After upgrading to 24.11 DHCP fails every 10-14 days
-
@johnpoz said in After upgrading to 24.11 DHCP fails every 10-14 days:
Other than the blog they posted and the release notes.. Why would anyone read those ;)
I did read them and none of them really raised the issues of your previous message did.
@johnpoz said in After upgrading to 24.11 DHCP fails every 10-14 days:
I still run ISC and no plans to switching to kea until sometime down the road when all the kinks have been worked out.
Those concerns are not in the Warning info box nor in the GUI.
Customers are not all developers and should be presented with the default stable choices and not led down a path of "Deprecated, this will be going away soon" in the GUI if there are "kinks" which still need to be worked out -- placing "EXPERIMENTAL on 32bit platforms" would have been a more appropriate and informative detail to at least raise an immediate sense of caution for those of us who are on those platforms.
I've switched DCHP modules and will report back if there are any issues.
Thank you for the developer insights, but now that we know that the kea DHCP server can just poop the bed randomly on 32-bit platforms and there's no watchdog to restart it by default, something still needs to be done for those of us in this situation.
Given a new 4200 cost ($570) to replace the 3100, I might as well look at a PA-4xx series.
-
@bmeeks said in After upgrading to 24.11 DHCP fails every 10-14 days:
barefoot in a snow storm and it was uphilll both ways
It was 20 miles for me ;) heheheh
-
@bmeeks
Sounds like we had similar facets to our careers. Started working in an integration house at 15 in 1980 then moved to ARC Net, Novell, then MSFT.Now my final gig, retrofitting a TV studio with older SDI cabling ST2110 (video over IP) with a 100Gbit backbone.
-
are all 'solved' when you use 24.11 ...
That is, I wouldn't want to wait for Remote DNS server registration (kea calls it D2) and as the binary is there, I've put it to work.
I don't need the HA part of kea, as Ive only one pfSense.
The rest : works for me.I agree with what bmeeks said above about 32 bit arm code. That said, I don't have 'arm' (firewall) devices, I don't have '32 bit' device anymore. And testing these issues is pretty hard core.
Still, '32 bits' stuff was phased out more the a couple of years ago, and while Netgate promised to support, this 'kea' core dumping is scary.
Just keep in mind that even if ISC DHCP earned the "depreciated' tag, it is still rock solid for many moons to come.Kea, right now, on a 4100 using 24.11 is pretty stable for me. I'll give it the title 'rock solid' in a month or two.
And, as stated above, I messing around with it.@lohphat said in After upgrading to 24.11 DHCP fails every 10-14 days:
Given a new 4200 cost ($570) to replace the 3100, I might as well look at a PA-4xx series.
Remove 120 or so from to get bare metal costs. With a non Netgate device you would have to buy pfSense plus. 2.7.2 doesn't have the latest kea upgrades / GUI implementations yet, although that will change soon.
A '4200' will give you a 64 bits x86-64 device, and I haven't heard of the upcoming x86-128 yet ^^No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
Redmine bug opened: https://redmine.pfsense.org/issues/15973
-
@Gertjan said in After upgrading to 24.11 DHCP fails every 10-14 days:
With a non Netgate device you would have to buy pfSense plus.
If I get a PA-4xx unit it will be running PANOS (Palo Alto Networks), not pfSense.
-
@Gertjan said in After upgrading to 24.11 DHCP fails every 10-14 days:
I agree with what bmeeks said above about 32 bit arm code.
Then don't release 24.11 for 32-arm and just EOL those platforms. Don't lead affected customers down an unstable path. Just end the support instead of introducing unstable code for the platform.
By telling customers that 24.11 is the preferred release that implies it works for your platform.
The conflicting messaging as to what's preferred, deprecated, supported, potentially unstable, etc. was not handled clearly.
-
I too have an SG-3100.
Only since I updated the version to 24.11 from 24.08 has my network been flaking out.
All the devices, and I have like 50 wifi lamps, 40 IOT Switches, four Ubiquiti Wireless AP's + Cloud Key ... it's been infuriating not to have wifi to interrogate stuff...The items with Static Mappings seem to keep their leases.
So my desktop, the router, manage to still talk to one another.
I've switched back to the depreciated ISC, and unticked "warn that that's it's depreciated".
Lets see if that fixes it.I presumed I was on Kea before the software upgrade, but to be honest, I just can't remember, I don't seem to have full control of home configurations in my 40's with kids , like I used to when I was single in my 20's...
Time to upgrade to 64-bit you say... old thin machine or NUC with some 2.5Gbps interfaces you say...
-
@electr1c0xyg3n I have a 3100 too and have noted that in relation to Kea DHCP
- Logging is not the same as on 64bit devices, seems like the logs just don't get populated for some reason
- The DHCP service exits without warning occasionally (think it runs out of memory or something) so you MUST run the Service Watchdog ensure it restarts
I am planning on moving to a new router soon as the throughput of the 3100 is unlikely to keep up with my new 1Gb broadband soon to be installed. Most likely I will move to Ubiquiti due to the cost of Netgate hardware optinos.
-
Allow me to propose something else :
If kea fails with error 6, check RAM usage. Free up RAM if needed.
If it keeps failing, don't fight it. Go ISC.After all, if '6' arrives, ditching the process and start it again ... the '6' point will come back.
-
@Gertjan said in After upgrading to 24.11 DHCP fails every 10-14 days:
If kea fails with error 6, check RAM usage. Free up RAM if needed.
Given the service could crash at any time (and every occurence I've seen it has been out of hours, overnight or at some other really inconvenient time) and the lack of working DHCP basically makes networks unusable I would rather the service recover itself.
Also given this is on Netgate hardware (rather than a VM or other system I can upgrade) there is little I can do about ram either usage or availability. Here is a snapshot of when the system is running normally:
The Kea service does work functionally most of the time, and as I am planning on ditching the box soon I don't intend to spend any time investigating what is now just a minor annoyance as the service auto-restarts on failure. -
Those resource utilization numbers are typical for my installation running pfBLockerNGdev.
I've not seen an error 6, only error 11.
-
