ISC➞Kea migration lesson learned

[9axqe]

Just posting this here in case it's helpful for anyone. I just spent 2 frustrating hours because of this.

I had "enable static ARP entries" enabled in the ISC settings, dynamic ARP entries were working fine, all good.

Then I disabled ISC.

First gotcha: you can't do this per interface, you got to disable ISC on all interfaces.

Second gotcha: After migrating to Kea, dynamic ARP entries became impossible, only static was possible, which basically breaks all IPv4 connectivity.

It is visible using "ifconfig <interface>": it returns "STATICARP" in the list of flags. For example:

Code Select Expand

flags=1088843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,STATICARP,LOWER_UP> metric 0 mtu 1500
It took me a while to figure this out, I suspected some firewall alias not being updated for a while. Disabling the setting in the GUI under ISC IPv4 was also not sufficient, I had to enter "ifconfig <intf> -staticarp" to get rid of it. Connectivity was instantly reestablished.

Just putting this out there, for anyone researching how to migrate to ISC.

I still do not fully understand how this "enable static ARP entries" setting works and why it has a different effect if ISC is disabled.

[Patrick M. Hausen]

Why do you need static ARP? It's an exotic feature fore rare edge cases and has nothing to do with static DHCP leases. If you don't know what it is you definitely do not need it.

Most common pitfall when migrating to Kea is that you need to uncheck "Match client-id" in your subnet definitions if you want to continue to match static leases by MAC address.

[9axqe]

oh, I absolutely do not need it. I probably have enabled this trying to troubleshoot some arp issue in the past and forgot to disable it again afterwards.

The fact the ISC setting a/ remains active after ISC has been disabled (which is documented) and b/ has a totally different impact when Kea is used instead of ISC, is what threw me off. Just wanted to share this.