# Kea 2.4.0, July 5th 2023, Release Notes Welcome to Kea 2.4.0, a new stable branch. Kea is a DHCP implementation developed by Internet Systems Consortium (ISC) that features DHCPv4 and DHCPv6 servers with DNS update and a REST API; optional database support (MySQL and PostgreSQL); optional RADIUS, Kerberos, YANG/NETCONF, and GSS-TSIG support; and much more. Kea provides extensive management capabilities, including but not limited to: TLS support, Role-Based Access Control, run-time configuration monitoring and updates via a REST API, host reservations, and client classification. The text below references issue numbers. For more details, visit the Kea GitLab page at https://gitlab.isc.org/isc-projects/kea/issues. The following major features have been implemented since the 2.2 series: 1. **Multi-threading (MT) enabled by default**: Multi-threading was implemented several years ago in Kea, but starting with this release, MT is enabled by default. If you still prefer to use single-threaded mode, it is easy to flip the `enable-multi-threading` switch back to `false`; see "Multi-Threading Settings" in the DHCPv4 and DHCPv6 sections of the Kea ARM for details [#2402]. Multi-threading is now also enabled by default for High Availability (HA) mode [#2749]. 2. **Alternative allocation strategies**: With the introduction of Free Leases Queue (FLQ, described below), Kea now supports three allocation strategies: iterative, random, and FLQ. These can now be configured via a config file [#2348, #969] and the Configuration Backend [#2823]. 3. **Random allocation strategy**: Since its inception in 2011, Kea has been using an iterative allocation strategy, which means it iterates through the address space and allocates available addresses sequentially. This is a simple, fast, and easy-to-understand allocation strategy that works for most use cases. However, we have now introduced a new random allocator, not to replace the iterative allocator but to provide an alternative. It is somewhat slower but provides great resistance against scanning attacks, in particular when vast address space is available, such as in IPv6. The choice of an allocation strategy is now a configuration decision depending on the deployment requirements [#969, #1313, #2316]. 4. **Free Leases Queue allocation strategy**: FLQ is a new allocation strategy. When selected, Kea generates a list of all possible leases on startup and keeps it in memory; it uses this list to assign the first available lease from a pool. This allocator is suitable when DHCP servers are working with nearly depleted pools, and the time to find an available lease via other allocators becomes too long. This new allocator, however, slows down the server startup and reconfiguration, and it also uses more memory, so users may wish to experiment with it in their specific configuration. It can be used for address assignment in DHCPv4 and prefix delegation in DHCPv6. This feature is considered experimental [#2764, #1126, #2780]. 5. **Bulk Leasequery**: The subscriber-only Leasequery hook has been extended to support Bulk Leasequery (BLQ) for DHCPv4 and DHCPv6. BLQ allows rebooting routers and switches to reacquire their lost state by querying the DHCP server. BLQ differs from the typical DHCP protocol in several fundamental ways: first, it uses TCP, and therefore is connection-oriented; second, it does not follow the "one query, one response" paradigm. The "bulk" in BLQ means that devices can send a single query and receive many (possibly millions) of answers. We have done extensive internal testing and the feature appears to be stable, but we advise caution with its use. We are eager to get feedback on this topic, especially with regards to interoperability with other vendors. The DHCPv4 BLQ is currently available for all backends (memfile, MySQL, PostgreSQL). The DHCPv6 BLQ is currently available for memfile, with some very limited functionality for MySQL and PostgreSQL backends [#2713, #2634, #2691, #2687, #2689, #2680, #2685, #2662, #2679, #2681, #2684, #979, #2674, #2675, #2678, #2673, #2663, #2668, #2665, #2645, #2655, #2647, #2639, #2644]. 6. **Multiple vendor options**: The Kea DHCPv4 server can now handle multiple `vivco-suboptions` options with different enterprise IDs [#467] and multiple vendor options with different enterprise IDs and multiple vivso suboptions. The vendor options handling has been updated [#1518, #2694]. Support has been added for multiple instances of the DHCPv6 vendor-class (code 16) and vendor-opts (code 17) options. Kea now supports specifying multiple options with different enterprise numbers [#2517]. 7. **DNS-over-TLS/HTTPS/... options**: The Discovery of Network-designated Resolvers (DNR) options have been implemented for both DHCPv4 and DHCPv6. This is an implementation of the draft-ietf-add-dnr-16 IETF Internet Draft, which is expected to be published as an RFC soon. The options allow configuration of DNS over various transports, such as TLS (DNS-over-TLS or DoT), HTTPS (DNS-over-HTTPS or DoH), and others. As this implementation is based on a draft that has not yet reached RFC publication, use it with caution [#2536]. 8. **Template classes**: Template classes mechanism, similar to spawning classes in ISC DHCP, has been implemented. The code for this functionality has been merged, and it has only been very lightly tested. As such, the feature's status is currently experimental. It is now possible to define an expression using `template-test` in a class. The expression should evaluate to a string; if evaluated to a non-empty value, the packet is assigned to a `SPAWN__` class. Documentation is available in the ARM and in our knowledgebase at https://kb.isc.org/docs/facilitating-classification-with-template-classes [#2568]. 9. **NETCONF and Sysrepo**: The support for NETCONF/Yang received a major overhaul; the Kea code has been migrated to libyang 2.x/Sysrepo 2.x from the previously supported 1.x versions. Both the libyang and Sysrepo dependencies continue to evolve substantially, so this update required over 2500 lines of code to be changed. **Be advised that the recent libyang 2 and Sysrepo 2.x require a compiler that supports the c++20 standard.** However, this is only required if you compile Kea with NETCONF support [#2311]. In addition, the interaction with Sysrepo has been updated: instead of retrieving configuration elements one by one, the whole configuration is retrieved in one step and then dissected by Kea. The larger your configuration is, the greater this performance improvement should be: for our test configuration with 60,000 entries, the configuration took 9 minutes and 30 seconds with the older code and just 3 seconds with this new change. For more details, see issue [#2400] and its merge request [!1824]. The YANG modules have been updated with new configuration nodes: `extended-info-checks`, `ignore-rai-link-selection`, and `template-test`. The `keatest-module` has also gained a few missing node types. The code has been refactored to accommodate changes more easily in the future [#2601]. The YANG modules were updated with recent configuration changes. The added parameters are: `allocator`, `ddns-ttl-percent`, `exclude-first-last-24`, `ignore-dhcp-server-identifier`, `offer-lifetime`, `pd-allocator`, `read-timeout`, `tcp-user-timeout`, and `write-timeout`. We also removed these now-obsolete parameters: `contact-points` and `keyspace` [#2832]. 