mirror of
https://gitlab.isc.org/isc-projects/kea
synced 2025-08-30 21:45:37 +00:00
[#1695] added support for RAI relay suboption 11 (RAI_OPTION_SERVER_ID_OVERRIDE)
This commit is contained in:
Razvan Becheriu
@@ -2035,6 +2035,8 @@ to be configured with those options.
|
|||||||
+--------------------+------+----------------------------------------------------------------------+
|
+--------------------+------+----------------------------------------------------------------------+
|
||||||
| subscriber-id | 6 | Can be used with flex-id to identify hosts. |
|
| subscriber-id | 6 | Can be used with flex-id to identify hosts. |
|
||||||
+--------------------+------+----------------------------------------------------------------------+
|
+--------------------+------+----------------------------------------------------------------------+
|
||||||
|
| server-id-override | 11 | If sent by the relay, Kea accepts it as the `server-id`. |
|
||||||
|
+--------------------+------+----------------------------------------------------------------------+
|
||||||
| relay-source-port | 19 | If sent by the relay, Kea sends back its responses to this port. |
|
| relay-source-port | 19 | If sent by the relay, Kea sends back its responses to this port. |
|
||||||
+--------------------+------+----------------------------------------------------------------------+
|
+--------------------+------+----------------------------------------------------------------------+
|
||||||
|
|
||||||
@@ -6699,28 +6701,27 @@ Supported DHCP Standards
|
|||||||
|
|
||||||
The following standards are currently supported in Kea:
|
The following standards are currently supported in Kea:
|
||||||
|
|
||||||
- *BOOTP Vendor Information Extensions*, `RFC
|
- *BOOTP Vendor Information Extensions*, `RFC 1497
|
||||||
1497 <https://tools.ietf.org/html/rfc1497>`__: This requires the open
|
<https://tools.ietf.org/html/rfc1497>`__: This requires the open source
|
||||||
source BOOTP hook to be loaded. See :ref:`hooks-bootp` for details.
|
BOOTP hook to be loaded. See :ref:`hooks-bootp` for details.
|
||||||
|
|
||||||
- *Dynamic Host Configuration Protocol*, `RFC
|
- *Dynamic Host Configuration Protocol*, `RFC 2131
|
||||||
2131 <https://tools.ietf.org/html/rfc2131>`__: Supported messages are
|
<https://tools.ietf.org/html/rfc2131>`__: Supported messages are
|
||||||
DHCPDISCOVER (1), DHCPOFFER (2), DHCPREQUEST (3), DHCPRELEASE (7),
|
DHCPDISCOVER (1), DHCPOFFER (2), DHCPREQUEST (3), DHCPRELEASE (7),
|
||||||
DHCPINFORM (8), DHCPACK (5), and DHCPNAK(6).
|
DHCPINFORM (8), DHCPACK (5), and DHCPNAK(6).
|
||||||
|
|
||||||
- *DHCP Options and BOOTP Vendor Extensions*, `RFC
|
- *DHCP Options and BOOTP Vendor Extensions*, `RFC 2132
|
||||||
2132 <https://tools.ietf.org/html/rfc2132>`__: Supported options are
|
<https://tools.ietf.org/html/rfc2132>`__: Supported options are PAD (0),
|
||||||
PAD (0), END(255), Message Type(53), DHCP Server Identifier (54),
|
END(255), Message Type(53), DHCP Server Identifier (54), Domain Name (15),
|
||||||
Domain Name (15), DNS Servers (6), IP Address Lease Time (51), Subnet
|
DNS Servers (6), IP Address Lease Time (51), Subnet Mask (1), and Routers (3).
|
||||||
Mask (1), and Routers (3).
|
|
||||||
|
|
||||||
- *The IPv4 Subnet Selection Option for DHCP*, `RFC
|
- *The IPv4 Subnet Selection Option for DHCP*, `RFC 3011
|
||||||
3011 <https://tools.ietf.org/html/rfc3011>`__: The subnet-selection option
|
<https://tools.ietf.org/html/rfc3011>`__: The subnet-selection option is
|
||||||
is supported; if received in a packet, it is used in the subnet-selection
|
supported; if received in a packet, it is used in the subnet-selection
|
||||||
process.
|
process.
|
||||||
|
|
||||||
- *DHCP Relay Agent Information Option*, `RFC
|
- *DHCP Relay Agent Information Option*, `RFC 3046
|
||||||
3046 <https://tools.ietf.org/html/rfc3046>`__: Relay Agent Information,
|
<https://tools.ietf.org/html/rfc3046>`__: Relay Agent Information,
|
||||||
Circuit ID, and Remote ID options are supported.
