ISC DHCP server is EOL

Hmmm. A couple of places, including the YouTube video above, mention a python lease translater named keama-leases. From the GIT it appears that a year ago this was moved into the the man keama project, and a note from September even says
keama-leases included in make dist
Tomek Mrugalski authored 4 months ago
yet I don't seem to have it anywhere on my test system even though I have the base keama program. Any idea why this would be missing? I tried pkg search for several possible key words with no luck.
 
Steinhelten said:
Hmmm. A couple of places, including the YouTube video above, mention a python lease translater named keama-leases. From the GIT it appears that a year ago this was moved into the the man keama project, and a note from September even says
keama-leases included in make dist
Tomek Mrugalski authored 4 months ago
yet I don't seem to have it anywhere on my test system even though I have the base keama program. Any idea why this would be missing? I tried pkg search for several possible key words with no luck.
Click to expand...
I downloaded the *.py from the kea git site directly. Took some digging to find it, but it is there.

Though, I didn't find it helpful, really. Easier disconnect/shutdown all the LAN devices, start kea to allow it to create the kea lease file, reconnect the LAN devices or simply restart them so they acquire a new lease and kea populates the new lease file and go forth.

YMMV.
 
I'm one of those people that tried Kea last year and absolutely hated it.
Most of the reasons they give for it being deprecated are "bung".
It's just a money grab imho. "Get these premium hooks for $$$". Pitaful.
Either it's open source or it's not. Kea is not open source due to these gimmicks.
The client -- openbsd has a fork of, and FreeBSD's dhcp client is based off that -- thankfully.
The relay though, I do use it but it's not the end of the world if that disappears.
The server isn't going away anytime soon. No future patches, whatever, the latest release just works and is super mature and will work for the foreseeable future.
 
Well, I am up and running on kea now. I won't say it wasn't a challenge, but it is working. I made the switch based on isc dhcpd being EOL and not wanting to get caught out when FreeBSD eventually (presumably?) makes the change. I did not need any new features they have, I have no hook libraries, etc . Just a very simple environment with a single subnet, a single DHCP pool, and a couple dozen reservations. I did get a gitlab user account and I submitted a feature request to be able to match reservations based on hostname, a bug report on the handling of abandonned leases, and a bug report on the keama-leases.py script which corrupts the UID by hex encoding it when it as already been hex encoded. I'm a little surprised that they could be two years into this journey and still have basic issues like this that a light-weight user like me would run into.
 
Last edited:
Wait, oh wait - no, this is too good.... I can't believe it... I'm going to be laughing at myself for days - or crying. Are you ready for this? Due to the fact that /usr/local/etc/dhcpd.conf.sample for net/dhcpd says:
Code: 
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#
I thought I was running ISC dhcpd! But guess what... this is what I've actually been running...
Code: 
root@tobias:/home/john # pkg info net/dhcpd
dhcpd-6.6.20200413
Name           : dhcpd
Version        : 6.6.20200413
Installed on   : Tue May 31 17:57:19 2022 CDT
Origin         : net/dhcpd
Architecture   : FreeBSD:13:aarch64
Prefix         : /usr/local
Categories     : net
Licenses       : BSD3CLAUSE
Maintainer     : koue@chaosophia.net
WWW            : https://github.com/koue/dhcpd
Comment        : OpenBSD dhcp daemon
...

So... I've just spent all this time migrating from DHCPD to kea because I thought I was dependent on the isc-dhcpd which is no longer supported - and I never was!!!! Now I don't think I ever ran the ISC version of DHCPD, regardless of what that sample config file says. I didn't realize/remember that there was an OpenBSD "branch" that is currently being maintained.... (maniacal laughter fades into the distance). Oh, gosh. I hope my pain saves someone else from the same experience.

Maybe - just maybe - someone ought to change the sample config files for net/dhcpd NOT to say ISC??
 
Steinhelten said:
So... I've just spent all this time migrating from DHCPD to kea because I thought I was dependent on the isc-dhcpd which is no longer supported - and I never was!!!! Now I don't think I ever ran the ISC version of DHCPD, regardless of what that sample config file says. I didn't realize/remember that there was an OpenBSD "branch" that is currently being maintained.... (maniacal laughter fades into the distance). Oh, gosh. I hope my pain saves someone else from the same experience.
Click to expand...
That's the Tip I gave above in this thread about 1 month ago
https://forums.freebsd.org/threads/isc-dhcp-server-is-eol.86731/post-688258
 
Bucky said:
I'm curious about the lease file created and maintained by net/dhcpd. Does it just grow forever with new leases simply being added to the end of the lease file and no cleanup being done? With the isc-dhcp server there is no automated lease file cleanup and that alone was the impetus for me to switch to kea.
Click to expand...
I could not find the definitive answer for this, and perhaps someone will be able to provide you with a better answer, but I can at least tell you what I have observed in my system. Right now, all of the pool addresses in my leases file are represented only once, except for two that each have two entries in the file. This is despite the fact that the system is issuing dozens of leases a day. It must be doing some sort of cleanup, because I've been running with this configuration for years, and the file is quite compact.
 
Steinhelten said:
I could not find the definitive answer for this, and perhaps someone will be able to provide you with a better answer, but I can at least tell you what I have observed in my system. Right now, all of the pool addresses in my leases file are represented only once, except for two that each have two entries in the file. This is despite the fact that the system is issuing dozens of leases a day. It must be doing some sort of cleanup, because I've been running with this configuration for years, and the file is quite compact.
Click to expand...
Now I'm puzzled. Above you said you recently switched from isc-dhcp to kea. So what dhcp server have you been running for years, exactly? I have a much smaller system than you do apparently and lease lifetimes are typically a week.

