[c2ab6f4] | 1 | <?xml version="1.0" encoding="ISO-8859-1"?>
|
---|
| 2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
---|
| 3 | "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
---|
| 4 | <!ENTITY % general-entities SYSTEM "../../general.ent">
|
---|
| 5 | %general-entities;
|
---|
| 6 |
|
---|
| 7 | <!ENTITY kea-download-http "https://downloads.isc.org/isc/kea/&kea-dhcp-version;/kea-&kea-dhcp-version;.tar.gz">
|
---|
[e1e58be] | 8 | <!ENTITY kea-download-ftp " ">
|
---|
[4cea957] | 9 | <!ENTITY kea-md5sum "ad23d02b3ce0475eb077da05b0ae2429">
|
---|
| 10 | <!ENTITY kea-size "10 MB">
|
---|
| 11 | <!ENTITY kea-buildsize "1.5 GB (332 MB installed; add 4 GB for tests)">
|
---|
| 12 | <!ENTITY kea-time "4.1 SBU (with parallelism=4; add 12 SBU for tests)">
|
---|
[3b98d805] | 13 | <!ENTITY kea-arm-vers "&kea-dhcp-version;">
|
---|
[c2ab6f4] | 14 | ]>
|
---|
| 15 |
|
---|
[39aed8fc] | 16 | <sect1 id="kea" xreflabel="Kea-&kea-dhcp-version; DHCP Server">
|
---|
[c2ab6f4] | 17 | <?dbhtml filename="kea.html"?>
|
---|
| 18 |
|
---|
[39aed8fc] | 19 | <title>Kea &kea-dhcp-version; DHCP Server</title>
|
---|
[c2ab6f4] | 20 |
|
---|
| 21 | <indexterm zone="kea">
|
---|
[39aed8fc] | 22 | <primary sortas="a-KEA">Kea DHCP Server</primary>
|
---|
[c2ab6f4] | 23 | </indexterm>
|
---|
| 24 |
|
---|
| 25 | <sect2 role="package">
|
---|
[39aed8fc] | 26 | <title>Introduction to ISC Kea DHCP Server</title>
|
---|
[c2ab6f4] | 27 |
|
---|
| 28 | <para>
|
---|
[ead10d5] | 29 | The <application>ISC Kea</application> package contains the
|
---|
[c2ab6f4] | 30 | server programs for DHCP. It is the successor of the
|
---|
[194d47b] | 31 | old ISC DHCP server which is end-of-life since December 2022.
|
---|
[c2ab6f4] | 32 | </para>
|
---|
| 33 |
|
---|
[0f76bd9] | 34 | &lfs120_checked;
|
---|
[c2ab6f4] | 35 |
|
---|
| 36 | <bridgehead renderas="sect3">Package Information</bridgehead>
|
---|
| 37 | <itemizedlist spacing="compact">
|
---|
| 38 | <listitem>
|
---|
| 39 | <para>
|
---|
| 40 | Download (HTTP): <ulink url="&kea-download-http;"/>
|
---|
| 41 | </para>
|
---|
| 42 | </listitem>
|
---|
| 43 | <listitem>
|
---|
| 44 | <para>
|
---|
| 45 | Download (FTP): <ulink url="&kea-download-ftp;"/>
|
---|
| 46 | </para>
|
---|
| 47 | </listitem>
|
---|
| 48 | <listitem>
|
---|
| 49 | <para>
|
---|
| 50 | Download MD5 sum: &kea-md5sum;
|
---|
| 51 | </para>
|
---|
| 52 | </listitem>
|
---|
| 53 | <listitem>
|
---|
| 54 | <para>
|
---|
| 55 | Download size: &kea-size;
|
---|
| 56 | </para>
|
---|
| 57 | </listitem>
|
---|
| 58 | <listitem>
|
---|
| 59 | <para>
|
---|
| 60 | Estimated disk space required: &kea-buildsize;
|
---|
| 61 | </para>
|
---|
| 62 | </listitem>
|
---|
| 63 | <listitem>
|
---|
| 64 | <para>
|
---|
| 65 | Estimated build time: &kea-time;
|
---|
| 66 | </para>
|
---|
| 67 | </listitem>
|
---|
| 68 | </itemizedlist>
|
---|
| 69 |
|
---|
| 70 | <bridgehead renderas="sect3">Kea Dependencies</bridgehead>
|
---|
| 71 |
|
---|
| 72 | <bridgehead renderas="sect4">Required</bridgehead>
|
---|
| 73 | <para role="required">
|
---|
[39aed8fc] | 74 | <xref linkend="boost"/> and
|
---|
[c2ab6f4] | 75 | <xref linkend="log4cplus"/>
|
---|
| 76 | </para>
|
---|
[ead10d5] | 77 |
|
---|
[4df5695d] | 78 | <bridgehead renderas="sect4">Optional</bridgehead>
|
---|
[0d3cd5d] | 79 | <para role="optional">
|
---|
[4cea957] | 80 | <xref linkend="mitkrb"/>,
|
---|
| 81 | <xref linkend="valgrind"/>; for documentation:
|
---|
[0d3cd5d] | 82 | <xref linkend="doxygen"/>,
|
---|
[39aed8fc] | 83 | <xref linkend="graphviz"/>, and
|
---|
[4cea957] | 84 | <xref linkend="sphinx_rtd_theme"/>; for tests:
|
---|
| 85 | <ulink url="https://google.github.io/googletest/">GoogleTest</ulink>
|
---|
[0d3cd5d] | 86 | </para>
|
---|
| 87 |
|
---|
| 88 | <bridgehead renderas="sect4">Optional database backends</bridgehead>
|
---|
| 89 | <para role="optional">
|
---|
[39aed8fc] | 90 | <xref linkend="mariadb"/> or <ulink url="https://www.mysql.com/">MySQL</ulink>, and
|
---|
[0d3cd5d] | 91 | <xref linkend="postgresql"/>
|
---|
| 92 | </para>
|
---|
[4df5695d] | 93 | <!--
|
---|
| 94 | <para condition="html" role="usernotes">Editor Notes:
|
---|
[c2ab6f4] | 95 | <ulink url="&blfs-wiki;/kea"/>
|
---|
| 96 | </para>
|
---|
[4df5695d] | 97 | -->
|
---|
[c2ab6f4] | 98 | </sect2>
|
---|
| 99 |
|
---|
| 100 | <sect2 role="kernel" id="kea-dhcp-kernel">
|
---|
| 101 | <title>Kernel Configuration</title>
|
---|
| 102 |
|
---|
| 103 | <para>
|
---|
| 104 | You must have Packet Socket support. IPv6 support is optional.
|
---|
| 105 | </para>
|
---|
| 106 |
|
---|
[0add366] | 107 | <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
|
---|
| 108 | href="kea-kernel.xml"/>
|
---|
| 109 |
|
---|
[c2ab6f4] | 110 | <indexterm zone="kea kea-dhcp-kernel">
|
---|
[eb0031c] | 111 | <primary sortas="d-KEA">Kea</primary>
|
---|
[c2ab6f4] | 112 | </indexterm>
|
---|
| 113 |
|
---|
| 114 | </sect2>
|
---|
| 115 |
|
---|
| 116 | <sect2 role="installation">
|
---|
[39aed8fc] | 117 | <title>Installation of ISC Kea DHCP Server</title>
|
---|
[c2ab6f4] | 118 |
|
---|
[4cea957] | 119 | <para>
|
---|
| 120 | First fix detection of Python-3.12 by the build system:
|
---|
| 121 | </para>
|
---|
| 122 |
|
---|
| 123 | <screen><userinput>sed -e 's/:3/:4/' \
|
---|
| 124 | -i configure</userinput></screen>
|
---|
| 125 |
|
---|
| 126 | <para>
|
---|
| 127 | Remove one installation step that uses an obsolete python module:
|
---|
| 128 | </para>
|
---|
| 129 |
|
---|
| 130 | <screen><userinput>sed -e '/dlist="/d' \
|
---|
| 131 | -i src/bin/shell/Makefile.in</userinput></screen>
|
---|
| 132 |
|
---|
[c2ab6f4] | 133 | <para>
|
---|
[39aed8fc] | 134 | Install <application>ISC Kea DHCP Server</application> by running
|
---|
[c2ab6f4] | 135 | the following commands:
|
---|
| 136 | </para>
|
---|
| 137 |
|
---|
| 138 | <screen><userinput>./configure --prefix=/usr \
|
---|
| 139 | --sysconfdir=/etc \
|
---|
| 140 | --localstatedir=/var \
|
---|
| 141 | --enable-shell \
|
---|
[0dcde6e] | 142 | --with-openssl \
|
---|
[68dfef54] | 143 | --disable-static \
|
---|
| 144 | --docdir=/usr/share/doc/kea-&kea-dhcp-version; &&
|
---|
[c2ab6f4] | 145 | make</userinput></screen>
|
---|
| 146 |
|
---|
| 147 | <para>
|
---|
[4cea957] | 148 | To test the results, you must have installed GoogleTest and kept
|
---|
| 149 | its source. You should also have passed
|
---|
| 150 | <option>--with-gtest-source=/path/to/googletest/sourcedir</option> to
|
---|
| 151 | <command>configure</command> above. Run the tests with
|
---|
| 152 | <command>make check</command>. Three tests in the TLSTest suite are
|
---|
| 153 | known to fail.
|
---|
[c2ab6f4] | 154 | </para>
|
---|
| 155 |
|
---|
| 156 | <para>
|
---|
[39aed8fc] | 157 | To install the <application>ISC Kea DHCP Server</application> suite,
|
---|
[c2ab6f4] | 158 | issue the following commands as the
|
---|
| 159 | <systemitem class="username">root</systemitem> user:
|
---|
| 160 | </para>
|
---|
| 161 |
|
---|
[4d418ccd] | 162 | <screen role="root"><userinput>make -j1 install</userinput></screen>
|
---|
[c2ab6f4] | 163 |
|
---|
| 164 | </sect2>
|
---|
| 165 |
|
---|
[4d418ccd] | 166 | <sect2 role="commands">
|
---|
| 167 | <title>Command Explanations</title>
|
---|
| 168 |
|
---|
| 169 | <para>
|
---|
[4cea957] | 170 | <parameter>--enable-shell</parameter>: Allows building
|
---|
| 171 | <command>kea-shell</command>, a command line interface for
|
---|
| 172 | the control agent.
|
---|
| 173 | </para>
|
---|
| 174 |
|
---|
| 175 | <para>
|
---|
| 176 | <parameter>--with-openssl</parameter>: Allows using OpenSSL for
|
---|
| 177 | communicating with the control-agent and for DNS updates.
|
---|
| 178 | </para>
|
---|
| 179 |
|
---|
| 180 | <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
|
---|
| 181 | href="../../xincludes/static-libraries.xml"/>
|
---|
| 182 |
|
---|
| 183 | <para>
|
---|
| 184 | <option>--with-pgsql</option> or <option>--with-mysql</option>:
|
---|
[0d3cd5d] | 185 | <application>ISC Kea</application> can store the leases on a
|
---|
| 186 | database. This might be useful in large environments running
|
---|
| 187 | a cluster of DHCP servers. Using the <emphasis>memfile</emphasis>
|
---|
| 188 | backend (which is a CSV file stored locally) is possible anyhow.
|
---|
| 189 | </para>
|
---|
| 190 |
|
---|
[baf6d5a0] | 191 | <para>
|
---|
[4cea957] | 192 | <option>--enable-generate-docs</option>:
|
---|
[baf6d5a0] | 193 | If documentation is to be rebuilt, add that option. Several
|
---|
| 194 | dependencies must be installed for generating the documentation.
|
---|
| 195 | </para>
|
---|
| 196 |
|
---|
[0d3cd5d] | 197 | <para>
|
---|
[4cea957] | 198 | <command>make -j1 install</command>: ISC does not recommend
|
---|
[0d3cd5d] | 199 | any form of parallel or job server options when doing the install.
