Presentation on theme: "Kea – Modern DHCP Engine"— Presentation transcript:
1 Kea – Modern DHCP Engine 01/09/1201/09/12Kea – Modern DHCP EngineOpen Source WGRIPE68, Warsaw, Poland14 May 2014Tomek Mrugalski1
2 Who is Tomek? M.Sc., Ph.D from Gdansk University of Technology 01/09/1201/09/12Who is Tomek?M.Sc., Ph.D from Gdansk University of TechnologyPrimary author of DibblerPortable DHCPv6 implementation (srv, cli, relay)Supports Win 2k-Win8, Linux, BSD, SolarisConfirmed use in 34 countries7 years at Intel (Network Quality Labs, chipsets group)3 years at ISCLead Developer of Kea (formerly BIND10 DHCP)Occasional contributor to ISC-DHCPActive IETF participant since 2009DHC WG co-chair4 RFCs, 18+ drafts (all DHCP-related)22
3 ISC DHCPOpen-SourceManaged open source model (closed repository, semi-closed bug system)First version released in 1997Default DHCP software in many distributionsServer/relay/client for IPv4 & IPv6Feature-richFirst version was released in V4 added IPv6 support and was released in Latest release is (released 2014).Provides a full set of DHCP components and is the the default software in many distributions, although the client is more widely used. However, it is fair to say that the relay is perhaps not widely used, as most installations ill use the relays included in their bridges.Lots of features. At points, the configuration file is a combination between a configuration language and procedural language.
4 Why new DHCP implementation? Existing code is 18 years oldNetworks have changedHardware has changedUse cases have changedDrawbacks with ISC DHCPComplex code, difficult to extendDocumentation lackingPerformance not always sufficientPartial dynamic configuration (OMAPI)Over the years, networks have got larger and topologically more complex. In particular mobility – single client with single point of attachment. Now we have mobile devices that can move between locations. Did have networks that were flat – now we have a lot of complexity.--BACKGROUND—When a client moves between subnets, old lease could still be valid. Brings new requirement that keep multiple leases for same client. Another example is host reservations: in ISC DHCP these are global (as when designed there was no no mobility) and we have a reservation of one address per host. Now a reservation may cover multiple subnets if host is mobile. The old design was extended, but reservations are still a global list.--END BACKGROUND—Hardware has got faster and multiple cores/cpus are now common. Memory is not a limitation any more.In short, a number of the original assumptions are no longer valid.Mature product. Which means it’ old and has been extended many times – often without any accompanying internal documentation, a lot of which was lacking in the first place. . Which means that bits of it are, quite frankly, difficult to maintain and it is difficult to extend further. The senior developer on this product can get quite depressed if he has to work on certain parts of the code.Another issue is performance. Some of this is down to choice of data structures within the code. Lack of encapsulation means that changes here have lots of ramifications and prone to error.
5 Kea and BIND10 history ISC has been developing BIND10 since late 2009 01/09/1201/09/12Kea and BIND10 historyISC has been developing BIND10 since late 2009DHCP components started in mid-2011ISC stopped BIND10 development in April 2014=> Bundy (non-ISC,=> Kea (ISC,55
6 Kea :: Overview DHCPv4 Server DHCPv6 Server DNS Updates perfdhcp 01/09/1201/09/12Kea :: OverviewDHCPv4ServerDHCPv6ServerDNS Updatesperfdhcpgeneral purpose DHCP libraryIPv4/IPv6 packet parsing/assemblyIPv4/IPv6 options parsing/assemblyinterface detection (Linux, partial BSD/Mac OS)socket managementlibdhcp++Why a new version of DHCP?Same reasons as BIND 10:Code around for more than 10 years, world has changed- when first written, extension of BOOTP – now a separate protocolIPv6 is coming alongDHCP has evolved, specialised boxes, new ideasNew architecture for next 10 yearsWhy part of BIND 10?Same framework:multi process - modularityRun-time configuration/controlAdvantaged of combinging systems on same server66
