After upgrading to 24.11 DHCP fails every 10-14 days
-
@lohphat said in After upgrading to 24.11 DHCP fails every 10-14 days:
No mention that KEA is not tested/stable anywhere obvious.
Other than the blog they posted and the release notes.. Why would anyone read those ;)
https://www.netgate.com/blog/netgate-adds-kea-dhcp-to-pfsense-plus-software-version-23.09-1
https://docs.netgate.com/pfsense/en/latest/releases/23-09.html#rn-23-09-kea
Should they still have such a warning in the 24.11 release notes - sure ok.. I don't think anyone is giving away awards to netgate for their handling of how they rolled out the preview of kea to be honest ;)
They put up this blog for 24.08 before it got changed to be 24.11
https://www.netgate.com/blog/improvements-to-kea-dhcp
They could of maybe highlighted this statement a bit more I guess.
Migration Timeline
The migration to Kea DHCP has been ongoing for some time, and with the addition of High Availability support in pfSense Plus software version 24.08, we are approaching the final stages of this transition. Our goal is to reach feature parity between the Kea and ISC DHCP backends over the next few releases.
If anything such comments like goal over the next few releases to reach parity should flag you to maybe look into it a bit more before kicking switch.
The warning about deprecation, could of been worded better - don't think your going to find many people that think it was perfect.
But information is available, and its not hidden away somewhere in a redmine.. And breeze through the forums now and then to see what users are running into, etc. While there is also this redmine
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.7.2, 24.11 -
@johnpoz said in After upgrading to 24.11 DHCP fails every 10-14 days:
hahah - dude I use to love those binders they would send with all the CDs..
I had lots of those little binder books full of CDs! Finally with MSDN it moved to online downloads once Internet speeds picked up.
I did all that as part of my job before retirement. Had to maintain a lot of Microsoft stuff throughout my career after Netware finally was phased out and Bill Gates won the corporate networking wars. Cut my initial networking teeth on Novell Netware and IPX/SPX. Even had some Token Ring stuff for a bit. Later we toyed with TCP/IP on Netware before moving fully to the Microsoft world.
I guess we sound like a pair of old guys talking about the hard times when we were kids -- such as "having to walk to school and back home barefoot in a snow storm and it was uphilll both ways
! -
@johnpoz said in After upgrading to 24.11 DHCP fails every 10-14 days:
Other than the blog they posted and the release notes.. Why would anyone read those ;)
I did read them and none of them really raised the issues of your previous message did.
@johnpoz said in After upgrading to 24.11 DHCP fails every 10-14 days:
I still run ISC and no plans to switching to kea until sometime down the road when all the kinks have been worked out.
Those concerns are not in the Warning info box nor in the GUI.
Customers are not all developers and should be presented with the default stable choices and not led down a path of "Deprecated, this will be going away soon" in the GUI if there are "kinks" which still need to be worked out -- placing "EXPERIMENTAL on 32bit platforms" would have been a more appropriate and informative detail to at least raise an immediate sense of caution for those of us who are on those platforms.
I've switched DCHP modules and will report back if there are any issues.
Thank you for the developer insights, but now that we know that the kea DHCP server can just poop the bed randomly on 32-bit platforms and there's no watchdog to restart it by default, something still needs to be done for those of us in this situation.
Given a new 4200 cost ($570) to replace the 3100, I might as well look at a PA-4xx series.
-
@bmeeks said in After upgrading to 24.11 DHCP fails every 10-14 days:
barefoot in a snow storm and it was uphilll both ways
It was 20 miles for me ;) heheheh
-
@bmeeks
Sounds like we had similar facets to our careers. Started working in an integration house at 15 in 1980 then moved to ARC Net, Novell, then MSFT.Now my final gig, retrofitting a TV studio with older SDI cabling ST2110 (video over IP) with a 100Gbit backbone.
-
are all 'solved' when you use 24.11 ...
That is, I wouldn't want to wait for Remote DNS server registration (kea calls it D2) and as the binary is there, I've put it to work.
I don't need the HA part of kea, as Ive only one pfSense.
The rest : works for me.I agree with what bmeeks said above about 32 bit arm code. That said, I don't have 'arm' (firewall) devices, I don't have '32 bit' device anymore. And testing these issues is pretty hard core.
Still, '32 bits' stuff was phased out more the a couple of years ago, and while Netgate promised to support, this 'kea' core dumping is scary.
Just keep in mind that even if ISC DHCP earned the "depreciated' tag, it is still rock solid for many moons to come.Kea, right now, on a 4100 using 24.11 is pretty stable for me. I'll give it the title 'rock solid' in a month or two.
And, as stated above, I messing around with it.@lohphat said in After upgrading to 24.11 DHCP fails every 10-14 days:
Given a new 4200 cost ($570) to replace the 3100, I might as well look at a PA-4xx series.
Remove 120 or so from to get bare metal costs. With a non Netgate device you would have to buy pfSense plus. 2.7.2 doesn't have the latest kea upgrades / GUI implementations yet, although that will change soon.
A '4200' will give you a 64 bits x86-64 device, and I haven't heard of the upcoming x86-128 yet ^^No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
Redmine bug opened: https://redmine.pfsense.org/issues/15973
-
@Gertjan said in After upgrading to 24.11 DHCP fails every 10-14 days:
With a non Netgate device you would have to buy pfSense plus.
If I get a PA-4xx unit it will be running PANOS (Palo Alto Networks), not pfSense.
-
@Gertjan said in After upgrading to 24.11 DHCP fails every 10-14 days:
I agree with what bmeeks said above about 32 bit arm code.
Then don't release 24.11 for 32-arm and just EOL those platforms. Don't lead affected customers down an unstable path. Just end the support instead of introducing unstable code for the platform.
By telling customers that 24.11 is the preferred release that implies it works for your platform.
The conflicting messaging as to what's preferred, deprecated, supported, potentially unstable, etc. was not handled clearly.
-
I too have an SG-3100.
Only since I updated the version to 24.11 from 24.08 has my network been flaking out.
All the devices, and I have like 50 wifi lamps, 40 IOT Switches, four Ubiquiti Wireless AP's + Cloud Key ... it's been infuriating not to have wifi to interrogate stuff...The items with Static Mappings seem to keep their leases.
So my desktop, the router, manage to still talk to one another.
I've switched back to the depreciated ISC, and unticked "warn that that's it's depreciated".
Lets see if that fixes it.I presumed I was on Kea before the software upgrade, but to be honest, I just can't remember, I don't seem to have full control of home configurations in my 40's with kids , like I used to when I was single in my 20's...
Time to upgrade to 64-bit you say... old thin machine or NUC with some 2.5Gbps interfaces you say...
-
@electr1c0xyg3n I have a 3100 too and have noted that in relation to Kea DHCP
- Logging is not the same as on 64bit devices, seems like the logs just don't get populated for some reason
- The DHCP service exits without warning occasionally (think it runs out of memory or something) so you MUST run the Service Watchdog ensure it restarts
I am planning on moving to a new router soon as the throughput of the 3100 is unlikely to keep up with my new 1Gb broadband soon to be installed. Most likely I will move to Ubiquiti due to the cost of Netgate hardware optinos.
-
Allow me to propose something else :
If kea fails with error 6, check RAM usage. Free up RAM if needed.
If it keeps failing, don't fight it. Go ISC.After all, if '6' arrives, ditching the process and start it again ... the '6' point will come back.
-
@Gertjan said in After upgrading to 24.11 DHCP fails every 10-14 days:
If kea fails with error 6, check RAM usage. Free up RAM if needed.
Given the service could crash at any time (and every occurence I've seen it has been out of hours, overnight or at some other really inconvenient time) and the lack of working DHCP basically makes networks unusable I would rather the service recover itself.
Also given this is on Netgate hardware (rather than a VM or other system I can upgrade) there is little I can do about ram either usage or availability. Here is a snapshot of when the system is running normally:
The Kea service does work functionally most of the time, and as I am planning on ditching the box soon I don't intend to spend any time investigating what is now just a minor annoyance as the service auto-restarts on failure. -
Those resource utilization numbers are typical for my installation running pfBLockerNGdev.
I've not seen an error 6, only error 11.
-