|
---|
[4d418ccd] | 200 | </para>
|
---|
| 201 |
|
---|
| 202 | </sect2>
|
---|
[ead10d5] | 203 |
|
---|
[c2ab6f4] | 204 | <sect2 role="configuration">
|
---|
[39aed8fc] | 205 | <title>Configuring ISC Kea DHCP Server</title>
|
---|
[c2ab6f4] | 206 |
|
---|
[c320d40] | 207 | <para>
|
---|
| 208 | The support of IPv4, IPv6 and DDNS has been split into
|
---|
| 209 | separate servers which runs independently from each other. Each
|
---|
| 210 | of them has its own configuration file.<phrase revision="sysv">
|
---|
| 211 | Additional configuration files come from the keactrl agent which
|
---|
| 212 | is used to control the servers in an easy way.</phrase>
|
---|
| 213 | </para>
|
---|
| 214 |
|
---|
| 215 | <para>
|
---|
| 216 | Consult the <ulink
|
---|
| 217 | url="https://kea.readthedocs.io/en/kea-&kea-arm-vers;/">
|
---|
| 218 | Kea Administrator Reference Manual</ulink>
|
---|
| 219 | for detailed information about the configuration of
|
---|
| 220 | <application>ISC Kea</application> as it is a quite capable system.
|
---|
| 221 | The configuration shown below is a bare minimum to get a DHCP server
|
---|
| 222 | running but it already includes configuration for DDNS (Dynamic DNS).
|
---|
| 223 | That setup might be working for small networks with a few clients and
|
---|
| 224 | low traffic. For greater installations with thousands of clients,
|
---|
| 225 | <application>ISC Kea</application> can be configured to use databases
|
---|
| 226 | (mariadb or postgresql) to store the leases and build a cluster with
|
---|
| 227 | multiple nodes. It can be integrated to
|
---|
| 228 | <ulink url="https://www.isc.org/categories/stork/">ISC Stork</ulink>
|
---|
| 229 | which is a management dashboard to <application>ISC Kea</application>.
|
---|
| 230 | </para>
|
---|
[ead10d5] | 231 |
|
---|
[0dcde6e] | 232 | <para>
|
---|
| 233 | If you want to start the DHCP Server at boot, install the
|
---|
| 234 | <phrase revision="sysv"><filename>/etc/rc.d/init.d/kea-dhcpd</filename>
|
---|
| 235 | init script</phrase>
|
---|
| 236 | <phrase revision="systemd"><filename>kea-dhcpd.service</filename>
|
---|
| 237 | unit</phrase> included in the
|
---|
| 238 | <xref linkend="bootscripts" revision="sysv"/>
|
---|
| 239 | <xref linkend="systemd-units" revision="systemd"/>
|
---|
| 240 | package:
|
---|
| 241 | </para>
|
---|
| 242 |
|
---|
| 243 | <screen role="root"><userinput>make install-kea-dhcpd</userinput></screen>
|
---|
| 244 |
|
---|
[c2ab6f4] | 245 | <sect3 id="kea-dhcp-config">
|
---|
| 246 | <title>Config Files</title>
|
---|
| 247 |
|
---|
| 248 | <para>
|
---|
[c320d40] | 249 | <phrase revision="sysv">
|
---|
| 250 | <filename>/etc/kea/keactrl.conf</filename>,
|
---|
| 251 | </phrase>
|
---|
[c2ab6f4] | 252 | <filename>/etc/kea/kea-ctrl-agent.conf</filename>,
|
---|
| 253 | <filename>/etc/kea/kea-dhcp4.conf</filename>,
|
---|
[c320d40] | 254 | <filename>/etc/kea/kea-dhcp6.conf</filename>, and
|
---|
[c2ab6f4] | 255 | <filename>/etc/kea/kea-dhcp-ddns.conf</filename>
|
---|
| 256 | </para>
|
---|
[4d418ccd] | 257 |
|
---|
[c320d40] | 258 | <indexterm zone="kea keactrl-config" revision="sysv">
|
---|
[c2ab6f4] | 259 | <primary sortas="e-etc-kea-keactrl.conf">/etc/kea/keactrl.conf</primary>
|
---|
| 260 | </indexterm>
|
---|
[0dcde6e] | 261 |
|
---|
[c2ab6f4] | 262 | <indexterm zone="kea kea-ctrl-agent-config">
|
---|
| 263 | <primary sortas="e-etc-kea-kea-ctrl-agent.conf">/etc/kea/kea-ctrl-agent.conf</primary>
|
---|
| 264 | </indexterm>
|
---|
[0dcde6e] | 265 |
|
---|
[c2ab6f4] | 266 | <indexterm zone="kea kea-dhcp4-config">
|
---|
| 267 | <primary sortas="e-etc-kea-dhcp4.conf">/etc/kea/kea-dhcp4.conf</primary>
|
---|
| 268 | </indexterm>
|
---|
[c320d40] | 269 |
|
---|
[c2ab6f4] | 270 | <indexterm zone="kea kea-dhcp6-config">
|
---|
| 271 | <primary sortas="e-etc-kea-dhcp6.conf">/etc/kea/kea-dhcp6.conf</primary>
|
---|
| 272 | </indexterm>
|
---|
[c320d40] | 273 |
|
---|
[c2ab6f4] | 274 | <indexterm zone="kea kea-dhcp-ddns-config">
|
---|
| 275 | <primary sortas="e-etc-kea-dhcp-ddns.conf">/etc/kea/kea-dhcp-ddns.conf</primary>
|
---|
| 276 | </indexterm>
|
---|
| 277 | </sect3>
|
---|
| 278 |
|
---|
[c320d40] | 279 | <sect3 id="keactrl-config" revision="sysv">
|
---|
[c2ab6f4] | 280 | <title>Kea Control Configuration</title>
|
---|
[4d418ccd] | 281 |
|
---|
[c2ab6f4] | 282 | <para><command>keactrl</command> is used to control the
|
---|
[d908ba4] | 283 | independent servers (IPv4, IPv6, DDNS). Its configuration file
|
---|
[c2ab6f4] | 284 | <filename>/etc/kea/keactrl.conf</filename> is installed by
|
---|
| 285 | default and includes many path settings which are defined
|
---|
| 286 | due to the <command>configure</command> at build time. It also
|
---|
| 287 | includes settings to specify which of the servers should be
|
---|
| 288 | started.</para>
|
---|
| 289 |
|
---|
| 290 | <itemizedlist>
|
---|
[0dcde6e] | 291 | <listitem>
|
---|
| 292 | <para>Control Agent</para>
|
---|
| 293 | <para>The Control Agent is a daemon which allows the
|
---|
| 294 | (re)configuration of the Kea DHCP service via REST API.
|
---|
| 295 | Set <literal>ctrl_agent=yes</literal> to start the
|
---|
| 296 | control agent (service providing a REST API), set
|
---|
| 297 | <literal>ctrl_agent=no</literal> in case the control agent
|
---|
| 298 | is not needed.</para>
|
---|
| 299 | </listitem>
|
---|
[c2ab6f4] | 300 | <listitem>
|
---|
| 301 | <para>IPv4 DHCP server</para>
|
---|
[4d418ccd] | 302 | <para>This daemon handles requests for IPv4 addresses.
|
---|
[ead10d5] | 303 | Set <literal>dhcp4=yes</literal> to start it, set
|
---|
[c2ab6f4] | 304 | <literal>dhcp4=no</literal> in case DHCP service for IPv4
|
---|
| 305 | is not wanted.</para>
|
---|
| 306 | </listitem>
|
---|
| 307 | <listitem>
|
---|
| 308 | <para>IPv6 DHCP server</para>
|
---|
[4d418ccd] | 309 | <para>This daemon handles requests for IPv6 addresses.
|
---|
[ead10d5] | 310 | Set <literal>dhcp6=yes</literal> to start it, set
|
---|
[c2ab6f4] | 311 | <literal>dhcp6=no</literal> in case DHCP service for IPv6
|
---|
| 312 | is not wanted.</para>
|
---|
| 313 | </listitem>
|
---|
| 314 | <listitem>
|
---|
| 315 | <para>Dynamic DNS</para>
|
---|
[4d418ccd] | 316 | <para>This daemon is used to update a DNS server dynamically
|
---|
[6886d51] | 317 | when Kea assigns an IP address to a device.
|
---|
[ead10d5] | 318 | Set <literal>dhcp_ddns=yes</literal> to enable it, set
|
---|
[c2ab6f4] | 319 | <literal>dhcp_ddns=no</literal> in case dynamic DNS updates
|
---|
| 320 | are not wanted.</para>
|
---|
| 321 | </listitem>
|
---|
| 322 | </itemizedlist>
|
---|
| 323 |
|
---|
[c320d40] | 324 | <para>
|
---|
| 325 | The Netconf service is not installed because required
|
---|
| 326 | dependencies are not covered by the current BLFS book.
|
---|
| 327 | . </para>
|
---|
[4d418ccd] | 328 |
|
---|
[c320d40] | 329 | <para>
|
---|
| 330 | With the following command, Kea will be configured to
|
---|
| 331 | start the dhcp service for IPv4 and the
|
---|
| 332 | dynamic DNS update, while the control agent and
|
---|
| 333 | the dhcp service for IPv6 remain down. Tweak the command to
|
---|
| 334 | match your needs on started services and execute as the
|
---|
| 335 | &root; user:
|
---|
| 336 | </para>
|
---|
[4d418ccd] | 337 |
|
---|
[746aa49] | 338 | <screen role="root"><userinput>sed -e "s/^dhcp4=.*/dhcp4=yes/" \
|
---|
[4d418ccd] | 339 | -e "s/^dhcp6=.*/dhcp6=no/" \
|
---|
| 340 | -e "s/^dhcp_ddns=.*/dhcp_ddns=yes/" \
|
---|
| 341 | -e "s/^ctrl_agent=.*/ctrl_agent=no/" \
|
---|
| 342 | -i /etc/kea/keactrl.conf
|
---|
| 343 | </userinput></screen>
|
---|
| 344 |
|
---|
[c2ab6f4] | 345 | </sect3>
|
---|
| 346 |
|
---|
[c320d40] | 347 | <sect3 id="kea-sysd-config" revision="systemd">
|
---|
| 348 | <title>Kea Configuration Using Systemd Units</title>
|
---|
| 349 |
|
---|
| 350 | <para>
|
---|
| 351 | Four service units are used to start various daemons
|
---|
| 352 | provided by Kea:
|
---|
| 353 | </para>
|
---|
| 354 |
|
---|
| 355 | <itemizedlist>
|
---|
| 356 | <listitem>
|
---|
| 357 | <para>Control Agent</para>
|
---|
| 358 | <para>
|
---|
| 359 | The Control Agent is a daemon which allows the
|
---|
| 360 | (re)configuration of the Kea DHCP service via REST API.
|
---|
| 361 | Run <command>systemctl enable kea-ctrl-agent</command>
|
---|
| 362 | if this daemon is needed.
|
---|
| 363 | </para>
|
---|
| 364 | </listitem>
|
---|
| 365 | <listitem>
|
---|
| 366 | <para>IPv4 DHCP server</para>
|
---|
| 367 | <para>
|
---|
| 368 | This daemon handles requests for IPv4 addresses.
|
---|
| 369 | Run <command>systemctl enable kea-dhcp4-server</command> to
|
---|
| 370 | have it started by systemd.
|
---|
| 371 | </para>
|
---|
| 372 | </listitem>
|
---|
| 373 | <listitem>
|
---|
| 374 | <para>IPv6 DHCP server</para>
|
---|
| 375 | <para>
|
---|
| 376 | This daemon handles requests for IPv6 addresses.
|
---|
| 377 | Run <command>systemctl enable kea-dhcp6-server</command> to
|
---|
| 378 | have it started by systemd.
|
---|
| 379 | </para>
|
---|
| 380 | </listitem>
|
---|
| 381 | <listitem>
|
---|
| 382 | <para>Dynamic DNS</para>
|
---|
| 383 | <para>
|
---|
| 384 | This daemon is used to update a DNS server dynamically
|
---|
| 385 | when Kea assigns an IP address to a device.
|
---|
| 386 | Run <command>systemctl enable kea-ddns-server</command> to
|
---|
| 387 | have it started by systemd.
|
---|
| 388 | </para>
|
---|
| 389 | </listitem>
|
---|
| 390 | </itemizedlist>
|
---|
| 391 |
|
---|
| 392 | <para>The Netconf service is not installed because required
|
---|
| 393 | dependencies are not covered by the current BLFS book.</para>
|
---|
| 394 |
|
---|
| 395 | </sect3>
|
---|
| 396 |
|
---|
[0dcde6e] | 397 | <sect3 id="kea-ctrl-agent-config">
|
---|
| 398 | <title>Control Agent Configuration</title>
|
---|
[ead10d5] | 399 |
|
---|
| 400 | <para>
|
---|
[0dcde6e] | 401 | The provided configuration could be used without changes
|
---|
[4cea957] | 402 | but in BLFS, objects like sockets are stored in
|
---|
[0dcde6e] | 403 | <filename class="directory">/run</filename>
|
---|
| 404 | rather than in
|
---|
| 405 | <filename class="directory">/tmp</filename>.
|
---|
[ead10d5] | 406 | </para>
|
---|
| 407 |
|
---|
[4df5695d] | 408 | <screen role="nodump"><userinput>cat > /etc/kea/kea-ctrl-agent.conf << "EOF"
|
---|
[0dcde6e] | 409 | <literal>// Begin /etc/kea/kea-ctrl-agent.conf
|
---|
| 410 | {
|
---|
| 411 | // This is a basic configuration for the Kea Control Agent.
|
---|
| 412 | // RESTful interface to be available at http://127.0.0.1:8000/
|
---|
| 413 | "Control-agent": {
|
---|
| 414 | "http-host": "127.0.0.1",
|
---|
| 415 | "http-port": 8000,
|
---|
| 416 | "control-sockets": {
|
---|
| 417 | "dhcp4": {
|
---|
| 418 | "socket-type": "unix",
|
---|
| 419 | "socket-name": "/run/kea4-ctrl-socket"
|
---|
| 420 | },
|
---|
| 421 | "dhcp6": {
|
---|
| 422 | "socket-type": "unix",
|
---|
| 423 | "socket-name": "/run/kea6-ctrl-socket"
|
---|
| 424 | },
|
---|
| 425 | "d2": {
|
---|
| 426 | "socket-type": "unix",
|
---|
| 427 | "socket-name": "/run/kea-ddns-ctrl-socket"
|
---|
| 428 | }
|
---|
| 429 | },
|
---|
| 430 |
|
---|
| 431 | "loggers": [
|
---|
| 432 | {
|
---|
| 433 | "name": "kea-ctrl-agent",
|
---|
| 434 | "output_options": [
|
---|
| 435 | {
|
---|
[b6a9cf77] | 436 | "output": "/var/log/kea-ctrl-agent.log",
|
---|
[0dcde6e] | 437 | "pattern": "%D{%Y-%m-%d %H:%M:%S.%q} %-5p %m\n"
|
---|
| 438 | }
|
---|
| 439 | ],
|
---|
| 440 | "severity": "INFO",
|
---|
| 441 | "debuglevel": 0
|
---|
| 442 | }
|
---|
| 443 | ]
|
---|
| 444 | }
|
---|
| 445 | }
|
---|
| 446 | // End /etc/kea/kea-ctrl-agent.conf</literal>
|
---|
| 447 | EOF</userinput></screen>
|
---|
| 448 |
|
---|
| 449 | </sect3>
|
---|
| 450 |
|
---|
| 451 | <sect3 id="kea-dhcp4-config">
|
---|
| 452 | <title>IPv4 DHCP Server Configuration</title>
|
---|
[c2ab6f4] | 453 |
|
---|
| 454 | <para>
|
---|
[5571805] | 455 | A sample configuration file is created in <filename>/etc/kea/kea-dhcp4.conf</filename>.
|
---|
[4cea957] | 456 | Adjust the file to suit your needs or overwrite it by running
|
---|
| 457 | the following command as the &root; user (you'll need to edit this
|
---|
| 458 | file anyway: at least the <emphasis>interfaces</emphasis> field,
|
---|
| 459 | the <emphasis>ddns-qualifying-suffix</emphasis> field, and almost
|
---|
| 460 | all the fields in <emphasis>Subnet4</emphasis>:
|
---|
[c2ab6f4] | 461 | </para>
|
---|
| 462 |
|
---|
[4df5695d] | 463 | <screen role="nodump"><userinput>cat > /etc/kea/kea-dhcp4.conf << "EOF"
|
---|
[5571805] | 464 | <literal>// Begin /etc/kea/kea-dhcp4.conf
|
---|
[4d418ccd] | 465 | {
|
---|
[0d3cd5d] | 466 | "Dhcp4": {
|
---|
[ead10d5] | 467 | // Add names of your network interfaces to listen on.
