# Kea 2.7.5 Release Notes, December 11th, 2024

Welcome to Kea 2.7.5, the fifth monthly release of the 2.7 development
series. As with any other development release, use this with caution:
development releases are not recommended for production use.

Kea is a DHCP implementation developed by Internet Systems Consortium
(ISC) that features DHCPv4 and DHCPv6 servers with DNS update and a REST
API; optional database support (MySQL and PostgreSQL); optional RADIUS,
Kerberos, YANG/NETCONF, and GSS-TSIG support; and much more. Kea
provides extensive management capabilities, including but not limited
to: TLS support, Role-Based Access Control, run-time configuration
monitoring and updates via a REST API, host reservations, and client
classification.

The text below references issue numbers. For more details, visit the Kea
GitLab page at https://gitlab.isc.org/isc-projects/kea/-/issues. For
details about Docker issues, visit the page at
https://gitlab.isc.org/isc-projects/kea-docker/-/issues/. For details
about packaging, visit the page at
https://gitlab.isc.org/isc-projects/kea-packaging/-/issues/.

The following bug fixes and features have been implemented since the
previous release, version 2.7.4:

1. **Classification update**: It is now possible to define multiple
client classes when limiting access to networks, subnets, and pools. The
parameter "client-class" (a single class name) in shared networks,
subnets, and pools has been replaced with "client-classes" (a list of
one or more class names). This applies to both kea-dhcp4 and kea-dhcp6.
The older syntax still works, but is now deprecated and will be removed
in the future [#3592].
2. **Custom HTTP headers**: Kea servers can now be configured to send
arbitrary HTTP headers. This might be useful to better adhere to certain
policies, such as HTTP Strict Transport Security [#3609].
3. **Memory usage**: Kea now uses less memory when reconfiguring: it
previously kept up to 10 previous configurations while reconfiguring,
which needlessly used memory. This inefficiency is now removed [#3652].
4. **Bug fixes**: A bug was fixed that prevented the server from
resuming DHCP traffic handling after receiving the
`ha-maintenance-cancel` command [#3655]. Kea now prints a warning if the
configured lifetimes in classes are not usable [#2736]. Both Kea DHCPv4
and DHCPv6 servers no longer generate DDNS updates when leases are
reused due to lease caching [#3257].
5. **Documentation updates**: The lease file format is now documented in
the Developer's Guide. Users are not expected to interact with the lease
files directly; we recommend using the API instead. Nevertheless, it
might be useful in some cases to understand the data stored in the lease
files [#3414]. The concept of "class guard", a mechanism to restrict
access to certain subnets or pools to clients that belong to a certain
class, was explained with more examples [#3348]. A clarification was
added that, by default, the DHCPv4 server always prefers to use the
contents of the FQDN option over the host name option. However, if some
other behavior (such as preferring host name over FQDN) is desired, it
can be achieved with the DDNS tuning hook. An example of this is now
documented [#1989]. Several tests were conducted for the FLQ allocator
used in shared database scenarios, and the conclusion is that usage of
FLQ with shared databases is not recommended [#3577]. We clarified that
TLS certificates are not updated during reconfiguration. Migrating to
new certificates requires a full restart [#3255]. The tuple definition
has been updated [#3661].
6. **Testing and CI**: The Continuous Integration (CI) pipeline
definitions were updated to no longer prevent Merge Requests (MRs) from
being merged if the build-tarball job fails [#3669].

## Incompatible Changes

1. The `client-class` clause is being replaced with `client-classes`.
See bullet 1 in the features list above for details. The old syntax is
still accepted, but is now deprecated.

## License

This version of Kea is released under the Mozilla Public License,
version 2.0.

https://www.mozilla.org/en-US/MPL/2.0

Some Kea hook libraries are provided under the MPL 2.0; others are
licensed with the [Kea Hooks Basic Commercial End User
License](https://www.isc.org/kea-premium-license/). The source for each
hook library includes the applicable license.