|
Circuit ID, and Remote ID options are supported.
|
||||||
|
|
||||||
- *Link Selection sub-option for the Relay Agent Option*, `RFC 3527
|
- *Link Selection sub-option for the Relay Agent Option*, `RFC 3527
|
||||||
@@ -6728,45 +6729,47 @@ The following standards are currently supported in Kea:
|
|||||||
is supported.
|
is supported.
|
||||||
|
|
||||||
- *Vendor-Identifying Vendor Options for Dynamic Host Configuration
|
- *Vendor-Identifying Vendor Options for Dynamic Host Configuration
|
||||||
Protocol version 4*, `RFC
|
Protocol version 4*, `RFC 3925
|
||||||
3925 <https://tools.ietf.org/html/rfc3925>`__: The Vendor-Identifying
|
<https://tools.ietf.org/html/rfc3925>`__: The Vendor-Identifying Vendor Class
|
||||||
Vendor Class and Vendor-Identifying Vendor-Specific Information
|
and Vendor-Identifying Vendor-Specific Information options are supported.
|
||||||
options are supported.
|
|
||||||
|
|
||||||
- *Subscriber-ID Suboption for the DHCP Relay Agent Option*, `RFC
|
- *Subscriber-ID Suboption for the DHCP Relay Agent Option*, `RFC 3993
|
||||||
3993 <https://tools.ietf.org/html/rfc3993>`__: The Subscriber-ID
|
<https://tools.ietf.org/html/rfc3993>`__: The Subscriber-ID option is
|
||||||
option is supported.
|
supported.
|
||||||
|
|
||||||
- *The Dynamic Host Configuration Protocol (DHCP) Client Fully
|
- *The Dynamic Host Configuration Protocol (DHCP) Client Fully
|
||||||
Qualified Domain Name (FQDN) Option*, `RFC 4702
|
Qualified Domain Name (FQDN) Option*, `RFC 4702
|
||||||
<https://tools.ietf.org/html/rfc4702>`__: The Kea server is able to
|
<https://tools.ietf.org/html/rfc4702>`__: The Kea server is able to handle
|
||||||
handle the Client FQDN option. Also, it is able to use the
|
the Client FQDN option. Also, it is able to use the ``kea-dhcp-ddns``
|
||||||
``kea-dhcp-ddns`` component to initiate appropriate DNS Update
|
component to initiate appropriate DNS Update operations.
|
||||||
operations.
|
|
||||||
|
|
||||||
- *Resolution of Fully Qualified Domain Name (FQDN) Conflicts among Dynamic Host
|
- *Resolution of Fully Qualified Domain Name (FQDN) Conflicts among Dynamic
|
||||||
Configuration Protocol (DHCP) Clients*, `RFC 4703
|
Host Configuration Protocol (DHCP) Clients*, `RFC 4703
|
||||||
<https://tools.ietf.org/html/rfc4703>`__: The DHCPv6 server uses a DHCP-DDNS
|
<https://tools.ietf.org/html/rfc4703>`__: The DHCPv6 server uses a DHCP-DDNS
|
||||||
server to resolve conflicts.
|
server to resolve conflicts.
|
||||||
|
|
||||||
- *Client Identifier Option in DHCP Server Replies*, `RFC
|
- *Client Identifier Option in DHCP Server Replies*, `RFC 6842
|
||||||
6842 <https://tools.ietf.org/html/rfc6842>`__: The server by default sends
|
<https://tools.ietf.org/html/rfc6842>`__: The server by default sends back
|
||||||
back the ``client-id`` option. That capability can be disabled. See :ref:`dhcp4-echo-client-id` for details.
|
the ``client-id`` option. That capability can be disabled. See
|
||||||
|
:ref:`dhcp4-echo-client-id` for details.
|
||||||
|
|
||||||
- *Generalized UDP Source Port for DHCP Relay*, `RFC 8357
|
- *Generalized UDP Source Port for the DHCP Relay Agent Option*, `RFC 8357
|
||||||
<https://tools.ietf.org/html/rfc8357>`__: The Kea server
|
<https://tools.ietf.org/html/rfc8357>`__: The Kea server handles the Relay
|
||||||
handles the Relay Agent Information Source Port sub-option in a received
|
Agent Information Source Port sub-option in a received message, remembers the
|
||||||
message, remembers the UDP port, and sends back a reply to the same relay
|
UDP port, and sends back a reply to the same relay agent using this UDP port.
|
||||||
agent using this UDP port.
|
|
||||||
|
|
||||||
- *Captive-Portal Identification in DHCP and Router Advertisements (RAs)*, `RFC 8910
|
- *Captive-Portal Identification in DHCP and Router Advertisements (RAs)*, `RFC
|
||||||
<https://tools.ietf.org/html/rfc8910>`__: The Kea server can configure both v4
|
8910 <https://tools.ietf.org/html/rfc8910>`__: The Kea server can configure
|
||||||
and v6 versions of the captive portal options.
|
both v4 and v6 versions of the captive portal options.
|
||||||
|
|
||||||
- *IPv6-Only Preferred Option for DHCPv4*, `RFC 8925
|
- *IPv6-Only Preferred Option for DHCPv4*, `RFC 8925
|
||||||
<https://tools.ietf.org/html/rfc8925>`__: The Kea
|
<https://tools.ietf.org/html/rfc8925>`__: The Kea server is able to designate
|
||||||
server is able to designate its pools and subnets as IPv6-Only Preferred and send
|
its pools and subnets as IPv6-Only Preferred and send back the
|
||||||
back the ``v6-only-preferred`` option to clients that requested it.
|
``v6-only-preferred`` option to clients that requested it.
|
||||||
|
|
||||||
|
- *Server Identifier Override sub-option for the Relay Agent Option*, `RFC 5107
|
||||||
|
<https://tools.ietf.org/html/rfc5107>`__: The server identifier override
|
||||||
|
sub-option is supported.
|
||||||
|
|
||||||
Known RFC Violations
|
Known RFC Violations
|
||||||
--------------------
|
--------------------
|
||||||
|
|||||||
@@ -3695,6 +3695,14 @@ Dhcpv4Srv::acceptServerId(const Pkt4Ptr& query) const {
|
|||||||
return (false);
|
return (false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OptionPtr rai_option = query->getOption(DHO_DHCP_AGENT_OPTIONS);
|
||||||
|
if (rai_option) {
|
||||||
|
OptionPtr rai_suboption = rai_option->getOption(RAI_OPTION_SERVER_ID_OVERRIDE);
|
||||||
|
if (rai_suboption && (server_id.toBytes() == rai_suboption->toBinary())) {
|
||||||
|
return (true);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// This function iterates over all interfaces on which the
|
// This function iterates over all interfaces on which the
|
||||||
// server is listening to find the one which has a socket bound
|
// server is listening to find the one which has a socket bound
|
||||||
// to the address carried in the server identifier option.
|
// to the address carried in the server identifier option.
|
||||||
|
|||||||
@@ -2448,7 +2448,7 @@ TEST_F(Dhcpv4SrvTest, acceptServerId) {
|
|||||||
// used by the server. The accepted server ids are the IPv4 addresses
|
// used by the server. The accepted server ids are the IPv4 addresses
|
||||||
// configured on the interfaces. The 10.1.2.3 is not configured on
|
// configured on the interfaces. The 10.1.2.3 is not configured on
|
||||||
// any interfaces.
|
// any interfaces.
|
||||||
OptionCustomPtr other_serverid(new OptionCustom(def, Option::V6));
|
OptionCustomPtr other_serverid(new OptionCustom(def, Option::V4));
|
||||||
other_serverid->writeAddress(IOAddress("10.1.2.3"));
|
other_serverid->writeAddress(IOAddress("10.1.2.3"));
|
||||||
pkt->addOption(other_serverid);
|
pkt->addOption(other_serverid);
|
||||||
EXPECT_FALSE(srv.acceptServerId(pkt));
|
EXPECT_FALSE(srv.acceptServerId(pkt));
|
||||||
@@ -2458,7 +2458,7 @@ TEST_F(Dhcpv4SrvTest, acceptServerId) {
|
|||||||
|
|
||||||
// Add a server id being an IPv4 address configured on eth1 interface.
|
// Add a server id being an IPv4 address configured on eth1 interface.
|
||||||
// A DHCPv4 message holding this server identifier should be accepted.
|
// A DHCPv4 message holding this server identifier should be accepted.