|
---|
[c2ab6f4] | 468 | "interfaces-config": {
|
---|
[0d3cd5d] | 469 | "interfaces": [ "eth0", "eth2" ]
|
---|
[c2ab6f4] | 470 | },
|
---|
[ead10d5] | 471 |
|
---|
[c2ab6f4] | 472 | "control-socket": {
|
---|
[0d3cd5d] | 473 | "socket-type": "unix",
|
---|
[0dcde6e] | 474 | "socket-name": "/run/kea4-ctrl-socket"
|
---|
[c2ab6f4] | 475 | },
|
---|
[ead10d5] | 476 |
|
---|
[c2ab6f4] | 477 | "lease-database": {
|
---|
[0d3cd5d] | 478 | "type": "memfile",
|
---|
| 479 | "lfc-interval": 3600
|
---|
[c2ab6f4] | 480 | },
|
---|
[ead10d5] | 481 |
|
---|
| 482 | "expired-leases-processing": {
|
---|
[0d3cd5d] | 483 | "reclaim-timer-wait-time": 10,
|
---|
| 484 | "flush-reclaimed-timer-wait-time": 25,
|
---|
| 485 | "hold-reclaimed-time": 3600,
|
---|
| 486 | "max-reclaim-leases": 100,
|
---|
| 487 | "max-reclaim-time": 250,
|
---|
| 488 | "unwarned-reclaim-cycles": 5
|
---|
[ead10d5] | 489 | },
|
---|
| 490 |
|
---|
[c2ab6f4] | 491 | "renew-timer": 900,
|
---|
| 492 | "rebind-timer": 1800,
|
---|
| 493 | "valid-lifetime": 3600,
|
---|
[ead10d5] | 494 |
|
---|
| 495 | // Enable DDNS - Kea will dynamically update the DNS
|
---|
| 496 | "ddns-send-updates" : true,
|
---|
| 497 | "ddns-qualifying-suffix": "your.domain.tld",
|
---|
| 498 | "dhcp-ddns" : {
|
---|
[0d3cd5d] | 499 | "enable-updates": true
|
---|
[ead10d5] | 500 | },
|
---|
| 501 |
|
---|
[c2ab6f4] | 502 | "subnet4": [
|
---|
[0d3cd5d] | 503 | {
|
---|
| 504 | "subnet": "192.168.56.0/24",
|
---|
| 505 | "pools": [ { "pool": "192.168.56.16 - 192.168.56.254" } ],
|
---|
| 506 | "option-data": [
|
---|
| 507 | {
|
---|
| 508 | "name": "domain-name",
|
---|
| 509 | "data": "your.domain.tld"
|
---|
| 510 | },
|
---|
| 511 | {
|
---|
| 512 | "name": "domain-name-servers",
|
---|
| 513 | "data": "192.168.56.2, 192.168.3.7"
|
---|
| 514 | },
|
---|
| 515 | {
|
---|
| 516 | "name": "domain-search",
|
---|
| 517 | "data": "your.domain.tld"
|
---|
| 518 | },
|
---|
| 519 | {
|
---|
| 520 | "name": "routers",
|
---|
| 521 | "data": "192.168.56.2"
|
---|
| 522 | }
|
---|
| 523 | ]
|
---|
| 524 | }
|
---|
[ead10d5] | 525 | ],
|
---|
| 526 |
|
---|
| 527 | "loggers": [
|
---|
[0d3cd5d] | 528 | {
|
---|
| 529 | "name": "kea-dhcp4",
|
---|
| 530 | "output_options": [
|
---|
| 531 | {
|
---|
| 532 | "output": "/var/log/kea-dhcp4.log",
|
---|
| 533 | "pattern": "%D{%Y-%m-%d %H:%M:%S.%q} %-5p %m\n"
|
---|
| 534 | }
|
---|
| 535 | ],
|
---|
| 536 | "severity": "INFO",
|
---|
| 537 | "debuglevel": 0
|
---|
| 538 | }
|
---|
[c2ab6f4] | 539 | ]
|
---|
[0d3cd5d] | 540 | }
|
---|
[4d418ccd] | 541 | }
|
---|
[5571805] | 542 | // End /etc/kea/kea-dhcp4.conf</literal>
|
---|
[c2ab6f4] | 543 | EOF</userinput></screen>
|
---|
| 544 |
|
---|
[c320d40] | 545 | </sect3>
|
---|
| 546 |
|
---|
| 547 | <sect3 id="kea-dhcp6-config">
|
---|
| 548 | <title>IPv6 DHCP Server Configuration</title>
|
---|
| 549 |
|
---|
[0d3cd5d] | 550 | <para>
|
---|
| 551 | The configuration for IPv6 is similar to the configuration
|
---|
| 552 | of IPv4. The configuration file is
|
---|
[5571805] | 553 | <filename>/etc/kea/kea-dhcp6.conf</filename>.
|
---|
[0d3cd5d] | 554 | </para>
|
---|
[c2ab6f4] | 555 |
|
---|
[ead10d5] | 556 | </sect3>
|
---|
| 557 |
|
---|
| 558 | <sect3 id="kea-dhcp-ddns-config">
|
---|
| 559 | <title>Dynamic DNS Configuration</title>
|
---|
| 560 |
|
---|
[c2ab6f4] | 561 | <para>
|
---|
[0dcde6e] | 562 | If there is a <xref linkend="bind"/> server running,
|
---|
| 563 | <application>ISC Kea</application> can update the DNS when
|
---|
| 564 | it gives an IP address to a client. A sample configuration
|
---|
| 565 | file is created in <filename>/etc/kea/kea-dhcp-ddns.conf</filename>.
