diff options
author | Andrei Pavel <andrei@isc.org> | 2021-11-18 12:16:51 +0100 |
---|---|---|
committer | Razvan Becheriu <razvan@isc.org> | 2021-11-18 15:12:36 +0100 |
commit | fc2d6c191af034224cb39e9323890f9a9dd30cda (patch) | |
tree | 27bdb4ffd7321e9fb886fa7fc1f5e1db6a4e3a50 /doc/examples/kea6 | |
parent | [#2136] lint newly added YANG nodes (diff) | |
download | kea-fc2d6c191af034224cb39e9323890f9a9dd30cda.tar.xz kea-fc2d6c191af034224cb39e9323890f9a9dd30cda.zip |
[#2136] update all-keys-netconf.json and remove all-keys.json from tests
Diffstat (limited to 'doc/examples/kea6')
-rw-r--r-- | doc/examples/kea6/all-keys-netconf.json | 391 |
1 files changed, 331 insertions, 60 deletions
diff --git a/doc/examples/kea6/all-keys-netconf.json b/doc/examples/kea6/all-keys-netconf.json index 4382bdbc93..f55512cbce 100644 --- a/doc/examples/kea6/all-keys-netconf.json +++ b/doc/examples/kea6/all-keys-netconf.json @@ -22,7 +22,25 @@ // Class selection expression. The DHCP packet is assigned to this // class when the given expression evaluates to true. - "test": "member('HA_server1')" + "test": "member('HA_server1')", + + // Class valid lifetime. + "valid-lifetime": 6000, + + // Class min valid lifetime. + "min-valid-lifetime": 4000, + + // Class max valid lifetime. + "max-valid-lifetime": 8000, + + // Class preferred lifetime. + "preferred-lifetime": 7000, + + // Class min preferred lifetime. + "min-preferred-lifetime": 5000, + + // Class max preferred lifetime. + "max-preferred-lifetime": 9000 }, { // Second class name. @@ -51,6 +69,14 @@ } ], + // Parameters for triggering behaviors compatible with broken or + // non-compliant clients, relays or other agents + "compatibility": { + // Parse options more leniently where fields can be deduced + // deterministically even if against RFC or common practice. + "lenient-option-parsing": true + }, + // Command control socket configuration parameters for Kea DHCPv6 server. "control-socket": { // Location of the unix domain socket file the DHCPv6 server uses @@ -63,6 +89,65 @@ "socket-type": "unix" }, + // Specifies a prefix to be prepended to the generated Client FQDN. + // It may be specified at the global, shared-network and subnet levels. + "ddns-generated-prefix": "myhost", + + // Boolean flag indicating that server should ignore DHCP client + // wishes to update DNS on its own. With that flag set to true + // the server will send DNS updates for both forward and + // reverse DNS data. The default value is false, which indicates + // that the server will delegate DNS update to the client when + // requested. It may be specified at the global, shared-network + // and subnet levels. + "ddns-override-client-update": false, + + // Boolean flag indicating that the server should override DHCP + // client's wish to not update the DNS. With this parameter + // set to true the server will send DNS update even when + // the client requested no update. It may be specified at the + // global, shared-network and subnet levels. + "ddns-override-no-update": false, + + // Suffix appended to the partial name sent to the DNS. The + // default value is an empty string which indicates that no + // suffix is appended. It may be specified at the global, + // shared-network and subnet levels. + "ddns-qualifying-suffix": "", + + // Enumeration specifying whether the server should honor + // hostname or Client FQDN sent by the client or replace + // this name. The acceptable values are: "never" (use the + // name the client sent), "always" (replace the name the + // client sent), "when-present" (replace the name the client + // sent, but do not generate one when the client didn't sent + // the name), "when-not-present" (generate the name when + // client didn't send one, otherwise leave the name the + // client sent). The default value is "never". It may be + // specified at the global, shared-network and subnet levels. + "ddns-replace-client-name": "never", + + // Boolean flag which enables or disables the DDNS updating. It + // defaults to true. It may be specified at the global, shared- + // network and subnet levels. It works in conjunction with + // dhcp-ddns:enable-updates which must be true to enable connectivity + // to kea-dhcp-ddns. + "ddns-send-updates": true, + + // Boolean flag, which when true instructs the server to always + // update DNS when leases are renewed, even if the DNS information + // has not changed. The server's default behavior (i.e. flag is false) + // is to only update DNS if the DNS information has changed. It + // may be specified at the global, shared-network and subnet levels. + "ddns-update-on-renew": true, + + // Boolean flag, which is passed to kea-dhcp-ddns with each DDNS + // update request to indicate whether or not DNS update conflict + // resolution as described in RFC 4703 should be employed for the + // given update request. The default value for this flag is true. + // It may be specified at the global, shared-network and subnet levels. + "ddns-use-conflict-resolution": true, + // Time in seconds specifying how long a declined lease should be // excluded from DHCP assignments. The default value is 24 hours. "decline-probation-period": 86400, @@ -71,23 +156,11 @@ // NCRs are sent to Kea D2 module to update DNS upon allocation of the // DHCP leases. "dhcp-ddns": { - // Boolean flag indicating if Kea DHCPv6 server must generate NCRs. - // By default NCRs are not generated. + // Boolean flag indicating if Kea DHCPv6 server should connect to + // kea-dhcp-ddns. This must be true for NCRs to be created and + // sent to kea-dhcp-ddns. By default NCRs are not generated. "enable-updates": false, - // Specifies a prefix to be prepended to the generated Client FQDN. - "generated-prefix": "myhost", - - // String of zero or more characters with which to replace each - // invalid character in the hostname or Client FQDN. The default - // value is an empty string which will cause invalid characters - // to be omitted rather than replaced. - "hostname-char-replacement": "x", - - // Regular expression describing the invalid character set in - // the hostname or Client FQDN. - "hostname-char-set": "[^A-Za-z0-9.-]", - // Specifies maximum number of NCRs to queue waiting to be sent // to Kea D2 server. "max-queue-size": 1024, @@ -100,36 +173,6 @@ // only UDP is supported. "ncr-protocol": "UDP", - // Boolean flag indicating that server should ignore DHCP client - // wishes to update DNS on its own. With that flag set to true - // the server will send DNS updates for both forward and - // reverse DNS data. The default value is false, which indicates - // that the server will delegate DNS update to the client when - // requested. - "override-client-update": false, - - // Boolean flag indicating that the server should override DHCP - // client's wish to not update the DNS. With this parameter - // set to true the server will send DNS update even when - // the client requested no update. - "override-no-update": false, - - // Suffix appended to the partial name sent to the DNS. The - // default value is an empty string which indicates that no - // suffix is appended. - "qualifying-suffix": "", - - // Enumeration specifying whether the server should honor - // hostname or Client FQDN sent by the client or replace - // this name. The acceptable values are: "never" (use the - // name the client sent), "always" (replace the name the - // client sent), "when-present" (replace the name the client - // sent, but do not generate one when the client didn't sent - // the name), "when-not-present" (generate the name when - // client didn't send one, otherwise leave the name the - // client sent). The default value is "never". - "replace-client-name": "never", - // IP address that Kea DHCPv6 server should use to send // NCRs to D2. Default value of zero indicates that Kea // should pick suitable address. @@ -144,7 +187,20 @@ "server-ip": "::1", // Port number on which D2 listens for NCRs. - "server-port": 53001 + "server-port": 53001, + + // The follow parameters are DEPRECATED. They have been + // replaced with parameters that may be set at the global, + // shared-network, and subnet6 scopes. They are listed here + // as configuration parsing still accepts them. Eventually + // support for them will be removed. + "generated-prefix": "myhost", + "hostname-char-replacement": "x", + "hostname-char-set": "[^A-Za-z0-9.-]", + "override-client-update": false, + "override-no-update": false, + "qualifying-suffix": "", + "replace-client-name": "never" }, // Specifies the first of the two consecutive ports of the UDP @@ -217,7 +273,10 @@ "type": "mysql", // User name to be used to access the database. - "user": "kea" + "user": "kea", + + // Read only mode. + "readonly": false }, { // Name of the database to connect to. @@ -268,7 +327,18 @@ "serial-consistency": "serial", // Connection reconnect wait time. - "reconnect-wait-time": 100, + // This parameter governs how long Kea waits before attempting + // to reconnect. Expressed in milliseconds. The default is 2000 [ms] + // for Casandra and 0 (disabled) for MySQL and PostgreSQL. + "reconnect-wait-time": 3000, + + // Connection maximum reconnect tries. + "max-reconnect-tries": 3, + + // Action to take when connection recovery fails. + // Supported values: stop-retry-exit, serve-retry-exit, + // serve-retry-continue + "on-fail": "stop-retry-exit", // Connection connect timeout. "connect-timeout": 100, @@ -314,6 +384,23 @@ "re-detect": true }, + // Boolean parameter which controls DHCP server's behavior with respect + // to creating host reservations for the same IP address or delegated + // prefix. By default this flag is set to true in which case the server + // prevents creation of multiple host reservations for the same IP address + // or delegated prefix. When this parameter is set to false, the server + // allows for creating multiple reservations for the same IP address or + // delegated prefix within a subnet. This setting is useful in deployments + // in which a given host may be communicating with a DHCP server over + // multiple interfaces and depending on the chosen interface different + // MAC address (or other identifier) will be used to identify the host. + // Note that some host backends do not support the mode in which multiple + // reservations for the same IP address or delegated prefix are used. + // If these backends are in use and this setting is attempted a + // configuration error will occur. The MySQL and PostgreSQL backends do + // support this mode. + "ip-reservations-unique": true, + // Specifies credentials to access lease database. "lease-database": { // memfile backend specific parameter specifying the interval @@ -416,6 +503,18 @@ } ], + // Global value which limits the number of client packets (e.g. + // REQUESTs,RENEWs...) that may be parked while waiting for + // hook library work to complete, prior to a response (e.g. REPLY) + // being sent back to the client. A typical example is when kea-dhcp6 + // parks a REQUEST while it sends the lease update(s) to its + // HA peer(s). The packet is unparked once the update(s) have been + // acknowledged. This value limits the number of packets that can + // be held pending the updates. In times of heavy client traffic, + // this value can keep kea-dhcp6 from building an insurmountable + // backlog of updates. + "parked-packet-limit": 128, + // Global (default) value of the preferred lifetime. "preferred-lifetime": 50, @@ -436,6 +535,37 @@ // DHCP client renews the lease. "renew-timer": 30, + // Global value to store extended information (e.g. relay agent + // information) with each lease. + "store-extended-info": true, + + // Statistics keep some samples per observation point. + // There are two default values: maximum count and maximum age. + // Set the maximum count to zero disables it. + "statistic-default-sample-count": 0, + + // When the maximum count is 0 the maximum age (in seconds) applies. + "statistic-default-sample-age": 60, + + // Multi-threading parameters. + "multi-threading": { + // By default Kea processes packets on a single thread (default + // 'false' value for this option). To enable multi-threading, this + // option can be set ('true' value). + "enable-multi-threading": false, + + // When multi-threading is enabled, Kea will process packets on a + // number of multiple threads configurable through this option. The + // value must be a positive integer (0 means auto detect). + "thread-pool-size": 0, + + // When multi-threading is enabled, Kea will read packets from the + // interface and append a working item to the thread pool. This + // option configures the maximum number of items that can be queued. + // The value must be a positive integer (0 means unlimited). + "packet-queue-size": 0 + }, + // Governs how the Kea DHCPv6 server should deal with the invalid // data received from the client. "sanity-checks": { @@ -476,6 +606,36 @@ // empty string is provided, no restriction is applied. "client-class": "", + // Shared network level value. See description at the global level. + "ddns-generated-prefix": "myhost", + + // Shared network level value. See description at the global level. + "ddns-override-client-update": false, + + // Shared network level value. See description at the global level. + "ddns-override-no-update": false, + + // Shared network level value. See description at the global level. + "ddns-qualifying-suffix": "", + + // Shared network level value. See description at the global level. + "ddns-replace-client-name": "never", + + // Shared network level value. See description at the global level. + "ddns-send-updates": true, + + // Shared network level value. See description at the global level. + "ddns-update-on-renew": true, + + // Shared network level value. See description at the global level. + "ddns-use-conflict-resolution": true, + + // Shared network level value. See description at the global level. + "hostname-char-replacement": "x", + + // Shared network level value. See description at the global level. + "hostname-char-set": "[^A-Za-z0-9.-]", + // Specifies that this shared network is selected for the // requests received on the particular interface. "interface": "ethX", @@ -526,14 +686,41 @@ // T2 = valid lifetime * .75. "t2-percent": .75, + // Cache threshold = valid lifetime * .25. + "cache-threshold": .25, + + // Cache maximum: when the client last transmission time + // is close enough the lease is not renewed and current + // lease is returned as it was "cached". + "cache-max-age": 10, + // Enumeration specifying server's mode of operation when it // fetches host reservations. - "reservation-mode": "all", + // "reservation-mode": "all", + // It is replaced by the "reservations-global", + // "reservations-in-subnet" and "reservations-out-of-pool" + // parameters. + + // Specify if server should lookup global reservations. + "reservations-global": false, + + // Specify if server should lookup in-subnet reservations. + "reservations-in-subnet": true, + + // Specify if server can assume that all reserved addresses + // are out-of-pool. + // Ignored when reservations-in-subnet is false. + // If specified, it is inherited by "subnet6" levels. + "reservations-out-of-pool": false, // List of client classes which must be evaluated when this shared // network is selected for client assignments. "require-client-classes": [ "late" ], + // Turn off storage of extended information (e.g. relay agent + // information) with each lease for this shared-network. + "store-extended-info": false, + // List