Hi Everyone, I'm in the process of implementing VLANs on my home network to separate my IoT devices onto their own VLAN to eventually segment those devices from my main network.
I currently have Kea setup with reservations for all of these devices, IoT, user systems, and other devices. I've taken my existing reservation information and separated out the IoT devices to their own network addresses for the VLAN they will reside on [ 192.168.12.0/24], with all of the user systems and other devices with another network [192.168.11.0/24], and all of the network and administratives devices on the default VLAN [192.168.10.0/24]. I reconfigured my Kea system [a Rasberry Pi running Ubuntu 22.04 with Kea 2.0.2] with interfaces on all of these VLANs to listen for the DHCP requests. My network equipment is all Unifi and I reconfigured all of the relevant ports on the switches with the appropriate VLAN the device should be on. I also put the two separate SSIDs configured on their respective VLANs. My gateway device is a pfSense box with the network interfaces configured with the appropriate VLAN gateways. I restarted the Kea service aftyer making all of these changes and thought everything "would just work" and the devices would get the appropriate IP address reservation. I was wrong. Even though I had interfaces on all of the VLANs and set Kea to listen on those interfaces, I still needed to set the DHCP Relay feature on the pfSense device to point to my server. Things kind of started to work then, but I still wasn't getting addresses assigned. After some troubleshooting and frustration, I eventually reverted everything back to the original configuration [everything on the Default VLAN]. I'm not entirely sure why things didn't work out the way I expected, but I have some hunches that I'd like to get some feedback on: - *Existing reservations haven't expired* - The time I had set for the lifetime of the reservation [7200 seconds] hadn't expired - *Reservation database [flat file]* - Still had entries for all of the devices - *Something else?* - Something else I'm not considering when making this change? Ultimately it seems to me that I should have somehow "flushed" everything before making my change so that everything would be new and not have any type of existing reservation? I know that the reservations on the new VLANs work because I created test SSIDs, assigned them to the new VLANs, and connected wireless clients and they get the appropriate address I'm expecting [no MAC address reservation though]. If anyone has done something similar or has any other advice on what I should be doing or looking at, it would be greatly appreciated! -Ubence
-- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/kea-users
