Just switched everything over from using ISC DHCP to KEA DHCP. I noticed one annoyance.
Assume IPv4 only and a 1 hour DHCP lease for both ISC and KEA:
In ISC DHCP, If I have a host that I only turn on every few days or so, it will always get the same address from the pool.
In KEA DHCP, If I have a host that I only turn on every few days or so, it will get a different address from the pool.
So for example, if the reservation range is from .100 to .120, one day I may get .101, and another day I might get .100 if I didn't give out any IPs since the last time the machine was on.
I don't want to increase the lease time because I want the client to request a new lease frequently in case something changes.
ISC DHCP was much better about giving previous addresses out. I never exhaust the pool range, so it was pretty much similar to having static entries without needing to make static entries.
With ISC DHCP, I can have the machine off for weeks and still get the same dynamic IP address it gave me a while back.
Is there any way to make KEA remember IP addresses better and behave like ISC in that regard?
It's the client that remembers its old address across reboots and asks if it is available, first. If free, the server is supposed to acknowledge it and hand out a new lease for the same address. I cannot picture Kea no following that part of the RFC.
What I can picture though, is Kea more aggressively reusing addresses for which the lease has expired and handing them out to a different client.
I would make a protocol with tcpdump when you power on such a client after a couple of days to watch if that is what happens.
HTH,
Patrick
Quote from: Patrick M. Hausen on August 18, 2025, 08:07:50 PMWhat I can picture though, is Kea more aggressively reusing addresses for which the lease has expired and handing them out to a different client.
I would make a protocol with tcpdump when you power on such a client after a couple of days to watch if that is what happens.
That's exactly what's going on. Same clients I've been using for years. I ran tcpdump and fed the pcap into wireshark to look at. KEA is just recycling addresses much more aggressively than ISC.
I don't see an option to change this behavior in the opnsense web gui, so I'd probably have to change something in the KEA conf file.
I'm not sure, but I think that the conf file would get overwritten by opnsense on boot/upgrade/config change, so I'd have to manually change the KEA conf file every time, unless there is a better way to do this? Ideally like a "free-form" "advanced options" that can get appended to the KEA Conf file via the opnsense web gui. I've seen opnsense do this for other things like OpenVPN settings.
Basically, the good news is KEA does expose some tunables to make it behave like ISC with regard to lease recycling. The bad news is, opnsense doesn't expose any of that to the user via the web gui.
You could first check with whatever platform the Kea community uses - or maybe just their documentation - if they support changing the allocation strategy at all.
And if yes, then create an issue on Github to include that option in the UI.
Kind regards,
Patrick
kea 2.6.3 supports DHCP lease affinity, but the configuration options haven't yet been exposed in OPNsense GUI
https://forum.opnsense.org/index.php?topic=48462.0
https://github.com/opnsense/core/issues/9094
In current OPNsense 25.7.1_1 release, manually editing the kea config file to add the options, are overwritten / removed when kea service is re-started ( from either OPNsense GUI or cli)...
Quote from: hharry on Today at 02:10:49 AMkea 2.6.3 supports DHCP lease affinity, but the configuration options haven't yet been exposed in OPNsense GUI
https://forum.opnsense.org/index.php?topic=48462.0
https://github.com/opnsense/core/issues/9094
In current OPNsense 25.7.1_1 release, manually editing the kea config file to add the options, are overwritten / removed when kea service is re-started ( from either OPNsense GUI or cli)...
Thanks for posting this. https://github.com/opnsense/core/issues/9094 is exactly what we would need to address the issue.
Quote from: os914964619 on Today at 03:34:51 AMThanks for posting this. https://github.com/opnsense/core/issues/9094 is exactly what we would need to address the issue.
To help get better visibility on customer demand, perhaps add a comment in https://github.com/opnsense/core/issues/9094 to express your interest in the existing kea DHCP lease affinity capability configuration options, being added to OPNsense GUI...
Quote from: os914964619 on Today at 03:34:51 AMQuote from: hharry on Today at 02:10:49 AMkea 2.6.3 supports DHCP lease affinity, but the configuration options haven't yet been exposed in OPNsense GUI
https://forum.opnsense.org/index.php?topic=48462.0
https://github.com/opnsense/core/issues/9094
In current OPNsense 25.7.1_1 release, manually editing the kea config file to add the options, are overwritten / removed when kea service is re-started ( from either OPNsense GUI or cli)...
Thanks for posting this. https://github.com/opnsense/core/issues/9094 is exactly what we would need to address the issue.
Not sure about the scale of your issue and the number of machines affected, but why don't you just reserve an IP for this client based on its MAC address (under 'reservations' tab in the KEA service configuration)? Make sure the assigned IP is outside of the range dynamically assigned by KEA but still in the same subnet. Your client will get the exact same IP each time it request one through DHCP.
Quote from: hharry on Today at 05:04:18 AMTo help get better visibility on customer demand, perhaps add a comment in https://github.com/opnsense/core/issues/9094 (https://github.com/opnsense/core/issues/9094) to express your interest in the existing kea DHCP lease affinity capability configuration options, being added to OPNsense GUI...
First of all one should file a proper issue. This is marked as incomplete and will probably be ignored and eventually closed automatically.
You must use and fill in the full template when creating an issue.