# Kea 2.7.4 Release Notes, October 30th, 2024

Welcome to Kea 2.7.4, the fifth monthly release of the 2.7 development
series. As with any other development release, use this with caution:
development releases are not recommended for production use.

Kea is a DHCP implementation developed by Internet Systems Consortium
(ISC) that features DHCPv4 and DHCPv6 servers with DNS update and a REST
API; optional database support (MySQL and PostgreSQL); optional RADIUS,
Kerberos, YANG/NETCONF, and GSS-TSIG support; and much more. Kea
provides extensive management capabilities, including but not limited
to: TLS support, Role-Based Access Control, run-time configuration
monitoring and updates via a REST API, host reservations, and client
classification.

The text below references issue numbers. For more details, visit the Kea
GitLab page at https://gitlab.isc.org/isc-projects/kea/-/issues. For
details about Docker issues, visit the page at
https://gitlab.isc.org/isc-projects/kea-docker/-/issues/. For details
about packaging, visit the page at
https://gitlab.isc.org/isc-projects/kea-packaging/-/issues/.

The following bug fixes and features have been implemented since the
previous release, version 2.7.3:

 1. **SQL hooks**: Support for MySQL and PostgreSQL was moved to
separate hooks. Administrators who want to use specific backends need to
load those hooks. [ #3536]. The documentation regarding those new hooks
was updated [ #3586]. The parser was relaxed to accept any lease and
host database type [ #3585].
 2. **Class tags**: Option class-tagging allows an option value to be
conditionally applied to the response based on the client's class
membership. The effect is similar to using an if-block in ISC DHCP to
conditionally include options at a given scope. Class-tagging is done by
specifying a list of one or more class names in the option's
`client-classes` entry. Tagged classes can be used in global, network,
subnet, pool, class, and host scopes [ #3583].
 3. **Classification**: The `only-if-required` and
`require-client-classes` were renamed to `only-in-additional-list` and
`evaluate-additional-classes` [ #3587]. We fixed a bug where Kea did not
return the value of vendor-encapsulated-options when redefined in a
client class [ #3582, #3510]. Classes included in
'require-client-classes' that do not have test expressions will now be
unconditionally added to the client's list of matching classes;
previously they were ignored [ #3588]. Additional classes are now
evaluated in the same order as for option data, i.e. (pd-)pool, subnet,
and shared network. In earlier versions, the order was reversed but this
feature was not used [ #3590].
 4. **CCC Options**: The DHCPv4 daemon now supports CableLabs Client
Configuration option (122) and all its sub-options (except sub-option 3)
as defined in RFC3495, RFC3594, and RFC3634 [ #3404].
 5. **NTP Servers options**: We added support for the DHCPv6
`ntp-server` (56) option specified by RFC 5908 and its associated
suboptions in the `v6-ntp-server-suboptions` space [ #3390].
 6. **New API commands**: Three new commands were added:
`subnet4-select-test`, `subnet6-select-test`, and
`subnet4o6-select-test`. They can be used to check which subnet would be
selected for given parameters [ #2974].
 7. **Fuzzing support**: Kea source code has been fuzz-tested for a
while; we moved the fuzzing support into the public open source
repository [ #3605].
 8. **Build improvements**: A PostgreSQL 15-specific command was added
to improve portability [ #3630]. We dropped support for Botan without
TLS support [ #3552].
 9. **Bug fixes**: We fixed an incorrect value in `option_def_data_type`
[ #3631]. We fixed a problem in the shutdown procedure of the HTTP
connection pool [ #3602]. We fixed all problems reported by UBSAN
(Undefined Behaviour Sanitizer) [ #3616]. Kea no longer freezes during
restart when using host commands and a hosts database [ #3619]. We fixed
all relevant issues reported by Valgrind [ #3351]. We fixed a bug where
Kea did not return the value of vendor-encapsulated-options when
redefined in a client class [ #3582, #3510]. We fixed the application of
`output_options` when using the `config-set` command. We deprecated
`output_options`, which will be removed in future versions.
Configurations should be updated by switching to using `output-options`
instead [ #3594]. The code now prevents clients from declining expired
or released leases; only a valid lease assigned to the declining client
can now be declined. When a misbehaving client declined a lease it did
not own, it could distort statistics for assigned and declined leases [
#3565]. We fixed the serialization of the `retry-on-startup` database
configuration parameter as a boolean instead of a string [ #3578].
 10. **Documentation**: We fixed a typo in the `stash-agent-options`
documentation [ #3529, #3629]. We provided an explanation for why
`calculate-tee-times` has a different value in DHCPv4 and DHCPv6 [
#3538].

## Incompatible Changes

1. The `only-if-required` and `require-client-classes` parameters were
renamed to `only-in-additional-list` and `evaluate-additional-classes` [
#3587].
2. Classes included in `require-client-classes` that do not have test
expressions will now be unconditionally added to the client's list of
matching classes; previously they were ignored [ #3588].

## License

This version of Kea is released under the Mozilla Public License,
version 2.0.

https://www.mozilla.org/en-US/MPL/2.0

Some Kea hook libraries are provided under the MPL 2.0; others are
licensed with the [Kea Hooks Basic Commercial End User
License](https://www.isc.org/kea-premium-license/). The source for each
hook library includes the applicable license.

