# Kea 1.9.11, August 31th 2021, Release Notes

Welcome to Kea 1.9.11, the twelfth monthly release of the 1.9 
development branch. As with any other development release, use this with 
caution: development releases are not recommended for production use.

As the 2.0.0 release approaches, we are adding fewer and less 
significant new features. Instead, there are more bug fixes, 
documentation edits, and small improvements. The most notable changes 
introduced in this version are:

1. **Lease lifetimes in DHCPv6 client classes** - It is now possible to 
configure preferred and valid lease lifetimes based on the client 
classification. That feature has been available in DHCPv4 for a while 
and now is available for DHCPv6 as well. This applies to both the 
configuration file and Configuration Backend [#1172, #1710].

2. **NETCONF improvements**. The ability to detect Sysrepo installation 
have been improved. One particular aspect may be convenient: If libyang 
and Sysrepo are installed in the same directory, only one 
`--with-sysrepo` option is necessary during configure script execution 
[#1990]. Hammer, Kea's build tool has been extended with better Sysrepo 
and libyang installation routines [#2045].

3. **GSS-TSIG hook (experimental)**. The work on the GSS-TSIG premium 
hook continues. While the hook is not fully functional yet, we are 
getting closer. Installation documentation has been shared [#2018]. 
Parts of the DHCP-DDNS daemon (D2) have been moved to a library. With 
this code rearrangement, it is now possible for certain DNS 
update-related actions to be conducted from a hook [#1963]. The security 
context exchange is now more thorough when checking anti-replay and 
authentication services [#2009]. The TKEY exchange, the major mechanism 
to establish a security context with a Kerberos capable DNS server, has 
now been implemented [#1960]. Additional hook points have been 
implemented in D2, making it possible to offload some of the steps to an 
external hook [#1897].

4. **Performance: lease reclamation fix on MySQL**. Earlier Kea versions 
conducted lease reclamation of the leases stored in MySQL inefficiently 
on some older MySQL versions. This caused the periodic lease reclamation 
process to take an increasing amount of time. The issue is now fixed 
[#2030].

5. **Bug fix: secondary HA server stops responding**. A problem was 
reported shortly before this release. Under certain conditions (after 
many commands are sent), the secondary server in a HA pair can stop 
responding when running in HA+MT mode. A partial fix has been made 
available. It should prevent the freeze, but the commands causing it 
will fail. Please use Control Agent (CA) to process commands, even when 
running in HA+MT mode [#2041, #2043].

6. **Qualifying suffix in DDNS**. In some cases, buggy clients misused 
the hostname and FQDN options when sending Request messages, which could 
have resulted in the qualifying suffix being appended twice. Now both 
the DHCPv4 and DHCPv6 servers will append the `ddns-qualifying-suffix` 
only if the input name does not already end with that suffix [#1529].

7. **Build improvements**. Better handling of Python location, which 
should address some build issues on MacOS and Arch Linux [#2012]. Many 
compilation warnings and spelling corrections [#2025]. Kea-msg-compiler, 
a tool used to regenerate message files is a small tool typically used 
by the Kea developers. The tool is now included in native packages, 
which may be useful for hook developers [#1639]. Kea now compiles with 
Boost 1.77 [#1980]. An OS image rebuilding has been fixed in ISC's 
internal CI system [#2014].

8. **Documentation**. A section about `innodb_flush_log_at_trx_commit` 
knob for MySQL has been reworded [#2024]. The developer's guide for 
premium hooks has been migrated to doxygen 1.9.1 [#2025]. A PDF version 
of the Kea Administrators Reference Manual has been tweaked to look 
better [#866]. Kea tends to be strict about following the RFC standards. 
However, in some rare cases, exceptions are implemented on purpose. One 
of those - handling the server-id option in the DHCPRELEASE packet - is 
now documented [#1936]. We added a note about configuring timezones in 
the databases [#1978]. A log message that indicates a successful 
configuration reload has been added [#1893]. Links in the documentation 
has been updated to our new public site https://reports.kea.isc.org. Old 
links to Jenkins (jenkins.isc.org) are no longer available, as this 
particular system is being retired [#1983].

## Incompatible Changes

1. YANG models have been extended with the ability to configure 
`store-extended-info`. If you are using `kea-netconf`, please update 
your deployment. Note that the previous Kea version migrated to new 
Sysrepo and libyang versions [#1944].

## Known Issues

For details on known issues, visit:

https://gitlab.isc.org/isc-projects/kea/-/wikis/known-issues-list

And for the list of issues marked as bugs:

https://gitlab.isc.org/isc-projects/kea/issues?label_name%5B%5D=bug

## Release Model

The Kea project has a significant production deployment base with users 
who are looking for stability, rather than a constant stream of new 
"bleeding-edge" features. At the same time, we want to continue 
developing the software and add some new powerful, but 
difficult-to-implement, features. To meet these requirements we have 
both Stable and Development branches.

Stable releases are what you would expect: stable, released 
infrequently, without new features or significant changes, very 
well-tested. These can be identified by an even-numbered minor version 
number. The current stable release is 1.8.2. The older stable version of 
1.6.3 is also available. If we discover important bugs that require 
fixing, we may release additional maintenance versions on the 1.8 
branch, but that will be determined on a case-by-case basis. The next 
major stable version will be 2.0.0.

Development releases can be easily identified by an odd minor version 
number: for example, 1.9.0 is a development release. Subsequent releases 
on the same minor release branch get numbered with 1.9.1, 1.9.2, and so 
on.

Our goal is to make the development release available on the last 
Wednesday of each month. There may be exceptions (such as during 
holidays), but that's the general plan.

We encourage users to test the development releases and report back 
their findings.

For more details on the plan, see ISC's Software Support Policy at:

https://kb.isc.org/docs/aa-00896

## Kea Overview

Kea is a DHCP implementation developed by Internet Systems Consortium 
that features fully functional DHCPv4 and DHCPv6 servers, a dynamic DNS 
update daemon, a Control Agent (CA) that provides a REST API to control 
the DHCP and DNS update servers, an example shell client to connect to 
the CA, a daemon that is able to retrieve YANG configuration and updates 
from Sysrepo, and a DHCP performance-measurement tool. Both DHCP servers 
support server discovery, address assignment, renewal, rebinding, 
release, decline, information request, DNS updates, client 
classification, and host reservations. The DHCPv6 server also supports 
prefix delegation. Lease information is stored in a CSV file by default; 
it can optionally be stored in a MySQL, PostgreSQL, or Cassandra (now 
deprecated) database instead. Host reservations can be stored in a 
configuration file, or in a MySQL, PostgreSQL, or Cassandra (now 
deprecated) database. They can also be retrieved from a RADIUS server, 
although this functionality is somewhat limited. Kea DHCPv4 and DHCPv6 
daemons provide support for YANG models, which are stored in a Sysrepo 
datastore and can be configured via the NETCONF protocol.

This text references issue numbers. For more details, visit the Kea 
GitLab page at:

https://gitlab.isc.org/isc-projects/kea/-/issues

## License

This version of Kea is released under the Mozilla Public License, 
version 2.0.

https://www.mozilla.org/en-US/MPL/2.0

The premium and subscriber-only hooks libraries are provided in source 
code form, under the terms of an End User License Agreement (you will 
get the source code that you can modify freely, but you are not 
permitted to redistribute it).

## Download

Pre-built ISC packages for current versions of the most popular Linux 
operating systems are available at:

https://cloudsmith.io/~isc/repos/

The Kea source and PGP signature for this release may be downloaded from:

https://www.isc.org/download

The signature was generated with the ISC code-signing key which is 
available at:

https://www.isc.org/pgpkey

ISC provides detailed documentation, including installation instructions 
and usage tutorials, in the Kea Administrator Reference Manual (ARM). 
Documentation is included with the installation, at:

* https://kea.readthedocs.io/en/latest/
* or via https://kb.isc.org/docs/kea-administrator-reference-manual in 
HTML, plain text, or PDF formats

ISC maintains a public open source code tree, a wiki, an issue tracking 
system, milestone planning, and a roadmap at:

https://gitlab.isc.org/isc-projects/kea

We ask users of this software to please let us know how it worked for 
you and what operating system you tested on. Feel free to share your 
feedback on the Kea Users mailing list at:

https://lists.isc.org/mailman/listinfo/kea-users

We would also like to hear whether the documentation is adequate and 
accurate. Please open tickets in the Kea GitLab project for bugs, 
documentation omissions and errors, and enhancement requests. We want to 
hear from you even if everything worked.

## Support

Professional support for Kea is available from ISC. We encourage all 
professional users to consider this option; Kea development and 
maintenance are funded with support subscriptions. For more information 
on ISC's Kea and DHCP software support see:

https://www.isc.org/support/

Free best-effort support is provided by our user community via a mailing 
list. Information on all public email lists is available at:

https://www.isc.org/community/mailing-List

If you have any comments or questions about working with Kea, please 
share them on the Kea Users List:

https://lists.isc.org/mailman/listinfo/kea-users

Bugs and feature requests may be submitted via GitLab at:

https://gitlab.isc.org/isc-projects/kea/-/issues

## Changes

The following summarizes changes since the previous release of 1.9.10:

### In the core package

```
1940.	[build]		razvan
	Library version numbers bumped for Kea 1.9.11 development
	version.
	(Gitlab #2053)

1939.	[bug]		tmark
	Removed all MultiThreadingCriticalSections from lease_cmds
	hooks library which can cause a dead-lock when running HA+MT.
	The commands simply try to acquire the resource lock and fail
	if the resource is unavailable also logging an error message.
	(Gitlab #2051)

1938.	[bug]		razvan
	Fix dead locks caused by commands with CS on http listener
	threads and CS on main thread racing with CS on other threads.
	(Gitlab #2041, #2043)

1937.	[bug]		razvan
	The Config Backend is now capable of reestablishing database
	connection after a failure.
	(Gitlab #1982)

1936.	[build]		andrei
	Kea attempts to first link with compatibility library OpenSSL 1.1
	(usually found on CentOS 7) before falling back to the system
	OpenSSL (1.0 on CentOS 7 which is out of support).
	(Gitlab qa#261)

1935.	[func]		andrei
	The store-extended-info config entry was added to Kea YANG
	modules at root-level and at subnet-level.
	(Gitlab #1944)

1934.	[func]		tmark
	Kea-dhcp6 now supports specifying valid-lifetime and
	preferred-lifetime values in client classes (via both
	configuration file and Config Backend).  Prior to this
	it could only be specified at the global, shared-network,
	and subnet scopes.
	(Gitlab #1710)

1933.	[doc]		fdupont, tomek
	Added a new ARM section about GSS-TSIG. Currently it describes
	how to build Kea with GSS-API support. It will be expanded in
	the future.
	(Gitlab #2018)

1932.	[func]		tmark
	MySQL indexing of leases database has been improved. It now
	behaves better on older MySQL versions. In particular, the lease
	reclamation no longer causes full scans to be performed. This
	fix introduces MySQL schema update to 11.0. This should reduce
	the periodic performance slowdowns.
	(Gitlab #2030)

1931.	[bug]		tomek
	Two hook messages HOOKS_CALLOUT_ERROR and HOOKS_CALLOUT_MESSAGES
	are now printing the hook name and index properly. Thank you to
	Shawn Routhier for reporting the issue.
	(Gitlab #2020)

1930.	[doc]		razvan
	Extended documentation section about setting up the timezones in
	MySQL and PostgreSQL databases.
	(Gitlab #1978)

1929.	[build]		andrei
	Compatibility with upcoming boost 1.77 has been improved.
	Thanks to Brad Smith for the patch!
	(Gitlab #1980)

1928.	[bug]		tmark
	Modified kea-dhcp4 and kea-dhcp6 to only append the
	ddns-qualifying-suffix if the input name does not
	already end with that suffix.  Prior to this the
	suffix was always added which could lead to names
	including the suffix twice.
	(Gitlab #1529)
```

Thank you again to everyone who assisted us in making this release 
possible.

We look forward to receiving your feedback.