switch over from ISC DHCP to Kea DHCP

Gertjan · May 29, 2024, 6:16 AM

@netboy said in switch over from ISC DHCP to Kea DHCP:

Do I need to be aware of any gotchas?

More then what the blog post told us ?
And one or two minor issue as mentioned on this forum ?
Not really.

Probably true, ISC DHCP might get removed in late 2025 2026 ?, or just stay in pfSense, like the DNS Forwarder dnsmasq is still there, while the revolver Unbound is the default DNSQ solution now. That is, if no major security issues are found.

Kea - the pfSense GUI front end - is still missing a lot of options and features, if you don't need them, then Kea will do just fine.

hughbiquitous · May 30, 2024, 2:34 PM

@netboy The gotcha I ran into was that Kea does not register hostnames with DNS like ISC does.

After I switched to Kea I started seeing things break if they relied on DNS resolution within my local network.

I was able to just switch back to ISC and all is well for now, but I really hope ISC doesn't go away completely until Kea reaches feature parity.

netboy · May 30, 2024, 2:35 PM

@hughbiquitous Thanks. I will probably continue to use ISC DHCP

ambrosios · Jun 14, 2024, 8:25 PM

Yeah KEA is super unstable right now. I've tried the switch three times - no luck. Most of my devices just stop connecting.

netboy · Jun 14, 2024, 8:30 PM

@ambrosios Thanks. Hi Netgate, are you guys/gals looking into this issue before the cut-off ?

johnpoz · Jun 14, 2024, 8:36 PM

@netboy said in switch over from ISC DHCP to Kea DHCP:

before the cut-off ?

before what cutoff? ISC has not stated any hard cutoff of any sort...

Where is some cutoff?

https://www.isc.org/blogs/isc-dhcp-eol/

Other than the one that has already passed where the last "maint" release has been released already..

Here is what you should of taken away from their blog

"However, it is time to start thinking about a migration plan to a more modern system that is actively maintained."

Which is exactly what pfsense is doing, they are moving towards kea.. They even have a preview out that can provide very basic dhcp services.. I would guess, a few more releases down the road kea will reach parity if not surpass the current feature set of isc and everyone will be able to migrate to kea if they so desire..

netboy · Jun 14, 2024, 8:34 PM

@johnpoz
login-to-view

johnpoz · Jun 14, 2024, 8:39 PM

@netboy Yes it has reached end of life - SO?? Nobody reads the release notes or blog? Yeah the wording might of been stated a bit better..

https://www.netgate.com/blog/netgate-adds-kea-dhcp-to-pfsense-plus-software-version-23.09-1

https://docs.netgate.com/pfsense/en/latest/releases/23-09.html#rn-23-09-kea

netboy · Jun 14, 2024, 8:46 PM

@johnpoz Let me pose the question differently?
When will KEA be stable?

johnpoz · Jun 14, 2024, 8:51 PM

@netboy When its ready, like with every release of pfsense ever in the history of pfsense ;)

Pfsense releases when they feel its ready.. I have not seen any info about when that might be.. Maybe it will be in 24.X or maybe it will be 25.X ?

I am sure there are many people looking forward to it, possible some cool things when it happens like unbound not restarting on every dhcp event, etc. But when that might be??? I would suggest you read the blog ;) and release notes of new versions when they are posted ;)

JKnott · Jun 25, 2024, 9:13 PM

@Gertjan said in switch over from ISC DHCP to Kea DHCP:

Kea - the pfSense GUI front end - is still missing a lot of options and features, if you don't need them, then Kea will do just fine.

Things like working DHCP? I tried switching today and DHCP failed completely. Other than that, it's great!

netboy · Jun 25, 2024, 9:35 PM

@JKnott That is exactly my point if DHCP is failing why have this feature which is not fully baked in? Or am I missing something?

johnpoz · Jun 25, 2024, 9:49 PM

@netboy I have no idea what jknott is or was doing when he switched.. But when they first released the "preview" I tested it and worked just fine if all you wanted to do was hand out an IP.. Sure there are many users of pfsense that all they need is that, etc. But I am not one of those people ;) hehehe

Its limitations were blogged about, and in the release notes.. Yeah its not quite ready for prime time.. But it could serve as your dhcp server if all you wanted was hey client asks for IP, give him one..

netboy · Jun 25, 2024, 10:08 PM

@johnpoz
Here is my issue.
When I go to Services > DHCP Server > LAN I see the following message:

"ISC DHCP has reached end-of-life and will be removed in a future version of Netgate pfSense Plus. Visit System > Advanced > Networking to switch DHCP backend"

When I see the above message, I expect the change to Kea DHCP will be fully functional which is not the case.

I am using DHCP for

Defining address pool range
Get a new IP address when new network device is connected and
Defining STATIC mapping for some DHCP device

Does the existing change to kea DHCP allow me to do ALL OF THE ABOVE without issues (meaning has been tested)?

Patch · Jun 25, 2024, 10:58 PM

@netboy said in switch over from ISC DHCP to Kea DHCP:

@johnpoz
Here is my issue.
When I go to Services > DHCP Server > LAN I see the following message:

As has been commented many times on this forum, the message displayed by the software could have been better worded and less alarming. Users need to read the software release notes and understand what they are saying to accurately interpret the software message. That is why many users refer to the current Kea implementation in pfsense as a software preview.

Defining STATIC mapping for some DHCP device

Does the existing change to kea DHCP allow me to do ALL OF THE ABOVE without issues (meaning has been tested)?

Please read the software release notes and earlier posts in this thread.

JKnott · Jun 26, 2024, 1:16 AM

@johnpoz said in switch over from ISC DHCP to Kea DHCP:

I have no idea what jknott is or was doing when he switched.

I just enabled Kea. Later in the day, when I used my notebook, anything that required IPv4 wasn't working. On Linux, I had no IPv4 address and on Windows, I got an APIPA address. My cell phone also stopped connecting to WiFi. After going back to ISC, DHCP works again.

netboy · Jun 26, 2024, 1:16 AM

@JKnott Thx for the update. Very helpful

johnpoz · Jun 26, 2024, 4:17 AM

@netboy no it wasn't.. For all we know kea didn't even start..

here you go - working

login-to-view

ambrosios · Jun 26, 2024, 6:02 AM

@johnpoz said in switch over from ISC DHCP to Kea DHCP:

@netboy But when they first released the "preview" I tested it and worked just fine if all you wanted to do was hand out an IP..

If my network is more complicated then just needing IPs handed out, I may be grossly underestimating how complicated my network setup actually is.

I'm no expert, but I think I know a good bit. ISC: defaults, single subnet, a few static IPs.... DHCP works fine. Switch to KEA and everything drops, never to be seen again.

Granted I could spend more time on root cause, but I'm surprised to hear it worked for you. I may have to give it another go.

Edit:
I read the blog post. I'm dumb. Thanks for playing. I'll go get the cone of shame now.

Patch · Jun 26, 2024, 6:36 AM

@JKnott said in switch over from ISC DHCP to Kea DHCP:

After going back to ISC, DHCP works again.

Cool. So Kea DHCP is working as advertised

From https://www.netgate.com/blog/netgate-adds-kea-dhcp-to-pfsense-plus-software-version-23.09-1

the Kea implementation lacks the following DHCP server features:

Local DNS Resolver/Forwarder Registration for static and dynamic DHCP clients

Remote DNS server registration

DHCPv6 Prefix Delegation

High Availability Failover

Lease statistics/graphs

Custom DHCP options

Note: If you have assigned hostnames to devices on your network using static leases, or rely on dynamic lease registration in DNS, switching to Kea DHCP results in those hostnames being ignored. The static lease configuration is kept, so switching back to ISC DHCP will restore the functionality.