NANOG 87 - DNS Fundamentals
ISC’s Eddy Winstead will be giving a one-day DNS Fundamentals course at the upcoming NANOG meeting in Atlanta.Read
Modern, open source DHCPv4 & DHCPv6 server
ISC distributes TWO full-featured, open source, standards-based DHCP server distributions: Kea DHCP and ISC DHCP. Kea includes all the most-requested features, is far newer, and is designed for a more modern network environment. ISC announced the End of Life for the older ISC DHCP system in 2022. Users of ISC DHCP may find these resources helpful in migrating their DHCP server deployments to the Kea server.
Modular Component Design, Extensible with Hooks Modules. The Kea distribution includes separate daemons for a DHCPv4 server, a DHCPv6 server, and a dynamic DNS (DDNS) module. Many optional features are enabled with dynamically-loaded “Hooks Modules,” which you need run only if you are using them. You can write your own hooks modules (in C++) or try some of the hooks we offer.
On-line Re-configuration with REST API.
Kea uses a JSON configuration file that can be modified remotely via
set commands and reloaded without stopping and restarting the server, an operation that could take quite a while with ISC DHCP.
Designed to Integrate with Your Existing Systems. Kea allows you to separate the data from the execution environment, enabling new deployment options. Your network data - leases, host reservation definitions, and most configuration data - can be located separately from the DHCP server itself, using a Kea “backend.”
Web-based graphical dashboard. Kea now has a graphical dashboard for monitoring multiple Kea servers. This system, called Stork, uses agents deployed on the Kea servers to relay information to a centralized management platform, providing the administrator with an easy-to-use quick view of system status and activity.
Kea supports two database backends; MySQL and PostgreSQL. Choose to store leases, host reservations, or shared configuration data in a separate database backend. Benefits of this include:
The core Kea daemons are open source, shared under MPL2.0 licensing. Kea is developed in the open on ISC’s GitLab; we welcome you to open issues and submit patches there. Kea runs on most Linux and Unix platforms, as well as MacOS. If you don’t want to build from our source distribution, we also provide a repository of pre-built packages for most popular operating systems. ISC also offers some premium Kea extensions that are not open source.
Contact ISC for Support
Your major design decisions are whether to deploy in pairs for High Availability and use the default csv file for host and lease data, or to install a separate database for a Kea data “backend.” Some of these decisions can limit your performance. See our Knowledgebase for advice on designing for optimal performance.
Instructions are available for building and installing Kea from the source packages downloadable below. ISC provides pre-built packages for RHEL, Fedora, Ubuntu, and Debian. If you are using any Kea hook libraries, you will also need to install and configure those.
The Kea Administrator Reference Manual (ARM) is the primary reference for Kea configuration. The extensive set of example configuration filesin the project repo and our knowledgebase may help you get started. If you are migrating from an existing ISC DHCP deployment, try the Kea Migration Assistant (a special feature of the ISC DHCP distribution). This will enable you to save your current ISC DHCP server configuration as a Kea configuration file. It will still need some manual adjustment, but this tool should translate the bulk of your configuration.
Most users will benefit from joining the kea-users mailing list. Consider joining our Kea project GitLab to log issues, see what we’re working on, submit patches, and participate in development. You might want to read about our Premium and Subscriber-only Kea libraries, which extend Kea’s management interface. Consider deploying Stork for a graphical management dashboard. If your DHCP is critical to your business, we recommend you subscribe for technical support from ISC.
Stork aggregates data about the health of the system hosting Kea, as well as the status and activity level of Kea itself. Parameters reported include memory, CPU utilization, software versions, and uptime.
Stork displays configured pools, with # of addresses provisioned and assigned and even tracks pool utilization across shared networks. Graphical elements highlight areas of high utilization to alert the operator to take actionHigh Availability pairs are monitored and their configured role and status are shown, making it easy to see which servers don’t have a backup established, and when a failover event has occurred.
Add, update and view DHCPv4 and DHCPv6 host reservations, using a graphical interface to select a host identifier, assign a hostname, reserve an IP address, associate a client class, and configure boot file information and DHCP options.
The Kea distribution includes separate daemons for a DHCPv4 server, a DHCPv6 server, and a dynamic DNS (DDNS) module. Bundled with Kea are a portable DHCP library (libdhcp++), a control agent that provides the REST management interface for Kea, a NETCONF agent that provides a YANG/NETCONF interface, a DHCP benchmarking tool, perfdhcp, and three dynamically loadable hook libraries.
