红帽全球峰会3.8. Classifying clients in Kea
Kea client classes provide a mechanism for grouping clients based on specific criteria, allowing for granular control over network configuration. You can use this feature to apply special processing rules or assign different DHCP options to clients.
You can create a client class that assigns Voice over IP (VoIP) devices to a specific IP pool to ensures that VoIP phones get different IP addresses than other devices on the network. For example, in IPv4 networks, you can use a substring expression to test for the first 3 octets of their media access control (MAC) address. In IPv6 networks where the MAC address is not a reliable indicator, you can test for a substring of the DHCPv6 vendor class option.
Prerequisites
-
The
kea-dhcp4andkea-dhcp6services are configured and running. -
You are logged in as the
rootuser.
Procedure
If you are configuring an IPv4 network:
Edit the
/etc/kea/kea-dhcp4.conffile, and make the following changes:Add the following client classes to the
Dhcp4parameter:{ "Dhcp4": { ... "client-classes": [ { "name": "VoIP-Phones", "test": "substring(pkt4.mac, 0, 3) == 0x525400" }, { "name": "Others", "test": "not member('VoIP-Phones')" } ], ...In this example, devices with a MAC address starting with
52:54:00match theVoIP-Phonesclient class. Devices that do not match the rule are assigned to theOthersclient class.Assign the client classes to your
pooldefinitions:{ "Dhcp4": { "subnet4": [ { "subnet": "192.0.2.0/24", "pools": [ { "pool": "192.0.2.20 - 192.0.2.100", "client-class": "Others" }, { "pool": "192.0.2.150 - 192.0.2.200", "client-class": "VoIP-Phones" } ], ...Depending on which client class a host matches, Kea assigns an IP from the corresponding pool.
Verify the syntax of the configuration file:
# kea-dhcp4 -t /etc/kea/kea-dhcp4.confIf the command returns
Syntax check failed, fix the errors shown in the report.Restart the
kea-dhcp4service:# systemctl restart kea-dhcp4
If you are configuring an IPv6 network:
Edit the
/etc/kea/kea-dhcp6.conffile, and make the following changes:Add the following client classes to the
Dhcp6parameter:{ "Dhcp6": { ... "client-classes": [ { "name": "VoIP-Phones", "test": "option[16].exists and (substring(option[16].hex, 0, 8) == '00000009')", }, { "name": "Others", "test": "not member('VoIP-Phones')" } ], ...In this example, devices that send a DHCPv6 vendor class option (option 16) where the hexadecimal value begins with
00000009match theVoIP-Phonesclient class. Devices that do not match the rule are assigned to theOthersclient class.Assign the client classes to your
pooldefinitions:{ "Dhcp6": { "subnet6": [ { "subnet": "2001:db8:0:1::/64", "pools": [ { "pool": "2001:db8:0:1::1000 - 2001:db8:0:1::2000", "client-class": "Others" }, { "pool": "2001:db8:0:1::4000 - 2001:db8:0:1::5000", "client-class": "VoIP-Phones" } ], ...Depending on which client class a host matches, Kea assigns an IP from the corresponding pool.
Verify the syntax of the configuration file:
# kea-dhcp6 -t /etc/kea/kea-dhcp6.confIf the command returns
Syntax check failed, fix the errors shown in the report.Restart the
kea-dhcp6service:# systemctl restart kea-dhcp6
Verification
- Connect clients that match the rules in the client classes and verify that Kea assigned an IP from the associated pool.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}