KeaDHCP dynamic DHCP question

Started by stauf, March 18, 2026, 04:23:57 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
March 22, 2026, 12:07:45 PM #30
Well good to know.  I was going to try to turn on Automatic Discovery and see if I could find a rogue ARP request on my network causing OpnSense to mis-behave like this, but, for now, I think I am good just leaving it off.  I, personally, don't really Automatic Discovery and it appears it does more harm than good at the moment.  Thanks for checking into it.
Today at 08:27:40 AM #31 Last Edit: Today at 08:44:19 AM by FrankAusNRW
Same issue here w/ OPNsense 26.1.4. ICS-DHCP is not installed anymore and DNSmask DHCP is disabled, so only KEA is running.
The DHCP range is going from .200-.249. All IP adresses in the DHCP range AND all unused IP addresses outside the DHCP range are blocked, even for inactive clients w/ fixed leases.
Effectively there is no chance for a client to obtain an IP address at the moment.
This is causing some trouble.

Is there a workaround or a fix in the near future?
If not, I need to get back to ICS or DNSmask DHCP for the time beeing.

The installation was a fresh ISO 26.1.2 installation.
Cheers,
Frank
-----------------------------
Sophos XG125 (Rev.3)
Today at 09:29:11 AM #32
I assume it would make sense to check the KEA logs then why it assigns these leases?
Hardware:
DEC740
Today at 02:45:34 PM #33
Frank,

For me, there seemed to be two workarounds and my "fix" was to disable Automatic Discovery.

1. Disable Automatic Discovery and wait.
2. If you need a solution faster, you can follow the instructions earlier in this thread.  SSH in (you may have to enable SSH), get into the shell and then go to /var/db/kea/.  There should be at least 1 .csv file in here.  Stop KeaDHCP, edit these files removing the incorrect entries.  This may take a few minutes to ensure you do it correctly as the files don't appear to be in order and there may be multiple (I had 2).  Restart KeaDHCP.  For me, I did this live.  I was stuck with all my addresses "in-use" so there didn't seem much harm to me doing it live.  Didn't appear to make anything worse.  Even with Automatic Discovery disabled, I did have to do this a couple times, but now, a couple days later, I see no erroneous entries in my cache.

As a side note, I did experience Automatic Discovery seemingly turning itself on once.  I had disabled and applied but then noticed it was on again sometime later.  I was never able to reproduce this so not sure what caused it.  I will just caution you to double check a few times that it is disabled, just in case.
Print
Go Up Pages 1 2 3
User actions