Select direct address assignment (DHCPv4 and DHCPv6) or DHCPv6 prefix delegation, with both dynamic IP addressing and static host reservations. Select an address from a pool within a subnet, or from multiple subnets in a shared network.
Classify devices according to vendor class options, expressions, static host reservations, subnets, or shared networks to control access to address pools.
The Flexible Options library allows you to construct custom option values, such as boot file names.
Maintain DNS names automatically using the separate Dynamic DNS module.
Kea hooks allow administrators to control the assignment of options and even addresses from their own provisioning system. Hooks allow developers to edit information such as the lease parameters (time to renew), the subnet, the address, or options to be delivered.
This open source hook library allows you to launch an external application or script at various points in the DHCP processing.
Add and change subnets and pools without restarting the server.
Kea high-availability mode provides resilience for either DHCPv4 or DHCPv6, using either a 50/50 load-balancing or active/standby configuration. This feature is implemented with the HA hook library, part of the open source.
Leases may be written to a local memfile (default, and the highest-performance option) or to a MySQL or PostgreSQL database. The Lease Commands library provides an API for managing lease records.
The Stork dashboard is a web-based system that displays critical information about service availability, CPU and memory capacity, pool utilization, failover status and DHCP traffic statistics. Stork integrates with the popular Prometheus time-series data store and Grafana visualization system. Stork is available as open source from ISC’s GitLab repository, or in a ready-to-install package from Cloudsmith.io.
Kea supports the IETF DHCPv4 and DHCPv6 standards and should interoperate seamlessly with other standards-compliant DHCP implementations.
Our Kea Administrator Reference Manual, Kea Developer’s Guide, and Knowledgebase provide complete information for both developers and administrators.
ISC Support Subscribers receive all our Premium Kea hook libraries, PLUS several additional libraries that will be most useful in larger deployments. This is in addition to expert technical support from the Kea team, at the SLA level you require. ISC Support is offered as an annual subscription.
The Class Commands library exposes REST commands to list, get details of, add, modify, and delete client classes in Kea.
Most Kea configuration data can be stored in a separate MySQL or PostgreSQL configuration backend. Store options, pools, and subnets centrally and tag them based on which servers should “subscribe” for those configuration elements.
The GSS-TSIG library is used to authenticate DDNS updates. This method is typically required for updating an Active Directory. This library is supported with Kea 2.2 and later.
The Limits library can rate-limit packet processing, to protect the server against over-active clients, and will also support controlling the number of leases per client. This library is supported with Kea 2.2 and later.
The Leasequery library allows you to retrieve a single lease, identified by IP address, hardware address or client identifier. Bulk leasequery is supported with Kea 2.3.5 and later versions.
The RADIUS Server Support library, coupled with the Host Cache library, allows Kea to delegate decisions about whether to permit access, and what IP address to assign, to your existing RADIUS server.
The Subnet Commands library allows you to add, remove, and modify subnets via the API, without resending the entire Kea configuration.
The Enterprise features are reserved for customers with Silver or Gold support from ISC. This new tier includes the Role-based Access Control feature. Contact our friendly sales team to buy a support plan that includes this commercially-licensed library.
The RBAC library, supported with Kea 2.2 and later, allows the administrator to control authenticated user access to read and write Kea configuration data.
|VERSION||STATUS||DOCUMENTATION||RELEASE DATE||EOL DATE||DOWNLOAD|
|2.3.8||Experimental-Development|| Kea ARM (
Kea Messages ( HTML PDF )
Release Notes ( TXT )
|2.2.0||Current-Stable|| Kea ARM (
Kea Messages ( HTML PDF )
Release Notes ( TXT )
|2.0.3||Current-Stable|| Kea ARM (
Kea Messages ( HTML PDF )
Release Notes ( TXT )
|July 2020||July 2023|
Join the kea-users mailing list to offer help to or receive advice from other users.Join Now
Before submitting a bug report please ensure that you are running a current version. Then log your report as an issue in our Kea GitLab project.Report
Our design documents and plans help you understand Kea internals.Browse
Premium libraries add the Host Reservation API, Flexible Host Identifier, & Forensic Logging.Buy