Configuration Templates

The following sections include configuration templates that are proposed configuration for certain deployment types. The example configuration files are also available in the Kea sources in the doc/examples directory.

Template: Home network of a power user

This directory contains template configurations for home network of a power user. It may also be appropriate for a small office. It makes the following assumptions:

  • you want to use a single /24 class of IPv4 addresses

  • you want High Availability, so there are 2 DHCP servers

  • you have a handful of devices, and some of them (e.g. a printer or NAS) require static addresses or extra options

  • you do not want to be bothered with database management

  • the setup is optimized for minimal-to-zero maintenance

  • performance is not an issue. You do not expect to see 100s of queries per second

  • you do not use IPv6

  • you do not want to update your DNS

The logical set-up consists of two hosts, each running Kea DHCPv4 server and a Control Agent (CA). The server connects with the CA using UNIX sockets. Each DHCPv4+CA acts as one partner of the HA pair.

```
 +-host-1-+       +-host-2-+
 |        |       |        |
 |   CA <===\   /===> CA   |    ===== - HTTP connection
 |   #    |  \ /  |   #    |
 |   #    |   X   |   #    |    ##### - UNIX socket
 |   #    |  / \      #    |
 | DHCPv4 ==/   \== DHCPv4 |
 |        |       |        |
 +--------+       +--------+
```

The CA at host 1 and CA at host 2 will both listen on port 8000. The DHCP servers will communicate with each other via CAs which forward control commands to the DHCP servers over the UNIX domain sockets.

Deployment Considerations

The setup is not expected to be very performant. Most modest hardware will do. There are successful deployments on Raspberry Pi platforms. If you are running a VM, 2GB ram with one CPU core should be enough. If you don’t have any preference, Ubuntu LTS is a choice that is easy to set up and is low maintenance. However, any Linux or FreeBSD is fine. Less popular systems, such as OpenBSD or NetBSD should also work in principle, but they are not regularly tested.

The assumption is that there are 2 hosts that will be running the Kea setup:

  • 192.168.1.2 - primary HA server (active, will handle all the traffic)

  • 192.168.1.3 - secondary HA server (passive, ready to take over in case the primary fails)

The network is 192.168.1.0/24. It is assumed that 192.168.1.1 is your default router.

The whole subnet is split into dynamic and static pools:

  • 192.168.1.100 - 192.168.1.199 - this is the dynamic pool. When new devices appear in your network, they will be assigned dynamic addresses from this pool.

  • The reservations are done outside of this dynamic range (depending on your addressing preference, either 192.168.1.1-192.168.1.99 or 192.168.1.200-192.168.1.254).

To deploy this setup, you need to conduct the following steps:

  1. Install CA and DHCPv4 on host1, copy the config files to the typical locations. It’s typically /etc/kea on Linux and /usr/local/etc/kea on FreeBSD. The files are typically called kea-ctrl-agent.conf and kea-dhcp4.conf. Please consult your start-up scripts.

  2. At the very least alter the following to match your setup:

    • the interface name which Kea should listen on (interfaces in interfaces-config)

    • the interface name which is used to access the subnet (interface in subnet4)

    • your addressing, if you use something different than 192.168.1.0/24. Make sure the CA port configuration (http-host and http-port in kea-ca.conf) matches your DHCPv4 server configuration (url in hook-libraries/parameters/high-availability/peers in kea-dhcp4.conf).

    • tweak your router option to match your actual network

    • tweak your DNS option to match your actual network

    • the path to the hook libraries. This is very OS specific parameter. The library names are in general the same everywhere, but the path varies. See Section 16.2 of the Kea ARM for details.

  3. If using a firewall, make sure server1 can reach server2. A nice way to ensure that is to try to retrieve server2’s config from server1:

    curl -X POST -H "Content-Type: application/json" -d '{ "command": "config-get", "service": [ "dhcp4" ] }'  http://192.168.1.3:8000/

    You should get a DHCPv4 running configuration in return in a JSON format.

  4. Make sure the opposite direction (server2 can connect to server1) works too. Simply repeat step 3 from the server2 and user server’s 1 IP address and port.

  5. Install CA and DHCPv4 on host2, similar to steps 1 and 2. Note the config file for the standby server is very similar, except the definition of this-server-name field (and possibly inteface names). In many cases you can simply copy over the file and just tweak it a little bit.

Possible extensions

The proposed configuration is somewhat basic, but functional. Once your setup is up and running, you may want to consider the following changes:

  • if you have your own DNS server, you may configure DNS Updates. This requires running a D2 server (kea-dhcp-ddns), which is a nickname for DHCP-DDNS update server. See Section 13 of the Kea ARM for details.

  • if you want to run Stateful DHCP for IPv6, you will need to run kea-dhcp6 server. Its configuration is very similar to kea-dhcp4, but there are some notable differences: the default gateway is not configured via DHCPv6 protocol, but via Router Advertisements sent by your router. Also, there is a concept of Prefix Delegation, which was non-existent in the DHCPv4. See Section 9 of the Kea ARM for details.

  • if you want to expand your network, adding MySQL or PostgreSQL database is a popular direction for growing networks. You can choose to store leases, host reservations and even most of the configuration in a database. See Section 4 of the Kea ARM and lease-database, hosts-database, and config-control parameters in Section 8 of the Kea ARM.

  • if you want to get more insight into how your DHCP server operates, you may use REST API to query for a lot of run-time statistics or even change your configuration during run-time. You may also consider deploying Stork, which is a young, but fast growing dashboard for Kea. See Section 22 of the Kea ARM for pointers.

  • you should probably also read Section 23 of the Kea ARM that discusses various trade offs between convenience and security.

At the very least, the lines marked in yellow must be adjusted to match the actual deployment.

Server1’s Control Agent configuration file:

 1// This is an example of a configuration for Control-Agent (CA) listening
 2// for incoming HTTP traffic. This is necessary for handling API commands,
 3// in particular lease update commands needed for HA setup.
 4{
 5    "Control-agent":
 6    {
 7        // We need to specify where the agent should listen to incoming HTTP
 8        // queries.
 9        "http-host": "192.168.1.2",
10
11        // This specifies the port CA will listen on.
12        "http-port": 8000,
13
14        "control-sockets":
15        {
16            // This is how the Agent can communicate with the DHCPv4 server.
17            "dhcp4":
18            {
19                "comment": "socket to DHCP4 server",
20                "socket-type": "unix",
21                "socket-name": "/tmp/kea4-ctrl-socket"
22            },
23
24            // Location of the DHCPv6 command channel socket.
25            "dhcp6":
26            {
27                "socket-type": "unix",
28                "socket-name": "/tmp/kea6-ctrl-socket"
29            },
30
31            // Location of the D2 command channel socket.
32            "d2":
33            {
34                "socket-type": "unix",
35                "socket-name": "/tmp/kea-ddns-ctrl-socket",
36                "user-context": { "in-use": false }
37            }
38        },
39
40
41        // Similar to other Kea components, CA also uses logging.
42        "loggers": [
43            {
44                "name": "kea-ctrl-agent",
45                "output_options": [
46                    {
47                        "output": "/var/log/kea-ctrl-agent.log",
48
49                        // Several additional parameters are possible in addition
50                        // to the typical output. Flush determines whether logger
51                        // flushes output to a file. Maxsize determines maximum
52                        // filesize before the file is being rotated. maxver
53                        // specifies the maximum number of rotated files being
54                        // kept.
55                        "flush": true,
56                        "maxsize": 204800,
57                        "maxver": 4,
58                        // We use pattern to specify custom log message layout
59                        "pattern": "%d{%y.%m.%d %H:%M:%S.%q} %-5p [%c/%i] %m\n"
60                    }
61                ],
62                "severity": "INFO",
63                "debuglevel": 0 // debug level only applies when severity is set to DEBUG.
64            }
65        ]
66    }
67}

Server1’s DHCPv4 configuration file:

  1// This is an example configuration of the Kea DHCPv4 server 1:
  2//
  3// - uses High Availability hooks library and Lease Commands hooks library
  4//   to enable High Availability function for the DHCP server. This config
  5//   file is for the primary (the active) server.
  6// - uses memfile, which stores lease data in a local CSV file
  7// - it assumes a single /24 addressing over a link that is directly reachable
  8//   (no DHCP relays)
  9// - there is a handful of IP reservations
 10//
 11// It is expected to run with a standby (the passive) server, which has a very similar
 12// configuration. The only difference is that "this-server-name" must be set to "server2" on the
 13// other server. Also, the interface configuration depends on the network settings of the
 14// particular machine.
 15
 16{
 17
 18"Dhcp4": {
 19
 20    // Add names of your network interfaces to listen on.
 21    "interfaces-config": {
 22        // The DHCPv4 server listens on this interface. When changing this to
 23        // the actual name of your interface, make sure to also update the
 24        // interface parameter in the subnet definition below.
 25        "interfaces": [ "enp0s8" ]
 26    },
 27
 28    // Control socket is required for communication between the Control
 29    // Agent and the DHCP server. High Availability requires Control Agent
 30    // to be running because lease updates are sent over the RESTful
 31    // API between the HA peers.
 32    "control-socket": {
 33        "socket-type": "unix",
 34        "socket-name": "/tmp/kea4-ctrl-socket"
 35    },
 36
 37    // Use Memfile lease database backend to store leases in a CSV file.
 38    // Depending on how Kea was compiled, it may also support SQL databases
 39    // (MySQL and/or PostgreSQL) and even Cassandra. Those database backends
 40    // require more parameters, like name, host and possibly user and password.
 41    // There are dedicated examples for each backend. See Section 7.2.2 "Lease
 42    // Storage" for details.
 43    "lease-database": {
 44        // Memfile is the simplest and easiest backend to use. It's an in-memory
 45        // database with data being written to a CSV file. It is very similar to
 46        // what ISC DHCP does.
 47        "type": "memfile"
 48    },
 49
 50    // Let's configure some global parameters. The home network is not very dynamic
 51    // and there's no shortage of addresses, so no need to recycle aggresively.
 52    "valid-lifetime": 43200, // leases will be valid for 12h
 53    "renew-timer": 21600, // clients should renew every 6h
 54    "rebind-timer": 32400, // clients should start looking for other servers after 9h
 55
 56    // Kea will clean up its database of expired leases once per hour. However, it
 57    // will keep the leases in expired state for 2 days. This greatly increases the
 58    // chances for returning devices to get the same address again. To guarantee that,
 59    // use host reservation.
 60    "expired-leases-processing": {
 61        "reclaim-timer-wait-time": 3600,
 62        "hold-reclaimed-time": 172800,
 63        "max-reclaim-leases": 0,
 64        "max-reclaim-time": 0
 65    },
 66
 67    // HA requires two hooks libraries to be loaded: libdhcp_lease_cmds.so and
 68    // libdhcp_ha.so. The former handles incoming lease updates from the HA peers.
 69    // The latter implements high availability feature for Kea. Note the library name
 70    // should be the same, but the path is OS specific.
 71    "hooks-libraries": [
 72        // The lease_cmds library must be loaded because HA makes use of it to
 73        // deliver lease updates to the server as well as synchronize the
 74        // lease database after failure.
 75        {
 76            "library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so"
 77        },
 78
 79        {
 80            // The HA hooks library should be loaded.
 81            "library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so",
 82            "parameters": {
 83                // Each server should have the same HA configuration, except for the
 84                // "this-server-name" parameter.
 85                "high-availability": [ {
 86                    // This parameter points to this server instance. The respective
 87                    // HA peers must have this parameter set to their own names.
 88                    "this-server-name": "server1",
 89                    // The HA mode is set to hot-standby. In this mode, the active server handles
 90                    // all the traffic. The standby takes over if the primary becomes unavailable.
 91                    "mode": "hot-standby",
 92                    // Heartbeat is to be sent every 10 seconds if no other control
 93                    // commands are transmitted.
 94                    "heartbeat-delay": 10000,
 95                    // Maximum time for partner's response to a heartbeat, after which
 96                    // failure detection is started. This is specified in milliseconds.
 97                    // If we don't hear from the partner in 60 seconds, it's time to
 98                    // start worrying.
 99                    "max-response-delay": 60000,
100                    // The following parameters control how the server detects the
101                    // partner's failure. The ACK delay sets the threshold for the
102                    // 'secs' field of the received discovers. This is specified in
103                    // milliseconds.
104                    "max-ack-delay": 5000,
105                    // This specifies the number of clients which send messages to
106                    // the partner but appear to not receive any response.
107                    "max-unacked-clients": 5,
108                    // This specifies the maximum timeout (in milliseconds) for the server
109                    // to complete sync. If you have a large deployment (high tens or
110                    // hundreds of thousands of clients), you may need to increase it
111                    // further. The default value is 60000ms (60 seconds).
112                    "sync-timeout": 60000,
113                    "peers": [
114                        // This is the configuration of this server instance.
115                        {
116                            "name": "server1",
117                            // This specifies the URL of our server instance. The
118                            // Control Agent must run along with our DHCPv4 server
119                            // instance and the "http-host" and "http-port" must be
120                            // set to the corresponding values.
121                            "url": "http://192.168.1.2:8000/",
122                            // This server is primary. The other one must be
123                            // secondary.
124                            "role": "primary"
125                        },
126                        // This is the configuration of our HA peer.
127                        {
128                            "name": "server2",
129                            // Specifies the URL on which the partner's control
130                            // channel can be reached. The Control Agent is required
131                            // to run on the partner's machine with "http-host" and
132                            // "http-port" values set to the corresponding values.
133                            "url": "http://192.168.1.3:8000/",
134                            // The partner is a secondary. Our is primary.
135                            "role": "standby"
136                        }
137                    ]
138                } ]
139            }
140        }
141    ],
142
143    // This example contains a single subnet declaration.
144    "subnet4": [
145        {
146            // Subnet prefix.
147            "subnet": "192.168.1.0/24",
148
149            // There are no relays in this network, so we need to tell Kea that this subnet
150            // is reachable directly via the specified interface.
151            "interface": "enp0s8",
152
153            // Specify a dynamic address pool.
154            "pools": [
155                {
156                    "pool": "192.168.1.100-192.168.1.199"
157                }
158            ],
159
160            // These are options that are subnet specific. In most cases, you need to define at
161            // least routers option, as without this option your clients will not be able to reach
162            // their default gateway and will not have Internet connectivity. If you have many
163            // subnets and they share the same options (e.g. DNS servers typically is the same
164            // everywhere), you may define options at the global scope, so you don't repeat them
165            // for every network.
166            "option-data": [
167                {
168                    // For each IPv4 subnet you typically need to specify at least one router.
169                    "name": "routers",
170                    "data": "192.168.1.1"
171                },
172                {
173                    // Using cloudflare or Quad9 is a reasonable option. Change this
174                    // to your own DNS servers is you have them. Another popular
175                    // choice is 8.8.8.8, owned by Google. Using third party DNS
176                    // service raises some privacy concerns.
177                    "name": "domain-name-servers",
178                    "data": "1.1.1.1,9.9.9.9"
179                }
180            ],
181
182            // Some devices should get a static address. Since the .100 - .199 range is dynamic,
183            // let's use the lower address space for this. There are many ways how reservation
184            // can be defined, but using MAC address (hw-address) is by far the most popular one.
185            // You can use client-id, duid and even custom defined flex-id that may use whatever
186            // parts of the packet you want to use as identifiers. Also, there are many more things
187            // you can specify in addition to just an IP address: extra options, next-server, hostname,
188            // assign device to client classes etc. See the Kea ARM, Section 8.3 for details.
189            // The reservations are subnet specific.
190            "reservations": [
191                {
192                    "hw-address": "1a:1b:1c:1d:1e:1f",
193                    "ip-address": "192.168.1.10"
194                },
195                {
196                    "client-id": "01:11:22:33:44:55:66",
197                    "ip-address": "192.168.1.11"
198                }
199            ]
200        }
201    ],
202
203    // Logging configuration starts here.
204    "loggers": [
205    {
206        // This section affects kea-dhcp4, which is the base logger for DHCPv4 component. It tells
207        // DHCPv4 server to write all log messages (on severity INFO or higher) to a file. The file
208        // will be rotated once it grows to 2MB and up to 4 files will be kept. The debuglevel
209        // (range 0 to 99) is used only when logging on DEBUG level.
210        "name": "kea-dhcp4",
211        "output_options": [
212            {
213                "output": "/var/log/kea-dhcp4.log",
214                "maxsize": 2048000,
215                "maxver": 4
216            }
217        ],
218        "severity": "INFO",
219        "debuglevel": 0
220    }
221  ]
222}
223}

Server2’s Control Agent configuration file:

 1// This is an example of a configuration for Control-Agent (CA) listening
 2// for incoming HTTP traffic. This is necessary for handling API commands,
 3// in particular lease update commands needed for HA setup.
 4{
 5    "Control-agent":
 6    {
 7        // We need to specify where the agent should listen to incoming HTTP
 8        // queries.
 9        "http-host": "192.168.1.3",
10
11        // This specifies the port CA will listen on.
12        "http-port": 8000,
13
14        "control-sockets":
15        {
16            // This is how the Agent can communicate with the DHCPv4 server.
17            "dhcp4":
18            {
19                "comment": "socket to DHCP4 server",
20                "socket-type": "unix",
21                "socket-name": "/tmp/kea4-ctrl-socket"
22            },
23
24            // Location of the DHCPv6 command channel socket.
25            "dhcp6":
26            {
27                "socket-type": "unix",
28                "socket-name": "/tmp/kea6-ctrl-socket"
29            },
30
31            // Location of the D2 command channel socket.
32            "d2":
33            {
34                "socket-type": "unix",
35                "socket-name": "/tmp/kea-ddns-ctrl-socket",
36                "user-context": { "in-use": false }
37            }
38        },
39
40
41        // Similar to other Kea components, CA also uses logging.
42        "loggers": [
43            {
44                "name": "kea-ctrl-agent",
45                "output_options": [
46                    {
47                        "output": "/var/log/kea-ctrl-agent.log",
48
49                        // Several additional parameters are possible in addition
50                        // to the typical output. Flush determines whether logger
51                        // flushes output to a file. Maxsize determines maximum
52                        // filesize before the file is being rotated. maxver
53                        // specifies the maximum number of rotated files being
54                        // kept.
55                        "flush": true,
56                        "maxsize": 204800,
57                        "maxver": 4,
58                        // We use pattern to specify custom log message layout
59                        "pattern": "%d{%y.%m.%d %H:%M:%S.%q} %-5p [%c/%i] %m\n"
60                    }
61                ],
62                "severity": "INFO",
63                "debuglevel": 0 // debug level only applies when severity is set to DEBUG.
64            }
65        ]
66    }
67}

Server2’s DHCPv4 configuration file:

  1// This is an example configuration of the Kea DHCPv4 server 2:
  2//
  3// - uses High Availability hooks library and Lease Commands hooks library
  4//   to enable High Availability function for the DHCP server. This config
  5//   file is for the primary (the active) server.
  6// - uses memfile, which stores lease data in a local CSV file
  7// - it assumes a single /24 addressing over a link that is directly reachable
  8//   (no DHCP relays)
  9// - there is a handful of IP reservations
 10//
 11// It is expected to run with a primary (the active) server, which has a very similar
 12// configuration. The only difference is that "this-server-name" must be set to "server2" on the
 13// other server. Also, the interface configuration depends on the network settings of the
 14// particular machine.
 15
 16{
 17
 18"Dhcp4": {
 19
 20    // Add names of your network interfaces to listen on.
 21    "interfaces-config": {
 22        // The DHCPv4 server listens on this interface. When changing this to
 23        // the actual name of your interface, make sure to also update the
 24        // interface parameter in the subnet definition below.
 25        "interfaces": [ "enp0s8" ]
 26    },
 27
 28    // Control socket is required for communication between the Control
 29    // Agent and the DHCP server. High Availability requires Control Agent
 30    // to be running because lease updates are sent over the RESTful
 31    // API between the HA peers.
 32    "control-socket": {
 33        "socket-type": "unix",
 34        "socket-name": "/tmp/kea4-ctrl-socket"
 35    },
 36
 37    // Use Memfile lease database backend to store leases in a CSV file.
 38    // Depending on how Kea was compiled, it may also support SQL databases
 39    // (MySQL and/or PostgreSQL) and even Cassandra. Those database backends
 40    // require more parameters, like name, host and possibly user and password.
 41    // There are dedicated examples for each backend. See Section 7.2.2 "Lease
 42    // Storage" for details.
 43    "lease-database": {
 44        // Memfile is the simplest and easiest backend to use. It's an in-memory
 45        // database with data being written to a CSV file. It is very similar to
 46        // what ISC DHCP does.
 47        "type": "memfile"
 48    },
 49
 50    // Let's configure some global parameters. The home network is not very dynamic
 51    // and there's no shortage of addresses, so no need to recycle aggresively.
 52    "valid-lifetime": 43200, // leases will be valid for 12h
 53    "renew-timer": 21600, // clients should renew every 6h
 54    "rebind-timer": 32400, // clients should start looking for other servers after 9h
 55
 56    // Kea will clean up its database of expired leases once per hour. However, it
 57    // will keep the leases in expired state for 2 days. This greatly increases the
 58    // chances for returning devices to get the same address again. To guarantee that,
 59    // use host reservation.
 60    "expired-leases-processing": {
 61        "reclaim-timer-wait-time": 3600,
 62        "hold-reclaimed-time": 172800,
 63        "max-reclaim-leases": 0,
 64        "max-reclaim-time": 0
 65    },
 66
 67    // HA requires two hooks libraries to be loaded: libdhcp_lease_cmds.so and
 68    // libdhcp_ha.so. The former handles incoming lease updates from the HA peers.
 69    // The latter implements high availability feature for Kea. Note the library name
 70    // should be the same, but the path is OS specific.
 71    "hooks-libraries": [
 72        // The lease_cmds library must be loaded because HA makes use of it to
 73        // deliver lease updates to the server as well as synchronize the
 74        // lease database after failure.
 75        {
 76            "library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so"
 77        },
 78
 79        {
 80            // The HA hooks library should be loaded.
 81            "library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so",
 82            "parameters": {
 83                // Each server should have the same HA configuration, except for the
 84                // "this-server-name" parameter.
 85                "high-availability": [ {
 86                    // This parameter points to this server instance. The respective
 87                    // HA peers must have this parameter set to their own names.
 88                    "this-server-name": "server2",
 89                    // The HA mode is set to hot-standby. In this mode, the active server handles
 90                    // all the traffic. The standby takes over if the primary becomes unavailable.
 91                    "mode": "hot-standby",
 92                    // Heartbeat is to be sent every 10 seconds if no other control
 93                    // commands are transmitted.
 94                    "heartbeat-delay": 10000,
 95                    // Maximum time for partner's response to a heartbeat, after which
 96                    // failure detection is started. This is specified in milliseconds.
 97                    // If we don't hear from the partner in 60 seconds, it's time to
 98                    // start worrying.
 99                    "max-response-delay": 60000,
100                    // The following parameters control how the server detects the
101                    // partner's failure. The ACK delay sets the threshold for the
102                    // 'secs' field of the received discovers. This is specified in
103                    // milliseconds.
104                    "max-ack-delay": 5000,
105                    // This specifies the number of clients which send messages to
106                    // the partner but appear to not receive any response.
107                    "max-unacked-clients": 5,
