# Kea 2.7.5 Release Notes, December 11th, 2024 Welcome to Kea 2.7.5, the fifth monthly release of the 2.7 development series. As with any other development release, use this with caution: development releases are not recommended for production use. Kea is a DHCP implementation developed by Internet Systems Consortium (ISC) that features DHCPv4 and DHCPv6 servers with DNS update and a REST API; optional database support (MySQL and PostgreSQL); optional RADIUS, Kerberos, YANG/NETCONF, and GSS-TSIG support; and much more. Kea provides extensive management capabilities, including but not limited to: TLS support, Role-Based Access Control, run-time configuration monitoring and updates via a REST API, host reservations, and client classification. The text below references issue numbers. For more details, visit the Kea GitLab page at https://gitlab.isc.org/isc-projects/kea/-/issues. For details about Docker issues, visit the page at https://gitlab.isc.org/isc-projects/kea-docker/-/issues/. For details about packaging, visit the page at https://gitlab.isc.org/isc-projects/kea-packaging/-/issues/. The following bug fixes and features have been implemented since the previous release, version 2.7.4: 1. **Classification update**: It is now possible to define multiple client classes when limiting access to networks, subnets, and pools. The parameter "client-class" (a single class name) in shared networks, subnets, and pools has been replaced with "client-classes" (a list of one or more class names). This applies to both kea-dhcp4 and kea-dhcp6. The older syntax still works, but is now deprecated and will be removed in the future [#3592]. 2. **Custom HTTP headers**: Kea servers can now be configured to send arbitrary HTTP headers. This might be useful to better adhere to certain policies, such as HTTP Strict Transport Security [#3609]. 3. **Memory usage**: Kea now uses less memory when reconfiguring: it previously kept up to 10 previous configurations while reconfiguring, which needlessly used memory. This inefficiency is now removed [#3652]. 4. **Bug fixes**: A bug was fixed that prevented the server from resuming DHCP traffic handling after receiving the `ha-maintenance-cancel` command [#3655]. Kea now prints a warning if the configured lifetimes in classes are not usable [#2736]. Both Kea DHCPv4 and DHCPv6 servers no longer generate DDNS updates when leases are reused due to lease caching [#3257]. 5. **Documentation updates**: The lease file format is now documented in the Developer's Guide. Users are not expected to interact with the lease files directly; we recommend using the API instead. Nevertheless, it might be useful in some cases to understand the data stored in the lease files [#3414]. The concept of "class guard", a mechanism to restrict access to certain subnets or pools to clients that belong to a certain class, was explained with more examples [#3348]. A clarification was added that, by default, the DHCPv4 server always prefers to use the contents of the FQDN option over the host name option. However, if some other behavior (such as preferring host name over FQDN) is desired, it can be achieved with the DDNS tuning hook. An example of this is now documented [#1989]. Several tests were conducted for the FLQ allocator used in shared database scenarios, and the conclusion is that usage of FLQ with shared databases is not recommended [#3577]. We clarified that TLS certificates are not updated during reconfiguration. Migrating to new certificates requires a full restart [#3255]. The tuple definition has been updated [#3661]. 6. **Testing and CI**: The Continuous Integration (CI) pipeline definitions were updated to no longer prevent Merge Requests (MRs) from being merged if the build-tarball job fails [#3669]. ## Incompatible Changes 1. The `client-class` clause is being replaced with `client-classes`. See bullet 1 in the features list above for details. The old syntax is still accepted, but is now deprecated. ## License This version of Kea is released under the Mozilla Public License, version 2.0. https://www.mozilla.org/en-US/MPL/2.0 Some Kea hook libraries are provided under the MPL 2.0; others are licensed with the [Kea Hooks Basic Commercial End User License](https://www.isc.org/kea-premium-license/). The source for each hook library includes the applicable license. ## Download Pre-built ISC packages for current versions of the most popular Linux operating systems are available at: https://cloudsmith.io/\~isc/repos/ Pre-built Docker images, as well as Docker files, are available. For details, see: https://gitlab.isc.org/isc-projects/kea-docker The Kea source and PGP signature for this release may be downloaded from: https://www.isc.org/download The signature was generated with the ISC code-signing key, which is available at: https://www.isc.org/pgpkey ISC provides detailed documentation, including installation instructions and usage tutorials, in the Kea Administrator Reference Manual. Documentation is included with the installation or at https://kea.readthedocs.io/en/latest/index.html in HTML, PDF, or EPUB formats. ISC maintains a public open source code tree, wiki, issue tracking system, milestone planner, and roadmap at https://gitlab.isc.org/isc-projects/kea. Limitations and known issues with this release can be found at https://gitlab.isc.org/isc-projects/kea/-/wikis/known-issues-list. We ask users of this software to please let us know how it worked for you and what operating system you tested on. Feel free to share your feedback on the Kea Users mailing list (https://lists.isc.org/mailman/listinfo/kea-users). We would also like to hear whether the documentation is adequate and accurate. Please open tickets in the Kea GitLab project for bugs, documentation omissions and errors, and enhancement requests. We want to hear from you even if everything worked. ## Support Professional support for Kea is available from ISC. We encourage all professional users to consider this option; Kea maintenance is funded with support subscriptions. For more information on ISC's Kea software support, see https://www.isc.org/support/. Free best-effort support is provided by our user community via a mailing list. Information on all public email lists is available at https://www.isc.org/community/mailing-list. If you have any comments or questions about working with Kea, please share them to the Kea Users list (https://lists.isc.org/mailman/listinfo/kea-users). Bugs and feature requests may be submitted via GitLab at https://gitlab.isc.org/isc-projects/kea/-/issues. ## Changes The following summarizes changes and important upgrades since the 2.7.4 release. 2313. [doc] marcin Clarified that the FLQ allocator should not be used with shared lease database. (Gitlab #3577) 2312. [doc] fdupont Made clear that when a HTTP control channel is reconfigured with the same address and port the listener socket is reused so any TLS setup change is ignored. (Gitlab #3255) 2311. [doc] piotrek Added a more extensive definition of the tuple DHCP option type in the ARM documentation. (Gitlab #3661) 2310. [bug] andrei Kea servers no longer increase in memory when being reconfigured. (Gitlab #3652) 2309. [build] mgodzina The library version numbers have been bumped up for the Kea 2.7.5 development release. (Gitlab #3695) 2308. [bug] marcin Prevent the servers from returning to HA maintenance states after receiving the ha-maintenance-cancel command while they also respond to the DHCP traffic. (Gitlab #3655) 2307. [func] tmark The parameter "client-class" (a single class name) in shared networks, subnets, and pools has been replaced with "client-classes" (a list of one or more class names). This applies to both kea-dhcp4 and kea-dhcp6. (Gitlab #3592) 2306. [func] fdupont Added a new "http-headers" parameter to the CA and HTTP control socket configuration sections which can be used to specify extra 'name: value' headers to be added to HTTP responses. (Gitlab #3609) 2305. [func] tmark Both kea-dhcp4 and kea-dhcp6 servers will now log a warning message when they detect classes that configure lease life time parameters (e.g. 'valid-lifetime', 'preferred-lifetime') while also setting 'only-in-additional-list' to true. (Gitlab #2736) 2304. [bug] tmark Modified both kea-dhcp4 and kea-dhcp6 to avoid generating DDNS update requests when leases are being reused due to lease caching. (Gitlab #3257) Thank you again to everyone who assisted us in making this release possible. We look forward to receiving your feedback.