KEA DHCP missing "Register DHCP leases in DNS Resolver..."

noloader · Nov 27, 2023, 7:23 PM

Hi Everyone,

I updated to pfSense 2.7.1 recently. At that time, I switched from ISC DHCP to KEA DHCP due to the ISC DHCP warnings. And around that time, I switched my domain from <home.pvt> to <home.arpa>. The result of the changes is, DNS is no longer resolving names on my LAN. DNS is not resolving hosts with DHCP reservations (static mappings), and is not resolving hosts with DHCP leases.

Additionally, under Services → DNS Resolver → General Settings, the check boxes for DHCP Registration, "Register DHCP leases in the DNS Resolver" and Static DHCP, "Register DHCP static mappings in the DNS Resolver" are missing:

The checkbox for OpenVPN Clients, "Register connected OpenVPN clients in the DNS Resolver" is still present.

If I switch back to ISC DHCP, then DHCP Registration and Static DHCP are present again.

I was reading through the KEA DHCP documentation at https://kea.readthedocs.io/en/kea-2.2.0/arm/dhcp4-srv.html. I think KEA needs the option ddns-update-on-renew, but I don't know how to set it in pfSense. And I may need more than just ddns-update-on-renew, but I am not certain.

My question is pretty crappy... What is wrong, and how do I fix it?

JonathanLee · Nov 28, 2023, 2:22 AM

@noloader Kea DHCP is still kind of in a experimental/testing phase, it is also missing all the DHCP options. Just move back to the other version and wait until next PfSense release. It should all be fixed in that deployment. I read about this elsewhere also recently.

SteveITS · Nov 28, 2023, 5:42 AM

@noloader expected per release notes: https://docs.netgate.com/pfsense/en/latest/releases/2-7-1.html#kea-dhcp-server-feature-preview-now-available

noloader · Nov 28, 2023, 6:29 AM

@JonathanLee, thanks.

I have to admit I am disappointed. I am on the stable release branch. I am not on a testing/experimental/development branch. The pfSense team should keep KEA DHCP separate from stable until KEA DHCP is ready for production.

I'll follow @JonathanLee's advice, and go back to ISC DHCP.

Thanks again.

JonathanLee · Nov 28, 2023, 3:53 PM

@noloader it will get fixed next release.

Qinn · Dec 7, 2023, 3:49 PM

I reported that already 20 days ago see here, but apart from that, on my setup is stopped working and it would not see here restart, only an reboot solved it, so I returned to ISC DHCP

tinfoilmatt · Dec 7, 2023, 4:43 PM

@noloader said in KEA DHCP missing "Register DHCP leases in DNS Resolver...":

I have to admit I am disappointed. I am on the stable release branch. I am not on a testing/experimental/development branch. The pfSense team should keep KEA DHCP separate from stable until KEA DHCP is ready for production.

Kea is stable and its functionality well-documented. merely lacking subjectively-expected features doesn't make software unstable.

and no, 'registering' DHCP leases into a local zone file is not a critical function of a DHCP server. (in fact, it's not even a thing outside the context of pfSense.)

noloader · Dec 7, 2023, 4:36 PM

@cyberconsultants,

Disagree.

tinfoilmatt · Dec 7, 2023, 4:38 PM

@noloader with?

SteveITS · Dec 7, 2023, 4:43 PM

@cyberconsultants said in KEA DHCP missing "Register DHCP leases in DNS Resolver...":

not even a thing outside the context of pfSense

Windows Server can do it. :) But yeah most routers don't.

I would have worded the warning to say something about Kea being in a preview and to link to the release notes.

tinfoilmatt · Dec 7, 2023, 4:50 PM

@SteveITS Windows Server does a lot aside from provide DHCP and DNS services. and Kea's not a router—it's a DHCP server.

Kea is also not in preview. ISC, on the other hand, is EOL.

SteveITS · Dec 7, 2023, 4:52 PM

@cyberconsultants said in KEA DHCP missing "Register DHCP leases in DNS Resolver...":

Kea is also not in preview

I know Kea isn't, it is in pfSense:
https://docs.netgate.com/pfsense/en/latest/releases/23-09.html#kea-dhcp-server-feature-preview-now-available

tinfoilmatt · Dec 7, 2023, 4:53 PM

@SteveITS and opt-in.

Magellan · Dec 17, 2023, 8:44 AM

I also updated to version 2.7.1, now 2.7.2, also on the stable branch.
In the settings there a warning that ISC has reachted EOL and that the DHCP backend should be switched.
It was not visible to me that there are breaking changes here, functions that are simply omitted.
Sorry to say that. Surely this is documented somewhere, but here it is suggested that you can simply change it.
I switched back to ISC and waiting that are the function will be present for Kea.

tiny122 · Dec 17, 2023, 8:00 PM

@noloader I can relate to this. I upgraded to 2.7.2 and then upgraded to Kea DHCP. My problem was much as you described. DHCP leases were correctly being leased as expected but didn't seem to register with the DNS resolver. Working through the settings I couldn't find anywhere in the config relating to this. I have reverted to the original ISC DHCP service and once I set the register leases with the DNS Resolver everything came back to life. Kea seems to be a bit bleeding edge to me or I have not worked out some of the settings relating to Kea. Not a clean upgrade that's for sure.

SteveITS · Dec 17, 2023, 8:07 PM

Limitations of the “Kea preview” are in the release notes linked above.

Agree it would be better if the note in pfSense GUI mentioned it was a preview…it’s come up in other threads but to paraphrase, “the note about ISC being deprecated is correct.”

w_bufffet · Dec 18, 2023, 10:54 AM

This post is deleted!

tiny122 · Dec 18, 2023, 9:53 PM

@SteveITS Thanks for the feedback Steve, I struggle to see the value of Kea DHCP for anyone using an internal DNS resolver. Without the 2 hooked up together where DHCP registrations get registered in DNS can only be a backward step. I assume features are going to be added to Kea DHCP to support this sort of functionality before ISC DHCP is discontinued.

Gertjan · Dec 19, 2023, 7:34 AM

@tiny122

Exact.
Kea has very extended possibilities to act upon every DHCP related events.
A future pfSense release will use (I guess) fire up this one so it will use unbound-control in its turn to 'insert' DNS info into the resolver (unbound) without the need for unbound restarts as it was the case with ISC DHCP.

rds3 · Jan 7, 2024, 8:29 PM

I had the same but slightly different issue when I upgraded to Kea DHCP - I was finding that it would resolve some of my devices and not others and this was very confusing. As a test, I added the default domain name (localdomain in my case) in DHCP Server setting for each network (although the text says that it would do this by default anyway and I should not have to enter it if using the default domain configured in System > General Setup > Domain Name). As soon as I applied this change, DNS resolver was able to resolve all my devices. Just thought I'd share it in case it helps anyone, although one shouldn't need to do this and is a workaround at best. Looking forward to seeing this fixed and the option to register DHCP leases being made available in the next release.