of IPv6 subnets belonging to this shared network. "subnet6": [ { @@ -542,6 +729,36 @@ // provided, no restriction is applied. "client-class": "", + // Subnet level value. See description at the global level. + "ddns-generated-prefix": "myhost", + + // Subnet level value. See description at the global level. + "ddns-override-client-update": false, + + // Subnet level value. See description at the global level. + "ddns-override-no-update": false, + + // Subnet level value. See description at the global level. + "ddns-qualifying-suffix": "", + + // Subnet level value. See description at the global level. + "ddns-replace-client-name": "never", + + // Subnet level value. See description at the global level. + "ddns-send-updates": true, + + // Subnet level value. See description at the global level. + "ddns-update-on-renew": true, + + // Subnet level value. See description at the global level. + "ddns-use-conflict-resolution": true, + + // Subnet level value. See description at the global level. + "hostname-char-replacement": "x", + + // Subnet level value. See description at the global level. + "hostname-char-set": "[^A-Za-z0-9.-]", + // Subnet unique identifier. "id": 1, @@ -554,6 +771,10 @@ // which the response is sent. "interface-id": "", + // Turn on storage of extended information (e.g. relay agent + // information) with each lease for this subnet. + "store-extended-info": true, + // Subnet level list of DHCP options. "option-data": [ { @@ -593,7 +814,7 @@ "delegated-len": 64, // Excluded prefix (address) from client assignments. - "excluded-prefix": "2001:db8::", + "excluded-prefix": "2001:db8:1::", // Excluded prefix (length) from client assignments. "excluded-prefix-len": 72, @@ -602,10 +823,10 @@ "option-data": [], // Prefix range (address) used for client assignments. - "prefix": "2001:db8::", + "prefix": "2001:db8:1::", // Prefix range (length) used for client assignments. - "prefix-len": 40, + "prefix-len": 48, // List of client classes which must be evaluated // when this prefix pool is selected for client assignments. @@ -676,7 +897,21 @@ // Enumeration specifying server's mode of operation when it // fetches host reservations. - "reservation-mode": "all", + // "reservation-mode": "all", + // It is replaced by the "reservations-global", + // "reservations-in-subnet" and + // "reservations-out-of-pool" parameters. + + // Specify if server should lookup global reservations. + "reservations-global": false, + + // Specify if server should lookup in-subnet reservations. + "reservations-in-subnet": true, + + // Specify if server can assume that all reserved + // addresses are out-of-pool. + // Ignored when reservations-in-subnet is false. + "reservations-out-of-pool": false, // Subnet level compute T1 and T2 timers. "calculate-tee-times": true, @@ -687,6 +922,12 @@ // T2 = valid lifetime * .75. "t2-percent": .75, + // Cache threshold = valid lifetime * .25. + "cache-threshold": .25, + + // Subnet level cache maximum. + "cache-max-age": 10, + // List of static IPv6 reservations assigned to the clients belonging // to this subnet. For detailed example see reservations.json. "reservations": [ @@ -788,11 +1029,29 @@ "enable-queue": true, // Queue type was mandatory. - "queue-type": "kea-ring6" + "queue-type": "kea-ring6", + + // Capacity is optional. + "capacity": 64 }, // Fetches host reservations. - "reservation-mode": "all", + // "reservation-mode": "all", + // It is replaced by the "reservations-global", + // "reservations-in-subnet" and "reservations-out-of-pool" parameters. + + // Specify if server should lookup global reservations. + "reservations-global": false, + + // Specify if server should lookup in-subnet reservations. + "reservations-in-subnet": true, + + // Specify if server can assume that all reserved addresses + // are out-of-pool. + // Ignored when reservations-in-subnet is false. + // If specified, it is inherited by "shared-networks" and + // "subnet6" levels. + "reservations-out-of-pool": false, // Data directory. "data-directory": "/tmp", @@ -806,14 +1065,20 @@ // T2 = valid lifetime * .75. "t2-percent": .75, + // Cache threshold = valid lifetime * .25. + "cache-threshold": .25, + + // Global cache maximum. + "cache-max-age": 10, + // String of zero or more characters with which to replace each - // invalid character in the hostname or Client FQDN. The default + // invalid character in the Client FQDN. The default // value is an empty string which will cause invalid characters // to be omitted rather than replaced. "hostname-char-replacement": "x", // Regular expression describing the invalid character set in - // the hostname or Client FQDN. + // the Client FQDN. "hostname-char-set": "[^A-Za-z0-9.-]", // List of loggers used by the servers using this configuration file. @@ -839,13 +1104,19 @@ "maxver": 1, // Specifies logging destination. - "output": "stdout" + "output": "stdout", + + // Specifies log entry content + "pattern": "%D{%Y-%m-%d %H:%M:%S.%q} %-5p [%c/%i] %m\n" } ], // Specifies logging severity, i.e. "ERROR", "WARN", "INFO", "DEBUG". "severity": "INFO" } - ] + ], + + // Look at advanced example for the use of user-contexts. + "user-context": { } } } |