Henry Du Blog

Using KEA DHCP Webinar part 4 This blog is a study note of using KEA DHCP webinar 04. This webinar introduced backend database and DHCP HA. For DB part, I only took very basic notes. The details of backend database can be available form the slides. Database backend support for Kea Kea DHCP server can store information in a database, including lease info, host address and prefixes, host options, host names and host classification.

Basic iptables Introduction Kubernetes kube-proxy provides the important role to work with Service resource. kube-proxy will create and define iptables rules to manipulate the network traffic for the service resource. iptables is a Linux firewall. In this article, we will introduce very basic iptables concepts: tables, chains and targets. Tables are files are join similar actions. There are several build-in tables. Chains are the set of rules. Rules are statements about what to do with the network package.

KEA DHCP part 3 This is the study notes of Using the Kea DHCP Server -Session 3 of 6. The DHCP reservation part will be added later on. DHCP Lease allocation When DHCP lease request is received, after Kea server successfully granted a lease, the following log is generated. 2020-10-15T20:35:36.137822+00:00 onprem-dhcp-6c98f7f9d9-lxd5d kea-dhcp4: INFO [kea-dhcp4.leases] DHCP4_LEASE_ALLOC [hwtype=1 10:7d:b9:2f:0d:eb], cid=[no info], tid=0x1: lease 172.17.10.1 has been allocated This informational message indicates that the server successfully granted a lease in response to client’s DHCPREQUEST message.

DNSTap Basic Introduction DNSTap is a fast, flexible method for capturing and logging DNS traffic. Developed by Robert Edmonds at Farsight Security, Inc., and supported by multiple DNS implementations, dnstap uses libfstrm (a lightweight high-speed framing library, see https://github.com/farsightsec/fstrm) to send event payloads which are encoded using Protocol Buffers (libprotobuf-c, a mechanism for serializing structured data developed by Google, Inc.; see https://developers.google.com/protocol-buffers). Enable DNSTap for BIND To enable dnstap at BIND compile time, the fstrm and protobuf-c libraries must be available, and BIND must be configured with –enable-dnstap.

KEA DHCP Part 2 This is the study notes from KEA DHCP Webinar Part 2. Some of contents are from ISC KEA document listed in Reference section. KEA DHCP KEA is modern DHCPv4 and DHCPv6 server. It is under open source MPL License. It provides JSON/REST API and modular design. It also provides high performance, which is able to have 1000 leases/seconds. KEA supports for DHCPv6 prefix delegation, dynamic reconfiguration, dynamic DNS updates, SQL database backend and PXE Boot support.