Commit d50c2810 authored by Baptiste Jonglez's avatar Baptiste Jonglez
Browse files

Add IPv6 prefix delegation example

parent 85c3fa52
......@@ -56,6 +56,18 @@ it may be easier to just write a Kea hook yourself.
If you have more examples of usage, feel free to contribute your Kea
config and your scripts!
### Managing routes for IPv6 delegated prefixes
When delegating IPv6 prefixes with DHCPv6-PD, it is necessary to add the corresponding routes
in the kernel.
This example script adds/removes static IPv6 routes whenever Kea delegates an IPv6 prefix
through DHCPv6-PD or when the lease expires.
See the included [README](examples/ipv6_prefix_delegation/ for more
explanations and the [source](examples/ipv6_prefix_delegation) with the script and
an example Kea configuration.
### Handing out IPv4 addresses in /32 subnets
This example allows to lease IPv4 addresses individually (/32 subnets), by
# Route management for IPv6 delegated prefixes
The goal here is to add/remove static IPv6 routes in the kernel whenever Kea delegates
an IPv6 prefix through DHCPv6-PD.
This is achieved by running []( with kea-hook-runscript.
The routes added by the script can then be picked up by a routing daemon
(e.g. [Bird]( and propagated in a IGP like OSPF.
**Note:** the script also inserts routes for `IA_NA` addresses, because it is necessary
in our setup. If you only need routes for delegated prefixes, adapt the script accordingly.
## Limitations
There is a potential issue when the IPv6 prefix reserved to a client is changed (e.g. if it is
modified in the Postgresql data source). In that case, `lease6_release` / `lease6_expire` is
never called with the old prefix, so the corresponding route is never removed from the kernel.
It is not clear whether it is a bug in Kea or if it is related to the specific setup of the author.
In any case, this is something to watch out for.
# This script adds and removes IPv6 routes in the Linux kernel whenever a DHCP client
# gets a lease or a lease expires.
# Protocol to use in "ip -6 route"
if [ "$KEA_LEASE6_TYPE" = "IA_NA" ]; then
# Add interface route towards client
ip -6 route replace "${KEA_LEASE6_ADDRESS}"/64 dev "${KEA_QUERY6_INTERFACE}" proto "${PROTO}"
if [ "$KEA_LEASE6_TYPE" = "IA_PD" ]; then
# Add route for delegated prefix (next hop is the client)
ip -6 route replace "${KEA_LEASE6_DELEGATED_PREFIX}" via "${KEA_QUERY6_REMOTE_ADDRESS}" dev "${KEA_QUERY6_INTERFACE}" proto "${PROTO}"
if [ "$KEA_LEASE6_TYPE" = "IA_NA" ]; then
ip -6 route delete "${KEA_LEASE6_ADDRESS}"/64 proto "${PROTO}"
if [ "$KEA_LEASE6_TYPE" = "IA_PD" ]; then
ip -6 route delete "${KEA_LEASE6_DELEGATED_PREFIX}" proto "${PROTO}"
case "$1" in
# Only add route if FAKE_ALLOCATION is set to 0
[ "${KEA_FAKE_ALLOCATION}" = "0" ] || break
"interfaces-config": {
"interfaces": [ "eth0" ]
"hooks-libraries": [
"library": "/path/to/kea-hook-runscript/",
"parameters": {
"script": "/etc/kea/"
"lease-database": {
"type": "memfile"
/* Only use client MAC address, not Client ID */
"match-client-id": false,
"renew-timer": 1100,
"rebind-timer": 1150,
"preferred-lifetime": 1200,
"valid-lifetime": 1400,
/* Only use mac address to identify clients */
"host-reservation-identifiers": ["hw-address"],
"subnet6": [
/* Add your IPv6 subnet declaration here */
"loggers": [
"name": "kea-dhcp6",
"output_options": [
"output": "stdout"
#"output": "/var/log/kea-dhcp6.log"
"severity": "DEBUG",
"debuglevel": 0
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment