Messages

Thanks for the information in this thread.  I'm looking at all of this myself and am ... disappointed and confused.  Kea seems to have the options I want, even though I'm a small user, but no dynamic mappings with Unbound? Really?  Deal breaker.

That leaves me with Dnsmasq. I'm not a super-high, or even mid-level network guy so I'm struggling to understand Dnsmasq's DNS vs Unbound, or even how to forward it to Unbound.  I guess I'm old, coming from hand editing bind conf files - I find the OpnSense configuration options for Dnsmasq to be extremely confusing and am even unsure if it offers dynamic mappings.

I tried searching: does anyone have a simple A to B guide to move things over?

Many home users like us are still looking for such a guide. Many seem to think the opnsense documentation is such a guide. (it is for the folks who have it training ) the rest of us will have to continue with isc until someone is nice enough to dum it down for us

It's a security setting that get's many in trouble. It make's it so only the Matching ARP entry's can communicate with the firewall. (Usually the static entries you have are used) Not sure how or if it's implemented in KEA, but sounds like the restriction was passed along in some way.

from crowdsec console

Warning

This release fixes an issue with the Windows version of CrowdSec that prevented it from shutting down properly.
Due to this issue, the service will not stop automatically when updating to this version.
You will need to manually kill the CrowdSec process in Task Manager before running the installer.

so you can safely ignore this update as it does not apply to opnsense

I found this looking for guide to migrate from isc to dnsmasq, And i have somewhat similar setup. Except instead of using AGH i use adguard dns. I believe this can be your recursive dns and you can eliminate unbound ultimately only needing to use dnsmaq for dhcp and dns.

But can't test until i migrate my dhcp. Where did you find the Guide? My google foo is not working