10. **Per-pool statistics**: Several improvements made it into this release, including the introduction of a new type of statistics that can be observed on a per-pool basis. A plethora of new statistics were introduced: `subnet[id].pool[id].assigned-addresses`, `subnet[id].pool[id].cumulative-assigned-addresses`, `subnet[id].pool[id].declined-addresses`, `subnet[id].pool[id].reclaimed-declined-addresses`, `subnet[id].pool[id].reclaimed-leases`, and `subnet[id].pool[id].total-addresses` for DHCPv4, and even more for DHCPv6: `subnet[id].pool[id].assigned-nas`, `subnet[id].pd-pool[id].assigned-pds`, `subnet[id].pool[id].cumulative-assigned-nas`, `subnet[id].pd-pool[id].cumulative-assigned-pds`, `subnet[id].pool[id].declined-addresses`, `subnet[id].pool[id].reclaimed-declined-addresses`, `subnet[id].pool[id].reclaimed-leases`, `subnet[id].pd-pool[id].reclaimed-leases`, `subnet[id].pool[id].total-nas`, and `subnet[id].pd-pool[id].total-pds` [#145]. The statistics type for the total number of available addresses and prefixes for DHCPv6 has been changed from 64 bits to 128, to account for the enormous address space in IPv6 [#2658]. New statistics were added to keep track of leases that have their Client Last Transmission Time (CLTT) increased in memory and their expiration time left unchanged in persistent storage, as part of the lease-caching feature. Those new statistics are: `v4-lease-reuse`, `subnet[id].v4-lease-reuse`, `v6-ia-na-lease-reuse`, `subnet[id].v6-ia-na-lease-reuse`, `v6-ia-pd-lease-reuse`, and `subnet[id].v6-ia-pd-lease-reuse` [#2797]. 11. **Broadcast MAC address in DHCPv4 reply**: If the broadcast flag is set in the DHCPREPLY, the MAC address is also set to the broadcast value [#2211, #2542]. 12. **Affinity for released leases**: Unless specifically told not to, Kea now keeps leases for a period of time after they are released. This is useful for devices that send RELEASE on reboot; they are now very likely to get the same lease after their reboot is complete. This behavior is controlled by `flush-reclaimed-timer-wait-time` and `hold-reclaimed-time`. If both are non-zero, when the client sends a release message the lease is expired; previously, it was deleted from lease storage. The default values are 25 and 3600 respectively, effectively changing the default server behavior [#2548]. 13. **Global reservation improvements**: Global reservations are generally not recommended to be used with address reservations. However, when they are, an additional safety net is required and it has now been implemented. An address reserved in a global reservation must now lie within the range of the subnet or shared-network selected by Kea; if it does not, the server attempts to allocate an address dynamically. This change applies to both kea-dhcp4 and kea-dhcp6. Previously, the servers would grant a lease for any globally reserved address without regard to its inclusion in the selected subnet. Thanks to Kyle Birkeland for reporting the issue and contributing the patch [#2631, #2632]. 14. **Empty host reservations**: It is now possible to add an "empty" host reservation without any attribute (e.g. no address, no options, no hostname, no client classes, etc.). This is useful to determine the KNOWN class [#2723]. 15. **Never-send**: With earlier Kea versions, it was difficult to configure an option that was supposed to be present everywhere except a small number of locations. A new flag, `never-send`, allows users to configure a given option globally and then suppress sending it in a particular subnet or shared network [#719]. 16. **DDNS improvements**: kea-dhcp4 and kea-dhcp6 support a new parameter, `ddns-ttl-percent`, which allows setting the DNS time-to-live (TTL) as a percentage of a lease lifetime [#225]. 17. **Accepting all traffic**: Earlier Kea versions followed an RFC2131 rule that checked whether the `server-identifier` matched Kea's; if it did not, Kea assumed the packet was intended for some other DHCP server and it was dropped. However, in certain advanced scenarios it is useful to be able to force Kea to accept everything. A new parameter, `ignore-dhcp-server-identifier` for kea-dhcp4, allows enabling this behavior [#2785]. 18. **Early allocation**: RFC2131 states that leases are supposed to be allocated when the server receives a REQUEST message. However, that means that in certain situations, particularly when the server is almost out of addresses, the client can get a DISCOVER with an address, but when it actually requests the address, it does not get it. This is a conformant behavior, but it differs from ISC DHCP, which assigned a short-lived (120-second) lease when receiving DISCOVER. kea-dhcp4 now supports the `offer-lifetime` parameter to allow the temporary allocation of leases during DHCPOFFER [#2719]. 19. **RFC8572 compatibility:** We have added support for Secure Zero Touch Provisioning options, per RFC8572. Kea can now handle DHCPv4 Option code \#143 and DHCPv6 Option code \#136 [#939]. 20. **Prefix delegation (PD) hints**: Kea now understands when a DHCPv6 client prefers a prefix of a certain length. If Kea is configured to hand out /64, /60, and /56 prefixes and the client requests /56, it will get it. Previously, Kea ignored the hint and assigned prefixes in the order the pools appeared in the config file [#1958]. The `prefix-len` and `pd-pools` list now checks the prefix lengths correctly [#2612]. 21. **Preferred lifetime for DHCPv6**: Earlier Kea versions had the preferred lifetime timer set to a default fixed value, if it was not explicitly specified. This could have led, in some cases, to incorrect configuration if the valid lifetime was configured to a lower value than the preferred one. Starting with this release, the preferred lifetime is calculated as 0.625 * `valid-lifetime` unless explicitly specified, or if the specified value is higher than the valid lifetime. This should avoid situations where Kea sends configurations that are rejected by clients [#2835]. 22. **Forensic Logging hook traceability**: The High Availability (HA) mechanism uses lease commands to add, update, and delete leases. The same mechanism can now be used by an administrator to manage lease state. Previously, the forensic logging hook logged both automated HA and manual updates in the same manner. Starting with this release, the forensic logging hook now records whether the lease change is an administrative action or an automated HA update [#2629]. 23. **Logger inheritance**: If using multiple loggers that have a relationship, e.g. `kea-dhcp4` and `kea-dhcp4.packets`, the omitted logger configuration entries in the child are now properly inherited from the root logger, as stated in the ARM [#2537]. 24. **New lease capabilities**: The lease_cmds hook library supports two new commands, `lease4-write` and `lease6-write`. These should help recovery in emergency situations, e.g. when the disk is full, by writing the memory-lease database into a CSV file. They are supported by the memfile backend only. The lease_cmds hook library returns a new "conflict" status code, indicating an issue with a lease update due to a mismatch between the received lease and the server's configuration or state. The HA hook library differentiates between this new status and a general error and avoids transitioning to the partner-down state when conflicts occur. The new `max-rejected-lease-updates` parameter sets a limit for the maximum number of conflicts before the server terminates the HA service [#1654][#2408]. 25. **Hashed configuration**: A new command `config-hash-get` returns a SHA-256 hash of the existing configuration. This can be used to easily detect whether a configuration has changed. Existing `config-set` and `config-get` calls return the hash as well [#2707]. 