Introduction
OPNsense has traditionally relied on the ISC DHCP server for IP address management. However, with ISC DHCP reaching its end-of-life, it’s time to consider transitioning to Kea DHCP—a modern, modular, and high-performance DHCP server developed by the same team at the Internet Systems Consortium (ISC).Wikipedia+2OPNsense Forum+2YouTube+2
Kea DHCP offers a contemporary approach to IP address allocation and centralized management, making it an ideal choice for both production environments and home labs.Wikipedia+3Netgate Forum+3Reddit+3
Advantages of Kea DHCP
- Dynamic Configuration Reloads: Modify lease configurations without restarting the service, ensuring uninterrupted network operations.Wikipedia+3Wikipedia+3Reddit+3
- Modular Architecture: Activate only the components you need, optimizing resource usage.
- Database Integration: Store lease information in MySQL or PostgreSQL databases for scalability and reliability.
- RESTful API: Automate and manage configurations programmatically, enhancing flexibility.
- Extensibility: Implement custom logic through hooks and scripts to meet specific network requirements.
- Active Development: Benefit from ongoing support and updates from the ISC and the broader community.YouTube+4Wikipedia+4Ars Technica+4
Considerations and Limitations
- Resource Consumption: Kea’s advanced features may demand more system resources, particularly when using REST APIs or database backends. This could impact performance on low-powered devices like Raspberry Pi or in lightweight container environments.OPNsense Forum
- High Availability (HA): Unlike ISC DHCP, Kea’s HA capabilities are still evolving. While some HA features exist, they may not match the robustness of ISC’s failover mechanisms.
Setting Up Kea DHCP in OPNsense
OPNsense has integrated Kea DHCP for some time, allowing users to configure it directly through the web interface.
Prerequisites:
- Disable ISC DHCP: Navigate to Services → ISC DHCPv4 and uncheck the «Enable» option.Reddit
- Enable Kea Control Agent: Go to Services → Kea DHCP → Control Agent, check «Enable,» and save the settings.Reddit+1Wikipedia+1
- Configure Kea DHCPv4:
- Navigate to Services → Kea DHCPv4.
- Check «Enable» and select the appropriate interface (e.g., LAN).Reddit+1docs.opnsense.org+1
- In the «Subnets» tab, click «Add» and enter the following:Reddit
- Subnet: e.g.,
192.168.1.0/24 - Pools: e.g.,
192.168.1.100 - 192.168.1.200 - Router (Gateway): e.g.,
192.168.1.1 - DNS Servers: e.g.,
192.168.1.1
- Subnet: e.g.,
- Save and apply the configuration.
Once configured, Kea DHCP will begin assigning IP addresses within the specified range. Existing leases from ISC DHCP will remain active until they expire or are renewed under Kea.Wikipedia+3YouTube+3YouTube+3
Migration Tips
- Static Lease Migration: OPNsense supports exporting and importing static leases in CSV format, facilitating transitions between DHCP servers.
- DNS Integration: Ensure that static mappings are correctly reflected in your DNS resolver (e.g., Unbound) to maintain hostname resolution.
- Testing: Before deploying in a production environment, test the Kea DHCP configuration in a controlled setting to identify and resolve potential issues.
Conclusion
Transitioning to Kea DHCP in OPNsense offers a modern, flexible, and scalable solution for network administrators. While it introduces new features and capabilities, it’s essential to be aware of its current limitations and plan accordingly. As Kea continues to mature, it stands as a robust replacement for the legacy ISC DHCP server.
References: