Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Kea DHCP Server Behavior - IP Address Reassignment Issue with Duplicate MAC Addresses

    DHCP and DNS
    6
    8
    2.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tgdsilva
      last edited by

      Problem Description:

      In my network, I have two virtual machines (VMs) that share the same MAC address. Only one VM is powered on at any given time. There is a static IP mapping defined for the MAC address they share. For instance: MAC address a8:85:af:c4:0f:17 is assigned the static IP 10.0.0.5

      With ISC DHCP server:

      VM-FirstOne, when powered on, is assigned the static IP 10.0.0.5. Then this VM is turned off.
      VM-SecondOne, which also uses the MAC address a8:85:af:c4:0f:17, is assigned the same static IP 10.0.0.5 when powered on.
      With the previous ISC DHCP server, this scenario worked seamlessly. Each time I powered on either VM, it consistently received the expected IP address (10.0.0.5) without the need to release DHCP leases.

      With Kea DHCP server:

      However, since transitioning to the Kea DHCP server, I've noticed a different behavior. The first VM powered on gets the expected IP (10.0.0.5), but if it's turned off and the second VM is powered on, it gets assigned an IP from the pool range (e.g., 10.0.0.101). Releasing DHCP leases and powering on the original VM reclaims the expected IP, but subsequent VMs with the same MAC address receive IPs from the pool until all DHCP leases are released.

      Configuration Details:

      pfSense Version: 2.7.1
      Static IP mappings based on MAC addresses.
      DHCP server set to allocate IP addresses exclusively to recognized clients.
      IP address range for DHCP leases: 10.0.0.101 to 10.0.0.150.

      I'm reaching out to the community to understand if others have encountered similar issues with IP address reassignment using the Kea DHCP server, especially in scenarios where multiple VMs share the same MAC address. If you have faced similar challenges or have any insights, recommendations, or solutions to share, I would greatly appreciate your input.

      Screenshots are attached.01_DHCP_Server.PNG 02_DHCP_Server.PNG

      NollipfSenseN P T 3 Replies Last reply Reply Quote 0
      • T
        tgdsilva
        last edited by

        Please note that the uploaded images were taken after I reverted back to ISC DHCP Sever. The problem I am describing occurs with Kea DHCP Server.

        1 Reply Last reply Reply Quote 0
        • NollipfSenseN
          NollipfSense @tgdsilva
          last edited by

          @tgdsilva said in Kea DHCP Server Behavior - IP Address Reassignment Issue with Duplicate MAC Addresses:

          he community to understand if others have encountered similar issues with IP address reassignment using the Kea DHCP server

          I am having similar issue where once kea DHCP locks a MAC to an IP, it won't let go and if the client switches between static and dhcp, the client cannot connect to other clients on the same subnet...like a firewall.

          pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
          pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

          1 Reply Last reply Reply Quote 0
          • C
            CubeApril
            last edited by

            I'm having this same issue as well, it has been absolutely driving me crazy.

            In theory, this setting:

            "ip-reservations-unique": false

            Should allow this to work -- and pfSense does have this enabled in /usr/local/etc/kea/kea-dhcp4.conf, but for some reason it's not working for me. It's maybe happening because the memfile backend doesn't support it?

            1 Reply Last reply Reply Quote 0
            • P
              pfpv @tgdsilva
              last edited by

              I had the same issue before I switched back to ISC.

              1 Reply Last reply Reply Quote 0
              • T
                terran5k @tgdsilva
                last edited by terran5k

                @tgdsilva I had a similar problem when netbooting a VM.
                It obtained the correct static address when connecting to the netboot server.
                Upon rebooting it would be assigned a dynamic IP from the pool.
                What ended up solving this issue was adding this option in the kea.dhcp4.conf:

                "match-client-id": false

                I set it globally, but it might be possible to be stated on subnet level. This i have not checked or confirmed though.

                Although I had the host-reservation-identifiers set to hw-address, Kea seems to still check the client-id in the background.
                While netbooting the client wouldn't supply a client-id, but did so when booting to OS; when checking for reservations Kea would find "mismatching" client-ids and assume the client to be two different machines.
                The above option cancels that check against client-id.
                The Kea documentation is somewhat confusing on that point, as one would assume with the host-reservation-identifier constricted to the MAC-address it would already exclude anything else, including client-id, from its checks.

                I hope this solves it for you,

                NollipfSenseN S 2 Replies Last reply Reply Quote 1
                • NollipfSenseN
                  NollipfSense @terran5k
                  last edited by

                  @terran5k said in Kea DHCP Server Behavior - IP Address Reassignment Issue with Duplicate MAC Addresses:

                  What ended up solving this issue was adding this option in the kea.dhcp4.conf:

                  "match-client-id": false

                  I set it globally

                  Interesting, indeed.

                  pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
                  pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

                  1 Reply Last reply Reply Quote 0
                  • S
                    SteveITS Rebel Alliance @terran5k
                    last edited by

                    I don’t see a Redmine entry for this. It sounds replicable so I suggest that , so devs see it. Link it to this thread.

                    Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                    When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                    Upvote 👍 helpful posts!

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.