26. **New command: reservation-get-by-address**: A new command, `reservation-get-by-address`, is now available in the host_cmds hook library. It returns all host reservations for a given IP address, either in all subnets or in a given subnet [#2795]. 27. **New command: reservation-update**: A new command, `reservation-update` has been added that allows an existing host reservation to be updated. It is implemented as part of the Host Commands premium hook [#549]. 28. **Package improvements**: Kea's official APK, Debian, and RPM packages have been restructured and made to follow a consistent packaging standard. Some of the package names have been modified, and some packages have been consolidated into larger packages due to these changes. Kea now runs under a service user on RPM systems. Upgrading Kea on Debian and Ubuntu systems should be done with `apt dist-upgrade` when upgrading to this release or later, as some packages must be removed before reinstalling. Depending on how Kea was previously installed, upgrading to this release or later on Debian or Ubuntu systems could cause the DHCPv6 and/or the DDNS server, as well as the open source hooks, to be removed. To ensure they are properly installed, either install the `isc-kea` metapackage, or install the packages explicitly by name. Further details can be found in [#2220] and [#2398]. The Debian package names have changed: `isc-kea-dhcp4-server` was changed to `isc-kea-dhcp4`, `isc-kea-dhcp6-server` to `isc-kea-dhcp6`, and `isc-kea-dhcp-ddns-server` to `isc-kea-dhcp-ddns`. This change was required to use `dist-upgrade` to install new packages. All package types (rpm, deb, and apk) now have the meta package `isc-kea` that contains all components, making it easier to install while retaining the flexibility to install individual packages separately. The Control Agent service is no longer started every time when dhcp4, dhcp6, or ddns is started, but when active it will start on system boot-up. 29. **Packages**: Native Deb, RPM, and APK packages are available for Alpine 3.15, 3.16, 3.17; CentOS 7; Debian 10, 11, 12; Fedora 36, 37, 38; RHEL 8, 9; and Ubuntu 18.04, 20.04, 22.04. All packages are built for amd64 architecture. For details, see https://cloudsmith.io/~isc/repos/. 30. **Database improvements**: New database connection parameters, `read-timeout` and `write-timeout`, control the timeouts in communication with a MySQL database. The `tcp-user-timeout` parameter controls the timeout in communication with a PostgreSQL database. Setting these timeouts can prevent occasional Kea hangs due to issues with database connectivity, and are expected to improve compatibility with HAProxy [#2688]. Compatibility with recently published PostgreSQL 15 has been improved [#2724]. Kea can now detect a bug in MariaDB, which incorrectly rejects certain valid constructs as invalid JSON. This has been reported to and confirmed by the MariaDB team [#2654]. Compatibility with MySQL 5.5 (very old, but still used by CentOS 7) has been improved [#2727]. A bug in the logic to set DB parameters no longer confuses DHCPv4 with DHCPv6 [#2672]. 31. **Optional link selection suboption**: The link selection suboption is now optional; previously, Kea always tried to use it when it was present in a packet. Right now, its use is enabled by default, but it can be disabled using the `ignore-rai-link-selection` parameter [#2543]. 32. **Compatibility**: We added a new `exclude-first-last-24` DHCPv4 compatibility flag, which skips addresses in .0 and .255 in subnets larger than /24 [#720]. See https://gitlab.isc.org/isc-projects/kea/-/wikis/Release-Notes for a complete list of all changes from versions 2.2.0-2.3.8 that are included in this release. The following bug fixes and features have been implemented since the Kea 2.3.8 release: 1. **Hashed configuration**: A new command `config-hash-get` returns a SHA-256 hash of the existing configuration. This can be used to easily detect whether a configuration has changed. Existing `config-set` and `config-get` calls return the hash as well [#2707]. 2. **New command: reservation-get-by-address**: A new command, `reservation-get-by-address`, is now available in the host_cmds hook library. It returns all host reservations for a given IP address, either in all subnets or in a given subnet [#2795]. 3. **Deprecated auto-generated subnet-id**: A warning is now issued when the configuration contains subnets without explicit subnet identifiers (without an "id" entry). Auto-generated subnet identifiers are now deprecated [#2866]. 4. **Logging drop packets**: The debug levels for packets being dropped have been altered to be easier to spot [#2865]. 5. **Build improvements**: Hammer, the internal building tool, now supports Debian 12 [#2916]. Added support for Fedora 37 [#2935], 38 [#2937] and PostgreSQL 15 [#2950]. Missing header files are now installed; this might be useful for external developers who build their own hooks [#2608]. 6. **Documentation**: Many parameter names in the ARM are now clickable [#2554]. Many broken URLs and typos were fixed in the ARM [#2833]. Documentation regarding installing FreeRADIUS packages was updated [#1452]. A non-existent statistic was referenced in the ARM [#2864]. A typo was fixed in Section 8.2.10 of the ARM [#2913]. The documentation for `ip-reservations-unique` was clarified [#2900]. The documentation for vendor options was improved [#2793]. The documentation for prefix hints, empty reservations, template classes, and `exclude-fist-last-24` option improved [#2892]. 7. **Bug fixes**: We fixed several undefined behaviors as reported by UBSan [#2830]. The vendor options retrieved from a configuration backend are now encapsulated properly. This issue affected both MySQL and PostgreSQL [#2881]. Options with space are now encapsulated properly when retrieved from a Config Backend [#2826]. A problem with the host commands returning partial data for some options has been fixed [#2931]. The `kea-admin lease-upload` command no longer prints a misleading error if no `-4` or `-6` options are used [#2855]. A rare race condition when encapsulated options are used was fixed [#2942]. ## Incompatible Changes There are several changes that can be considered backward-incompatible. 1. Many of the native packages have been substantially updated and in some cases renamed. See above for a brief overview, and the new [Installation From Cloudsmith Packages](https://kea.readthedocs.io/en/latest/arm/install.html?highlight =cloudsmith#installation-from-cloudsmith-packages) and [Caveats for Upgrading Kea Packages](https://kea.readthedocs.io/en/latest/arm/install.html?highlight =cloudsmith#caveats-for-upgrading-kea-packages) sections in the Kea ARM for more details. 2. **MySQL and PostgreSQL schema updates**. Both database schemas were updated to accommodate upcoming Bulk Leasequery support in DHCPv6. Both schemas were also updated to use dedicated types for storing IPv6 addresses rather than using plain text fields. 3. **YANG module updated**. The YANG modules were updated to incorporate the latest changes. 3. **New preferred-lifetime calculation**. Kea now operates in a safer manner and behaves in an RFC-conformant way in some corner cases where it previously sent invalid configuration. Nevertheless, you should review your configuration if you have unusual settings with scenarios where `preferred-lifetime` was greater than `valid-lifetime`. This affects DHCPv6 only. See [#2835] for details. 