# Kea 2.3.5 Release Notes, February 22 2023

Welcome to Kea 2.3.5, the sixth monthly release of the 2.3 development 
series. As with any other development release, use this with caution: 
development releases are not recommended for production use.

Kea is a DHCP implementation developed by Internet Systems Consortium 
(ISC) that features DHCPv4 and DHCPv6 servers with DNS updating and a 
REST API; optional database support (MySQL and PostgreSQL); optional 
RADIUS, Kerberos, and YANG/NETCONF support; and much more. Kea provides 
extensive management capabilities, including but not limited to: TLS 
support, run-time configuration monitoring and updates via a REST API, 
host reservations, client classification, and more.

The text below references issue numbers. For more details, visit the Kea 
GitLab page at https://gitlab.isc.org/isc-projects/kea/issues.

The following features and bug fixes have been implemented since the 
previous release, version 2.3.4:

1. **Multi-threading (MT) enabled by default**: Multi-threading was 
implemented several years ago in Kea, but starting with this release, MT 
is enabled by default. If you still prefer to use single-threaded mode, 
it is easy to flip the `enable-multi-threading` switch back to `false`. 
See "Multi-Threading Settings" in the DHCPv4 and DHCPv6 sections of the 
Kea ARM for details. [#2402].

2. **Bulk Leasequery for DHCPv4/memfile**: An experimental 
implementation of Bulk Leasequery for DHCPv4 (RFC 6926) is now 
available. This capability is implemented and working in some cases, but 
our internal testing so far has been somewhat limited so please consider 
this feature experimental. This feature is available in a 
subscriber-only hook library [#2586, #2738, #2746].

3. **Global reservation improvements**: Global reservations are 
generally not recommended to be used with address reservations. However, 
when they are, an additional safety net is required and it has now been 
implemented. An address reserved in a global reservation must now lie 
within the range of the subnet or shared-network selected by Kea. If it 
does not, the server will attempt to allocate an address dynamically. 
This change applies to both kea-dhcp4 and kea-dhcp6. Previously, the 
servers would grant a lease for any globally reserved address without 
regard to its inclusion in the selected subnet. Thanks to Kyle Birkeland 
for reporting the issue and contributing the patch [#2631, #2632].

4. **Empty host reservations**: It is now possible to add an "empty" 
host reservation without any attribute (e.g. no address, no options, no 
hostname, no client classes, etc.). This is useful to determine the 
KNOWN class [#2723].

5. **Better support for older PostgreSQL versions**. A previous Kea 
release added a `tcp-user-timeout` option that prevented Kea from 
hanging if a database connection broke while processing a query. 
However, this option is not supported by PostgreSQL versions 11 or 
earlier. Kea no longer attempts to use `tcp-user-timeout` when working 
with an old version of PostgreSQL [#2734].

6. **Usability**: Kea DHCPv4 and DHCPv6 servers are now consistent when 
logging client class evaluation results [#2720]. In a typical 
deployment, the `renew-timer` (T1) value is always smaller than 
`rebind-timer` (T2), so the client first tries to renew with the 
original server; only if that fails does it attempt to rebind with other 
servers. However, in some rare cases, users want to configure T1 values 
larger than T2. Previously, Kea rejected such configurations; now it 
prints a warning, but accepts the configuration [#2677].

7. **Stability**: We fixed several thread sanitizer warnings reported on 
macOS [#2704]. Several memory leaks reported by address sanitizer and 
one ODR violation were addressed [#2702]. A bug was corrected which 
allowed poorly defined options to be added to themselves as suboptions 
[#2538]. We fixed a bug which was causing the Kea server to crash when 
using the high-availability hooks library and running reconfigure 
commands. Thanks to Caciano Machado for reporting this bug and providing 
detailed steps on how to replicate it [#2575]. We added logic to 
kea-dhcp4 and kea-dhcp6 to catch and log database connection errors that 
occur during lease reclamation. Previously, such errors caused the 
reclamation timer not to get rescheduled [#2682]. A bug was fixed that 
caused a response to a `config-get` command to lack the configured 
`read-timeout`, `write-timeout`, and `tcp-user-timeout` parameters 
[#2741].

8. **Build improvements**: It is now possible to run `make distcheck` 
without running tests. This capability is mostly helpful for our QA 
team, which now runs distcheck in two modes: fast and extended. It may 
be also used for external package maintainers who are looking to speed 
up their Kea building processes [#2742]. Race conditions on the hammer 
build process were fixed [#2696]. A bug was fixed in the way the 
`--with-site-packages` compilation parameter worked when installing 
Python packages [#2669].

9. **Documentation**: We have updated recommendations about database 
performance tuning [#2710]. Several missing commas in DHCPv6 server 
examples were fixed [#2494]. The Kea ARM has been clarified with regards 
to packet lookups which can be used multiple times in a single client 
classification expression. This is useful for doing consistency checks 
for incoming packets [#2664].

## Incompatible Changes

1. **Multi-threading enabled by default**. See above for details.

2. **Addresses reserved in global reservations**. If reserved in a 
global reservation, earlier Kea versions assigned the address as is, 
regardless of whether it made sense topologically. This behavior has 
changed. See above for details.

3. **Addresses reserved in RADIUS**. The global address reservation 
change has affected the way the RADIUS hook library behaves as well. It 
had a dedicated flag called `reselect-subnet-address` to deal with 
out-of-subnet address reservations. Despite having it set to `false`, 
RADIUS still reselects the subnet if the client was assigned to a shared 
network. See #2761 for details.

## License

This version of Kea is released under the Mozilla Public License, 
version 2.0.

https://www.mozilla.org/en-US/MPL/2.0

The premium and subscriber-only hook libraries are provided under the 
terms of a Kea Hooks Basic Commercial End User License Agreement.

## Download

Pre-built ISC packages for current versions of the most popular Linux 
operating systems are available at:

https://cloudsmith.io/\~isc/repos/

The Kea source and PGP signature for this release may be downloaded from:

https://www.isc.org/download

as well as from the Cloudsmith repository.

The signature was generated with the ISC code signing key, which is 
available at:

https://www.isc.org/pgpkey

ISC provides detailed documentation, including installation instructions 
and usage tutorials, in the Kea Administrator Reference Manual. 
Documentation is included with the installation or at 
https://kea.readthedocs.io/en/latest/index.html.

Limitations and known issues with this release can be found at 
https://gitlab.isc.org/isc-projects/kea/wikis/known-issues-list.

We ask users of this software to please let us know how it worked for 
you and what operating system you tested on. Feel free to share your 
feedback on the Kea Users mailing list 
(https://lists.isc.org/mailman/listinfo/kea-users. We would also like to 
hear whether the documentation is adequate and accurate. Please open 
tickets in the Kea GitLab project for bugs, documentation omissions and 
errors, and enhancement requests. We want to hear from you even if 
everything worked.

## Support

Professional support for Kea is available from ISC. We encourage all 
professional users to consider this option; Kea maintenance is funded 
with support subscriptions. For more information on ISC's Kea and DHCP 
software support see https://www.isc.org/support/.

Free best-effort support is provided by our user community via a mailing 
list. Information on all public email lists is available at 
https://www.isc.org/community/mailing-list.

## Changes

The following summarizes changes and important upgrade notes for core 
Kea since the previous release, version 2.3.4:

2104.	[build]		andrei
	The library version numbers have been bumped up for the Kea 2.3.5
	development release.
	(Gitlab #2768)

2103.	[perf]		andrei
	When not explicitly configured, multi-threading is now enabled by
	default for the core Kea DHCP service ("enable-multi-threading"
	set to true). For now, HA+MT is still disabled by default
	("enable-multi-threading" and "http-dedicated-listener" both
	still set to false in the high-availability library parameters).
	(Gitlab #2402)

2102.	[func]*		tmark
	The logger to which kea-dhcp4 now logs EVAL_RESULT log
	messages issued during packet classification has been
	changed from "options4" to "dhcp4".  This corrects an
	inconsistency between kea-dhcp6 and kea-dhcp4 behavior.
	(Gitlab #2720)

2101.	[build]		andrei
	Shell tests and python tests no longer run if gtest is disabled.
	This provides the ability to run distcheck without tests.
	(Gitlab #2742)

2100.	[doc]		Kevin P. Fleming
	Fixed several JSON examples in the Kea ARM.
	(Gitlab #2494)

2099.	[func]*		tmark
	An address reserved in a global reservation must now lie
	within the range of the subnet or shared-network selected
	by Kea. If it does not, the server will attempt to allocate an
	address dynamically. This change applies to both kea-dhcp4 and
	kea-dhcp6. Previously, the servers would grant a lease for any
	globally reserved address without regard for its feasibility
	within the selected subnet. Thanks to Kyle Birkeland for
	reporting the issue and contributing the patch.
	(Gitlab #2631, #2632)

2098.	[doc]		razvan
	Updated client classification examples in the ARM with a case
	where both operands of the evaluated expression are computed at
	runtime.
	(Gitlab #2664)

2097.	[func]		tmark
	kea-dhcp4 and kea-dhcp6 will now accept renew-timer values that
	exceed rebind-timer values but will ignore them and issue a
	warning. Previously, the servers treated those values as a fatal
	configuration error.
	(Gitlab #2677)

2096.	[bug]		[tmark]
	Fixed a bug which allowed options to be added to themselves
	as suboptions.
	(Gitlab #2538)

2095.	[bug]		marcin, tmark
	Added a compile-time check of whether the PostgreSQL version
	supports the "tcp-user-timeout" parameter. This parameter
	is available in PostgreSQL version 12 and later. It is now
	ignored for earlier versions and a suitable warning message
	is issued.
	(Gitlab #2734)

2094.	[bug]		razvan
	Fixed a bug which caused the Kea server to crash when
	using the high-availability hooks library and running reconfigure
	commands. Thanks to Caciano Machado for reporting this bug and
	providing detailed steps on how to replicate it.
	(Gitlab #2575)

2093.	[func]		fdupont
	It is now possible to add an "empty" host reservation without any
	attribute (e.g. no address, no hostname, no client classes,
	etc.). This is useful for determining the KNOWN class.
	(Gitlab #2723)

2092.	[bug]		fdupont
	Added logic to kea-dhcp4 and kea-dhcp6 to catch and log
	database connection errors that occur during lease
	reclamation. Previously, such errors caused the
	reclamation timer to not get rescheduled.
	(Gitlab #2682)

2091.	[bug]		marcin
	Fixed a bug that caused a response to a config-get command
	to lack the configured read-timeout, write-timeout, and
	tcp-user-timeout parameters.
	(Gitlab #2741)

2090.	[build]		andrei
	Fixed the --with-site-packages configure flag, which previously
	had no effect.
	(Gitlab #2669)

And for Kea premium:

163.	[func]		fdupont
	The lease_query hook library now supports most bulk
	lease query requirements for DHCPv4 (RFC 6926). It is
	currently only supported with memfile lease storage.
	(Gitlab #2746)

See https://gitlab.isc.org/isc-projects/kea/-/wikis/Release-Notes for a 
complete list of release notes.

Thank you again to everyone who assisted us in making this release 
possible.

We look forward to receiving your feedback.