Like many of you, I use DHCP on my OPNsense. Due to "it's what I've always done" I'm using ISC DHCP. However, Kea DHCP and DNSMasq DHCP are both options. Are there any comparisons between the three and when I would want to use them with OPNSense?
The story is quite short:
ISC DHCP is at the end of its lifetime and will eventually get pushed to plugins section. This means it will not be so well supported any more - well, it isn't by ISC, either. Yet, there is no rush to end using it, but if you just start out, you should consider the alternatives.
Kea DHCP is the strategic replacement product from ISC, but feature-wise, it is not quite up to par with ISC. Also, not everything that Kea offers is supported by the OpnSense GUI (at least when I looked at it the other day).
Deciso has decided to add DNSmasq as an easy alternative. It is quite fresh (first release of the DHCP-relevant parts was just in some of the last updates), so not all features worked as expected, but today's release 25.1.7 adds many bugfixes and additions to what was missing.
The documentation now has a big section on how to use it. Its charm is that it addresses DHCP, DNS and RA in one product. The only thing missing is a DNS resolver and DoT / DoH, but that can easily be added by an upstream DNS service, as is depicted in the docs.
@kbreit
Like you I'm still on ISC DHCP. When Kea appeared as an option I was going to switch but decided to wait. Now I think my switch will be to DNSmasq, as that is now what is recommended for my type of small, simple setup. Up to this point, at least, I have no regrets waiting for the various alternatives to appear and cook a little within OPNsense. As Meyergru says, "there is no rush". But at some point, maybe soon, maybe when it becomes a plug-in, it's going to make more sense to switch than stick with ISC.
Thanks for the information. I'll need to compare manually but I'm assuming either DNSmasq or Kea will have the features I need. Are there steps for how to do the migration in a seamless manner? I'm thinking it's something like...
1. Download static leases (or manually record them)
2. Import or manually enter them into the new DHCP server
4. Migrate any other settings
3. Turn off the old DHCP server and enable the new one
Since the configuration differs a lot between these servers, it has to be carried out manually.
The tedious part is mostly to carry over the reservations, esp. if you have many of them.
This may help in doing the latter:
https://github.com/meyergru/iscdhcp_to_kea
https://github.com/meyergru/iscdhcp_to_dnsmasq
I did notice Kea seems to lack the ability to do two things (which are probably the same thing):
- Custom DHCP options
- Set a DNS server
Am I missing a setting in the UI?
I switched from ISC to Kea. Unbound listens on all ports and I have a redirection rule for DNS. Kea is not involved.
Quote from: passeri on Today at 04:41:28 AMI switched from ISC to Kea. Unbound listens on all ports and I have a redirection rule for DNS. Kea is not involved.
I agree Kea isn't normally involved in DHCP. But how does a DHCP client know where to send DNS requests to?
Services > Kea DHCP > Kea DHCPv4 > Subnets > edit a subnet and either
- check "auto collect option data" --> interface IP of OPNsense will be sent as gateway and DNS server or
- uncheck it, manually enter settings