|
---|
[4cea957] | 566 | Adjust the file to suit your needs or overwrite it by running
|
---|
| 567 | the following command as the &root; user:
|
---|
[c2ab6f4] | 568 | </para>
|
---|
| 569 |
|
---|
[ead10d5] | 570 | <screen role="nodump" ><userinput>cat > /etc/kea/kea-dhcp-ddns.conf << "EOF"
|
---|
| 571 | <literal>// Begin /etc/kea/kea-dhcp-ddns.conf
|
---|
| 572 | {
|
---|
[0d3cd5d] | 573 | "DhcpDdns": {
|
---|
[ead10d5] | 574 | "ip-address": "127.0.0.1",
|
---|
| 575 | "port": 53001,
|
---|
| 576 | "control-socket": {
|
---|
[0d3cd5d] | 577 | "socket-type": "unix",
|
---|
[0dcde6e] | 578 | "socket-name": "/run/kea-ddns-ctrl-socket"
|
---|
[ead10d5] | 579 | },
|
---|
| 580 |
|
---|
| 581 | "tsig-keys": [
|
---|
[0d3cd5d] | 582 | {
|
---|
| 583 | "name" : "rndc-key",
|
---|
| 584 | "algorithm" : "hmac-sha256",
|
---|
| 585 | "secret" : "1FU5hD7faYaajQCjSdA54JkTPQxbbPrRnzOKqHcD9cM="
|
---|
| 586 | }
|
---|
[ead10d5] | 587 | ],
|
---|
| 588 |
|
---|
| 589 | "forward-ddns" : {
|
---|
[0d3cd5d] | 590 | "ddns-domains" : [
|
---|
| 591 | {
|
---|
| 592 | "name" : "your.domain.tld.",
|
---|
[da1d238] | 593 | "key-name": "rndc-key",
|
---|
[0d3cd5d] | 594 | "dns-servers" : [
|
---|
[ead10d5] | 595 | {
|
---|
[0d3cd5d] | 596 | "ip-address" : "127.0.0.1",
|
---|
| 597 | "port" : 53
|
---|
[ead10d5] | 598 | }
|
---|
[0d3cd5d] | 599 | ]
|
---|
| 600 | }
|
---|
| 601 | ]
|
---|
[ead10d5] | 602 | },
|
---|
| 603 |
|
---|
| 604 | "reverse-ddns" : {
|
---|
[0d3cd5d] | 605 | "ddns-domains" : [
|
---|
| 606 | {
|
---|
| 607 | "name" : "56.168.192.in-addr.arpa.",
|
---|
[da1d238] | 608 | "key-name": "rndc-key",
|
---|
[0d3cd5d] | 609 | "dns-servers" : [
|
---|
[ead10d5] | 610 | {
|
---|
[0d3cd5d] | 611 | "ip-address" : "127.0.0.1",
|
---|
| 612 | "port" : 53
|
---|
[ead10d5] | 613 | }
|
---|
[0d3cd5d] | 614 | ]
|
---|
| 615 | }
|
---|
| 616 | ]
|
---|
[ead10d5] | 617 | },
|
---|
[c2ab6f4] | 618 |
|
---|
[ead10d5] | 619 | "loggers": [
|
---|
[0d3cd5d] | 620 | {
|
---|
| 621 | "name": "kea-dhcp-ddns",
|
---|
| 622 | "output_options": [
|
---|
| 623 | {
|
---|
[057e7a1] | 624 | "output": "/var/log/kea-ddns.log",
|
---|
[0d3cd5d] | 625 | "pattern": "%D{%Y-%m-%d %H:%M:%S.%q} %-5p %m\n"
|
---|
| 626 | }
|
---|
| 627 | ],
|
---|
| 628 | "severity": "INFO",
|
---|
| 629 | "debuglevel": 0
|
---|
| 630 | }
|
---|
[ead10d5] | 631 | ]
|
---|
[0d3cd5d] | 632 | }
|
---|
[ead10d5] | 633 | }
|
---|
| 634 | // End /etc/kea/kea-dhcp-ddns.conf</literal>
|
---|
| 635 | EOF</userinput></screen>
|
---|
[0d3cd5d] | 636 |
|
---|
| 637 | <note>
|
---|
| 638 | <para>
|
---|
| 639 | The value of <literal>secret</literal> is just an example.
|
---|
| 640 | Generate the key for your installation by using the
|
---|
| 641 | <command>rndc-confgen -a</command> command or the
|
---|
| 642 | <command>tsig-keygen</command> command which both are
|
---|
| 643 | provided by <xref linkend="bind"/>.
|
---|
| 644 | </para>
|
---|
[0dcde6e] | 645 | <para>
|
---|
[4cea957] | 646 | In this example configuration, it is assumed that the DNS server
|
---|
| 647 | runs on the same machine as Kea does (accessible via
|
---|
[0dcde6e] | 648 | <literal>127.0.0.1</literal>) and that this machine has
|
---|
| 649 | the IP <literal>192.168.56.2</literal>.
|
---|
| 650 | </para>
|
---|
[0d3cd5d] | 651 | </note>
|
---|
| 652 |
|
---|
[c2ab6f4] | 653 | </sect3>
|
---|
| 654 |
|
---|
| 655 | </sect2>
|
---|
| 656 |
|
---|
| 657 | <sect2 role="content">
|
---|
| 658 | <title>Contents</title>
|
---|
| 659 |
|
---|
| 660 | <segmentedlist>
|
---|
| 661 | <segtitle>Installed Programs</segtitle>
|
---|
| 662 | <segtitle>Installed Libraries</segtitle>
|
---|
| 663 | <segtitle>Installed Directories</segtitle>
|
---|
| 664 |
|
---|
| 665 | <seglistitem>
|
---|
| 666 | <seg>
|
---|
| 667 | keactrl, kea-admin, kea-ctrl-agent, kea-dhcp4, kea-dhcp6,
|
---|
| 668 | kea-dhcp-ddns, kea-lfc, kea-shell
|
---|
| 669 | </seg>
|
---|
| 670 | <seg>
|
---|
[4cea957] | 671 | libkea-asiodns.so,
|
---|
| 672 | libkea-asiolink.so,
|
---|
| 673 | libkea-cc.so,
|
---|
| 674 | libkea-cgfclient.so,
|
---|
| 675 | libkea-cryptolink.so,
|
---|
| 676 | libkea-d2srv.so,
|
---|
| 677 | libkea-database.so,
|
---|
| 678 | libkea-dhcp_ddns.so,
|
---|
| 679 | libkea-dhcp++.so,
|
---|
| 680 | libkea-dhcpsrv.so,
|
---|
| 681 | libkea-dns++.so,
|
---|
| 682 | libkea-eval.so,
|
---|
| 683 | libkea-exceptions.so,
|
---|
| 684 | libkea-hooks.so,
|
---|
| 685 | libkea-http.so,
|
---|
| 686 | libkea-log.so,
|
---|
| 687 | libkea-process.so,
|
---|
| 688 | libkea-stats.so,
|
---|
| 689 | libkea-tcp.so,
|
---|
| 690 | libkea-util.so, and
|
---|
| 691 | libkea-util-io.so
|
---|
[c2ab6f4] | 692 | </seg>
|
---|
| 693 | <seg>
|
---|
| 694 | /etc/kea,
|
---|
| 695 | /usr/include/kea,
|
---|
[4cea957] | 696 | /usr/lib/kea,
|
---|
| 697 | /usr/lib/python&python3-majorver;/site-packages/kea,
|
---|
| 698 | /usr/share/kea,
|
---|
[1a6caa9c] | 699 | /usr/share/doc/kea-&kea-dhcp-version;, and
|
---|
[c2ab6f4] | 700 | /var/lib/kea
|
---|
| 701 | </seg>
|
---|
| 702 | </seglistitem>
|
---|
| 703 | </segmentedlist>
|
---|
| 704 |
|
---|
| 705 | <variablelist>
|
---|
| 706 | <bridgehead renderas="sect3">Short Descriptions</bridgehead>
|
---|
| 707 | <?dbfo list-presentation="list"?>
|
---|
| 708 | <?dbhtml list-presentation="table"?>
|
---|
| 709 |
|
---|
| 710 | <varlistentry id="keactrl">
|
---|
| 711 | <term><command>keactrl</command></term>
|
---|
| 712 | <listitem>
|
---|
| 713 | <para>
|
---|
[ccbeb94] | 714 | Tool to control (start/stop) the server processes.
