From: Marcin Siodelski Date: Wed, 11 Oct 2017 14:07:41 +0000 (+0200) Subject: [5384] Updated Kea User's Guide flex-id library section. X-Git-Tag: trac5391_base^2~4^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7cb9053b024fb195a98742d93a2c50e59e3691d1;p=thirdparty%2Fkea.git [5384] Updated Kea User's Guide flex-id library section. --- diff --git a/doc/guide/hooks.xml b/doc/guide/hooks.xml index bf2db722cf..7c77c39977 100644 --- a/doc/guide/hooks.xml +++ b/doc/guide/hooks.xml @@ -697,7 +697,7 @@ Administrator deleted a lease for a device identified by: duid of 1a:1b:1c:1d:1e client classes and other features. The reservation can be based on hardware address, DUID, circuit-id or client-id in DHCPv4 and using hardware address or DUID in DHCPv6. However, there are sometimes - scenario where the reservation is more complex, e.g. uses other + scenarios where the reservation is more complex, e.g. uses other options that mentioned above, uses part of specific options or perhaps even a combination of several options and fields to uniquely identify a client. Those scenarios are addressed by the Flexible Identifiers @@ -722,14 +722,16 @@ Administrator deleted a lease for a device identified by: duid of 1a:1b:1c:1d:1e The library can be loaded in similar way as other hook libraries. It - takes one mandatory parameter identifier-expression: + takes a mandatory parameter identifier-expression and optional + boolean parameter replace-client-id: "Dhcp6": { "hooks-libraries": [ { "library": "/path/libdhcp_flex_id.so", "parameters": { - "identifier-expression": "expression" + "identifier-expression": "expression", + "replace-client-id": "false" } }, ... @@ -818,6 +820,56 @@ Administrator deleted a lease for a device identified by: duid of 1a:1b:1c:1d:1e ] } + + + When "replace-client-id" is set to false (which is the default setting), + the flex-id hook library uses evaluated flexible identifier solely for + identifying host reservations, i.e. searching for reservations within a + database. This mode of operation has an implication that replacement of + a client device may cause a conflict between an existing lease (allocated + for old device) and the new lease being allocated for the new device. The + conflict arises because the same flexible identifier is computed for the + replaced device and the server will try to allocate the same lease. The + mismatch between client identifiers sent by new device and old device causes + the server to refuse this new allocation until the old lease expires. + + + + The flex-id library offers a way to overcome the problem with lease conflicts + by dynamically replacing client identifier (or DUID in DHCPv6 case) with a + value derived from flexible identifier. The server processes the client's + query as if flexible identifier was sent in the client identifier (or DUID) + option. This guarantees that returning client (for which the same flexible + identifier is evaluated) will be assigned the same lease desplite the client + identifier and/or MAC address change. + + + + The following is a stub configuration that enables this behavior: + +"Dhcp4": { + "hooks-libraries": [ + { + "library": "/path/libdhcp_flex_id.so", + "parameters": { + "identifier-expression": "expression", + "replace-client-id": "true" + } + }, + ... + ] +} + + + + + Note that for this mechanism to take effect, the DHCPv4 server must be configured + to respect the client identifier option value during lease allocation, i.e. + "dhcp4-match-client-id" must be set to true. See + for details. No additional settings + are required for DHCPv6. + +