Kea implementation

RobbieTT · Oct 4, 2023, 6:57 PM

Switching to the Kea implementation could not have been easier. I have statics, reserved addresses, DHCP4 + DHCP6 and 4 subnets. Tick box, hit save and everything still works as before. Excellent.

The new Kea logs are filled with these messages:

Oct 4 19:21:52	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt1_0 evaluated to 1
Oct 4 19:21:52	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt3_0 evaluated to 1
Oct 4 19:21:52	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_lan_0 evaluated to 1
Oct 4 19:21:33	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt1_0 evaluated to 1
Oct 4 19:21:33	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt3_0 evaluated to 1
Oct 4 19:21:33	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_lan_0 evaluated to 1
Oct 4 19:21:32	kea-dhcp6	72081	INFO [kea-dhcp6.dhcpsrv.0x3da4xxxxxxxx] EVAL_RESULT Expression pool_opt1_0 evaluated to 1
Oct 4 19:21:32	kea-dhcp6	72081	INFO [kea-dhcp6.dhcpsrv.0x3da4xxxxxxxx] EVAL_RESULT Expression pool_opt1_0 evaluated to 1
Oct 4 19:21:32	kea-dhcp6	72081	INFO [kea-dhcp6.dhcpsrv.0x3da4xxxxxxxx] EVAL_RESULT Expression pool_opt3_0 evaluated to 1
Oct 4 19:21:32	kea-dhcp6	72081	INFO [kea-dhcp6.dhcpsrv.0x3da4xxxxxxxx] EVAL_RESULT Expression pool_opt3_0 evaluated to 1
Oct 4 19:21:32	kea-dhcp6	72081	INFO [kea-dhcp6.dhcpsrv.0x3da4xxxxxxxx] EVAL_RESULT Expression pool_lan_0 evaluated to 1
Oct 4 19:21:32	kea-dhcp6	72081	INFO [kea-dhcp6.dhcpsrv.0x3da4xxxxxxxx] EVAL_RESULT Expression pool_lan_0 evaluated to 1
Oct 4 19:21:20	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt1_0 evaluated to 1
Oct 4 19:21:20	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt3_0 evaluated to 1
Oct 4 19:21:20	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_lan_0 evaluated to 1
Oct 4 19:21:03	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt1_0 evaluated to 1
Oct 4 19:21:03	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt3_0 evaluated to 1
Oct 4 19:21:03	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_lan_0 evaluated to 1
Oct 4 19:20:46	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt1_0 evaluated to 1
Oct 4 19:20:46	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt3_0 evaluated to 1
Oct 4 19:20:46	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_lan_0 evaluated to 1
Oct 4 19:20:33	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt1_0 evaluated to 1
Oct 4 19:20:33	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt3_0 evaluated to 1
Oct 4 19:20:33	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_lan_0 evaluated to 1
Oct 4 19:20:30	kea-dhcp6	72081	INFO [kea-dhcp6.dhcpsrv.0x3da4xxxxxxxx] EVAL_RESULT Expression pool_opt1_0 evaluated to 1
Oct 4 19:20:30	kea-dhcp6	72081	INFO [kea-dhcp6.dhcpsrv.0x3da4xxxxxxxx] EVAL_RESULT Expression pool_opt1_0 evaluated to 1
Oct 4 19:20:30	kea-dhcp6	72081	INFO [kea-dhcp6.dhcpsrv.0x3da4xxxxxxxx] EVAL_RESULT Expression pool_opt3_0 evaluated to 1
Oct 4 19:20:30	kea-dhcp6	72081	INFO [kea-dhcp6.dhcpsrv.0x3da4xxxxxxxx] EVAL_RESULT Expression pool_opt3_0 evaluated to 1
Oct 4 19:20:30	kea-dhcp6	72081	INFO [kea-dhcp6.dhcpsrv.0x3da4xxxxxxxx] EVAL_RESULT Expression pool_lan_0 evaluated to 1
Oct 4 19:20:30	kea-dhcp6	72081	INFO [kea-dhcp6.dhcpsrv.0x3da4xxxxxxxx] EVAL_RESULT Expression pool_lan_0 evaluated to 1
Oct 4 19:20:23	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt1_0 evaluated to 1
Oct 4 19:20:23	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_opt3_0 evaluated to 1
Oct 4 19:20:23	kea-dhcp4	71383	INFO [kea-dhcp4.dhcpsrv.0x322exxxxxxxx] EVAL_RESULT Expression pool_lan_0 evaluated to 1

I presume this is just Kea 'info' noise that can be ignored, albeit cluttering the log?

michmoor · Oct 4, 2023, 7:29 PM

@RobbieTT How does your experience match up to whats missing according to the documentation? https://docs.netgate.com/pfsense/en/latest/releases/23-09.html#rn-23-09-kea

So for example there is no DNS Resolver/Forwarder Registration.
Have you tried running DHCP Server and Relay at the same time?

RobbieTT · Oct 4, 2023, 7:52 PM

@michmoor said in Kea implementation:

@RobbieTT How does your experience match up to whats missing according to the documentation?

I don't use Relay, so not best placed to answer that. I don't register dynamic addresses with the resolver either, due to the previous resolver cache restart issue.

I've not checked to see if the resolver registers the static DHCP reservations from Kea though, rather than having to learn them as it goes. I will look into that, if I can.

I'm now 2 days into using Kea and I have no substantive issues with it. I turned it on with an eye on the boot environment snapshots but the sky didn't fall in or anything.

I have had issues with HomeKit in the past (solved with the use of DHCPv6 and a tweaked RA) but Kea hasn't perturbed it at all.

Yes, colour me surprised but it has all been good so far. Even UniFi seems content with the change.

️

[All presuming my Kea logs are just noise but someone more knowledgeable will have to clarify that bit.]

marcosm · Oct 13, 2023, 6:32 PM

It's just noise. At some point, a setting will be added to the GUI to control the verbosity. As Kea gets tested and issues are found, the higher verbosity should help resolve them.

RobbieTT · Oct 13, 2023, 6:42 PM

@marcosm

Understood and as transitions go this was a very good one.

️

dennypage · Oct 13, 2023, 7:38 PM

Quick question: The release notes currently indicate that Local DNS Resolver Registration for DHCP clients is not yet implemented. Does this apply to static mappings as well? Or just to dynamic leases? Thanks

marcosm · Oct 13, 2023, 7:41 PM

@dennypage We'll need to clarify that. Hostnames in static leases aren't supported either currently.

stephenw10 · Oct 14, 2023, 7:32 PM

I think you mean client IDs? Static mappings appear to resolve as expected. With host names.

RobbieTT · Oct 14, 2023, 7:54 PM

@marcosm

As above, hostnames work without issue and the static/reservations seem to register correctly with DHCP.

I don't register DHCP leases in the DNS resolver, so that bit I have not tested with Kea.

️

stephenw10 · Oct 14, 2023, 8:16 PM

I do and can confirm they don't work yet. Which is expected.
I didn't realise how much I was relying on that feature.

dennypage · Oct 14, 2023, 8:23 PM

@stephenw10 Just to ensure I am not misunderstanding, what I am hearing is that configuration is currently expected to work with Kea. Is this correct?

stephenw10 · Oct 14, 2023, 8:44 PM

Yes, that's correct.

It's trivial to switch back to ISC if you do hit some issue that's unworkable.

Steve

dennypage · Oct 15, 2023, 2:48 AM

@stephenw10 Thank you Steve. Much appreciated.

stephenw10 · Oct 15, 2023, 3:32 PM

After further digging it appears that static mappings from kea are not actually supported.

However if you switch from ISC to Kea existing mappings will still be resolvable as the hosts file still contains them. Any additional mappings added will not be though.

RobbieTT · Oct 15, 2023, 3:44 PM

@stephenw10
Ok, that is a gotcha for now.

️

dennypage · Oct 15, 2023, 4:41 PM

@stephenw10 said in Kea implementation:

However if you switch from ISC to Kea existing mappings will still be resolvable as the hosts file still contains them. Any additional mappings added will not be though.

That kinda kills it for me. DHCP is the source of almost all hostname/ipaddr mapping for my network.

RobbieTT · Oct 15, 2023, 7:23 PM

@dennypage
I hope it is an easy fix...

️

stephenw10 · Oct 15, 2023, 9:28 PM

It's not really a fix, it's more like adding a feature. Ultimately we should end up with something much better using Kea and Unbound that what we have currently. Something something dhcpleases....

I'm not sure when we will have that. The introduction of Kea in 23.09 is to find whatever issues will inevitably be present by exposing it to far more users. But that will probably require dhcp leases resolvable for many test long term.

Steve

jaltman · Oct 16, 2023, 1:17 AM

@stephenw10 said in Kea implementation:

The introduction of Kea in 23.09 is to find whatever issues will inevitably be present by exposing it to far more users. But that will probably require dhcp leases resolvable for many test long term.

If that is the reason then in my opinion Kea should be labeled as "Experimental" in the UI and ISC should not be labled as "Deprecated". "Deprecated" means that the functionality is still present and is no longer supported. It doesn't mean we plan to get rid of it when its replacement is ready.

jimp · Oct 16, 2023, 4:01 PM

@jaltman said in Kea implementation:

"Deprecated" means that the functionality is still present and is no longer supported.

That is exactly what the situation is -- the ISC daemon is still present, but no longer supported (by ISC in this case).

It doesn't mean we plan to get rid of it when its replacement is ready.

Anything marked "deprecated" is eligible for eventual removal. Such things are not left in place indefinitely. There is no hard ETA on when ISC will be removed, however, just at some future time after Kea is feature complete.

So far FreeBSD hasn't marked the port deprecated or given it a removal date, so there isn't any upstream pressure there (yet) from FreeBSD, but it would be nice to only have to worry about the currently supported daemon (Kea) sooner rather than later.