Kea DHCP reservation change/updated device losts access to internet

Started by Deferred4454, September 06, 2025, 05:47:52 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 06, 2025, 05:47:52 PM Last Edit: September 06, 2025, 05:54:37 PM by Deferred4454
Hi,

I don't know if anyone may help me with a current situation, didn't find it reported here or in Github or if is something missing by me.
I'm replacing some devices in my network, and my intention is, for my new device to receive the IP Address that was used by the replaced device.

I'm with version 25.7.2, using Unbound and Kea DHCPv4.

Going to Kea DHCPv4 > Reservations, selecting the intended reservation from the list and changing to the new Mac Address.
With that, and with the new device connected, it gets the correct IP Address, specified by the reservation but, the device doesn't get a connection to the Internet. It can access the Local Network, using the IPs but not the Hostnames.

If I give the device a new IP, never used in the reservation, the device starts working immediately, without issues.

I've already tried without success:
- Waiting for the old lease to expire and removed.
- Create a new reservation, after deleting the old one, for the new device (reusing the same IP).
- Restart unbound, after changing Kea.
- Restarting the firewall.


I've checked the csv.2 files and unbound Hosts, not detecting anything unusual. In the firewall no blocks are also visible, at least that I could find.

This is happening with at least 3 devices, one is a laptop.
I remember to have no issues last year when replacing my PC, changing the IPs from the old one to the new PC, worked without issues.

Thanks,
September 06, 2025, 05:56:25 PM #1 Last Edit: September 06, 2025, 05:58:24 PM by Monviech (Cedrik)
You have a wrong assumption about DHCP servers and DHCP clients.

When a DHCP server offers a lease to a client, the client is allowed to exclusively use that IP address, as long as the lease time that has been mutually agreed on between client and server.

No other communication takes place, after the lease has been issued, both sides agree its exclusive.

The best way to release this exclusivity is telling from original client to server, "hey I dont want to use that IP anymore, release it".

Thats a DHCPRELEASE. E.g. on windows "ipconfig /release".

If the old client just vanishes, the server does not know if it could come back before the lease time is over, this it refuses to give the IP to any other client, even if you create a new reservation.

There are hacky ways around this like deleting issued leases in the lease database, but the recommended way would be to just wait it out, or use new IP addresses (whats the issue with that?)

There is no way for a DHCP server to override the mutually agreed on exclusivity, only the original client can release.
Hardware:
DEC740
September 06, 2025, 06:10:36 PM #2 Last Edit: September 06, 2025, 06:20:26 PM by Deferred4454
Thanks for the reply.

I must not have explained well, English, is not my native language and is without practice. Sorry.

The IP that I want to use in the new device, is already cleaned in the lease.
After changing the reservation, if I didn't force the release in the device, I waited for it to expire and not listed in the lease.

The new device, already acquires the intended IP address, but the connections is without Internet. I can connect to other devices in the network, using the Ips, but not if using the Hostnames.

And I can't access the Internet with that new device.

Quote from: Monviech (Cedrik) on September 06, 2025, 05:56:25 PM...
There are hacky ways around this like deleting issued leases in the lease database, but the recommended way would be to just wait it out, or use new IP addresses (whats the issue with that?)
...

That's because, I would have to change several configurations in several devices in my home network, that are communicating to those IPs. And would have to also change the Range Pool in Kea.
Also, I was trying to understand the why? since last time I did it (last year), there was no issues.

Thanks once again, and sorry for my English mistakes.
September 06, 2025, 06:19:41 PM #3
Forgot to add, that in the active leases, the intended lease is showing correctly, with the new Mac Address.

September 06, 2025, 06:48:22 PM #4
If you cannot access the internet with the new device, even though it got:

- An IP address
- A default gateway
- A DNS server IP address

Then I would check for DNS issues, or firewall policy issues, could also be Source NAT (Outbound NAT).

Firewall Live Log and Packet Capture will reveal any issues.
Hardware:
DEC740
September 06, 2025, 07:49:40 PM #5
I cannot access to the internet with the "new device", only if reusing an IP in a reservation made in Kea.

All the situations are made with the lease already expired, by ending the lease time, or by forcing in the device that would be replaced.

Update the intended lease to the new MAC address
> the device gets all the information (IP, gateway, DNS)
> the device don't access the internet but access local equipments if I communicate by IPs

- In the firewall live log, only have an entry, passed > "allow access to DHCP server"
- In the Unbound live view, all interactions passes, with return code - no error

Terminating the lease, and changing the device reservation to a never used IP. It connects immediately to the Internet.
- Returning to the IP that I really intend to use, I lost Internet again (even getting all the configuation correctly by DHCP or even manually).

If after ending the lease, once again, I change the reservation to the old MAC, and connect it the old device again, the Internet works.

All of it without changing any other configuration, only configuring the reservations, (Taking in to account if the leases were expired).

It seems that something is blocking the internet access for a reuse of an IP to a different MAC address, but I can't find it in logs or live view.
The first time that I notice it, was last week, and for a reservation, long expired, for a device that didn't connect for more than a month to refreshing it.



And it's strange because in the past, already done it, several times, in mine and other friends, without any issues like these.



Was forgetting,
even with router reboot, Unbound restart, disabling NAT rule and re-enabling it, didn't work.



Thanks for trying to help.


September 07, 2025, 02:40:50 AM #6
Ok, I think I found the issue (not exactly witch was), and get the reservations working without restrictions, even reusing an address from an older device.

When changing from ISC to Kea, I disabled ISC DHCP, but didn't clean the reservation lists, for a situation that I couldn't make kea work in that day, and rollback in an instant.

So after remembering that, I cleaned that list. (Didn't think that could impact, since it was disabled).
But, I also had the option, "Register ISC DHCP4 Leases", in Unbound > General - enabled.

So I cleared the ISC list, and uncheck that unbound option. Restarted, and it worked.

I can't tell if it was both or if I only needed to act in one of them, since I made both changes at the same time, without testing between them.


Thanks @Monviech (Cedrik) for your time in trying to help.
Print
Go Up Pages1
User actions