|
---|
[c2ab6f4] | 715 | </para>
|
---|
| 716 | <indexterm zone="kea keactrl">
|
---|
| 717 | <primary sortas="b-keactrl">keactrl</primary>
|
---|
| 718 | </indexterm>
|
---|
| 719 | </listitem>
|
---|
| 720 | </varlistentry>
|
---|
[ccbeb94] | 721 | <varlistentry id="kea-admin">
|
---|
| 722 | <term><command>kea-admin</command></term>
|
---|
| 723 | <listitem>
|
---|
| 724 | <para>
|
---|
| 725 | kea-admin is a shell script which offers database maintenance.
|
---|
| 726 | </para>
|
---|
| 727 | <indexterm zone="kea kea-admin">
|
---|
| 728 | <primary sortas="b-kea-admin">kea-admin</primary>
|
---|
| 729 | </indexterm>
|
---|
| 730 | </listitem>
|
---|
| 731 | </varlistentry>
|
---|
| 732 | <varlistentry id="kea-ctrl-agent">
|
---|
| 733 | <term><command>kea-ctrl-agent</command></term>
|
---|
| 734 | <listitem>
|
---|
| 735 | <para>
|
---|
| 736 | Daemon which exposes a RESTful control interface for
|
---|
| 737 | managing Kea servers.
|
---|
| 738 | </para>
|
---|
| 739 | <indexterm zone="kea kea-ctrl-agent">
|
---|
| 740 | <primary sortas="b-kea-ctrl-agent">kea-ctrl-agent</primary>
|
---|
| 741 | </indexterm>
|
---|
| 742 | </listitem>
|
---|
| 743 | </varlistentry>
|
---|
| 744 | <varlistentry id="kea-dhcp4">
|
---|
| 745 | <term><command>kea-dhcp4</command></term>
|
---|
| 746 | <listitem>
|
---|
| 747 | <para>
|
---|
| 748 | The server daemon providing IPv4 addresses.
|
---|
| 749 | </para>
|
---|
| 750 | <indexterm zone="kea kea-dhcp4">
|
---|
| 751 | <primary sortas="b-kea-dhcp4">kea-dhcp4</primary>
|
---|
| 752 | </indexterm>
|
---|
| 753 | </listitem>
|
---|
| 754 | </varlistentry>
|
---|
| 755 | <varlistentry id="kea-dhcp6">
|
---|
| 756 | <term><command>kea-dhcp6</command></term>
|
---|
| 757 | <listitem>
|
---|
| 758 | <para>
|
---|
| 759 | The server daemon providing IPv6 addresses.
|
---|
| 760 | </para>
|
---|
| 761 | <indexterm zone="kea kea-dhcp6">
|
---|
| 762 | <primary sortas="b-kea-dhcp6">kea-dhcp6</primary>
|
---|
| 763 | </indexterm>
|
---|
| 764 | </listitem>
|
---|
| 765 | </varlistentry>
|
---|
| 766 | <varlistentry id="kea-dhcp-ddns">
|
---|
| 767 | <term><command>kea-dhcp-ddns</command></term>
|
---|
| 768 | <listitem>
|
---|
| 769 | <para>
|
---|
| 770 | The server daemon performing the dynamic DNS updates.
|
---|
| 771 | </para>
|
---|
| 772 | <indexterm zone="kea kea-dhcp-ddns">
|
---|
| 773 | <primary sortas="b-kea-dhcp-ddns">kea-dhcp-ddns</primary>
|
---|
| 774 | </indexterm>
|
---|
| 775 | </listitem>
|
---|
| 776 | </varlistentry>
|
---|
| 777 | <varlistentry id="kea-lfc">
|
---|
| 778 | <term><command>kea-lfc</command></term>
|
---|
| 779 | <listitem>
|
---|
| 780 | <para>
|
---|
| 781 | The kea-lfc service process removes redundant information
|
---|
| 782 | from the files used to provide persistent storage for the
|
---|
| 783 | memfile database backend. It is run by the Kea DHCP server.
|
---|
| 784 | </para>
|
---|
| 785 | <indexterm zone="kea kea-lfc">
|
---|
| 786 | <primary sortas="b-kea-lfc">kea-lfc</primary>
|
---|
| 787 | </indexterm>
|
---|
| 788 | </listitem>
|
---|
| 789 | </varlistentry>
|
---|
[0dcde6e] | 790 | <varlistentry id="keashell">
|
---|
| 791 | <term><command>keashell</command></term>
|
---|
| 792 | <listitem>
|
---|
| 793 | <para>
|
---|
| 794 | RESTful client to the <application>ISC Kea</application>
|
---|
| 795 | services.
|
---|
| 796 | </para>
|
---|
| 797 | <indexterm zone="kea keashell">
|
---|
| 798 | <primary sortas="b-keashell">keashell</primary>
|
---|
| 799 | </indexterm>
|
---|
| 800 | </listitem>
|
---|
| 801 | </varlistentry>
|
---|
[c2ab6f4] | 802 |
|
---|
| 803 | </variablelist>
|
---|
| 804 |
|
---|
| 805 | </sect2>
|
---|
| 806 |
|
---|
| 807 | </sect1>
|
---|