Kea DHCP stops working
-
You have all the patches applied in 24.11?
How loaded is subnet? Like number of clients vs available dhcp leases?
-
Netgate 3100, 24.11-RELEASE (arm)
Hi,
Networking newbie here. Wow, that was scary! The network access for all the members in our coworking space went down when KEA DHCP spontaneously died. This required a panicked emergency rush to figure out what caused this sudden network access meltdown smack in the middle of a business day. No error messages at all in the DHCP system log to provide any guidance.
We transitioned from the old ISC to KEA because of a message encouraging us to do so due to ISC deprecation. "Kea DHCP is the newer, modern DHCP distribution from ISC that includes the most-requested features."
Just goes to show that newer can be way worse, even when the vendor you trust is pushing you to do so. Rock-solid reliability, "No alarms and no surprises" should be the expectation in a business router. I have to say that my faith in Netgate/PfSense has been shaken.
It occured to me that something like this could affect other subsystems. Eg, OpenVPN has to dynamically assign IPs to clients. It appears that OVPN handles this independently from DHCP via the "IPv4 Tunnel Network" setting, is that correct? If not, then if DHCP goes down that could jeapordize OVPN and any other services that might to require DHCP for assigning IP #s dynamically, no?
If OVPN were to be dependent upon DHCP, then a downed DHCP would jeapordize remote access via OVPN, and consequentially remote troubleshooting. Which would argue for also keeping an SSH connection on to the outside world in addition to OVPN, so as to ensure remote access availability to the router, no?
Are there other remote access services that one should be concerned could be affected by the abscence of DHCP?
Gong back to ISC to avoid nightmares...
-
That's a known issue on the 3100 unfortunately. It's unlikely to be fixed as it impact only arm32 and the 3100 is the only appliance using that and is now EoL.
https://redmine.pfsense.org/issues/15973
Use ISC on the 3100.
-
Yep thanks, that's the plan - no more latest and greatest for us!
-
Just for reference this only affects the 3100. Kea is safe to use on other platforms.
-
@stephenw10 said in Kea DHCP stops working:
That's a known issue on the 3100 unfortunately.
I don't think the issue is only on 3100; I have experienced that very same issue on 6100m 8200 and most recently with 4200. A new installation with KEA (without migrating any old data/config from ISC) is probably okay but as far as I can see, the migration from ISC to KEA fails consistently.
-
That particular bug report I linked is for arm32 only. And it's the only outstanding issue I'm aware of. What version did you test?
-
@stephenw10,
all of pfSense are v24.11-RELEASE (amd64); as far as I can see now, KEA actually never worked for me since I migrated from ISC, regardless of the pfSense version. -
If there is some other general issue affecting Kea I'm not aware of it. I see no problems with Kea in current versions on amd64 or aarch64.
You have a link to a different bug report? Any logs? Core dumps?
-
@MacUsers said in Kea DHCP stops working:
all of pfSense are v24.11-RELEASE (amd64); as far as I can see now, KEA actually never worked for me since I migrated from ISC, regardless of the pfSense version.
There is a 99,99 % solution avaible now.
Right now, this one :
is available.
An RC version is identical to the final Release.
It stays RC so very minor issues let GUI text can get corrected.
Major changes, like 'kea not working' won't be corrected anymore.I'm pretty sure (tens of thousands) use "25.07"(RC) right now, and they 'all' use kea.
No issues afaik.
So .... even if 25.07 won't solve your issue, you'll be sure for 99,99 % that the issue is ... on your side.
Or, you are using pfSense (hea DHCP) in a very special way, and no one else is using it that way so we can't know what your issue is ?
Do you have any details about why your 'pfSense' (DHCP kea settings) are so different that it 'break's ?
Do use an edge case scenario where things were possible with ISC DHCP, but not anymore with kea ?Btw : we all have iMac, IPads iPhone and other iStuff in our networks, they all behave fine with kea, using classic DHCP leases, or static MAC leases.
