I'm experimenting with kea, the ISC's replacement for their dhcpd
server. So far I am cautiously optimistic.
I have kea up and running in a limited trixie environment. It handles
one client computer on a direct IPv4 only Ethernet link. I have imported
my dhcpd list of reserved hosts, and kea recognizes one of them, and
assigns the proper IP address and host name.
I have not experimented with ddns updating or kea's replacement for
failover, which kea calls high availability. I will want both of those.
If you are contemplating a similar conversion, I suggest the following:
* Install keama and use that to translate your dhcpd configuration
file(s). Hang on to them.
* Do the usual installation with apt or your favorite tool. Get
familiar with the configuration files in /etc/kea. Get kea running as
is with no customizations. This will involve assigning one or more
interfaces in an "interfaces-config" statement. If you don't do that,
the server will refuse to run, handy for those who use only one of
IPv4 or IPv6.
* Once you've done that, introduce one or a few changes at a time. I
keep a terminal window open with:
journalctl --no-pager -n 60 -f -u kea-dhcp4-server.service
running. Errors will show up there. In my experience most errors are
JSON syntax errors, often caused by not copying over your
configuration correctly.
I reload the server with its newly edited configuration with
systemctl reload-or-restart kea-dhcp4-server.service
You can also check on your leases with
cat /var/lib/kea/kea-leases4.csv*
My next steps:
* Upgrade or re-install my firewall/network services server to trixie.
I won't do this until about a month after trixie is release.
* Install kea and bind. Get those running separately.
* Get DDNS running.
* Get another kea server running trixie.
* Get bind and kea running there.
* Set up high availability between the two kea servers.
* Turn some or all of this into a Debian wiki page.
Any thoughts?
pfSense switched to KEA and it was kind of a disaster for folks who let the firewall handle DNS and DHCP. It seems KEA on pfSense does not update DNS records with DHCP registrations, so name resolution slowly breaks as records expire. If you plan on using DNS as your single source of truth, then be careful of using KEA.
And if you are using mDNS on your network, then you may not see a problem. I happen to remove or disable mDNS on my workstations, so things went to pot quickly for me.
Jeff