## Download

Pre-built ISC packages for current versions of the most popular Linux
operating systems are available at:

https://cloudsmith.io/\~isc/repos/

Pre-built Docker images, as well as Docker files, are available. For
details, see:

https://gitlab.isc.org/isc-projects/kea-docker

The Kea source and PGP signature for this release may be downloaded from:

https://www.isc.org/download

The signature was generated with the ISC code-signing key, which is
available at:

https://www.isc.org/pgpkey

ISC provides detailed documentation, including installation instructions
and usage tutorials, in the Kea Administrator Reference Manual.
Documentation is included with the installation or at
https://kea.readthedocs.io/en/latest/index.html in HTML, PDF, or EPUB
formats. ISC maintains a public open source code tree, wiki, issue
tracking system, milestone planner, and roadmap at
https://gitlab.isc.org/isc-projects/kea.

Limitations and known issues with this release can be found at
https://gitlab.isc.org/isc-projects/kea/-/wikis/known-issues-list.

We ask users of this software to please let us know how it worked for
you and what operating system you tested on. Feel free to share your
feedback on the Kea Users mailing list
(https://lists.isc.org/mailman/listinfo/kea-users). We would also like
to hear whether the documentation is adequate and accurate. Please open
tickets in the Kea GitLab project for bugs, documentation omissions and
errors, and enhancement requests. We want to hear from you even if
everything worked.

## Support

Professional support for Kea is available from ISC. We encourage all
professional users to consider this option; Kea maintenance is funded
with support subscriptions. For more information on ISC's Kea software
support, see https://www.isc.org/support/.

Free best-effort support is provided by our user community via a mailing
list. Information on all public email lists is available at
https://www.isc.org/community/mailing-list. If you have any comments or
questions about working with Kea, please share them to the Kea Users
list (https://lists.isc.org/mailman/listinfo/kea-users). Bugs and
feature requests may be submitted via GitLab at
https://gitlab.isc.org/isc-projects/kea/-/issues.

## Changes

The following summarizes changes and important upgrades since the 2.7.3
release.

2302.   [func]      tmark
	Options may now be configured with a list of client 
	classes for which they apply.  This feature is referred to
	as "option class-tagging" and is supported by both
	kea-dhcp4 and kea-dhcp6.
	(GitLab #3583)

2301.	[func]		fdupont
	Added support of DHCPv4 "cablelab-client-conf" (122) option
	and its associated suboptions specified by RFC 3495, 3594
	and 3634 in the "cablelabs-client-conf" space at the
	exception of the suboption 3.
	(Gitlab #3404)

2300.	[build, func]		andrei
	Standalone fuzz target binaries used in fuzz testing were added
	to the "fuzz" directory.
	(Gitlab #3605)

2299.	[func]*		fdupont
	Required classes are now evaluated in the same order as
	for option data, i.e. (pd-)pool, subnet and shared network.
	Before the order was reversed but this feature was not
	used.
	(Gitlab #3590)

2298.	[bug]		fdupont
	Fixed a bug where Kea did not return the value of
	vendor-encapsulated-options when redefined in a client class.
	(Gitlab #3582)

2297.	[build]*		fdupont
	Made the Botan boost TLS support mandatory. Changed
	the configure argument to --with-botan using
	the Botan pkg-config library name e.g. "botan-2".
	(Gitlab #3552)

2296.	[func]*		fdupont
	Classes included in 'require-client-classes' that do
	not have test expressions will now be unconditionally
	added to the client's list of matching classes.
	Previously they were ignored.
	(Gitlab #3388)

2295.	[func]		fdupont
	Relaxed the lease, host and config database backend types
	in the configuration syntax. This change is introduced to
	better handle optional backends provided in hooks, such as
	currently available MySQL or PostgreSQL hooks.
	(Gitlab #3585)

2294.	[func]		fdupont
	Added support of DHCPv6 "ntp-server" (56) option
	specified by RFC 5908 and its associated suboptions
	in the "v6-ntp-server-suboptions" space.
	(Gitlab #3390)

2293.	[build]		razvan
	The library version numbers have been bumped up for the Kea 2.7.4
	development release.
	(Gitlab #3639)

2292.	[doc]		tmark
	Updated the ARM to include and an explanation for why
	the default values for 'calculate-tee-times' are
	different for kea-dhcp4 and kea-dhcp6.
	(Gitlab #3538)

2291.	[func]		fdupont
	Added three new API commands: subnet4-select-test and
	subnet4o6-select-test to kea-dhcp4, and subnet6-select-test
	to kea-dhcp6.  These commands can be used to check which
	subnet the server will select based on given input parameters.
	(Gitlab #2974)

2290.	[bug]		razvan
	Fixed applying 'output_options' when using the 'config-set'
	command. Deprecated 'output_options' which will be removed in
	future versions. Configurations should be updated by switching
	to using 'output-options' instead.
	(Gitlab #3594)

2289.	[func]*		razvan
	Support for lease, host, and config backends for MySQL and
	PostgreSQL have been consolidated into a single hook library for
	each data base: 'libdhcp_mysql.so' and 'libdhcp_pgsql.so'
	respectively.
	(Gitlab #3536)

2288.	[bug]		marcin
	Prevent the clients from declining expired or released leases.
	Only a valid lease assigned to the declining client can now
	be declined. When a misbehaving client declined a lease it did
	not own it often led to inconsistent statistics of assigned and
	declined leases.
	(Gitlab #3565)

Thank you again to everyone who assisted us in making this release
possible.

We look forward to receiving your feedback.