|
||||||
OptionCustomPtr eth1_serverid(new OptionCustom(def, Option::V6));
|
OptionCustomPtr eth1_serverid(new OptionCustom(def, Option::V4));
|
||||||
eth1_serverid->writeAddress(IOAddress("192.0.2.3"));
|
eth1_serverid->writeAddress(IOAddress("192.0.2.3"));
|
||||||
ASSERT_NO_THROW(pkt->addOption(eth1_serverid));
|
ASSERT_NO_THROW(pkt->addOption(eth1_serverid));
|
||||||
EXPECT_TRUE(srv.acceptServerId(pkt));
|
EXPECT_TRUE(srv.acceptServerId(pkt));
|
||||||
@@ -2468,7 +2468,7 @@ TEST_F(Dhcpv4SrvTest, acceptServerId) {
|
|||||||
|
|
||||||
// Add a server id being an IPv4 address configured on eth0 interface.
|
// Add a server id being an IPv4 address configured on eth0 interface.
|
||||||
// A DHCPv4 message holding this server identifier should be accepted.
|
// A DHCPv4 message holding this server identifier should be accepted.
|
||||||
OptionCustomPtr eth0_serverid(new OptionCustom(def, Option::V6));
|
OptionCustomPtr eth0_serverid(new OptionCustom(def, Option::V4));
|
||||||
eth0_serverid->writeAddress(IOAddress("10.0.0.1"));
|
eth0_serverid->writeAddress(IOAddress("10.0.0.1"));
|
||||||
ASSERT_NO_THROW(pkt->addOption(eth0_serverid));
|
ASSERT_NO_THROW(pkt->addOption(eth0_serverid));
|
||||||
EXPECT_TRUE(srv.acceptServerId(pkt));
|
EXPECT_TRUE(srv.acceptServerId(pkt));
|
||||||
@@ -2478,7 +2478,7 @@ TEST_F(Dhcpv4SrvTest, acceptServerId) {
|
|||||||
|
|
||||||
// Add a server id being an IPv4 address configured on subnet3.
|
// Add a server id being an IPv4 address configured on subnet3.
|
||||||
// A DHCPv4 message holding this server identifier should be accepted.
|
// A DHCPv4 message holding this server identifier should be accepted.
|
||||||
OptionCustomPtr subnet_serverid(new OptionCustom(def, Option::V6));
|
OptionCustomPtr subnet_serverid(new OptionCustom(def, Option::V4));
|
||||||
subnet_serverid->writeAddress(IOAddress("192.0.3.254"));
|
subnet_serverid->writeAddress(IOAddress("192.0.3.254"));
|
||||||
ASSERT_NO_THROW(pkt->addOption(subnet_serverid));
|
ASSERT_NO_THROW(pkt->addOption(subnet_serverid));
|
||||||
EXPECT_TRUE(srv.acceptServerId(pkt));
|
EXPECT_TRUE(srv.acceptServerId(pkt));
|
||||||
@@ -2488,7 +2488,7 @@ TEST_F(Dhcpv4SrvTest, acceptServerId) {
|
|||||||
|
|
||||||
// Add a server id being an IPv4 address configured on shared network1.
|
// Add a server id being an IPv4 address configured on shared network1.
|
||||||
// A DHCPv4 message holding this server identifier should be accepted.
|
// A DHCPv4 message holding this server identifier should be accepted.
|
||||||
OptionCustomPtr network_serverid(new OptionCustom(def, Option::V6));
|
OptionCustomPtr network_serverid(new OptionCustom(def, Option::V4));
|
||||||
network_serverid->writeAddress(IOAddress("192.0.4.254"));
|
network_serverid->writeAddress(IOAddress("192.0.4.254"));
|
||||||
ASSERT_NO_THROW(pkt->addOption(network_serverid));
|
ASSERT_NO_THROW(pkt->addOption(network_serverid));
|
||||||
EXPECT_TRUE(srv.acceptServerId(pkt));
|
EXPECT_TRUE(srv.acceptServerId(pkt));
|
||||||
@@ -2499,7 +2499,7 @@ TEST_F(Dhcpv4SrvTest, acceptServerId) {
|
|||||||
// Add a server id being an IPv4 address configured on client class.
|
// Add a server id being an IPv4 address configured on client class.
|
||||||
// A DHCPv4 message holding this server identifier should be accepted.
|
// A DHCPv4 message holding this server identifier should be accepted.
