switch over from ISC DHCP to Kea DHCP
-
@johnpoz said in switch over from ISC DHCP to Kea DHCP:
@netboy But when they first released the "preview" I tested it and worked just fine if all you wanted to do was hand out an IP..
If my network is more complicated then just needing IPs handed out, I may be grossly underestimating how complicated my network setup actually is.
I'm no expert, but I think I know a good bit. ISC: defaults, single subnet, a few static IPs.... DHCP works fine. Switch to KEA and everything drops, never to be seen again.
Granted I could spend more time on root cause, but I'm surprised to hear it worked for you. I may have to give it another go.
Edit:
I read the blog post. I'm dumb. Thanks for playing. I'll go get the cone of shame now. -
@JKnott said in switch over from ISC DHCP to Kea DHCP:
After going back to ISC, DHCP works again.
Cool. So Kea DHCP is working as advertised
From https://www.netgate.com/blog/netgate-adds-kea-dhcp-to-pfsense-plus-software-version-23.09-1
the Kea implementation lacks the following DHCP server features:
- Local DNS Resolver/Forwarder Registration for static and dynamic DHCP clients
- Remote DNS server registration
- DHCPv6 Prefix Delegation
- High Availability Failover
- Lease statistics/graphs
- Custom DHCP options
Note: If you have assigned hostnames to devices on your network using static leases, or rely on dynamic lease registration in DNS, switching to Kea DHCP results in those hostnames being ignored. The static lease configuration is kept, so switching back to ISC DHCP will restore the functionality.
-
@ambrosios said in switch over from ISC DHCP to Kea DHCP:
I'm no expert, but I think I know a good bit. ISC: defaults, single subnet, a few static IPs.... DHCP works fine. Switch to KEA and everything drops, never to be seen again.
I have multiple subnets and any device that lives here has a static mapped IPv4 address, other than my desktop computer and pfSense, both of which have a static configuration. After I noticed it failed, I even tried rebooting pfSense, but that made no difference.
-
@JKnott said in switch over from ISC DHCP to Kea DHCP:
any device that lives here has a static mapped IPv4 address
Well since preview of kea doesn't support those - no wonder it not working for you..
So clearly you did not read the blog or the release notes..
-
@johnpoz said in switch over from ISC DHCP to Kea DHCP:
So clearly you did not read the blog or the release notes..
We're supposed to read???
I'll just ignore the warnings. Hopefully this gets fixed before ISC is dropped.
-
@JKnott said in switch over from ISC DHCP to Kea DHCP:
I'll just ignore the warnings.
You can turn the warning off.. It right there in the same place you switch to kea..
Hopefully this gets fixed before ISC is dropped.
This is nonsense - yeah netgate is going to drop isc before kea is even at parity with feature set of isc.. That makes no freaking sense at all..
If you would of read the info from ISC.. Its not going anywhere any time soon.. They are stopping development on it, so yeah its eol.. Their own wording - time to start thinking of moving.
https://www.isc.org/blogs/isc-dhcp-eol/
Does this mean ISC DHCP wonβt work anymore?
No. The existing open source software will continue to function as it has, and current operators do not need to stop using ISC DHCP.However, it is time to start thinking about a migration plan to a more modern system that is actively maintained.
If you have basic hey hand out an IP need for your dhcpd - then sure you can switch.. Maybe this is 90% of pfsense userbase for all I know.. Sure we get a few non reading users here complaining.. But for all we know a million users have clicked switch and have no issues at all in their environment
-
@johnpoz Based on the discussion it appears like Kea does not support static IP address (no I have not read the release notes) - am i right?
-
@johnpoz said in switch over from ISC DHCP to Kea DHCP:
You can turn the warning off.. It right there in the same place you switch to kea.
That's what I did.
However, it is time to start thinking about a migration plan to a more modern system that is actively maintained.
If you have basic hey hand out an IP need for your dhcpd - then sure you can switch.. Maybe this is 90% of pfsense userbase for all I know.. Sure we get a few non reading users here complaining.. But for all we know a million users have clicked switch and have no issues at all in their environment
I use static mapped addresses so that I have consistent addresses.
-
@JKnott said in switch over from ISC DHCP to Kea DHCP:
I use static mapped addresses so that I have consistent addresses.
What does that have to do with cost of tea in china? Great I use a lot of reservations as well - what part are you not understanding that kea does not support this in pfsense as of yet..
-
@johnpoz said in switch over from ISC DHCP to Kea DHCP:
what part are you not understanding that kea does not support this in pfsense as of yet..
How do I interpret this statement?
Kea has no support for static address
OR
pfsense's kea implementation does not support static address NOW but will support later? -
@netboy the integration of kea into pfsense is not complete.. Kea has support for this feature and others.. it has just not been integrated into pfsense as of yet.
Why do you people have such a hard time reading documentation - if you have questions on what kea can do, just head over to isc and look at the docs for kea..
https://kea.readthedocs.io/en/latest/index.html
One of the key benefits of pfsense is they have taken what services and applications that are normally configured via just .conf files, and wrapped a gui around it where you just select or fill info, which is then stored in an xml file, which then in turn this info is creates the .conf file needed..
If you want to run full blown kea on your network - just fire up something else and run it there - you just won't have an easy to use "gui" to configure it..
-
@johnpoz said in switch over from ISC DHCP to Kea DHCP:
Why do you people have such a hard time reading documentation
Because we are lazy :-)
-
@netboy with a sense of entitlement as well.. You come here and ask questions, when the info is .3 seconds away with a simple google..
https://kea.readthedocs.io/en/latest/arm/dhcp4-srv.html#host-reservations-in-dhcpv4
So for example - here is some sample config
{ "subnet4": [ { "id": 1, "pools": [ { "pool": "192.0.2.1 - 192.0.2.200" } ], "subnet": "192.0.2.0/24", "interface": "eth0", "reservations": [ { "hw-address": "1a:1b:1c:1d:1e:1f", "ip-address": "192.0.2.202" }, { "duid": "0a:0b:0c:0d:0e:0f", "ip-address": "192.0.2.100", "hostname": "alice-laptop" }, { "circuit-id": "'charter950'", "ip-address": "192.0.2.203" }, { "client-id": "01:11:22:33:44:55:66", "ip-address": "192.0.2.204" } ] } ], }Why the kea integration into pfsense is "preview" is all the work that takes for your pretty gui and writes it for you into the kea configuration has not been done yet..
Not sure why I am surprised to be honest - I am an enabler it seems, where the correct answer to many of these questions should just be go RTFM you lazy F ;)
-
@johnpoz said in switch over from ISC DHCP to Kea DHCP:
Kea has support for this feature and others.. it has just not been integrated into pfsense as of yet.
The "current:" message
ISC DHCP has reached end-of-life and will be removed in a future version of Netgate pfSense Plus. Visit System > Advanced > Networking to switch DHCP backend.
does not make it "explicit:" that pfsense kia has lmited functionality.
Pfsenes must change the above message to something meaningful to say something to the effect "pfsense kea is in experimental stage and fully not implemented " - You need to look at the GUI and messages with a GENERAL USER hat not a NETWORK USER imho
-
@netboy dude pretty sure everyone agrees the wording could of been done a bit better.. Move on already.. This horse was dead long time ago - its time to stop kicking it.
-
@Gertjan -- Just commenting on your post relative to my questions on what changes -- Not asking for help just commenting relative to what you said.
Lease statistics/graphs I refer to these from time to time."Note: If you have assigned hostnames to devices on your network using static leases, or rely on dynamic lease registration in DNS, switching to Kea DHCP results in those hostnames being ignored. The static lease configuration is kept, so switching back to ISC DHCP will restore the functionality."
Since I do have assigned hostnames with static leases, such as our file server, our HP printer/scanner, etc. [These devices are expected to be at the IP address manually assigned (from prior LAN software I used prior to PFSense going back to NT 4.0 days)].
As a result, I am interested in what is happening with Kea DHCP and when it will support prior functions I use or provides an equivalent that we can migrate to "automatically" if possible. I've tried to avoid becoming a network person. Unfortunately, the Peter Principle is prevailing despite all attemps to avoid it.
-
I came across this topic when seeing the notice on my pfsense instance. Rather than create a new topic, I figure I continue the discussion to see if things have changed.
I've been using pfsense for several years now and I typically do not change any settings unless necessary.
If I change from ISC DHCP to Kea DHCP, is there any that needs to be done beforehand besides making a backup?
Are there any other settings to change besides clicking the KEA DHCP radio button and clicking Save?
If I choose to keep using ISC DHCP, is there any harm in doing so? (security issues?) -
@pulsartiger I wouldn't switch to kea yet.. Just turn off the warning if it bugs you. Kea is not at feature parity yet.. And no there are no real security issues with just continuing to use ISC..
-
@pulsartiger re: updates:
https://www.netgate.com/blog/improvements-to-kea-dhcp -
@SteveITS said in switch over from ISC DHCP to Kea DHCP:
@pulsartiger re: updates:
https://www.netgate.com/blog/improvements-to-kea-dhcpYep. That info is still hiding in plain site.
( Just an idea : put the RSS at the top, and you stat auto-informed )
