From: Francis Dupont Date: Mon, 7 Feb 2022 10:29:15 +0000 (+0100) Subject: [#2249] Checkpoint before rebase X-Git-Tag: Kea-2.1.4~41 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5c53953cbe97e05fc4169b75abe2e994fabe5502;p=thirdparty%2Fkea.git [#2249] Checkpoint before rebase --- diff --git a/doc/sphinx/arm/classify.rst b/doc/sphinx/arm/classify.rst index 9ab182ee3b..ed7357433c 100644 --- a/doc/sphinx/arm/classify.rst +++ b/doc/sphinx/arm/classify.rst @@ -34,13 +34,13 @@ ways: - Using a hook. -Client classification can be used to change the -behavior of almost any part of the DHCP message processing. There are -currently five mechanisms that take advantage of client classification: -subnet selection, pool selection, definition of DHCPv4 private (codes -224-254) and code 43 options, assignment of different options, and, for -DHCPv4 cable modems, the setting of specific options for use with the -TFTP server address and the boot file field. +Client classification can be used to change the behavior of almost any +part of the DHCP message processing. There are currently six +mechanisms that take advantage of client classification: dropping +queries, subnet selection, pool selection, definition of DHCPv4 +private (codes 224-254) and code 43 options, assignment of different +options, and, for DHCPv4 cable modems, the setting of specific options +for use with the TFTP server address and the boot file field. The classification process is conducted in several steps: @@ -63,7 +63,13 @@ The classification process is conducted in several steps: dropped and an informational message is logged with the packet information. -6. A subnet is chosen, possibly based on the class information when +6. When the ``early-global-reservations-lookup`` global parameter is + configured to true global reservations are looked for and the 8, 9 + and 10 steps are partially performed: the lookup is limited to + global reservations, if one is found the ``KNOWN`` class is set + but if none is found the ``UNKNOWN`` class is **not** set. + +7. A subnet is chosen, possibly based on the class information when some subnets are reserved. More precisely: when choosing a subnet, the server iterates over all of the subnets that are feasible given the information found in the packet (client address, relay address, @@ -71,36 +77,38 @@ The classification process is conducted in several steps: class associated with it, or has a class which matches one of the packet's classes. -7. The server looks for host reservations. If an identifier from the +8. The server looks for host reservations. If an identifier from the incoming packet matches a host reservation in the subnet or shared network, the packet is associated with the ``KNOWN`` class and all classes of the host reservation. If a reservation is not found, the packet is assigned to the ``UNKNOWN`` class. -8. Classes with matching expressions - directly, or indirectly using the +9. Classes with matching expressions - directly, or indirectly using the ``KNOWN``/``UNKNOWN`` built-in classes and not marked for later evaluation ("on request") - are processed in the order they are defined in the configuration; the boolean expression is evaluated and, if it returns ``true`` (a match), the incoming packet is associated with the class. After a subnet is selected, the server determines whether there is a reservation for a given client. Therefore, it is not - possible to use ``KNOWN``/``UNKNOWN`` classes to select a shared network or - a subnet. + possible to use the ``UNKNOWN`` class to select a shared network or + a subnet, and for using the ``KNOWN`` class only global reservations + can be used and the ``early-global-reservations-lookup`` parameter + must be configured to true -9. When the incoming packet belongs to the special class ``DROP``, it is +10. When the incoming packet belongs to the special class ``DROP``, it is dropped and an informational message is logged with the packet information. Since Kea version 1.9.8, it is permissible to make the ``DROP`` class dependent on the ``KNOWN``/``UNKNOWN`` classes. -10. If needed, addresses and prefixes from pools are assigned, possibly +11. If needed, addresses and prefixes from pools are assigned, possibly based on the class information when some pools are reserved for class members. -11. Classes marked as "required" are evaluated in the order in which +12. Classes marked as "required" are evaluated in the order in which they are listed: first the shared network, then the subnet, and finally the pools that assigned resources belong to. -12. Options are assigned, again possibly based on the class information +13. Options are assigned, again possibly based on the class information in the order that classes were associated with the incoming packet. For DHCPv4 private and code 43 options, this includes option definitions specified within classes. @@ -711,6 +719,13 @@ Classes can be statically assigned to the clients using techniques described in :ref:`reservation4-client-classes` and :ref:`reservation6-client-classes`. +Subnet host reservations are searched after subnet selection. +Global host reservations are searched at the same time by default but +the ``early-global-reservations-lookup`` allows to change this behavior +into searching them before the subnet selection. + +Pool selection is performed after all host reservations lookups. + .. _classification-subnets: Configuring Subnets With Class Information diff --git a/doc/sphinx/arm/dhcp4-srv.rst b/doc/sphinx/arm/dhcp4-srv.rst index daad241942..994cb8872a 100644 --- a/doc/sphinx/arm/dhcp4-srv.rst +++ b/doc/sphinx/arm/dhcp4-srv.rst @@ -2843,6 +2843,17 @@ class list for the packet. The second method specifies an expression that is evaluated for each packet. If the result is ``true``, the packet is a member of the class. +.. note:: + + The new ``early-global-reservations-lookup`` global parameter flag + enables a lookup for global reservations before the subnet selection + phase. This lookup is similar to the general lookup described above + with two differences: + + - the lookup is limited to global host reservations + + - the ``UNKNOWN`` class is never set + .. note:: Care should be taken with client classification, as it is easy for diff --git a/doc/sphinx/arm/dhcp6-srv.rst b/doc/sphinx/arm/dhcp6-srv.rst index 955aa10519..239952b272 100644 --- a/doc/sphinx/arm/dhcp6-srv.rst +++ b/doc/sphinx/arm/dhcp6-srv.rst @@ -2567,6 +2567,17 @@ class list for the packet. The second method specifies an expression that is evaluated for each packet. If the result is ``true``, the packet is a member of the class. +.. note:: + + The new ``early-global-reservations-lookup`` global parameter flag + enables a lookup for global reservations before the subnet selection + phase. This lookup is similar to the general lookup described above + with two differences: + + - the lookup is limited to global host reservations + + - the ``UNKNOWN`` class is never set + .. note:: Care should be taken with client classification, as it is easy for diff --git a/src/bin/dhcp4/dhcp4_hooks.dox b/src/bin/dhcp4/dhcp4_hooks.dox index 940bcbdde4..5d9774e98a 100644 --- a/src/bin/dhcp4/dhcp4_hooks.dox +++ b/src/bin/dhcp4/dhcp4_hooks.dox @@ -1,4 +1,4 @@ -// Copyright (C) 2013-2021 Internet Systems Consortium, Inc. ("ISC") +// Copyright (C) 2013-2022 Internet Systems Consortium, Inc. ("ISC") // // This Source Code Form is subject to the terms of the Mozilla Public // License, v. 2.0. If a copy of the MPL was not distributed with this @@ -160,6 +160,9 @@ to the end of this list. point sets the next step status to value other than NEXT_STEP_CONTINUE, the identifier will not be used. +When the "early-global-reservations-lookup" flag is true this callout is +called before "subnet4_select". + @subsection dhcpv4HooksLeaseSelect lease4_select - @b Arguments: diff --git a/src/bin/dhcp4/json_config_parser.h b/src/bin/dhcp4/json_config_parser.h index bdf51a0b49..34b1419700 100644 --- a/src/bin/dhcp4/json_config_parser.h +++ b/src/bin/dhcp4/json_config_parser.h @@ -52,6 +52,7 @@ class Dhcpv4Srv; /// 2 - commit failed (parsing was successful, but failed to store the /// values in to server's configuration) /// +/// @param server the server object /// @param config_set a new configuration (JSON) for DHCPv4 server /// @param check_only whether this configuration is for testing only /// @return answer that contains result of reconfiguration diff --git a/src/bin/dhcp6/dhcp6_hooks.dox b/src/bin/dhcp6/dhcp6_hooks.dox index d035404311..52c0ef3c4c 100644 --- a/src/bin/dhcp6/dhcp6_hooks.dox +++ b/src/bin/dhcp6/dhcp6_hooks.dox @@ -163,6 +163,9 @@ to the end of this list. point sets the next step status to value other than NEXT_STEP_CONTINUE, the identifier will not be used. +When the "early-global-reservations-lookup" flag is true this callout is +called before "subnet6_select". + @subsection dhcpv6HooksLease6Select lease6_select - @b Arguments: