# Kea 2.3.4, January 25 2023, Release Notes

Welcome to Kea 2.3.4, the fifth monthly release of the 2.3 development 
series. As with any other development release, use this with caution: 
development releases are not recommended for production use.

Kea is a DHCP implementation developed by Internet Systems Consortium 
(ISC) that features DHCPv4 and DHCPv6 servers with DNS updating and a 
REST API; optional database support (MySQL and PostgreSQL); optional 
RADIUS, Kerberos, and YANG/NETCONF support; and much more. Kea provides 
extensive management capabilities, including but not limited to: TLS 
support, run-time configuration monitoring and updates via a REST API, 
host reservations, client classification, and more.

The text below references issue numbers. For more details, visit the Kea 
GitLab page at https://gitlab.isc.org/isc-projects/kea/issues.

The following features and bug fixes have been implemented since the 
previous release, version 2.3.3:

1. **Random Allocation Strategy**: Since its inception in 2011, Kea has 
been using an iterative allocation strategy, which means it was 
iterating through the address space and allocating available addresses 
sequentially. This is a simple, fast, and easy-to-understand allocation 
strategy that works for most use cases. However, we have now introduced 
a new random allocator, not to replace the iterative allocator, but to 
provide an alternative. The choice of an allocation strategy is now a 
configuration decision depending on the deployment requirements [#969, 
#1313, #2316].

2. **Bulk Leasequery**: The subscriber-only Leasequery hook has been 
extended to support Bulk Leasequery (BLQ) for DHCPv6. BLQ allows 
rebooting routers and switches to reacquire their lost state by querying 
the DHCP server. BLQ differs from the typical DHCP protocol in several 
fundamental ways: first, it uses TCP, and therefore is 
connection-oriented; second, it does not follow the "one query, one 
response" paradigm. The "bulk" in BLQ means that devices can send a 
single query and receive many (possibly millions) of answers. We did 
extensive internal testing and the feature appears to be stable, but 
please do use it with caution. We are eager to get feedback on this 
topic, especially with regards to interoperability with other vendors. 
BLQ is currently available for memfile + DHCPv6 only [#2713, #2634, 
#2691, #2687, #2689, #2680, #2685, #2662, #2679, #2681, #2684, #979, 
#2674, #2675, #2678, #2673, #2663, #2668, #2665, #2645, #2655, #2647, 
#2639, #2644].
 
3. **Multiple vivso suboptions for DHCPv4**: The Kea DHCPv4 server can 
now handle multiple vendor options with different enterprise IDs and 
multiple vivso suboptions. The vendor options handling has been updated 
[#1518, #2694].

4. **PD hints**: Kea now understands when a DHCPv6 client prefers a 
prefix of a certain length. If Kea is configured to hand out /64, /60, 
and /56 prefixes and the client requests /56, it will get it. 
Previously, Kea ignored the hint and assigned prefixes in the order the 
pools appeared in the config file [#1958]. The `prefix-len` and 
`pd-pools` list now checks the prefix lengths correctly [#2612].

5. **Deprecating libreload**: The API `libreload` command is now 
deprecated. The command was implemented a long time ago, in Kea 1.2.0, 
when the hooks framework was still being implemented and there were no 
hooks. The original idea - to reload just the hooks and not the whole 
server configuration - never gained any traction. Starting with this 
release and for the next stable branch (Kea 2.4.x) the command will 
print a deprecation warning, but will otherwise function normally. It 
will be removed completely from the Kea 2.5 and 2.6 branches [#2693].

6. **DB improvements**: New database connection parameters, 
`read-timeout` and `write-timeout`, control the timeouts in 
communication with a MySQL database. The `tcp-user-timeout` parameter 
controls the timeout in communication with a PostgreSQL database. 
Setting these timeouts can prevent occasional Kea hangs due to issues 
with database connectivity. Those are expected to improve compatibility 
with HAProxy [#2688]. Compatibility with recently published PostgreSQL 
15 has been improved [#2724]. Kea can now detect a bug in MariaDB, which 
incorrectly rejects certain valid constructs as invalid JSON. This has 
been reported to and confirmed by the MariaDB team [#2654]. 
Compatibility with MySQL 5.5 (very old, but still used by CentOS 7) has 
been improved [#2727]. A bug in the logic to set DB parameters no longer 
confuses DHCPv4 with DHCPv6 [#2672].

7. **DDNS logging failure reasons**: The `kea-dhcp-ddns` daemon now uses 
new log messages to clearly distinguish between timeouts and other IO 
errors when communicating with DNS servers [#2589].

8. **Build improvements**: The autoconf script for forensic logging has 
been moved to another location [#2633]. The deprecated-declarations 
warnings have been fixed [#2617]. The C++ warnings for (in)equality 
operator have been fixed [#2661]. Compilation on MacOS clang and C++20 
has been fixed [#2621]. Jenkins improvements in hammer have been made 
[#2657]. Freeradius-client package names in hammer have been fixed 
[#2652].

## Incompatible Changes

1. The `libreload` API command is now deprecated.
 
2. The `tcp-user-timeout` is not supported until PostgreSQL 12. This 
causes DHCPv4 and DHCPv6 unit tests to fail on systems with PostgreSQL 
11 and earlier. See #2734 for details.

## License

This version of Kea is released under the Mozilla Public License, 
version 2.0.

https://www.mozilla.org/en-US/MPL/2.0

The premium and subscriber-only hook libraries are provided under the 
terms of a Kea Hooks Basic Commercial End User License Agreement.

## Download

Pre-built ISC packages for current versions of the most popular Linux 
operating systems are available at:

https://cloudsmith.io/\~isc/repos/

The Kea source and PGP signature for this release may be downloaded from:

https://www.isc.org/download

as well as from the Cloudsmith repository.

The signature was generated with the ISC code signing key, which is 
available at:

https://www.isc.org/pgpkey

ISC provides detailed documentation, including installation instructions 
and usage tutorials, in the Kea Administrator Reference Manual. 
Documentation is included with the installation or at 
https://kea.readthedocs.io/en/latest/index.html.

Limitations and known issues with this release can be found at 
https://gitlab.isc.org/isc-projects/kea/wikis/known-issues-list.

We ask users of this software to please let us know how it worked for 
you and what operating system you tested on. Feel free to share your 
feedback on the Kea Users mailing list 
(https://lists.isc.org/mailman/listinfo/kea-users. We would also like to 
hear whether the documentation is adequate and accurate. Please open 
tickets in the Kea GitLab project for bugs, documentation omissions and 
errors, and enhancement requests. We want to hear from you even if 
everything worked.

## Support

Professional support for Kea is available from ISC. We encourage all 
professional users to consider this option; Kea maintenance is funded 
with support subscriptions. For more information on ISC's Kea and DHCP 
software support see https://www.isc.org/support/.

Free best-effort support is provided by our user community via a mailing 
list. Information on all public email lists is available at 
https://www.isc.org/community/mailing-list.

## Changes

The following summarizes changes and important upgrade notes since the 
2.3.3 release for Kea core:

2089.	[build]		razvan
	The library version numbers have been bumped for the Kea 2.3.4
	development release.
	(Gitlab #2726)

2088.	[func]*		tomek
	The libreload command is now deprecated. The code is still there,
	but it will be removed in the future versions.
	(Gitlab #2693)

2087.	[func]		razvan
	The Kea DHCPv4 server can now handle multiple vendor options
	with different enterprise IDs and multiple vivso-suboptions.
	(Gitlab #1518)

2086.	[bug]		andrei
	A spacing issue in a prepared statement that prevented Config
	Backend from working with PostgreSQL 15 and above has been fixed.
	(Gitlab #2724)

2085.	[func]		tmark
	kea-dhcp-ddns uses new log messages to clearly distinguish
	between timeouts and other IO errors when communicating with
	DNS servers.
	(Gitlab #2589)

2084.	[func]		razvan
	When the client adds a prefix length in the hint, the server
	will try to select a pool with the delegated prefix length
	equal to the respective value. If no pool is found, the server
	will try to select a pool with a lower delegated prefix length
	(a larger address space) and if none is found, it will try to
	select a pool with a higher delegated prefix length (a smaller
	address space).
	(Gitlab #1958)

2083.	[func]		marcin
	New database connection parameters, "read-timeout" and
	"write-timeout", control the timeouts in communication with the
	MySQL database. The "tcp-user-timeout" controls the timeout in
	communication with the PostgreSQL database. Setting these
	timeouts can prevent occasional Kea hangs due to issues with
	the database connectivity.
	(Gitlab #2688)

2082.	[bug]		razvan
	The prefix address provided in the prefix and prefix length pair
	from the pool configuration is now checked to match the first
	address in the pool.
	(Gitlab #2612)

2081.	[func]		tmark
	The default value for the kea-dhcp-ddns parameter,
	dns-server-timeout, has been increased from 100 ms to
	500 ms.  This was done to improve the out-of-the-box
	user experience.
	(Gitlab #2590)

2080.	[func]		tmark
	Bulk Lease Query results can now include delegated prefixes.
	Memfile queries used by Bulk Lease Query (BLQ) were modified
	to include delegated prefixes when appropriate. Prior to
	this they were returning only address leases.
	(Gitlab #2713)

2079.	[func]		marcin
	The lease allocation strategy is now configurable. It is possible
	to select between iterative and random lease selection for the
	address assignment and prefix delegation, respectively, at the
	global, shared network, and subnet levels.
	(Gitlab #2348, #969)

And for Kea premium:

162.	[bug]		razvan
	The prefix address provided in the prefix and prefix length pair
	from the pool configuration is now checked to match the first
	address in the pool.
	(Gitlab #2612)

161.	[build]		andrei
	Building without the forensic log source files is now possible.
	Previously, it would complain about files not existing. Those
	file declarations were moved from a generic m4 file to a m4 file
	that is dedicated to forensic logging.
	(Gitlab #2633)

160.	[func]		fdupont, tmark
	The lease_query hook library now supports bulk lease query
	for DHCPv6 (RFC 5460). It is currently only supported with
	memfile lease storage.
	(Gitlab #2673)

See https://gitlab.isc.org/isc-projects/kea/-/wikis/Release-Notes for a 
complete list of release notes.

Thank you again to everyone who assisted us in making this release 
possible.

We look forward to receiving your feedback.