## Download

Pre-built ISC packages for current versions of the most popular Linux
operating systems are available at:

https://cloudsmith.io/\~isc/repos/

Pre-built Docker images, as well as Docker files, are available. For
details, see:

https://gitlab.isc.org/isc-projects/kea-docker

The Kea source and PGP signature for this release may be downloaded from:

https://www.isc.org/download

The signature was generated with the ISC code-signing key, which is
available at:

https://www.isc.org/pgpkey

ISC provides detailed documentation, including installation instructions
and usage tutorials, in the Kea Administrator Reference Manual.
Documentation is included with the installation or at
https://kea.readthedocs.io/en/latest/index.html in HTML, PDF, or EPUB
formats. ISC maintains a public open source code tree, wiki, issue
tracking system, milestone planner, and roadmap at
https://gitlab.isc.org/isc-projects/kea.

Limitations and known issues with this release can be found at
https://gitlab.isc.org/isc-projects/kea/-/wikis/known-issues-list.

We ask users of this software to please let us know how it worked for
you and what operating system you tested on. Feel free to share your
feedback on the Kea Users mailing list
(https://lists.isc.org/mailman/listinfo/kea-users). We would also like
to hear whether the documentation is adequate and accurate. Please open
tickets in the Kea GitLab project for bugs, documentation omissions and
errors, and enhancement requests. We want to hear from you even if
everything worked.

## Support

Professional support for Kea is available from ISC. We encourage all
professional users to consider this option; Kea maintenance is funded
with support subscriptions. For more information on ISC's Kea software
support, see https://www.isc.org/support/.

Free best-effort support is provided by our user community via a mailing
list. Information on all public email lists is available at
https://www.isc.org/community/mailing-list. If you have any comments or
questions about working with Kea, please share them to the Kea Users
list (https://lists.isc.org/mailman/listinfo/kea-users). Bugs and
feature requests may be submitted via GitLab at
https://gitlab.isc.org/isc-projects/kea/-/issues.

## Changes

The following summarizes changes and important upgrades since the 2.7.4
release.

2313.	[doc]		marcin
	Clarified that the FLQ allocator should not be used with shared
	lease database.
	(Gitlab #3577)

2312.	[doc]		fdupont
	Made clear that when a HTTP control channel is reconfigured
	with the same address and port the listener socket is reused
	so any TLS setup change is ignored.
	(Gitlab #3255)

2311.	[doc]		piotrek
	Added a more extensive definition of the tuple DHCP option
	type in the ARM documentation.
	(Gitlab #3661)

2310.	[bug]		andrei
	Kea servers no longer increase in memory when being reconfigured.
	(Gitlab #3652)

2309.	[build]		mgodzina
	The library version numbers have been bumped up for the Kea 2.7.5
	development release.
	(Gitlab #3695)

2308.	[bug]		marcin
	Prevent the servers from returning to HA maintenance
	states after receiving the ha-maintenance-cancel command
	while they also respond to the DHCP traffic.
	(Gitlab #3655)

2307.	[func]		tmark
	The parameter "client-class" (a single class name) in
	shared networks, subnets, and pools has been replaced with
	"client-classes" (a list of one or more class names).
	This applies to both kea-dhcp4 and kea-dhcp6.
	(Gitlab #3592)

2306.	[func]		fdupont
	Added a new "http-headers" parameter to the CA and
	HTTP control socket configuration sections which can
	be used to specify extra 'name: value' headers to be
	added to HTTP responses.
	(Gitlab #3609)

2305.	[func]		tmark
	Both kea-dhcp4 and kea-dhcp6 servers will now
	log a warning message when they detect classes that
	configure lease life time parameters (e.g. 'valid-lifetime',
	'preferred-lifetime') while also setting
	'only-in-additional-list' to true.
	(Gitlab #2736)

2304.	[bug]		tmark
	Modified both kea-dhcp4 and kea-dhcp6 to avoid
	generating DDNS update requests when leases are
	being reused due to lease caching.
	(Gitlab #3257)

Thank you again to everyone who assisted us in making this release
possible.

We look forward to receiving your feedback.