// This is an example configuration of the Kea DHCPv6 server. It uses High // Availability hook library and Lease Commands hook library to enable // High Availability function for the DHCP server. Note that almost exactly // the same configuration must be used on the second server (partner). // The only difference is that "this-server-name" must be set to "server2" // on this other server. Also, the interface configuration and location of TLS // specific files depend on the network settings and configuration of the // particular machine. // // The servers using this configuration work in hot standby mode. { // DHCPv6 configuration starts here. "Dhcp6": { // Add names of your network interfaces to listen on. "interfaces-config": { // The DHCPv6 server listens on this interface. "interfaces": [ "eth0" ] }, // Control socket is required for communication between the Control // Agent and the DHCP server. High Availability requires Control Agent // to be running because lease updates are sent over the RESTful // API between the HA peers. "control-socket": { "socket-type": "unix", "socket-name": "/tmp/kea6-ctrl-socket" }, // Use Memfile lease database backend to store leases in a CSV file. // Depending on how Kea was compiled, it may also support SQL databases // (MySQL and/or PostgreSQL). Those database backends require more // parameters, like name, host and possibly user and password. // There are dedicated examples for each backend. See Section 7.2.2 "Lease // Storage" for details. "lease-database": { // Memfile is the simplest and easiest backend to use. It's an in-memory "type": "memfile" }, // HA requires two hook libraries to be loaded: libdhcp_lease_cmds.so and // libdhcp_ha.so. The former handles incoming lease updates from the HA peers. // The latter implements high availability feature for Kea. "hooks-libraries": [ // The lease_cmds library must be loaded because HA makes use of it to // deliver lease updates to the server as well as synchronize the // lease database after failure. { "library": "/opt/lib/kea/hooks/libdhcp_lease_cmds.so", "parameters": { } }, { // The HA hook library should be loaded. "library": "/opt/lib/kea/hooks/libdhcp_ha.so", "parameters": { // High Availability configuration is specified for the HA hook library. // Each server should have the same HA configuration, except for the // "this-server-name" parameter. "high-availability": [ { // This parameter points to this server instance. The respective // HA peers must have this parameter set to their own names. "this-server-name": "server1", // The HA mode is set to hot-standby. This server will receive lease // updates from the primary. The primary will be responding to all // DHCP queries. "mode": "hot-standby", // Heartbeat is to be sent every 10 seconds if no other control // commands are transmitted. "heartbeat-delay": 10000, // Maximum time for partner's response to a heartbeat, after which // failure detection is started. This is specified in milliseconds. "max-response-delay": 60000, // The following parameters control how the server detects the // partner's failure. The ACK delay sets the threshold for the // 'secs' field of the received discovers. This is specified in // milliseconds. "max-ack-delay": 5000, // This specifies the number of clients which send messages to // the partner but appear to not receive any response. "max-unacked-clients": 5, // Trust anchor aka certificate authority file or directory. "trust-anchor": "/usr/lib/kea/CA.pem", // Client certificate file name. "cert-file": "/usr/lib/kea/server_cert.pem", // Private key file name. "key-file": "/usr/lib/kea/server_key.pem", // Client certificates are required and verified. "require-client-certs": true, "peers": [ // This is the configuration of this server instance. { "name": "server1", // This specifies the URL of this server instance. The // Control Agent must run along with this DHCPv6 server // instance and the "http-host" and "http-port" must be // set to the corresponding values. "url": "http://192.168.56.33:8000/", // This server is primary. The other one must be // standby. "role": "primary" }, // This is the configuration of the HA peer. { "name": "server2", // Specifies the URL on which the partner's control // channel can be reached. The Control Agent is required // to run on the partner's machine with "http-host" and // "http-port" values set to the corresponding values. "url": "http://192.168.56.66:8000/", // The partner is standby. This server is primary. "role": "standby" } ] } ] } } ], // The following list defines subnets. Each subnet consists of at // least subnet and pool entries. "subnet6": [ { "id": 1, "subnet": "2001:db8:1::/64", "pools": [ { "pool": "2001:db8:1::100 - 2001:db8:1::250" } ], "interface": "eth0" } ], // The following configures logging. It assumes that messages with at // least informational level (info, warn, error and fatal) should be // logged to stdout. Alternatively, you can specify stderr here, a filename // or 'syslog', which will store output messages via syslog. "loggers": [ { // This section affects kea-dhcp6, which is the base logger for DHCPv6 // component. It tells DHCPv6 server to write all log messages (on // severity INFO or more) to a file. "name": "kea-dhcp6", "output-options": [ { "output": "stdout" } ], "severity": "INFO", "debuglevel": 0 }, { // This section specifies configuration of the HA hook library-specific // logger. "name": "kea-dhcp6.ha-hooks", "output-options": [ { "output": "stdout" } ], "severity": "INFO", "debuglevel": 99 } ] } }