Auf ICVPN-V4 verzichten und IP-Bereiche größer machen

Technik Infrastruktur / Backbone
22

Grundsätzlich bin ich auch dafür die Bereiche zu vergrößern, zumindest längerfristig.
Wenn die beiden KEA Instanzen sich jedoch einen DHCP-Bereich teilen dann stehen doch jeder Domäne rund 2048 Adressen zur Verfügung. Ich hab grad mal in Dom01 geguckt, die kommt auf max 1000 Clients in der Spitze (bislang) oder meint ihr das die Adressen dennoch knapp werden könnten wegen der Lease-time?

Mir ist gestern Abend aufgefallen das der IP bereich bei Des1 wesentlich kleiner ist als bei Parad0x. Welchen Grund hat das? Würde es nicht mehr sinn machen diese 50/50 aufzuteilen? Dann wäre das Problem der Knappheit zwar nicht gelöst aber zumindest ein wenig minimiert…

Gruß Marius

1 „Gefällt mir“
23

@descilla, ich hab die DHCP-Bereiche in der host_vars/des1 korrigiert. Kannst du das bitte mit Kea ausrollen? Mir ist nicht klar, welche der drei Rollen für die Gateways ist. Die Benennung entspricht nicht dem bisherigen Schema gateways_dienst.

1 „Gefällt mir“
24

Nachdem ich gestern auf einigen Kisten (dort, wo kea bereits psql nutzt) das collectd script angepasst habe, sodass wir jetzt einen Überblick über die leases pool utilization bekommen, ist mir heute direkt folgendes aufgefallen:

active_kea_leases.png1904×803 69 KB

available_leases.png1906×804 72.8 KB

Über weite Strecken des Tages war der IPv4 Pool für Domäne-01 auf remue-09 aufgebraucht. Im kea log waren entsprechende Meldungen zu finden:

