Kea-DHCP: DDNS & Shared Network Feature Requests

Hey guys! Let's dive into some cool feature requests for Kea-DHCP that could seriously level up our network game. We're talking about getting DHCP-DDNS configured and enabling those sweet "shared networks" to handle both GUA and ULA addressing. Now, wouldn't that be something? So, let's get started!

The Core Requests: DHCP-DDNS and Shared Networks

Alright, so here's the deal. We've got two main requests on the table for the Kea-DHCP port. First off, we want to enable the configuration of DHCP-DDNS. This is huge because it means our DHCP server can automatically update DNS records whenever a device gets a new IP address. No more manual updates – talk about a time-saver! Secondly, we're aiming to enable provisioning of "shared networks". Why? Because we want to seamlessly accommodate both Global Unicast Addresses (GUA) and Unique Local Addresses (ULA). This is crucial for modern networks where you might have both public and private IP addressing schemes running side-by-side.

Diving Deep into DHCP-DDNS

So, what's the big deal with DHCP-DDNS? Imagine you've got a bunch of devices on your network, and their IP addresses are constantly changing. Without DHCP-DDNS, you'd have to manually update your DNS records every single time an IP address changes. That's a major headache, especially in larger networks. But with DHCP-DDNS, your DHCP server automatically updates the DNS records whenever a device gets a new IP address. This ensures that your DNS records are always up-to-date, which is essential for reliable network communication. Plus, it's just way more convenient. You set it up once, and then you can forget about it. No more manual updates, no more worrying about stale DNS records. It's a win-win situation.

The Magic of Shared Networks

Now, let's talk about shared networks. In today's networking landscape, it's common to have both GUA and ULA addresses in use. GUA addresses are the public IP addresses that allow devices to communicate with the outside world, while ULA addresses are private IP addresses that are used for internal communication. The challenge is that you need to be able to manage both types of addresses effectively. That's where shared networks come in. With shared networks, you can configure your DHCP server to assign both GUA and ULA addresses from the same network segment. This simplifies network management and ensures that devices can communicate seamlessly, regardless of whether they're using a public or private IP address. It's a powerful tool for creating flexible and scalable networks.

The Configuration Conundrum: WebUI vs. Direct .conf Files

Now, here’s a question for the OpnSense gurus. If a full-blown WebUI integration turns out to be too complex or time-consuming, could we at least get the option to directly tweak the .conf files? Sometimes, getting our hands dirty with the raw configuration files is the quickest path to victory. I mean, let's face it, we all love a good CLI session now and then, right? Think about it – a simple text editor and a well-documented configuration file could unlock a ton of potential for advanced users who want to fine-tune their Kea-DHCP setup.

Why Direct Configuration Files? The Power User's Perspective

For those of us who like to tinker under the hood, direct access to the .conf files is a game-changer. It allows us to implement advanced configurations that might not be possible through a WebUI. For example, we could create custom DHCP options, configure advanced logging, or even integrate Kea-DHCP with other network services. The possibilities are endless. Plus, direct access to the configuration files gives us a level of control and transparency that's hard to match with a WebUI. We can see exactly what's going on under the hood, and we can make changes with confidence, knowing that we have full control over the configuration.

The WebUI Advantage: Simplicity and Accessibility

Of course, a WebUI has its own advantages. It's more user-friendly, especially for those who are new to networking. A well-designed WebUI can make it easy to configure common DHCP settings, such as IP address ranges, lease times, and DNS servers. It can also provide a visual overview of the network, making it easier to troubleshoot problems. So, ideally, we'd have both options: a WebUI for basic configuration and direct access to the .conf files for advanced configuration. That way, everyone can use Kea-DHCP in the way that works best for them.

Real-World Testing: A Glimpse of What's Possible

I've been playing around with Kea-DHCP v3.0.2 on a separate FreeBSD box, and let me tell you, the results are pretty promising. Here’s what I’ve found:

• Shared Networks FTW: Shared Networks work like a charm! I can assign both GUA and ULA addresses from the configured pools. This is working perfectly for the primary "lan" interface and an aliased "vlan01" interface on the same hardware port (think "rge0" and "rge0.1").
• IPv6 Traffic Flow: IPv6 traffic on both GUA and ULA networks from client systems to the Public Internet? No problem! It just works. The Default Gateway can be set to either GUA or ULA, and routing to a GUA/ULA network-specific gateway is a breeze.
• Data Isolation: Data flows cleanly to both the "lan" subnet and the "vlan01" subnet internally with absolutely no crossover. This is crucial for keeping things secure and organized.
• DDNS Delight: DDNS in both IPv4 and IPv6 is doing its thing, updating my internal "master" DNS server with IPv4 and both the GUA and ULA IPv6s. I'm seeing those A and AAAA records in the "lan.internal" and "iot.internal" TLDs, and PTR records are popping up in the right ".ip6.arpa" zones. And yes, the "always" or "when-not-present" flags are working as expected.
• Single Network Configuration: Here’s a neat trick – Shared Networks configuration works with just one network/range/pool defined. This means it could be used as a default for all networks, which simplifies things quite a bit.

Caveat Alert: I don’t have a full test rack, so my testing scope is somewhat limited. But based on what I’m seeing, it looks like enabling Shared Subnets and DDNS updates in the Kea-DHCP config would be a major win.

Deep Dive into Test Results

Let's break down these test results a bit more. The fact that Shared Networks is working so well is a huge deal. It means that we can easily manage both public and private IP addresses on the same network segment. This is essential for modern networks where you might have devices that need to communicate with both the outside world and other devices on the local network. The IPv6 traffic flow is also a critical factor. With IPv6 becoming more and more prevalent, it's important that our DHCP server can handle IPv6 addresses seamlessly. The data isolation is another key point. We need to make sure that traffic on different subnets is kept separate, both for security and for performance reasons. And of course, the DDNS functionality is a major time-saver. By automatically updating DNS records, we can ensure that our network is always up-to-date and that devices can always find each other.

The OpnSense Dream: Centralized Network Management

Even though my internal test platform is purring like a kitten, I’d much rather have this running on the OpnSense system. Why? Because that’s where radvd and all those other "find my PD and populate addresses" scripts are hanging out. It just makes sense to centralize everything in one place. Plus, OpnSense is a rock-solid platform that I trust to keep my network running smoothly.

Why OpnSense? The Benefits of Centralization

Centralizing network management on OpnSense offers several key advantages. First, it simplifies administration. Instead of having to manage multiple systems, you can manage everything from a single interface. This saves time and reduces the risk of errors. Second, it improves security. By centralizing network management, you can more easily monitor and control network traffic, which helps to prevent security breaches. Third, it enhances performance. By optimizing network settings in one place, you can improve the overall performance of your network. And finally, it makes troubleshooting easier. When problems arise, you can quickly identify and resolve them from a central location.

The Million-Dollar Question: Roadmap to Success?

So, the big question is: is there any hope of getting this on the roadmap? Any chance we can add this to the Plan of Action and Milestones (PoA&M)? I know the OpnSense team is super busy, but these features would be a game-changer for many of us. Fingers crossed!

The Future of Kea-DHCP on OpnSense: A Vision

Imagine a future where Kea-DHCP on OpnSense is a fully-featured, easy-to-use DHCP server that supports DHCP-DDNS and shared networks. In this future, network administrators can easily configure their networks to support both public and private IP addresses, and they can rest assured that their DNS records are always up-to-date. This would make OpnSense an even more powerful and versatile network appliance, and it would solidify its position as a leader in the open-source networking space. So, let's make this vision a reality! Let's work together to bring these features to Kea-DHCP on OpnSense.