DHCP static mappings not registered into Unbound

[rmendes76]

Hello,

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

• I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
• I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

Is your feature request related to a problem? Please describe.

All static DHCP mappings to KEA's new DHCP server are not resolved with Unbound.
Despite "Register DHCP Leases" option into Unbound checked.
With ISC-DHCP-SERVER, I have no issue.

Describe the solution you like

Add KEA's static mappings to Unbound with a reload action, like we had with ISC-DHCP-SERVER.

Describe alternatives you considered

N/A

Additional context

Add any other context or screenshots about the feature request here or links to relevant forum thread or similar

Environment

OPNsense Version :
OPNsense 24.1.1-amd64
FreeBSD 13.2-RELEASE-p9
OpenSSL 3.0.13

CPU type:
AMD GX-412TC SOC (4 cores, 4 threads)

Thanks a lot.

[AdSchellevis]

not planned, but made the toggle in Unbound more clear about what it's offering in 43c3ca4

see also #7209 (comment)

[KDGundermann]

Hi Ad,
may I ask, why this is not planned? Is it to difficult to achieve with KEA ?
We are heavy relying on that static DHCP entries are resolved by DNS.
So adding every DHCP reservations in DNS manually is cumbersome and error prone.
Best regards
Klaus

[AdSchellevis]

Hi Klaus,

Sure you may, the mechanism used to tail the leases file is far from optimal and requires entanglement between services.
Adding some option to register static leases into host overrides might be an option, but has challenges of it's own (restarting unbound on kea restarts is far from optimal for example).

So, it's not a "no, never", but needs a plan before we will consider spending our time on it. To some degree it looks nice to register all leases in the dns, but has downsides and personally I highly doubt it solves the issue at the right place.

By my knowledge there's no direct integration available between both services which copes with restarts properly.

Best regards,

Ad

[miken32]

I'm just trying out Kea and this isn't a very important feature for us, but the DNS integration is something we're using with ISC.

Maybe configuration for run-script hooks could be exposed in the UI, for users to run their own scripts on certain events? (Assuming there's some unobtrusive way to push an entry into Unbound from the command line.)

https://kea.readthedocs.io/en/latest/arm/hooks.html#hooks-run-script

[AdSchellevis]

from the gui not likely (unless being safeguarded via configd in some way), but this will have state issues as well (restarting unbound and being unaware of passed events).

[it9exm]

This is affecting not only static mappings, but also temporary leases.
These not being registered in Unbound are turning KEA pointless for me.
I tried to switch yesterday, taking for granted that it would have the same basic feature set, but I had to revert.
With the ISC DHCP server being deprecated and the introduction of KEA in 24.0, the lack of integration with Unbound is really embarrassing. I can't wait to see someone here coming up with a plan to automatically register DNS bindings with the least possible entanglement, I think it's a shame giving up all the other cool features like the Agent and HA.

[fichtner]

In the roadmap discussion this came up and there are far more important things to tackle with Kea IPv4 support before we can work on this, likely rewriting the whole registration pass. So we've limited it to ISC in the GUI to match what it does underneath.

Cheers,
Franco