Red Hat Summit3.5. Setting up a Kea DHCP server
Kea is a modern, high-performance DHCP server with a modular design. Use a DHCP server to automatically assign IP addresses and other network settings to client devices. This eliminates the error-prone task of manual configuration.
Prerequisites
-
The
keapackage is installed. -
You are logged in as the
rootuser.
Procedure
If you are configuring an IPv4 network:
Edit the
/etc/kea/kea-dhcp4.conffile, and use the following configuration:{ "Dhcp4": { // Global settings that apply to all subnets unless overridden. "valid-lifetime": 86400, "option-data": [ { "name": "domain-name", "data": "example.com" }, { "name": "domain-name-servers", "data": "192.0.2.53" } ], // The network interfaces on which Kea will listen for DHCP traffic. "interfaces-config": { "interfaces": [ "enp1s0" ] }, "subnet4": [ // A definition of a subnet that is directly connected to the server { "id": 1, "subnet": "192.0.2.0/24", "pools": [ { "pool": "192.0.2.20 - 192.0.2.100" }, { "pool": "192.0.2.150 - 192.0.2.200" } ], "option-data": [ { "name": "routers", "data": "192.0.2.1" } ], }, // A definition of a remote subnet served through a DHCP relay { "id": 2, "subnet": "198.51.100.0/24", "pools": [ { "pool": "198.51.100.20 - 198.51.100.100" } ], // Allowed DHCP relay agents "relay": { "ip-addresses": [ "198.51.100.5" ] }, "option-data": [ { "name": "routers", "data": "198.51.100.1" }, { "name": "domain-name-servers", "data": "198.51.100.53" } ] } ] } }This example configures Kea to serve two subnets: one directly connected to the server and a remote one that uses a DHCP relay agent.
The settings specified in the example include the following:
interfaces- Defines the network interfaces on which Kea listens for DHCP requests. If a subnet is not directly connected to the server, ensure that you list the interface through which the subnet can be reached.
id- Defines a unique integer for the subnet. This is required if you define more than one subnet.
subnet- Defines the subnet in Classless Inter-Domain Routing (CIDR) format.
pools- Defines the IP address ranges from which Kea can assign addresses to clients.
option-data- Defines DHCP options sent to clients, such as the default gateway and DNS servers. Per-subnet option-data settings override global settings.
relay- Defines the IP addresses of DHCP relay agents. While this setting is optional for remote subnets, it improves the security to limit forwarded requests to trusted agents. Do not use this parameter for directly-connected subnets.
Verify the syntax of the configuration file:
# kea-dhcp4 -t /etc/kea/kea-dhcp4.confIf the command returns
Syntax check failed, fix the errors shown in the report.Update the
firewalldrules to allow incoming DHCPv4 traffic:# firewall-cmd --permanent --add-service=dhcp # firewall-cmd --reloadEnable and start the service:
# systemctl enable --now kea-dhcp4
If you are configuring an IPv6 network:
Edit the
/etc/kea/kea-dhcp6.conffile, and use the following configuration:{ "Dhcp6": { // Global settings that apply to all subnets unless overridden. "valid-lifetime": 86400, "option-data": [ { "name": "domain-name", "data": "example.com" }, { "name": "dns-servers", "data": "2001:db8:0:1::53" } ], // The network interfaces on which Kea will listen for DHCP traffic. "interfaces-config": { "interfaces": [ "enp1s0" ] }, "subnet6": [ // A definition of a subnet that is directly connected to the server { "id": 1, "subnet": "2001:db8:0:1::/64", "pools": [ { "pool": "2001:db8:0:1::1000 - 2001:db8:0:1::2000" }, { "pool": "2001:db8:0:1::4000 - 2001:db8:0:1::5000" } ], }, // A definition of a remote subnet served through a DHCP relay { "id": 2, "subnet": "2001:db8:0:2::/64", "pools": [ { "pool": "2001:db8:0:2::1000 - 2001:db8:0:2::2000" } ], // Allowed DHCP relay agents "relay": { "ip-addresses": [ "2001:db8:0:2::5" ] }, "option-data": [ { "name": "dns-servers", "data": "2001:db8:0:1::53" } ] } ] } }This example configures Kea to serve two subnets: one directly connected to the server and a remote one that uses a DHCP relay agent.
Verify the syntax of the configuration file:
# kea-dhcp6 -t /etc/kea/kea-dhcp6.confIf the command returns
Syntax check failed, fix the errors shown in the report.Update the
firewalldrules to allow incoming DHCPv6 traffic:# firewall-cmd --permanent --add-service=dhcpv6 # firewall-cmd --reloadEnable and start the service:
# systemctl enable --now kea-dhcp6
Verification
-
Configure a network connection with DHCP on a client. See Configuring an Ethernet connection by using
nmcli. - Connect the client to the network.
Check if the client received an IP address from the DHCP server:
# ip address show <interface> 2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 52:54:00:17:b8:b6 brd ff:ff:ff:ff:ff:ff inet 192.0.2.20/24 brd 192.0.2.255 scope global noprefixroute enp1s0 valid_lft forever preferred_lft forever inet6 2001:db8:1::1000/64 scope global noprefixroute valid_lft forever preferred_lft forever
Troubleshooting
Check on which IPv4 and IPv6 addresses Kea is listening:
# ss -lunp | grep -E ':(67|547)'If Kea does not listen on all interfaces you configured, check the
interfaces-configsetting in the Kea configuration files.
Next steps
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}