greater than 1024) and redirect traffic. Note that this
- only works for relayed traffic. Furthermore, we consider it experimental and untested in
- production environments. Use it only after careful consideration.
+ An alternative approach to avoiding running Kea with root privileges assumes instructing Kea to
+ use non-privileged (greater than 1024) posts and redirecting traffic. This, however, will work
+ only for relayed traffic. This approach in general is considered experimental and not tested
+ enough for deployment in production environments. Use with caution!
To use this approach, configure the server to listen on other non-privileged ports (e.g. 1547
and 1548) by running the process with ``-p`` option in ``/etc/systemd/system/kea-dhcp4.service``:
Kea using native packages.
1. Go to `Kea on cloudsmith.io <https://cloudsmith.io/~isc/repos/>`__
- and choose Kea version and enter repository.
+ and choose Kea version and enter the repository.
2. Use ``Set Me Up`` and follow instructions to add repository
on your system.
projects / thirdparty / kea.git / commitdiff
