Kea DHCP stops working
-
Thanks @stephenw10 . Much appreciate the response.
Yes - I am using a 3100. I have switched back to ISC.
-
I have a 3100 running 24.11 since it came out. I switched over to KEA as well just because I thought that's what the advice was, since ISC is deprecated.
However, ever since I made these changes, I have noticed that from time to time, devices stop being able to receive IP assignments. I don't see anything that seems particularly helpful in the system log (though I admit I am only looking at the DHCP log). I haven't tried manually restarting the service, but usually just a power cycle fixes it until it breaks again. Sometimes this is what I have to do if I am not there and am providing remote support to someone less technical.
Based on @stephenw10's advice above I have just reverted to ISC and will plan to leave it this way for a while in the hopes it will stop periodically breaking.
-
@onnastick said in Kea DHCP stops working:
I switched over to KEA as well just because I thought that's what the advice was, since ISC is deprecated.
It was at release. And still is for any other hardware. However this upstream bug has since been discovered in armv7. I'm running it here and haven't yet found any full workaround.
-
@Gertjan said in Kea DHCP stops working:
2.8.0 is in the works ...
LOL
The pubic access to daily build has been blocked since late 2023
pfsense Community v2.8 is a vaporware product which currently contains the majority of the pfsense redmine changes for the over 16 months through to July 2025Don't hold your breath waiting for it to materialise.
-
I just experienced the very same issue with Kea, running v24.11 on 8200. The newly added device was getting an IP from the dynamic pool but wasn't able to receive the IP from the static mapping. I restarted Kea service for few times, removed the lock file etc. but nothing worked, until I restartd the box. So, the issue seems to be well present in the latest version as well.
-
So you set a static mapping for a device that had a current dynamic lease but it failed to pull that until pfSense was restarted?
-
@stephenw10,
yes, exactly. And the strange thing was, that auto-assigned address wasn't being displayed under Status > DHCP Leases. The only way I could see what IP has been assigned was on the device itself. -
Are you sure the client was requesting a new lease? Or actually pulling one?
-
@stephenw10 I can confirm that static mapping for any new device is not working at all, at least for me. in last couple of days, I tried with three difrent devices and once it gets an IP from the dynamic pool, the only way to get the correct IP from the statuc maping is to reboot pfSense.
-
slowly thinking again, it's actually happening for me from the day one. It was for a different reasone but I reported here too:
https://forum.netgate.com/topic/196090/pfsense-behind-pfsense-not-getting-wan-ip-from-pfs1/7?_=1739914407057
-
What I expect to happen here is the device keeps the dynamic IP lease until it tries to renew it.
If you cleared the leases in pfSense such that Kea doesn't show it at all are you sure it is actually pulling a new lease at all?
-
@stephenw10 I forced
Renew DHC Leaseon my MacBook after giving it a static-dhcp IP in PFS but it was still getting the old dynamic IP. But the strange thing is, that wasn't showing up under theStatus >> DHCP Leasesat all.I haven't seen this before and it is happening with even the old devices. I replaced by DIY box with 8200 and upgraded to v24.11 at the same time - all I can say, it started happening after one of the either.
Just to give it a benefit of doubt: how do I chk that device was actually pulling a new lease?
-
okay, basically nothing is changng/updating related to DHCP. In one of the static-mappings, I provided custom DNS Servers (under the Server Options) and it's still showing the old DNS server address, even after restarting the client device. I'm very sure that it won't change, regardlessly what I do from/on the client side, nothing will change until I reboot the PFS box.
I'll restart and report here back soon.
-
@MacUsers said in Kea DHCP stops working:
Just to give it a benefit of doubt: how do I chk that device was actually pulling a new lease?
The logging in Kea is (currently) unhelpful for that.
The only way to really know for sure would be to run a packet capture when the client renews and see what's actually being sent.
-
The packet capture setup for DHCPv4 :
-
Select the interface you want to capture, typically LAN
-
The details : you want them all
-
It's UDP
-
and ports involved are 67 and 68.
-
Hit start.
-
Go to a device, and execute the DHCP Release and then DHCP renew command.
Get back to pfSense, and you should see a (1) packets coming in (the DHCP request) and the one packet getting send to the device with the DHCP lease info.
-
-
Okay, I do see the request hitting PFS when I release and renew the lease:
But no change in IP at all, as it should be
10.1.20.12now as that's what the static mapping is now set:
This is happening for every single devices I have tested so far. Do you need the full capture?
-
Hmm, note that it's requesting the old IP. If you clear the client side lease cache does it get the new static IP?
Might need to force that in Kea.
-
@stephenw10 I did everything: restarted Kea, cleared client side lease, even tried with a brand new device, predefined static mapping even before pluging in - not getting the actual IP if PFS not rebooted. Trying out all the usual stuff for almost a week now.
In case of the brand new device, it's getting an IP from the dynamic pool but that lease is not showing up inStatus > DHCP leaseat all. -
@stephenw10 said in Kea DHCP stops working:
note that it's requesting the old IP
Question though - how it's gonna know what IP to ask for, in the first place?
AFAIK, device broadcasts aDHCP Discovermessage to find a DHCP server and the DHCP server responds with aDHCP Offergiving it an IP. Kea should offer the IP from static-mapping and after accepting that offer (followed by aDHCP Request), it should beAcknowledgedby the server - is not what happens? -
Yes, but when it's renewing it will just request the old IP. And in some cases will just request an old cached lease address anyway. The server can refuse and issue a new lease.
However it sounds like it's just not seeing the new static lease entry.
Do you see the reservation listed in /usr/local/etc/kea/kea-dhcp4.conf?
