Kea DHCPv6 allocation failures
-
Since updating to Kea, I'm seeing some interesting warning messages in the log about IPv6 allocation failures:
<132>1 2024-11-27T23:45:17.495049-08:00 fw.test kea-dhcp6 14296 - - WARN [kea-dhcp6.alloc-engine.0x1fc45c217400] ALLOC_ENGINE_V6_ALLOC_FAIL_SUBNET duid=[00:01:00:01:28:3a:c7:01:02:03:04:05:06:07], [no hwaddr info], tid=0x97383c: failed to allocate an IPv6 lease in the subnet 2600:8801:0102:0304::/64, subnet-id 1, shared network (none) <132>1 2024-11-27T23:45:17.495140-08:00 fw.test kea-dhcp6 14296 - - WARN [kea-dhcp6.alloc-engine.0x1fc45c217400] ALLOC_ENGINE_V6_ALLOC_FAIL_NO_POOLS duid=[00:01:00:01:28:3a:c7:01:02:03:04:05:06:07], [no hwaddr info], tid=0x97383c: no pools were available for the lease allocation <132>1 2024-11-27T23:45:17.495208-08:00 fw.test kea-dhcp6 14296 - - WARN [kea-dhcp6.alloc-engine.0x1fc45c217400] ALLOC_ENGINE_V6_ALLOC_FAIL_CLASSES duid=[00:01:00:01:28:3a:c7:01:02:03:04:05:06:07], [no hwaddr info], tid=0x97383c: Failed to allocate an IPv6 address for client with classes: ALL, pool_lan_0, pool_opt2_0, KNOWN <132>1 2024-11-27T23:45:17.495765-08:00 fw.test kea-dhcp6 14296 - - WARN [kea-dhcp6.alloc-engine.0x1fc45c216d00] ALLOC_ENGINE_V6_ALLOC_FAIL_SUBNET duid=[00:01:00:01:28:3a:c7:01:02:03:04:05:06:07], [no hwaddr info], tid=0x97383c: failed to allocate an IPv6 lease in the subnet 2600:8801:0102:0304::/64, subnet-id 1, shared network (none) <132>1 2024-11-27T23:45:17.495849-08:00 fw.test kea-dhcp6 14296 - - WARN [kea-dhcp6.alloc-engine.0x1fc45c216d00] ALLOC_ENGINE_V6_ALLOC_FAIL_NO_POOLS duid=[00:01:00:01:28:3a:c7:01:02:03:04:05:06:07], [no hwaddr info], tid=0x97383c: no pools were available for the lease allocation <132>1 2024-11-27T23:45:17.495913-08:00 fw.test kea-dhcp6 14296 - - WARN [kea-dhcp6.alloc-engine.0x1fc45c216d00] ALLOC_ENGINE_V6_ALLOC_FAIL_CLASSES duid=[00:01:00:01:28:3a:c7:01:02:03:04:05:06:07], [no hwaddr info], tid=0x97383c: Failed to allocate an IPv6 address for client with classes: ALL, pool_lan_0, pool_opt2_0, KNOWN
I see this for a small number of clients, and the DUIDs all correspond to static reservations which are outside of the Primary Address Pool (there are no Additional Address Pools).
Any insights appreciated.
-
@dennypage Thought I would share... I was able to track this down via packet inspection. Turns out, these errors are the result of prefix delegation requests. pfSense does not yet have support for delegation when using Kea.
FWIW, the prefix delegation requests are coming from Apple devices in the role of Matter hubs. There does not appear to be a way to turn it off.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.