7 Kea :: Current status DHCPv6 DDNS Server 01/09/1201/09/12Kea :: Current statusDHCPv4ServerDDNSDHCPv6ServerAddress assignment, renewal, releaseExpiration: expired lease can be reusedFlexible option definitionsStandard optionsCustom optionsNested optionsOption namespacesVendor options (including DOCSIS3.0)Prefix Delegation (DHCPv6)DNS Updates (conflict resolution, no TSIG yet)Dynamic reconfiguration (no restart needed)Why a new version of DHCP?Same reasons as BIND 10:Code around for more than 10 years, world has changed- when first written, extension of BOOTP – now a separate protocolIPv6 is coming alongDHCP has evolved, specialised boxes, new ideasNew architecture for next 10 yearsWhy part of BIND 10?Same framework:multi process - modularityRun-time configuration/controlAdvantaged of combinging systems on same server77
8 Kea :: Switchable lease database 01/09/1201/09/12Kea :: Switchable lease databaseScalable2M devicesDHCPv4/6serverMySQLMySQLCan use standard tools to read/updatePostgreSQLCan use standard tools to read/updatePerformance: ??? (haven’t measured yet)MemfileCustom developed in C++Flat file storage (CSV)Offers memory-only and memory+disk-writeVery high performance (in in-memory mode), high performance in memory+disk mode)Abstract LeaseMgrC++ class, add your favourite storagePgSQLMemfileC++AbstractLeaseMgrWhy a new version of DHCP?Same reasons as BIND 10:Code around for more than 10 years, world has changed- when first written, extension of BOOTP – now a separate protocolIPv6 is coming alongDHCP has evolved, specialised boxes, new ideasNew architecture for next 10 yearsWhy part of BIND 10?Same framework:multi process - modularityRun-time configuration/controlAdvantaged of combinging systems on same server88
9 Hooks :: Extending the Kea server User Library 1Custom library1User Library 2Custom library2F1()Step AStep BG1()DHCP packet processingStep CWith hooks, users can write code that is dynamically loaded into the server (V4 and V6 – DHCP-DDNS will likely include some hooks as well). At certain points in its processing (the hooks), the server will check whether any loaded library has attached a function to that hook. If it has, the function is called. Functions can inspect and modify the data. For example, one hook is placed at the point where an incoming packet has been received and all options parsed. A hook could inspect the client identification and consult with an external database to see if a lease should be handed to it: if so, it could attach or modify options: if not, it could instruct the server to drop the packet.As the slide suggests, multiple libraries can be loaded. If more than one library supplies a function for a hook, the system calls the functions from the libraries in the order that the libraries are loaded. It is possible to pass information from one library to another although, of course, that relies on the second library understanding information passed by the first.Step DF2()G2()Step E
10 Kea Roadmap (1) ftp://ftp.isc.org/isc/bind10/1.2.0/bind10-1.2.0.tar.gz Kea 0.8 (April 2014)Available now in BINDftp://ftp.isc.org/isc/bind10/1.2.0/bind tar.gzKea 0.9 (Summer 2014)Dropping BIND 10 framework*Configuration stored in JSON fileKeeping on-line reconfiguration (signals, better solution TBD)Complete FreeBSD (stretch)So where are we now:Kea 0.8 is now out with the final release of BIND 10. This is integrated with the BIND 10 framework. In particular, configuration is via a series of commands through the command program.Kea 0.9 is due out this summer as an independent product, without the BIND 10 superstructure. Configuration will be through a file, as is the case with ISC DHCP, although the syntax will be different.* Details TBD, tentative plan: retain capability to build stand-alone and pluggable into Bundy framework
11 Kea Roadmap (2)0.9Q3 20141.0Q2 20152.020153.02016BIND10 framework removalJSON configurationBSD (stretch)Host reservationClient classificationFull lease expirationFailover/HA solutionStatisticsMAC in DHCPv6ReconfigurationiPXEExternal API completionConfiguration migrationBasic GUIISC DHCP feature upliftISC DHCP EOL?Disclaimer 1: The team has not yet scoped beyond 1.0Disclaimer 2: Dates are tentative and subject to change.2014
12 Want to help? http://kea.isc.org Kea is fully open source 01/09/1201/09/12Want to help?Kea is fully open sourceCore repository is publicBug datatase publicMailing lists, jabber publicTest, report bugsContributeSubmit patches (read Contributor’s Guide first)We are looking for sponsors (money and developers)Development contractsReview design documents (e.g. requirements)Looking for contributions:Additional back endsApps via Hooks APIBasic GUI…1212