4. **Deprecating libreload**: The API `libreload` command is now deprecated. The command was implemented a long time ago, in Kea 1.2.0, when the hooks framework was still being implemented and there were no hooks. The original idea - to reload just the hooks and not the whole server configuration - never gained any traction. Starting with this release and for this stable branch (Kea 2.4.x), the command prints a deprecation warning, but otherwise functions normally. It will be removed completely from the Kea 2.5 and 2.6 branches [#2693]. 5. **Deprecated auto-generated subnet-id**: A warning is now issued when the configuration contains subnets without explicit subnet identifiers (without an "id" entry). Auto-generated subnet identifiers are now deprecated. They still work but will be removed in future releases [#2866]. 6. **Python 2 is no longer supported**: To use `kea-shell`, Python 3 is required [#2467]. 7. **Values for `operation-target` updated**: The values accepted by recently introduced parameter `operation-target` used in `reservation-*` commands have been renamed. The "primary" was renamed to "memory", and the "alternate" was renamed to "database" [#2901]. 8. **CentOS 7 no longer supported**: CentOS 7 distribution is no longer supported. It is increasingly difficult to maintain compatibility with ancient compiler and dependencies. The g++ 4.8 was released in 2013 and lacks support for many modern features. Unit tests compilation fails. It's still possible to compile Kea binaries. Also, a determined user could install more recent g++ and make the compilation succeed, but that is not supported anymore. To run Kea 2.4, please migrate to a more modern OS. ## License This version of Kea is released under the Mozilla Public License, version 2.0. https://www.mozilla.org/en-US/MPL/2.0 Some Kea hooks are provided under the MPL 2.0; others are licensed with the Kea Hooks Basic Commercial End User License. The source for each hook includes the applicable license. ## Download Pre-built ISC packages for current versions of the most popular Linux operating systems are available at: https://cloudsmith.io/~isc/repos/ The Kea source and PGP signature for this release may be downloaded from: https://www.isc.org/download The signature was generated with the ISC code signing key, which is available at: https://www.isc.org/pgpkey ISC provides detailed documentation, including installation instructions and usage tutorials, in the Kea Administrator Reference Manual. Documentation is included with the installation or at https://kea.readthedocs.io/en/latest/index.html in HTML, plain text, or PDF formats. ISC maintains a public open source code tree, wiki, issue tracking system, milestone planner, and roadmap at https://gitlab.isc.org//isc-projects/kea. Limitations and known issues with this release can be found at https://gitlab.isc.org/isc-projects/kea/wikis/known-issues-list. We ask users of this software to please let us know how it worked for you and what operating system you tested on. Feel free to share your feedback on the Kea Users mailing list (https://lists.isc.org/mailman/listinfo/kea-users). We would also like to hear whether the documentation is adequate and accurate. Please open tickets in the Kea GitLab project for bugs, documentation omissions and errors, and enhancement requests. We want to hear from you even if everything worked. ## Support Professional support for Kea is available from ISC. We encourage all professional users to consider this option; Kea maintenance is funded with support subscriptions. For more information on ISC's Kea and DHCP software support see https://www.isc.org/support/. Free best-effort support is provided by our user community via a mailing list. Information on all public email lists is available at https://www.isc.org/community/mailing-list. If you have any comments or questions about working with Kea, please share them to the Kea Users list (https://lists.isc.org/mailman/listinfo/kea-users). Bugs and feature requests may be submitted via GitLab at https://gitlab.isc.org/isc-projects/kea/issues. ## Changes The following summarizes changes and important upgrades since the 2.2.0 release. 2166. [build] mgodzina The library version numbers have been bumped up for the Kea 2.4.0 stable release. (Gitlab #2939) 2165. [bug] marcin DHCP options configured in the host database are now returned with their encapsulated options to the clients. (Gitlab #2826) 2164. [bug] razvan Added checks to catch invalid prefix/prefix-len combinations in commands that create or update pools, leases, and reservations. (Gitlab #2725) 2163. [build] slawek Dropped the Kea connector for Python 2. (Gitlab #2467) 2162. [doc] marcin Documented renaming operation-target values in host_cmds hook library. The "primary" was renamed to "memory", and the "alternate" was renamed to "database". (Gitlab #2901) 2161. [doc] fdupont Clarified how Kea treats situations where there are multiple reservations for the same host. (Gitlab #2745) 2160. [doc] tomek Added clarification about RFC3046 (Relay agent option) support, with some examples how to use its content. (Gitlab #2887) 2159. [bug] razvan Fixed a crash when splitting long options or sending user defined options when multi-threading is enabled. Also fixed some cases when options are not properly split if the serialized data reaches the end of the 255 bytes long boundary. (Gitlab #2942) 2158. [func] piotrek A new command named "reservation-get-by-address" is now available in the host_cmds hook library. It returns all host reservations for given IP address either in all subnets or in a given subnet. (Gitlab #2795) 2157. [func]* fdupont Added a warning issued when the configuration contains subnets without explicit subnet identifiers (without "id" entry). The auto-generated subnet identifiers are now deprecated. (Gitlab #2866) 2156. [func] razvan Added an optional 'pool-id' parameter that can be used to enable per-pool statistics. Supported by kea-dhcp4 and kea-dhcp6 for all pool types. (Gitlab #2898) 2155. [func] fdupont, tomek Added the config-hash-get command which returns the SHA-256 hash of the current configuration, helping in detecting changes. Updated config-get, config-set commands to also return SHA-256 hash. (Gitlab #2707) 2154. [doc] darren Corrected minor typo in table in section 8.2.10 of the ARM where type was shown as ipv6-address and should have said ipv4-address. (Gitlab #2913) 2153. [doc] darren Changed wording of documentation of ip-reservations-unique flag to clarify which host reservation backends support false. (Gitlab #2900) 2152. [doc] razvan Added documentation and unittests for counters by pool ID. (Gitlab #145, #2883) 2151. [bug] marcin Corrected a bug in the host manager that affected getting a host by an IPv6 address or delegated prefix. This query returned only partial host information. It lacked other IPv6 reservations and some DHCP options. (Gitlab #2931) 2150. [bug] marcin Fixed a bug in encapsulating DHCP options fetched from the config backend. The suboptions are now included in the top-level options they belong to. (Gitlab #2881) 2149. [doc] andrei The vendor options documentation has been improved. (Gitlab #2793) 2148. [build] tmark The include file, cfg_globals.h, has been added to the to dhcpsrv/Makefile.am such that it now gets installed. Prior to this it was omitted from installation. (GitLab #2608) 2147. [doc] andrei There are now more cross-references in the ARM. Commands and hook libraries link to their own section. Programs link to their manual pages. (Gitlab #2554) 2146. [func] piotrek Making DHCP4_PACKET_DROP_* and DHCP6_PACKET_DROP_* debug prints more verbose. The prints are including now hwaddr for DHCP4 and duid for DHCP6. (Gitlab #2865) 2145. [bug] piotrek Fixed a bug in kea-admin script where lack of lease type argument was not caught correctly and kea-lfc was called without -4 or -6 DHCP version. (Gitlab #2855) Kea 2.3.8 (development) released on May 31, 2023 2144. [build] razvan The library version numbers have been bumped up for the Kea 2.3.8 development release. (Gitlab #2885) 2143. [func] razvan Added v4 statistic counters per pool: subnet[id].pool[id].assigned-addresses subnet[id].pool[id].cumulative-assigned-addresses subnet[id].pool[id].declined-addresses subnet[id].pool[id].reclaimed-declined-addresses subnet[id].pool[id].reclaimed-leases subnet[id].pool[id].total-addresses Added v6 statistic counters per pool: subnet[id].pool[id].assigned-nas subnet[id].pd-pool[id].assigned-pds subnet[id].pool[id].cumulative-assigned-nas subnet[id].pd-pool[id].cumulative-assigned-pds subnet[id].pool[id].declined-addresses subnet[id].pool[id].reclaimed-declined-addresses subnet[id].pool[id].reclaimed-leases subnet[id].pd-pool[id].reclaimed-leases subnet[id].pool[id].total-nas subnet[id].pd-pool[id].total-pds Counters are stored in the lease storage and after schema upgrade all existing leases are considered to be part of pool ID 0. On lease update, the counters will be updated accordingly including pool IDs and statistics will converge to real values over time. (Gitlab #145) 2142. [func] piotrek New command option was added to perfdhcp: --or. It allows to insert extra option(s) to relayed DHCPv6 message at given level of encapsulation. For now only the first level of encapsulation is supported. (Gitlab #2834) 2141. [bug] razvan The High Availability hook library is sending the 'origin' parameter set to 'ha-partner' when sending lease update commands which enables the forensic log hook library to distinguish between administrator commands and HA partner commands. (Gitlab #2629) 2140. [func] slawek Implemented functions to delete the host reservations from the JSON configuration. Updated the host manager to fully support altering the primary source (JSON configuration). Its methods accept a new argument ("operation target") to specify the data source (JSON configuration and/or hosts database) to query or alter. Fixed a function that retrieves IPv6 host reservations from the configuration by address. (Gitlab #2815) 2139. [bug] marcin Fixed a bug in the delegated prefix permutations that caused allocating prefixes in the same order by the random and FLQ allocators. (Gitlab #2860) 2138. [bug] marcin Fixed a bug in the DHCPv4 server that sent DHCPNAK to a client in the INIT-REBOOT state when the server had no matching subnet configuration for that client. (Gitlab #2858) 2137. [func] fdupont A new command "extended-info4-upgrade" makes old leases from SQL DHCPV4 lease database visible to Bulk Lease Queries. (Gitlab #2757) 2136. [func] tmark The default value, in kea-dhcp6, for preferred-lifetime is now calculated as: 0.625 * valid-lifetime. This calculation is also used in the event that the specified value for preferred-lifetime is greater than valid-lifetime. Prior to this, the default value was 3600 seconds, and there was no check against sending values greater than valid-lifetime. (Gitlab #2835) 2135. [build] tomek The CodeQL pipeline has been enabled on github. Developer's guide updated with details. (Gitlab #2760) 2134. [func] andrei Statistics total-nas and total-pds were increased from 64-bit values to 128-bit values to accurately represent large pools. (Gitlab #2658) 2133. [func] andrei Added missing YANG nodes: allocator, ddns-ttl-percent, exclude-first-last-24, ignore-dhcp-server-identifier, offer-lifetime, pd-allocator, read-timeout, tcp-user-timeout, write-timeout. Removed obsolete YANG nodes: contact-points, keyspace. (Gitlab #2832) 2132. [bug] marcin Fixed a bug in the allocation engine that could cause an invalid lease assignment in the shared networks using subnets with different allocator types. (Gitlab #2843) 2131. [bug] razvan Added support for 255 bytes long client-id and 130 bytes long duid (2 bytes for type and at most 128 bytes for value). (Gitlab #2786) 2130. [func] piotrek Added support of DHCP Options for the Discovery of Network-designated Resolvers (DNR) as per draft-ietf-add-dnr. Kea can now handle DHCPv4 Option code 162 and DHCPv6 Option code 144. (Gitlab #2536) 2129. [func] andrei New statistics were added to keep track of leases that have their CLTT increased in memory and their expiration time left unchanged in persistent storage as part of the lease caching feature. The statistics are: v4-lease-reuse, subnet[id].v4-lease-reuse, v6-ia-na-lease-reuse, subnet[id].v6-ia-na-lease-reuse, v6-ia-pd-lease-reuse, subnet[id].v6-ia-pd-lease-reuse. (Gitlab #2797) 2128. [bug]* razvan In addition to logging them, the server now sets the CalloutHandle status to DROP to indicate an error occurred when it catches unhandled exceptions thrown by a callout. (Gitlab #2805) Kea 2.3.7 (development) released on April 26, 2023 2127. [build] razvan The library version numbers have been bumped up for the Kea 2.3.7 development release. (Gitlab #2837) 2126. [func] andrei A new command named reservation-update is now available in the host_cmds hook library. It updates an existing reservation. (Gitlab #549) 2125. [func] marcin Allocators can now be configured in the configuration backend. (Gitlab #2823) 2124. [perf] andrei When not explicitly configured, multi-threading mode and the HTTP dedicated listener are enabled by default for the high-availability hook library ("enable-multi-threading" and "http-dedicated-listener" set to true). (Gitlab #2749) 2123. [bug] razvan Fixed a bug which was truncating relay suboptions (circuit-id code 1 and remote-id code 2) if the data ended in 0x0. The option definitions have been updated from OPT_STRING_TYPE to OPT_BINARY_TYPE. (Gitlab #2794) 2122. [bug] marcin Fixed a bug in the HA hook library whereby the HA service could sometimes terminate even after the partner's clock has been corrected. The last clock skew is now ignored when a communication failure with the partner occurs. (Gitlab #2754) 2121. [func] marcin Implemented Free Lease Queue allocator. It can be used for address assignment in DHCPv4 and prefix delegation in DHCPv6. The allocator is suitable when the DHCP servers work with nearly depleted pools, and the time to find an available lease becomes long with other allocators. The new allocator, however, slows down the server startup and reconfiguration. It also uses more memory. (Gitlab #2780, #2764) Kea 2.3.6 (development) released on March 29, 2023 2120. [build] razvan The library version numbers have been bumped up for the Kea 2.3.6 development release. (Gitlab #2807) 2119. [func] tmark Added a new parameter, ddns-ttl-percent, to kea-dhcp4 and kea-dhcp6, that may be used to calculate DNS TTL as a simple percentage of the lease life time. (Gitlab #225) 2118. [bug] razvan Fixed a bug which was changing the multi-threading settings when running config-test command and the settings were different from the server's configuration. This also fixes the rollback on the multi-threading settings if there is a configuration error detected. Also hooks now set DROP flag on the dhcp4_srv_configured and dhcp6_srv_configured callouts if the configuration is invalid or an error occured. Proper shutdown of the HTTP listener is performed now instead of generating a server crash if the provided address is not valid. (Gitlab #2799) 2117. [func] fdupont Added a new ignore-dhcp-server-identifier DHCPv4 compatibility flag which when