108                    // This specifies the maximum timeout (in milliseconds) for the server
109                    // to complete sync. If you have a large deployment (high tens or
110                    // hundreds of thousands of clients), you may need to increase it
111                    // further. The default value is 60000ms (60 seconds).
112                    "sync-timeout": 60000,
113                    "peers": [
114                        // This is the configuration of this server instance.
115                        {
116                            "name": "server1",
117                            // This specifies the URL of the partner's server instance. The
118                            // Control Agent must run along with partner DHCPv4 server
119                            // instance and the "http-host" and "http-port" must be
120                            // set to the corresponding values.
121                            "url": "http://192.168.1.2:8000/",
122                            // That server is primary. Our server must be
123                            // standby.
124                            "role": "primary"
125                        },
126                        // This is our (server2) configuration.
127                        {
128                            "name": "server2",
129                            // Specifies the URL on which the control agent for this server
130                            // can be reached. The Control Agent is required
131                            // to run on this machine with "http-host" and
132                            // "http-port" values set to the corresponding values.
133                            "url": "http://192.168.1.3:8000/",
134                            // Our server is standby. The other server is primary.
135                            "role": "standby"
136                        }
137                    ]
138                } ]
139            }
140        }
141    ],
142
143    // This example contains a single subnet declaration.
144    "subnet4": [
145        {
146            // Subnet prefix.
147            "subnet": "192.168.1.0/24",
148
149            // There are no relays in this network, so we need to tell Kea that this subnet
150            // is reachable directly via the ethX interface.
151            "interface": "enp0s8",
152
153            // Specify a dynamic address pool.
154            "pools": [
155                {
156                    "pool": "192.168.1.100-192.168.1.199"
157                }
158            ],
159
160            // These are options that are subnet specific. In most cases, you need to define at
161            // least routers option, as without this option your clients will not be able to reach
162            // their default gateway and will not have Internet connectivity. If you have many
163            // subnets and they share the same options (e.g. DNS servers typically is the same
164            // everywhere), you may define options at the global scope, so you don't repeat them
165            // for every network.
166            "option-data": [
167                {
168                    // For each IPv4 subnet you typically need to specify at least one router.
169                    "name": "routers",
170                    "data": "192.168.1.1"
171                },
172                {
173                    // Using cloudflare or Quad9 is a reasonable option. Change this
174                    // to your own DNS servers is you have them. Another popular
175                    // choice is 8.8.8.8, owned by Google. Using third party DNS
176                    // service raises some privacy concerns.
177                    "name": "domain-name-servers",
178                    "data": "1.1.1.1,9.9.9.9"
179                }
180            ],
181
182            // Some devices should get a static address. Since the .100 - .199 range is dynamic,
183            // let's use the lower address space for this. There are many ways how reservation
184            // can be defined, but using MAC address (hw-address) is by far the most popular one.
185            // You can use client-id, duid and even custom defined flex-id that may use whatever
186            // parts of the packet you want to use as identifiers. Also, there are many more things
187            // you can specify in addition to just an IP address: extra options, next-server, hostname,
188            // assign device to client classes etc. See the Kea ARM, Section 8.3 for details.
189            // The reservations are subnet specific.
190            "reservations": [
191                {
192                    "hw-address": "1a:1b:1c:1d:1e:1f",
193                    "ip-address": "192.168.1.10"
194                },
195                {
196                    "client-id": "01:11:22:33:44:55:66",
197                    "ip-address": "192.168.1.11"
198                }
199            ]
200        }
201    ],
202
203    // Logging configuration starts here.
204    "loggers": [
205    {
206        // This section affects kea-dhcp4, which is the base logger for DHCPv4 component. It tells
207        // DHCPv4 server to write all log messages (on severity INFO or higher) to a file. The file
208        // will be rotated once it grows to 2MB and up to 4 files will be kept. The debuglevel
209        // (range 0 to 99) is used only when logging on DEBUG level.
210        "name": "kea-dhcp4",
211        "output_options": [
212            {
213                "output": "/var/log/kea-dhcp4.log",
214                "maxsize": 2048000,
215                "maxver": 4
216            }
217        ],
218        "severity": "INFO",
219        "debuglevel": 0
220    }
221  ]
222}
223}