The isc-dhcp server creates a lease file to which it simply adds new leases. Reading the ISC website where they discuss kea they clearly admit that the isc-dhcp lease files simply grow forever and made reference to one poor fellow who had a lease file >2GiB in size. Mine was 42k in size when I switched to kea.

I'm curious if the openBSD-forked net/dhcpd server program does automatic lease file cleanups?

Kea does a 'lease file cleanup' procedure the timing of which is configurable. Now, 3 months into using kea, my IPv4 lease file is <1KiB in size and does its lease file cleanup every day. I suppose I could experiment and set the lease lifetimes to something like 1 hour and watch what happens to the lease file size by varying the timing of the cleanup process.
 
Bucky said:
Now I'm puzzled. Above you said you recently switched from isc-dhcp to kea. So what dhcp server have you been running for years, exactly? I have a much smaller system than you do apparently and lease lifetimes are typically a week.

The isc-dhcp server creates a lease file to which it simply adds new leases. Reading the ISC website where they discuss kea they clearly admit that the isc-dhcp lease files simply grow forever and made reference to one poor fellow who had a lease file >2GiB in size. Mine was 42k in size when I switched to kea.

I'm curious if the openBSD-forked net/dhcpd server program does automatic lease file cleanups?

Kea does a 'lease file cleanup' procedure the timing of which is configurable. Now, 3 months into using kea, my IPv4 lease file is <1KiB in size and does its lease file cleanup every day. I suppose I could experiment and set the lease lifetimes to something like 1 hour and watch what happens to the lease file size by varying the timing of the cleanup process.
Click to expand...
Sorry. I didn't mean to be confusing. I thought it would just be simpler to use the present tense. It would have been more accurate to say "the behavior of my net/dhcpd implementation up until a week ago when I cut over to kea"... I still have the old system and I'm preparing to switch back. The net/dhcpd is clearly NOT doing what kea does. Two major differences: it does not put anything in the leases file when it hands out a reserved IP address, and it must be doing some maintenance whereby it creates a dhcpd.leases~ file, and then swaps them.

Hey! I found it! Well, sort of.

In order to prevent the lease database from growing without bound, the
file is rewritten from time to time. First, a temporary lease data-
base is created and all known leases are dumped to it. Then, the old
lease database is renamed DBDIR/dhcpd.leases~. Finally, the newly
written lease database is moved into place.
Click to expand...

This is from the ISC man pages, at https://man.freebsd.org/cgi/man.cgi?query=dhcpd.leases, but I've observed my dhcpd doing just that, except it doesn't keep the leases~ file around, which it used to do. Of course, we still don't know what "from time to time" means.

This is clearly a poorly documented feature.
 
This weekend I was doing my regular maintenance on my personal firewall (pf on 4.2R) and noticed there was an update to KEA so I upgrade 2.6.1_2 -> 2.6.3. I restarted the service and noticed that kea was not restaring. The log was throwing this error:

Code: 
DHCP4_CONFIG_LOAD_FAIL configuration error using file: /usr/local/etc/kea/kea-dhcp4.conf, reason: Error during command processing: invalid path in `output`: invalid path specified: '/var/log', supported path is '/var/log/kea'

That configuration is corred and had been running like that for over a year. I did not matter what I changed in the path, I could not get it to start. And you can’t remove that section, it is mandatory… I tried, lol. So I uninstalled KEA and installed isc-dhcp44-server-4.4.3P1_2, which was built on 4/2025.

Everything is running ok right now but I don’t want to keep running ISC’s since it is EoL. I really don’t want to go back to KEA. As several of you commented, the configuration file is so much more complicated to maintain (that is subjective but it is true for me) and I don’t need all the fanciness of its software architecture.

So, dhcpd-6.6.20200413_2, "OpenBSD dhcp daemon” is still being maintained and patched, right? That could be my direction.
 
Upgraded kea as you did. Saw the same two errors and in my case I fixed them by making these two changes:

"socket-name": "/var/run/kea/kea4-ctrl-socket"

"output": "/var/log/kea/kea-dhcp4.log",

in the appropriate places.

The error messages provided by kea when the start failed, provided the info needed to make these changes.
 
Bucky said:
Upgraded kea as you did. Saw the same two errors and in my case I fixed them by making these two changes:

"socket-name": "/var/run/kea/kea4-ctrl-socket"

"output": "/var/log/kea/kea-dhcp4.log",

in the appropriate places.

The error messages provided by kea when the start failed, provided the info needed to make these changes.
Click to expand...
Interesting, that is the first thing I tried (adding directory “/var/log/kea/” and touch the file) since it was obvious from the log file but in my case, it did not work, I was getting the same error. I wonder if I was hasting through that because I was getting frustrated with it...
 
Could be. By the end of the day I get frustrated quite easily. But I did my kea fixes first thing in the morning after I got up and checked the log files showing that a kea update was available.

Had I known about the OpenBSD version of dhcpd I might have gone that direction as it took quite a number of hours to get kea set up the way I wanted.
 
Bucky said:
Had I known about the OpenBSD version of dhcpd I might have gone that direction as it took quite a number of hours to get kea set up the way I wanted.
Click to expand...

Well, if I am reading this correctly in Github, the code has not been touched in 3 years so I would not want to be running code that is not being patched or maintained…. which lands me back at KEA, ~sigh~. I don’t think there is another ISC-dhcpd-like option.
 
I still like kea despite how hard it was to set up. Been working without issue here since November 2024.

I particularly like how neat-and-tidy the kea lease file management is. And no need to hard code IP addresses into select devices; the devices' MAC addresses can be added directly to the kea config file with the permanently assigned IP linked to it there.
 
You must log in or register to reply here.
Back
Top