...
2017-04-02 15:06:45.260 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 f8:84:f2:xx:xx:xx], cid=[01:f8:84:f2:xx:xx:xx], tid=0x8eb1xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:08.721 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 e0:b5:2d:xx:xx:xx], cid=[01:e0:b5:2d:xx:xx:xx], tid=0xdcf7xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:44.595 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 9c:fc:01:xx:xx:xx], cid=[01:9c:fc:01:xx:xx:xx], tid=0x4998xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:45.852 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 dc:2b:2a:xx:xx:xx], cid=[01:dc:2b:2a:xx:xx:xx], tid=0xc7bexxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:47.473 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 9c:fc:01:xx:xx:xx], cid=[01:9c:fc:01:xx:xx:xx], tid=0x4998xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:47.806 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 dc:2b:2a:xx:xx:xx], cid=[01:dc:2b:2a:xx:xx:xx], tid=0xc7bexxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:52.980 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 9c:fc:01:xx:xx:xx], cid=[01:9c:fc:01:xx:xx:xx], tid=0x4998xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:53.537 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 a4:f1:e8:xx:xx:xx], cid=[01:a4:f1:e8:xx:xx:xx], tid=0xfbebxxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:54.315 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 24:f0:94:xx:xx:xx], cid=[01:24:f0:94:xx:xx:xx], tid=0xdf41xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:55.975 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 5c:2e:59:xx:xx:xx], cid=[01:5c:2e:59:xx:xx:xx], tid=0x3c92xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:56.275 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 b4:ef:39:xx:xx:xx], cid=[01:b4:ef:39:xx:xx:xx], tid=0xb71exxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:56.460 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 24:f0:94:xx:xx:xx], cid=[01:24:f0:94:xx:xx:xx], tid=0xdf41xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:56.582 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 fc:19:10:xx:xx:xx], cid=[01:fc:19:10:xx:xx:xx], tid=0xdfb9xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:57.735 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 a4:f1:e8:xx:xx:xx], cid=[01:a4:f1:e8:xx:xx:xx], tid=0xfbebxxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:59.726 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 b4:ef:39:xx:xx:xx], cid=[01:b4:ef:39:xx:xx:xx], tid=0xb71exxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:07:59.919 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 68:76:4f:xx:xx:xx], cid=[no info], tid=0x285bxxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:00.891 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 5c:2e:59:xx:xx:xx], cid=[01:5c:2e:59:xx:xx:xx], tid=0x3c92xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:01.016 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 e8:93:09:xx:xx:xx], cid=[01:e8:93:09:xx:xx:xx], tid=0x6793xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:04.837 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 68:76:4f:xx:xx:xx], cid=[no info], tid=0x285bxxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:08.471 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 5c:2e:59:xx:xx:xx], cid=[01:5c:2e:59:xx:xx:xx], tid=0x3c92xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:08.853 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 0c:77:1a:xx:xx:xx], cid=[01:0c:77:1a:xx:xx:xx], tid=0xade2xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:10.160 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 0c:77:1a:xx:xx:xx], cid=[01:0c:77:1a:xx:xx:xx], tid=0xade2xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:10.749 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 98:fe:94:xx:xx:xx], cid=[01:98:fe:94:xx:xx:xx], tid=0x8645xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:11.827 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 a4:f1:e8:xx:xx:xx], cid=[01:a4:f1:e8:xx:xx:xx], tid=0xfbebxxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:13.631 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 e8:93:09:xx:xx:xx], cid=[01:e8:93:09:xx:xx:xx], tid=0x6793xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:14.400 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 98:fe:94:xx:xx:xx], cid=[01:98:fe:94:xx:xx:xx], tid=0x8645xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:17.004 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 34:bb:26:xx:xx:xx], cid=[01:34:bb:26:xx:xx:xx], tid=0x903axxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:17.213 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 98:fe:94:xx:xx:xx], cid=[01:98:fe:94:xx:xx:xx], tid=0x8645xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:18.511 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 ac:ee:9e:xx:xx:xx], cid=[01:ac:ee:9e:xx:xx:xx], tid=0x41c2xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:20.225 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 a4:f1:e8:xx:xx:xx], cid=[01:a4:f1:e8:xx:xx:xx], tid=0xfbebxxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:20.837 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 34:bb:26:xx:xx:xx], cid=[01:34:bb:26:xx:xx:xx], tid=0x903axxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:22.036 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 b0:70:2d:xx:xx:xx], cid=[01:b0:70:2d:xx:xx:xx], tid=0xc214xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:23.704 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 b0:70:2d:xx:xx:xx], cid=[01:b0:70:2d:xx:xx:xx], tid=0xc214xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:26.881 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 b0:70:2d:xx:xx:xx], cid=[01:b0:70:2d:xx:xx:xx], tid=0xc214xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:27.162 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 a4:f1:e8:xx:xx:xx], cid=[01:a4:f1:e8:xx:xx:xx], tid=0xfbebxxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:28.005 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 dc:09:4c:xx:xx:xx], cid=[no info], tid=0x1baexxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:30.060 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 b0:70:2d:xx:xx:xx], cid=[01:b0:70:2d:xx:xx:xx], tid=0xc214xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:31.034 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 8c:f5:a3:xx:xx:xx], cid=[01:8c:f5:a3:xx:xx:xx], tid=0xa35dxxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:31.667 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 e8:93:09:xx:xx:xx], cid=[01:e8:93:09:xx:xx:xx], tid=0xdc38xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:32.148 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 b4:8b:19:xx:xx:xx], cid=[01:b4:8b:19:xx:xx:xx], tid=0x56acxxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:32.519 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 bc:44:86:xx:xx:xx], cid=[01:bc:44:86:xx:xx:xx], tid=0x1ff5xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:34.542 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 b4:8b:19:xx:xx:xx], cid=[01:b4:8b:19:xx:xx:xx], tid=0x56acxxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:35.799 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 bc:6c:21:xx:xx:xx], cid=[01:bc:6c:21:xx:xx:xx], tid=0xe141xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:36.699 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 a4:f1:e8:xx:xx:xx], cid=[01:a4:f1:e8:xx:xx:xx], tid=0xfbebxxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:36.887 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 e8:93:09:xx:xx:xx], cid=[01:e8:93:09:xx:xx:xx], tid=0xdc38xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:37.094 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 2c:ae:2b:xx:xx:xx], cid=[01:2c:ae:2b:xx:xx:xx], tid=0xc708xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:38.919 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 b0:70:2d:xx:xx:xx], cid=[01:b0:70:2d:xx:xx:xx], tid=0xc214xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:42.498 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 f8:23:b2:xx:xx:xx], cid=[no info], tid=0xb867xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:08:55.804 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 b0:70:2d:xx:xx:xx], cid=[01:b0:70:2d:xx:xx:xx], tid=0xc214xxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:09:24.855 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 84:38:38:xx:xx:xx], cid=[01:84:38:38:xx:xx:xx], tid=0x37acxxxx: failed to allocate an IPv4 address after 998 attempt(s)
2017-04-02 15:09:28.834 WARN  [kea-dhcp4.alloc-engine/7072] ALLOC_ENGINE_V4_ALLOC_FAIL [hwtype=1 8c:f5:a3:xx:xx:xx], cid=[01:8c:f5:a3:xx:xx:xx], tid=0x472fxxxx: failed to allocate an IPv4 address after 998 attempt(s)
...

Zwar waren die l2tp connections nicht ganz gleichmäßig verteilt, aber auch auf des-2 waren für dom-01 nicht mehr so viele Leases verfügbar (etwa 300 von 1k).

Daher möchte ich dieses Thema erneut aufgreifen: Was wollen wir machen?

PS: Ich werde später die KEA Aktualisierungen auf alle verbleibenden Gateways ebenfalls ausrollen. Ich denke, dass das hier beobachtete kein Einzelfall ist.

3 „Gefällt mir“