--- title: release notes 2.7.7 --- # Kea 2.7.7 Release Notes, March 26th, 2025 Welcome to Kea 2.7.7, the sixth monthly release of the 2.7 development series. As with any other development release, use this with caution: development releases are not recommended for production use. Kea is a DHCP implementation developed by Internet Systems Consortium (ISC) that features DHCPv4 and DHCPv6 servers with DNS update and a REST API; optional database support (MySQL and PostgreSQL); optional RADIUS, Kerberos, YANG/NETCONF, and GSS-TSIG support; and much more. Kea provides extensive management capabilities, including but not limited to: TLS support, Role-Based Access Control, run-time configuration monitoring and updates via a REST API, host reservations, and client classification. The text below references issue numbers. For more details, visit the Kea GitLab page at https://gitlab.isc.org/isc-projects/kea/-/issues. For details about Docker issues, visit the page at https://gitlab.isc.org/isc-projects/kea-docker/-/issues/. For details about packaging, visit the page at https://gitlab.isc.org/isc-projects/kea-packaging/-/issues/. The following bug fixes and features have been implemented since the previous release: 1. **Open source hooks**: The following hooks, previously available only under commercial licensing, are now open sourced under the Mozilla MPLv2 license: Class Commands, DDNS Tuning, Flexible Identifier, Forensic Logging, GSS-TSIG, Host Cache, Host Commands, Leasequery, Limits, Ping Check, RADIUS, and Subnet Commands [#3333, #3808]. 2. **Meson build system**: Starting with this release, Kea now uses the Meson build system. The new system is expected to address most of the problems with the aging autotools system: faster build time, better scalability, cleaner code, greater ease of use, and a generally modern look and feel. For the time being, Meson is available only in the source code repository alongside autotools, not in the tarball. The intention is to remove autotools in the future and make Meson the default build system. Since this is a major change, please consider it experimental. Feedback and patches are welcome [#304, #3443, #3729, #3730, #3731]. If you're switching to Meson, this page may prove helpful: https://gitlab.isc.org/isc-projects/kea/-/wikis/Processes/How-To-Meson. 3. **Address registration in DHCPv6**: Support for a new mechanism defined in RFC9686, address registration, has been implemented. The idea departs from the usual DHCP concept of the server assigning addresses to clients; instead, devices can generate their own IPv6 addresses, using SLAAC or other methods, and then register them in the DHCPv6 server [#3683, #3725, #3802]. 4. **Better dual-stack support**: All three (DHCPv4, DHCPv6, DHCP-DDNS) daemons can now be configured to listen on multiple sockets, including mixed IPv4/IPv6. This new capability can be leveraged using the `control-sockets` list [#3082, #3721]. 5. **Binding variables**: A popular feature of ISC DHCP is now available in Kea: the `lease-cmds` hook library now supports storing custom values, referred to as `binding-variables`, within the lease's `user-context`. This is supported in both kea-dhcp4 and kea-dhcp6 [#3463]. 6. **Class tagging improvements**: We have added the ability to choose from multiple occurrences of the same option based on class-tagging. Previously, the last occurrence listed was the only option considered [#3747]. 7. **Build improvements**: Obsolete code no longer required by new versions of Boost was removed [#3793]. Old code for coroutines needed for an older version of Boost, present in CentOS 7, was removed. Newer Boost versions include the new code [#3325]. The Forensic Logging hook code was updated to take advantage of the MySQL or PostgreSQL hooks, if present. However, Forensic Logging can be loaded without them, removing the dependency on MySQL/PostgreSQL [#3710]. The script that regenerates debug-messages.rst skips generation if premium code is not present [#3678]. We fixed an incorrect conditional compilation in iface_mgr_unittest.cc [#3742]. The code no longer requires a server-side PostgreSQL dependency [#3711]. The code is now compatible with MariaDB with Botan [#3726]. We fixed an ABI error when using hammer on FreeBSD [#3738]. 8. **Security**: It is now easier to enable TLS and it no longer requires server restart; it is possible to use `config-reload`. However, a different address or port must be specified when switching from HTTP to HTTPS or vice versa [#3694]. 9. **Bug fixes**: Inaccurate counters in statistics were fixed. This affected many scenarios, including some where allocated addresses incorrectly reported negative numbers [#1336]. We fixed a bug which caused the allocation engine to send a NAK in deployments where two Kea instances shared a database and one of them lost a race [#3648]. Lease reclamation is now skipped and rescheduled while the DHCP service is disabled. This is true for both DHCPv4 and DHCPv6 servers. While the old behavior was not strictly a bug, the new behavior avoids certain complications [#3693]. A potential bug was fixed in handling truncated packets [#3712]. We fixed a problem in handling user context when `store-extended-info` and lease limits in classes were used together [#3702]. 10. **Documentation**: Searching in the ARM now works better and it no longer ignores hyphens and quotes [#3766]. ## Incompatible Changes There are no incompatible changes; however, taking advantage of some of the new features requires changes: 1. Listening on multiple control sockets requires migrating from the `control-socket` map to a `control-sockets` list. 2. Using the Meson build system requires a different tool chain (Meson, Ninja), and autotools (Automake, Autoconf, Libtool, Make) are no longer used if the Meson build system is in use. 3. Now that many hooks are re-licensed as open source, the package layout has been updated and the Premium package is no longer needed. The packages have been rearranged in the Cloudsmith.io repositories. To avoid package duplication, the `kea-dev-prv` private repository no longer includes the open source code, but includes only remaining commercially licensed hooks. To access subscriber-only content, entitled users need to enable both the open source `kea-dev` repository and the `kea-dev-prv` repository. Upgrading via the package manager should seamlessly update both the open source and the code in `kea-dev-prv`. ## License This version of Kea is released under the Mozilla Public License, version 2.0. https://www.mozilla.org/en-US/MPL/2.0 Some Kea hook libraries are provided under the MPL 2.0; others are licensed with the [Kea Hooks Basic Commercial End User License](https://www.isc.org/kea-premium-license/). The source for each hook library includes the applicable license. ## Download Pre-built ISC packages for current versions of the most popular Linux operating systems are available at: https://cloudsmith.io/~isc/repos/ Pre-built Docker images, as well as Docker files, are available. For details, see: https://gitlab.isc.org/isc-projects/kea-docker The Kea source and PGP signature for this release may be downloaded from: https://www.isc.org/download The signature was generated with the ISC code-signing key, which is available at: https://www.isc.org/pgpkey ISC provides detailed documentation, including installation instructions and usage tutorials, in the Kea Administrator Reference Manual. Documentation is included with the installation or at https://kea.readthedocs.io/en/latest/index.html in HTML, PDF, or EPUB formats. ISC maintains a public open source code tree, wiki, issue tracking system, milestone planner, and roadmap at https://gitlab.isc.org/isc-projects/kea. Limitations and known issues with this release can be found at https://gitlab.isc.org/isc-projects/kea/-/wikis/known-issues-list. We ask users of this software to please let us know how it worked for you and what operating system you tested on. Feel free to share your feedback on the Kea Users mailing list (https://lists.isc.org/mailman/listinfo/kea-users). We would also like to hear whether the documentation is adequate and accurate. Please open tickets in the Kea GitLab project for bugs, documentation omissions and errors, and enhancement requests. We want to hear from you even if everything worked. ## Support Professional support for Kea is available from ISC. We encourage all professional users to consider this option; Kea maintenance is funded with support subscriptions. For more information on ISC's Kea software support, see https://www.isc.org/support/. Free best-effort support is provided by our user community via a mailing list. Information on all public email lists is available at https://www.isc.org/community/mailing-list. If you have any comments or questions about working with Kea, please share them to the Kea Users list (https://lists.isc.org/mailman/listinfo/kea-users). Bugs and feature requests may be submitted via GitLab at https://gitlab.isc.org/isc-projects/kea/-/issues. ## Changes The following summarizes changes and important upgrades since the previous release. 2335. [func] razvan The following hook libraries are now open source: for the kea-dhcp4 and the kea-dhcp6 servers 'libdhcp_class_cmds', 'libdhcp_ddns_tuning', 'libdhcp_flex_id', 'libdhcp_legal_log', 'libdhcp_host_cache', 'libdhcp_host_cmds', 'libdhcp_lease_query', 'libdhcp_limits', 'libdhcp_ping_check', 'libdhcp_radius', 'libdhcp_subnet_cmds' and for the kea-dhcp-ddns server 'libddns_gss_tsig'. (Gitlab #3333) 2334. [func] fdupont Added experimental support for registering self-generated IPv6 addresses using DHCPv6 (RFC 9686). (Gitlab #3683, #3802) 2333. [build] andrei, fdupont Added meson as a build system. (Gitlab #3443, #3729, #3730, #3731) 2332. [func] tmark Lease reclamation is now skipped and rescheduled while DHCP service is disabled. This applies to both kea-dhcp4 and kea-dhcp6. (Gitlab #3693) 2331. [bug] tmark Added support for choosing from multiple occurrences of the same option based on class-tagging. Prior to this the last occurrence listed was the only option considered. (Gitlab #3747) 2330. [func] tmark The lease-cmds hook library now supports storing custom values, referred to as ``binding-variables``, within the lease's ``user-context``. Supported in both kea-dhcp4 and kea-dhcp6. (Gitlab #3463) 2329. [bug] andrei An "argument list too long" error message no longer appears when the "kea-admin lease-upload" command tries to upload a large set of leases. The command is also significantly faster now. (Gitlab #3666) 2328. [build] andrei Kea no longer depends on a PostgreSQL server development header. (Gitlab #3711) 2327. [build] mgodzina The library version numbers have been bumped up for the Kea 2.7.7 development release. (Gitlab #3817) 2326. [bug] razvan Fixed a bug which was causing the allocation engine to reject the lease if a data race caused by a different server updating the shared database entries was detected. The entire packet is now dropped in this particular case. This applies to both kea-dhp4 and kea-dhcp6 servers. (Gitlab #3648) 2325. [bug] razvan Fixed a bug which was causing address allocation counters to be negative when client released leases and the server has lease affinity and lease reclamation enabled. (Gitlab #1336) 2324. [func] razvan It is not necessary to restart the server to apply changes in the TLS configuration. Running the "config-reload" command is sufficient. A different address or port must be specified when switching from HTTP to HTTPS or from HTTPS to HTTP. (Gitlab #3694) And for Kea premium: 210. [func] razvan The following hook libraries are now open source: for the kea-dhcp4 and the kea-dhcp6 servers 'libdhcp_class_cmds', 'libdhcp_ddns_tuning', 'libdhcp_flex_id', 'libdhcp_legal_log', 'libdhcp_host_cache', 'libdhcp_host_cmds', 'libdhcp_lease_query', 'libdhcp_limits', 'libdhcp_ping_check', 'libdhcp_radius', 'libdhcp_subnet_cmds' and for the kea-dhcp-ddns server 'libddns_gss_tsig'. (Gitlab #3333) 209. [bug] andrei An issue was fixed where limits set at the client class level would not have any effect if store-extended-info was enabled. (Gitlab #3702) Thank you again to everyone who assisted us in making this release possible. We look forward to receiving your feedback.