|
||||||
Pkt4Ptr pkt_with_classes(new Pkt4(DHCPREQUEST, 1234));
|
Pkt4Ptr pkt_with_classes(new Pkt4(DHCPREQUEST, 1234));
|
||||||
OptionCustomPtr class_serverid(new OptionCustom(def, Option::V6));
|
OptionCustomPtr class_serverid(new OptionCustom(def, Option::V4));
|
||||||
class_serverid->writeAddress(IOAddress("192.0.5.254"));
|
class_serverid->writeAddress(IOAddress("192.0.5.254"));
|
||||||
ASSERT_NO_THROW(pkt_with_classes->addOption(class_serverid));
|
ASSERT_NO_THROW(pkt_with_classes->addOption(class_serverid));
|
||||||
pkt_with_classes->addClass("foo");
|
pkt_with_classes->addClass("foo");
|
||||||
@@ -2512,7 +2512,7 @@ TEST_F(Dhcpv4SrvTest, acceptServerId) {
|
|||||||
// The configured class does not define the server id option.
|
// The configured class does not define the server id option.
|
||||||
// A DHCPv4 message holding this server identifier should be accepted.
|
// A DHCPv4 message holding this server identifier should be accepted.
|
||||||
Pkt4Ptr pkt_with_classes_option_not_defined(new Pkt4(DHCPREQUEST, 1234));
|
Pkt4Ptr pkt_with_classes_option_not_defined(new Pkt4(DHCPREQUEST, 1234));
|
||||||
OptionCustomPtr global_serverid(new OptionCustom(def, Option::V6));
|
OptionCustomPtr global_serverid(new OptionCustom(def, Option::V4));
|
||||||
global_serverid->writeAddress(IOAddress("10.0.0.254"));
|
global_serverid->writeAddress(IOAddress("10.0.0.254"));
|
||||||
ASSERT_NO_THROW(pkt_with_classes_option_not_defined->addOption(global_serverid));
|
ASSERT_NO_THROW(pkt_with_classes_option_not_defined->addOption(global_serverid));
|
||||||
pkt_with_classes_option_not_defined->addClass("bar");
|
pkt_with_classes_option_not_defined->addClass("bar");
|
||||||
@@ -2539,6 +2539,32 @@ TEST_F(Dhcpv4SrvTest, acceptServerId) {
|
|||||||
|
|
||||||
// Remove the server identifier.
|
// Remove the server identifier.
|
||||||
ASSERT_NO_THROW(pkt->delOption(DHO_DHCP_SERVER_IDENTIFIER));
|
ASSERT_NO_THROW(pkt->delOption(DHO_DHCP_SERVER_IDENTIFIER));
|
||||||
|
|
||||||
|
OptionDefinitionPtr rai_def = LibDHCP::getOptionDef(DHCP4_OPTION_SPACE,
|
||||||
|
DHO_DHCP_AGENT_OPTIONS);
|
||||||
|
|
||||||
|
OptionBuffer override_server_id_buf(IOAddress("10.0.0.128").toBytes());
|
||||||
|
|
||||||
|
// Create RAI option.
|
||||||
|
OptionCustomPtr rai(new OptionCustom(*rai_def, Option::V4));
|
||||||
|
OptionPtr rai_override_server_id(new Option(Option::V4,
|
||||||
|
RAI_OPTION_SERVER_ID_OVERRIDE,
|
||||||
|
override_server_id_buf));
|
||||||
|
rai->addOption(rai_override_server_id);
|
||||||
|
|
||||||
|
// Add a server id being an IPv4 address matching RAI sub-option 11
|
||||||
|
// (RAI_OPTION_SERVER_ID_OVERRIDE).
|
||||||
|
// A DHCPv4 message holding this server identifier should be accepted.
|
||||||
|
Pkt4Ptr pkt_with_override_server_id(new Pkt4(DHCPREQUEST, 1234));
|
||||||
|
OptionCustomPtr override_serverid(new OptionCustom(def, Option::V4));
|
||||||
|
override_serverid->writeAddress(IOAddress("10.0.0.128"));
|
||||||
|
|
||||||
|
ASSERT_NO_THROW(pkt_with_override_server_id->addOption(override_serverid));
|
||||||
|
ASSERT_NO_THROW(pkt_with_override_server_id->addOption(rai));
|
||||||
|
EXPECT_TRUE(srv.acceptServerId(pkt_with_override_server_id));
|
||||||
|
|
||||||
|
// Remove the server identifier.
|
||||||
|
ASSERT_NO_THROW(pkt_with_override_server_id->delOption(DHO_DHCP_SERVER_IDENTIFIER));
|
||||||
}
|
}
|
||||||
|
|
||||||
// @todo: Implement tests for rejecting renewals
|
// @todo: Implement tests for rejecting renewals
|
||||||
|
|||||||
Reference in New Issue
Block a user