Cannot seem to use DHCP server on a public IP subnet

ebsense

I have a subnet that matches a public IP subnet from my ISP. Issue is that I see discover messages get to the firewall (packet capture), but nothing returns.
DHCP within a public subnet does not work, but static assignment (within the client) allows internet access (so only DHCP is the issue).

Here is an example of log entries for an attempt:

Jun 12 19:43:25	dhclient	79399	DHCPDISCOVER on mce0.99 to 255.255.255.255 port 67 interval 3
Jun 12 19:43:28	kea-dhcp4	45745	WARN [kea-dhcp4.alloc-engine.0x21ebff618900] ALLOC_ENGINE_V4_ALLOC_FAIL_SUBNET [hwtype=1 0c:c4:7a:yy:yy:yy], cid=[01:0c:c4:7a:yy:yy:yy], tid=0x86cf2b6f: failed to allocate an IPv4 lease in the subnet 45.30.xx.xx/28, subnet-id 1, shared network (none)
Jun 12 19:43:28	kea-dhcp4	45745	WARN [kea-dhcp4.alloc-engine.0x21ebff618900] ALLOC_ENGINE_V4_ALLOC_FAIL_NO_POOLS [hwtype=1 0c:c4:7a:yy:yy:yy], cid=[01:0c:c4:7a:yy:yy:yy], tid=0x86cf2b6f: no pools were available for the address allocation
Jun 12 19:43:28	kea-dhcp4	45745	WARN [kea-dhcp4.alloc-engine.0x21ebff618900] ALLOC_ENGINE_V4_ALLOC_FAIL_CLASSES [hwtype=1 0c:c4:7a:yy:yy:yy], cid=[01:0c:c4:7a:yy:yy:yy], tid=0x86cf2b6f: Failed to allocate an IPv4 address for client with classes: ALL, VENDOR_CLASS_MSFT 5.0, UNKNOWN
Jun 12 19:43:28	dhclient	79399	DHCPDISCOVER on mce0.99 to 255.255.255.255 port 67 interval 8
Jun 12 19:43:30	dhcp6c	14046	Sending Solicit
Jun 12 19:43:30	dhcp6c	14046	transmit failed: Can't assign requested address
Jun 12 19:43:33	kea-dhcp4	45745	WARN [kea-dhcp4.alloc-engine.0x21ebff618900] ALLOC_ENGINE_V4_ALLOC_FAIL_SUBNET [hwtype=1 0c:c4:7a:yy:yy:yy], cid=[01:0c:c4:7a:yy:yy:yy], tid=0x86cf2b6f: failed to allocate an IPv4 lease in the subnet 45.30.xx.xx/28, subnet-id 1, shared network (none)
Jun 12 19:43:33	kea-dhcp4	45745	WARN [kea-dhcp4.alloc-engine.0x21ebff618900] ALLOC_ENGINE_V4_ALLOC_FAIL_NO_POOLS [hwtype=1 0c:c4:7a:yy:yy:yy], cid=[01:0c:c4:7a:yy:yy:yy], tid=0x86cf2b6f: no pools were available for the address allocation
Jun 12 19:43:33	kea-dhcp4	45745	WARN [kea-dhcp4.alloc-engine.0x21ebff618900] ALLOC_ENGINE_V4_ALLOC_FAIL_CLASSES [hwtype=1 0c:c4:7a:yy:yy:yy], cid=[01:0c:c4:7a:yy:yy:yy], tid=0x86cf2b6f: Failed to allocate an IPv4 address for client with classes: ALL, VENDOR_CLASS_MSFT 5.0, UNKNOWN
Jun 12 19:43:36	dhclient	79399	DHCPDISCOVER on mce0.99 to 255.255.255.255 port 67 interval 15
Jun 12 19:43:41	kea-dhcp4	45745	WARN [kea-dhcp4.alloc-engine.0x21ebff618900] ALLOC_ENGINE_V4_ALLOC_FAIL_SUBNET [hwtype=1 0c:c4:7a:yy:yy:yy], cid=[01:0c:c4:7a:yy:yy:yy], tid=0x86cf2b6f: failed to allocate an IPv4 lease in the subnet 45.30.xx.xx/28, subnet-id 1, shared network (none)
Jun 12 19:43:41	kea-dhcp4	45745	WARN [kea-dhcp4.alloc-engine.0x21ebff618900] ALLOC_ENGINE_V4_ALLOC_FAIL_NO_POOLS [hwtype=1 0c:c4:7a:yy:yy:yy], cid=[01:0c:c4:7a:yy:yy:yy], tid=0x86cf2b6f: no pools were available for the address allocation
Jun 12 19:43:41	kea-dhcp4	45745	WARN [kea-dhcp4.alloc-engine.0x21ebff618900] ALLOC_ENGINE_V4_ALLOC_FAIL_CLASSES [hwtype=1 0c:c4:7a:yy:yy:yy], cid=[01:0c:c4:7a:yy:yy:yy], tid=0x86cf2b6f: Failed to allocate an IPv4 address for client with classes: ALL, VENDOR_CLASS_MSFT 5.0, UNKNOWN

I've had it working on the same interface when the subnet was set to a local / non public subnet. 10.x.x.x

What could be causing such an issue with a configuration?

patient0

@ebsense the log is from the KEA dhcp server (the new DHCP that will replace ISC DHCP in the future) but in the settings screenshot it looks like you using ISC DHCP.

Which one do you use?

And a /28 subnet is pretty small (14 usable IPs) so is the pool you created set accordingly?