Kea Significant Features Matrix
  • 06 Jul 2023
  • 4 Minutes to read
  • Contributors
  • Dark
  • PDF

Kea Significant Features Matrix

  • Dark
  • PDF

Article Summary

This table lists the major feature differences for different releases of Kea. An "✔︎" in the table below indicates that feature is present in that branch. When all currently-supported versions of Kea have the feature, we remove the row (because there is no difference to highlight).

See Release Notes for More Detailed Changes

This list does not include many smaller changes, including changes in existing features or minor new features. For more detail, we recommend checking release notes. Release notes for the first release on a new stable branch (e.g. 2.2.0) will include significant changes since the last stable version.

Please use the slider underneath each table to scroll left and right.
Feature Kea 1.8 eol Kea 2.0 eol Kea 2.2 Stable Kea 2.4 Stable
Access Control (see also TLS support) basic local authentication new RBAC hook ✔︎
Address allocation iterative iterative iterative iterative, random, free leases queue
`offer-lifetime` allows early allocation
Bulk Lease Query new hook lib, DHCPv4 & DHCPv6
Cache Threshold - minimize updates to existing leases X ✔︎ ✔︎
Database - Cassandra backend ✔︎ deprecated, will be removed in 2.2 REMOVED -
Database - Configuration backend using PostgreSQL ✔︎ ✔︎
Database - reconnect ✔︎ updated 1.9.4, see `on-fail` logic for how to handle failures ✔︎ ✔︎
DDNS Controls ✔︎ ✔︎ new DDNS-Tuning hook `ddns-ttl-percent`
Drop class for clients with reservations ✔︎ ✔︎ ✔︎
High Availability paged updates now multi-threaded ✔︎ ✔︎
Host Reservations Mode - Global ✔︎ ✔︎ Options/modes changed, `early-global-reservations-lookup` reservations with address out of subnet overridden
Host Reservations Mode - multiple separate controls for global, in-subnet or out-of-pool reservation modes `reservations-lookup-first` empty host reservations
Lease migration between backends leases can now be exported from one backend and imported into another ✔︎
Libreload removed
Lease-lifetime preferred and valid lease lifetimes added to client classes ✔︎ new DHCPv4 `offer-lifetime` parameter,
DHCPv6 preferred lifetime is calculated as
0.625 * `valid-lifetime` unless explicitly specified,
or if specified value > valid lifetime
affinity for release leases
Multiple MAC reservations for the same IP ✔︎ ✔︎ ✔︎
Multithreading support ✔︎ (not including HA) ✔︎ (added MT for HA, bypassing the CA) ✔︎ ✔MT enabled by default
Options ✔︎ ✔︎ (added MT for HA, bypassing the CA) ✔︎ multiple vendor options with multiple
vivco suboptions and different enterprise IDs
multiple instances of DHCPv6
vendor-class and vendor-opts.
'DNR' encrypted DNS options
DHCPv4 Option #143 and DHCPv6 Option #136 per RFC8572
`never-send` flag
Statistics per-pool statistics added
Template classes ✔︎
TLS support CA can require client identification and can use TLS encryption for client connections TLS secures connections between Kea and MySQL & PostgreSQL backends ✔︎
YANG model support ✔︎ ✔︎ YANG model updated, Sysrepo 1.4 updated to libyang 2.x, Sysrepo 2.x

Kea hook libraries extend the base functionality of the open source Kea DHCP server. Kea hook libraries are distributed in source code form, but are not open source. ISC offers several "premium" hooks for purchase on our website at We also offer support subscriptions, which include both the premium hooks and several subscriber-only Kea hooks (indicated by a + in the table). If you are interested in subscribing to ISC's software support services, please visit to request more information.

This table lists the versions of Kea and the Kea hook libraries ISC supports with each version. In general, we recommend updating your hook libraries every time you update Kea. ISC does not test new versions of Kea with older versions of the hook libraries and cannot guarantee they will work as expected.

Hook Libraries Kea 1.8 eol Kea 2.0 eol Kea 2.2 Stable Kea 2.4 Stable Premium package Subscriber package Enterprise package
BOOTP (RFC 1497) ✔︎ ✔︎ ✔︎ ✔︎
Class Commands ✔︎ ✔︎ ✔︎ ✔︎ + +
Configuration Backend Commands, requires either Configuration Backend for PostgreSQL or Configuration Backend for MySQL ✔︎ support for client-classes added ✔︎
support for PostgreSQL backend, options preserved from client classes in cfg backend
✔︎ + +
DDNS Tuning 2.1.5
✔︎ + + +
Flexible Identifier ✔︎ ✔︎ ✔︎ ✔︎ + + +
Flexible Options ✔︎ new CSV-format, support for sub-options ✔︎ + + +
Forensic Logging ✔︎ configurable with expressions added timestamp format now records whether the lease change is an administrative action or an automated HA update + + +
GSS-TSIG perform GSS-TSIG updates via Kerberos ✔︎ + +
High Availability ✔︎ Significantly updated for better performance with MT, CA bypass, added communication-recovery state, delayed updates, improved DHCP enable/disable ✔︎ `max-rejected-lease-updates` added
Host Commands reservation-get-all, reservation-get-page lease4(6)-get-by-clientid(duid, hostname, hwaddress) subnet-id parameter is now optional `reservation-get-by-address`, `reservation-update` added + + +
Lease Commands ✔︎ ✔︎ Lease lifetimes based on client class `lease4-write` and `lease6-write`
new lease conflict status codes
Leasequery ✔︎ ✔︎ ✔︎ ✔︎ + +
Limits new hook limits leases per second, leases per class ✔︎ + +
MySQL Configuration Backend ✔︎ ✔︎ ✔︎ ✔︎ + +
PostgreSQL Configuration Backend ✔︎ ✔︎ + +
RADIUS Integration cache-size, cache-get-by-id ✔︎ RADIUS subnet selection added ✔︎ + +
Role-Based Access Control ✔︎ +
Run Script hook ✔︎ ✔︎ ✔︎
Statistics Commands subnet4-update, subnet6-update ✔︎ ✔︎ ✔︎
Subnet Commands subnet4-update, subnet6-update ✔︎ ✔︎ ✔︎ + +
User Check (example hook) ✔︎ ✔︎ ✔︎ ✔︎