set to true (default is false) makes any query to be accepted even when the address in the DHCP Server Identifier option belongs to another server (standard behavior is to drop such queries). (Gitlab #2785) 2116. [func] piotrek Added support of Secure Zero Touch Provisioning options as per RFC8572. Kea can now handle DHCPv4 Option code #143 and DHCPv6 Option code #136. (Gitlab #939) 2115. [func] tmark Added the parameter, offer-lifetime, to kea-dhcp4. When greater than zero, the server temporarily allocates and persists leases during DHCPOFFER processing. (Gitlab #2719) 2114. [func] razvan Added the -T command line parameter to kea-dhcp4 and kea-dhcp6 for testing configuration files, similar to -t, but with extra checks like checking database connections, checking hook libraries parameters, and others. (Gitlab #1671) 2113. [bug] razvan The reload functionality (by sending SIGHUP) of the kea-dhcp4 and kea-dhcp6 servers has been enhanced to rollback to previously working configuration if the new configuration is invalid. There are still cases that can leave the server in an unrecoverable state, and such case is indicated by a FATAL log message. The same logic applies to the "config-set" command available to the server through the control channel. (Gitlab #2722) 2112. [doc] fdupont Added in the ARM security a section explaining how to tune the OpenSSL configuration file for Kea service accepting commands over HTTPS. (Gitlab #2784) 2111. [bug] fdupont Fixed a bug which advertised re-assigned released leases with zero lifetimes. (Gitlab #2766) 2110. [func] fdupont A new boolean configuration flag called "never-send" has been added to the option data scope. When enabled, the option is not sent in a response to the client, even if the client explicitly requests it. (Gitlab #719) 2109. [bug] fdupont Compatibility flags e.g. lenient-option-parsing were not saved by config-get and similar commands. (Gitlab #2790) 2108. [func] fdupont Added a new exclude-first-last-24 DHCPv4 compatibility flag which when set to true (default is false) skips addresses in .0 and .255 in subnets with prefix length less than 24 in the allocation engine routine picking a free address. (Gitlab #720) 2107. [func] fdupont The Kea DHCPv4 server can now handle multiple vivco-suboptions options with different enterprise IDs. (Gitlab #467) 2106. [bug] tmark Corrected code that allowed lease6-get-* commands to return IA_NA leases with prefix length values of zero and logic in kea-dhcp6 that was incorrectly generating duplicate iaaddr options with lifetimes of zero for such leases in REPLYs to RENEWs. (Gitlab #2660) 2105. [bug] tmark kea-dhcp6 now consistently uses valid and preferred lifetime values provided via classes. Prior to this it was not utilizing class-supplied lifetimes when renewing existing leases or when reusing expired leases. (Gitlab #2739) Kea 2.3.5 (development) released on February 22, 2023 2104. [build] andrei The library version numbers have been bumped up for the Kea 2.3.5 development release. (Gitlab #2768) 2103. [perf] andrei When not explicitly configured, multi-threading is now enabled by default for the core Kea DHCP service ("enable-multi-threading" set to true). For now, HA+MT is still disabled by default ("enable-multi-threading" and "http-dedicated-listener" both still set to false in the high-availability library parameters). (Gitlab #2402) 2102. [func]* tmark The logger to which kea-dhcp4 now logs EVAL_RESULT log messages issued during packet classification has been changed from "options4" to "dhcp4". This corrects an inconsistency between kea-dhcp6 and kea-dhcp4 behavior. (Gitlab #2720) 2101. [build] andrei Shell tests and python tests no longer run if gtest is disabled. This provides the ability to run distcheck without tests. (Gitlab #2742) 2100. [doc] Kevin P. Fleming Fixed several JSON examples in the Kea ARM. (Gitlab #2494) 2099. [func]* tmark An address reserved in a global reservation must now lie within the range of the subnet or shared-network selected by Kea. If it does not, the server will attempt to allocate an address dynamically. This change applies to both kea-dhcp4 and kea-dhcp6. Previously, the servers would grant a lease for any globally reserved address without regard for its feasibility within the selected subnet. Thanks to Kyle Birkeland for reporting the issue and contributing the patch. (Gitlab #2631, #2632) 2098. [doc] razvan Updated client classification examples in the ARM with a case where both operands of the evaluated expression are computed at runtime. (Gitlab #2664) 2097. [func] tmark kea-dhcp4 and kea-dhcp6 will now accept renew-timer values that exceed rebind-timer values but will ignore them and issue a warning. Previously, the servers treated those values as a fatal configuration error. (Gitlab #2677) 2096. [bug] tmark Corrected a bug which allowed options to be added to themselves as suboptions. (Gitlab #2538) 2095. [bug] marcin, tmark Added a compile-time check of whether the PostgreSQL version supports the "tcp-user-timeout" parameter. This parameter is available in PostgreSQL version 12 and later. It is now ignored for earlier versions and a suitable warning message is issued. (Gitlab #2734) 2094. [bug] razvan Fixed a bug which caused the Kea server to crash when using the high-availability hooks library and running reconfigure commands. Thanks to Caciano Machado for reporting this bug and providing detailed steps on how to replicate it. (Gitlab #2575) 2093. [func] fdupont It is now possible to add an "empty" host reservation without any attribute (e.g. no address, no hostname, no client classes, etc.). This is useful for determining the KNOWN class. (Gitlab #2723) 2092. [bug] fdupont Added logic to kea-dhcp4 and kea-dhcp6 to catch and log database connection errors that occur during lease reclamation. Previously, such errors caused the reclamation timer to not get rescheduled. (Gitlab #2682) 2091. [bug] marcin Fixed a bug that caused a response to a config-get command to lack the configured read-timeout, write-timeout, and tcp-user-timeout parameters. (Gitlab #2741) 2090. [build] andrei Fixed the --with-site-packages configure flag, which previously had no effect. (Gitlab #2669) Kea 2.3.4 (development) released on January 25, 2023 2089. [build] razvan The library version numbers have been bumped for the Kea 2.3.4 development release. (Gitlab #2726) 2088. [func]* tomek The libreload command is now deprecated. The code is still there, but it will be removed in the future versions. (Gitlab #2693) 2087. [func] razvan The Kea DHCPv4 server can now handle multiple vendor options with different enterprise IDs and multiple vivso-suboptions. (Gitlab #1518) 2086. [bug] andrei A spacing issue in a prepared statement that prevented Config Backend from working with PostgreSQL 15 and above has been fixed. (Gitlab #2724) 2085. [func] tmark kea-dhcp-ddns uses new log messages to clearly distinguish between timeouts and other IO errors when communicating with DNS servers. (Gitlab #2589) 2084. [func] razvan When the client adds a prefix length in the hint, the server will try to select a pool with the delegated prefix length equal to the respective value. If no pool is found, the server will try to select a pool with a lower delegated prefix length (a larger address space) and if none is found, it will try to select a pool with a higher delegated prefix length (a smaller address space). (Gitlab #1958) 2083. [func] marcin New database connection parameters, "read-timeout" and "write-timeout", control the timeouts in communication with the MySQL database. The "tcp-user-timeout" controls the timeout in communication with the PostgreSQL database. Setting these timeouts can prevent occasional Kea hangs due to issues with the database connectivity. (Gitlab #2688) 2082. [bug] razvan The prefix address provided in the prefix and prefix length pair from the pool configuration is now checked to match the first address in the pool. (Gitlab #2612) 2081. [func] tmark The default value for the kea-dhcp-ddns parameter, dns-server-timeout, has been increased from 100 ms to 500 ms. This was done to improve the out-of-the-box user experience. (Gitlab #2590) 2080. [func] tmark Bulk Lease Query results can now include delegated prefixes. Memfile queries used by Bulk Lease Query (BLQ) were modified to include delegated prefixes when appropriate. Prior to this they were returning only address leases. (Gitlab #2713) 2079. [func] marcin The lease allocation strategy is now configurable. It is possible to select between iterative and random lease selection for the address assignment and prefix delegation, respectively, at the global, shared network, and subnet levels. (Gitlab #2348, #969) Kea 2.3.3 (development) released on November 30, 2022 2078. [build] andrei The library version numbers have been bumped for the Kea 2.3.3 development release. (Gitlab #2650) 2077. [func] andrei YANG modules have been updated with three configuration nodes: extended-info-checks, ignore-rai-link-selection, template-test. keatest-module has also gained empty, leafref and union nodes for proper testing of all YANG leaf types. Additionally, stable libyang and sysrepo versions are recommended for use in the ARM in place of the previous development versions. (Gitlab #2601) 2076. [doc] razvan Add documentation for template classes and the new parameter 'template-test' which evaluates to a string value. This indicates if the class is spawning classes with the name containing the evaluated value: 'SPAWN__' only if the value is not empty string. This will also add the packet to the class. (Gitlab #2606) 2075. [bug] razvan The builtin client class ALL can now be used again to apply lease limits and rate limits. (Gitlab #2615) 2074. [func] tmark Added a new library, libkea_tcp, that provides support for a generic TCP listener. Initially, this library will be used for Bulk LeaseQuery (Gitlab #2583) Kea 2.3.2 (development) released on October 26, 2022 2073. [build] razvan The library version numbers have been bumped for the Kea 2.3.2 development release. (Gitlab #2607) 2072. [func] razvan If both "flush-reclaimed-timer-wait-time" and "hold-reclaimed-time" are non-zero, when the client sends a release message the lease is expired. Previously it was deleted from the lease storage. The default values are 25 and 3600 respectively, effectively changing the default server behavior. (Gitlab #2548) 2071. [perf] andrei Significantly improved the performance of editing configuration with kea-netconf. Instead of making a request to the sysrepo datastore for each leaf and leaf-list node, a single request is done and the config is translated from the received data node. This approach is considered experimental. (Gitlab #2400) 2070. [func] andrei kea-netconf now requires libyang v2 and sysrepo v2 to compile and run. Support for libyang v1 and sysrepo v1 has been dropped. (Gitlab #2311) 2069. [func] fdupont Added a new sanity checker named "extended-info-checks" which checks and eventually upgrades lease extended info which store into lease user context in DHCPv4 the dhcp-agent-options content and in DHCPv6 the relay-msg fields and options. (Gitlab #2595) 2068. [func] djt Kea's official APK, Deb, and RPM packages have been restructured and made to follow a consistent packaging standard. Some of the package names have been modified, and some packages have been consolidated into larger packages as a result of these changes. Kea now runs under a service user on RPM systems. Upgrading Kea on Debian and Ubuntu systems should be done with ``apt dist-upgrade`` when upgrading to this release or later, as some packages need to be removed before being reinstalled. Depending on how Kea was installed, upgrading to this release or later on Debian or Ubuntu systems could cause the DHCPv6 and/or the DDNS server, as well as the open-source hooks to be removed. In order to ensure they are properly installed, either install the ``isc-kea`` metapackage, or install the packages explicitly by name. Further details can be found in the Gitlab issue. (Gitlab #2220) 2067. [func] fdupont Updated the layout of extended information optionally stored in lease user context to add remote and relay identifier (sub-)options. (Gitlab #2587) 2066. [bug] fdupont Fixed lease reuse process to clear the user context when the lease expired and was reclaimed. (Gitlab #2588) 2065. [func] djt A compatibility config option called ignore-rai-link-selection has been added to the DHCPv4 config allow operators to ignore Link Selection suboption data in Relay Agent information options. When this configuration value is set to true, Kea will no longer use data provided in the suboption for subnet selection. (Gitlab #2543) Kea 2.3.1 (development) released on September 28, 2022 2064. [build] mgodzina The library version numbers have been bumped for the Kea 2.3.1 development release. (Gitlab #2576) 2063. [bug] fdupont Fixed 32 bit compatibility issue with PostgreSQL time. (Gitlab #2532) 2062. [func] fdupont The lease_cmds hook library supports two new commands "lease4-write" and "lease6-write" which should help to recover emergency situations e.g. full disk space by writing the memory lease database into a CSV file. They are supported only by the memfile backend. (Gitlab #1654) 2061. [bug]* fdupont Enforce length limits on host identifier (20 bytes for hardware address, 128 bytes for DUID and other types). (Gitlab #2557) 2060. [build] andrei Two scripts that are used for checking YANG modules now automatically detect the location of the yanglint tool and its libraries based on the values passed to the configure script. "make check" should now pass uninterrupted on some delicate systems like Alpine and RPM-based. Also, reinstall.sh, used to install YANG modules, now detects sysrepoctl automatically. (Gitlab #2558) 2059. [func] marcin The lease_cmds hook library returns a new "conflict" status code indicating an issue with a lease update due to a mismatch between the received lease and the server's configuration or state. The HA hook library differentiates between this new status and a general error and avoids transitioning to the partner-down state when conflicts occur. The new "max-rejected-lease-updates" parameter sets a limit for the maximum number of conflicts before the server terminates the HA service. (Gitlab #2408) 2058. [build] fdupont kea-lfc is now built just after libraries. (Gitlab #2526) 2057. [doc] marcin Fixed broken example and documentation for long DHCPv4 options in the ARM. (Gitlab #2545) 2056. [build] andrei Improved build compatibility in Kea between g++ and Boost libraries. The compilation error that was fixed was reported to occur with g++ 8 and boost 1.75. The fix consists of passing callbacks directly to boost::asio::io_service::post and not indirectly through a functor. Thanks to rski for reporting the error and suggesting the fix! (Gitlab #2519) 2055. [func] andrei When Kea starts with an erroneous file configuration, if the logging is viable and is configured to log at least at ERROR level, it will log the errors according to the configured logging. Previously, it would log them in stderr which made gathering of the errors more difficult. A final log message is still logged at stderr just as before. (Gitlab #1955) Kea 2.3.0 (development) released on August 31, 2022 2054. [build] razvan The library version numbers have been bumped for the Kea 2.3.0 development release. (Gitlab #2546) 2053. [doc] razvan A new appendix for configuration templates added to Kea ARM. which include High Availability with multi-threading and secure connections using TLS. (Gitlab #2441) 2052. [func] andrei Omitted logger configuration entries are now properly inherited from the root logger as the ARM suggests. (Gitlab #2537) 2051. [func] razvan Added support for bulk lease query options defined in RFC 6926. The bulk lease query functionality has not been implemented yet. (Gitlab #2527) 2050. [build] andrei, tomek Fixed problem with preparing system using hammer on FreeBSD 13.0. The available sphinx and python versions are now detected dynamically. This should prevent future package upgrades (e.g. to python 3.10) from breaking our builds again. (Gitlab #2534) 2049. [build] razvan, fdupont The distcheck rule is able to compile and run unittests for database backends, GSS-TSIG and Sysrepo/NETCONF. (Gitlab #2071) 2048. [bug] fdupont Set broadcast MAC destination address in DHCPv4 replies when the IP address is broadcast. Thanks to Joost Bekkers for reporting the issue and contributing the patch. This improves Kea's compatibility with Cisco Small Business switches. (Gitlab #2211) 2047. [func] fdupont Added support of multiple instances of the DHCPv6 "vendor-class" (code 16) and "vendor-opts" (code 17) options: specifying multiple options with different enterprise numbers is now supported by Kea. 2046. [doc] andrei Disabled smart quotes in Sphinx configuration to leave quotes unchanged. Prior to this change, quotes were converted into left-quotes and right-quotes. This made it difficult for users to copy and use chunks of configuration directly from the ARM. (Gitlab #2513) The following summarizes changes in the premium hooks since the 2.2.0 release: 175. [bug] marcin DHCP options inserted into a database by the host_cmds and cb_cmds hooks are not encapsulated. Previously, encapsulated options were sometimes appended to the parent options which was confusing and could lead to parsing errors. Now, the encapsulated options are returned separately and associated with appropriate option space (i.e., an option space of a parent option). (Gitlab #2826) 174. [bug] razvan Added checks to catch invalid prefix/prefix-len combinations in commands that create or update pools, leases, and reservations. (Gitlab #2725) 173. [func]* marcin Renamed operation-target values in host_cmds hook library. The "primary" was renamed to "memory", and the "alternate" was renamed to "database". (Gitlab #2901) 172. [func] piotrek A new command named "reservation-get-by-address" is now available in the host_cmds hook library. It returns all host reservations for given IP address either in all subnets or in a given subnet. (Gitlab #2795) Kea-premium hooks package 2.3.8 (development) released on May 31, 2023 171. [bug] razvan The High Availability hook library is sending the 'origin' parameter set to 'ha-partner' when sending lease update commands which enables the forensic log hook library to distinguish between administrator commands and HA partner commands. (Gitlab #2629) 170. [func] slawek The host_cmds has been updated to fully support altering (add, update, delete) host reservations in JSON configuration. The host commands accept a new argument ("operation-target") that defines the data source (JSON configuration and/or hosts database) to query or alter. (Gitlab #2815) 169. [func] fdupont A new command "extended-info4-upgrade" makes old leases from SQL DHCPV4 lease database visible to Bulk Lease Queries. (Gitlab #2757) Kea-premium hooks package 2.3.7 (development) released on April 26, 2023 168. [bug] tmark The lease query hook library can now find a delegated prefix that contains an DHCPv6 IP address in response to a query by IP address. (Gitlab #1275) 167. [func] andrei A new command named reservation-update is now available in the host_cmds hook library. It updates an existing reservation. (Gitlab #549) 166. [func] marcin The subnet_cmds hook has been updated to support using the Free Lease Queue (FLQ) allocator. This allocator can be selected at the subnet or shared network level using the commands from this hook library. (Gitlab #2780) Kea-premium hooks package 2.3.6 (development) released on March 29, 2023 165. [bug] razvan Hooks now set DROP flag on the dhcp4_srv_configured and dhcp6_srv_configured callouts if the configuration is invalid or an error occured. Proper shutdown of the HTTP listener is performed now instead of generating a server crash if the provided address is not valid. (Gitlab #2799) 164. [bug] razvan Added missing log messages for host commands hooks library. There are three messages that can be logged when any command is issued: one INFO message when the hook starts processing the command and one INFO message when it finishes with no error or one ERROR message then an error occurs. (Gitlab #2783) Kea-premium hooks package 2.3.5 (development) released on February 22, 2023 163. [func] fdupont The lease_query hook library now supports most bulk lease query requirements for DHCPv4 (RFC 6926). It is currently only supported with memfile lease storage. (Gitlab #2746) Kea-premium hooks package 2.3.4 (development) released on January 25, 2023 162. [bug] razvan The prefix address provided in the prefix and prefix length pair from the pool configuration is now checked to match the first address in the pool. (Gitlab #2612) 161. [build] andrei Building without the forensic log source files is now possible. Previously, it would complain about files not existing. Those file declarations were moved from a generic m4 file to a m4 file that is dedicated to forensic logging. (Gitlab #2633) 160. [func] fdupont, tmark The lease_query hook library now supports bulk lease query for DHCPv6 (RFC 5460). It is currently only supported with memfile lease storage. (Gitlab #2673) Kea-premium hooks package 2.3.3 (development) released on November 30, 2022 159. [func] razvan Added "ignore-iaid" configuration flag in flex-id hooks library which enables the server to ignore incoming IAID value if the packet contains at most one IA_NA or one IA_PD. The IAID value is stored as 0 in the lease storage, but it is restored to its initial value in the response back to the client. (Gitlab #2472) Kea-premium hooks package 2.3.2 (development) released on October 26, 2022 158. [func] razvan Added support for template classes. The limits hooks library is able to handle restrictions on subclasses spawned at runtime by template classes. (Gitlab #248) 157. [bug] fdupont Updated the RADIUS code to no longer throw on methods returning host collections: instead it does not contribute to the final result. For instance the command "reservation-get-all" no longer fails but it still can't be used to retrieve RADIUS or host cache content. (Gitlab #2566) Kea-premium hooks package 2.3.1 (development) released on September 28, 2022 156. [bug] fdupont Reservation get commands no longer throw on host entries with too long host identifiers. (Gitlab #2557) Kea-premium hooks package 2.3.0 (development) released on August 31, 2022 155. [bug] fdupont A subnet-id is returned in response to the reservation-get and reservation-get-all commands. (Gitlab #2471) Thank you again to everyone who assisted us in making this release possible. We look forward to receiving your feedback.