<!DOCTYPE html>
<html data-lt-installed="true">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body style="padding-bottom: 1px;">
<p>There is an instance of dnsmasq running on virbr0, which is the
default "nat" interface for kvm vms not using bridged networking.
The virbr0 network is supposed to be isolated from the rest of the
network, but it is possible; According to the output of netstat
-lntup"</p>
<p>tcp 0 0 127.0.0.1:8000 0.0.0.0:*
LISTEN 2707/kea-ctrl-agent <br>
tcp 0 0 192.168.1.104:5357 0.0.0.0:*
LISTEN 2732/python3 <br>
tcp 0 0 0.0.0.0:37099 0.0.0.0:*
LISTEN 2718/rpc.mountd <br>
tcp 0 0 192.168.100.1:53 0.0.0.0:*
LISTEN 3028/dnsmasq <br>
...</p>
<p>udp 0 0 192.168.100.1:53 0.0.0.0:*
3028/dnsmasq <br>
udp 0 0 127.0.0.54:53 0.0.0.0:*
1548/systemd-resolv <br>
udp 0 0 127.0.0.53:53 0.0.0.0:*
1548/systemd-resolv <br>
udp 0 0 0.0.0.0:67 0.0.0.0:*
3028/dnsmasq <br>
</p>
<p>That last line is a bit of a worry, I think kea DHCP4 would be
running on 0.0.0.0:67 if it were running. I'll just check....</p>
<p>tcp 0 0 192.168.1.104:8003 0.0.0.0:*
LISTEN 845230/kea-dhcp4 </p>
<p>When I started dhcp4 the only record netstat-lntop had of it was
tcp rather than udp, but i thought that kea ran on udp by default
unless specified. I actually think the 8003 port is where the
stork server communicates, so perhaps the dnsmasq is blocking kea
from udp.</p>
<p>When I disconnect virbr0 and start kea-dhcp4-server I still get
dnsmasq on 0.0.0.0:67 udp, even though dnsmasq is not installed on
my computer and only runs as part of qemu-kvm. I will look into
this further in the morning.</p>
<p>Regards</p>
<p>Stuart MacGregor</p>
<div class="moz-cite-prefix">On 21/2/26 21:17, Razvan Becheriu
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:146494487.222075.1771672664903.JavaMail.zimbra@isc.org">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div
style="font-size: 12pt; font-family: arial, helvetica, sans-serif; direction: null; color: #000000;"
data-attr="forced_root_block_attrs">
<div>netstat -lntup</div>
<div
style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;"
data-attr="forced_root_block_attrs"> </div>
<div
style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;"
data-attr="forced_root_block_attrs">is dnsmasq running/binding
to same iface/addr/port?</div>
<div> </div>
<div>
<div id="OLK_SRC_BODY_SECTION">
<blockquote
style="margin: 0 0 0 .8em; border-left: 1px #ccc solid; padding-left: 1em;">
<hr id="MESSAGE_DATA_MARKER"><strong>From: </strong>Stuart
<a class="moz-txt-link-rfc2396E" href="mailto:sleepygriogar@gmail.com"><sleepygriogar@gmail.com></a><br>
<strong>To: </strong>Razvan <a class="moz-txt-link-rfc2396E" href="mailto:razvan@isc.org"><razvan@isc.org></a><br>
<strong>Cc: </strong>Kea <a class="moz-txt-link-rfc2396E" href="mailto:kea-users@lists.isc.org"><kea-users@lists.isc.org></a><br>
<strong>Date: </strong>Saturday, 21 February 2026 12:57
PM EET<br>
<strong>Subject: </strong>Re: [Kea-users] Kea DHCP4 not
working on newly configured bridged network<br>
<br>
<p>Razvan,</p>
<p>I tried adding interface "br0" to both my subnets a few
days ago, there was no measurable change so I removed
the lines again.</p>
<p> </p>
<div class="moz-cite-prefix">On 21/2/26 20:48, Razvan
Becheriu wrote:</div>
<blockquote>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;">
<div>can you add “interface”: “br0” to each of your
subnets?</div>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;"> </div>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;">set
logging to DEBUG and level 99</div>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;"> </div>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;">you
can overwrite logging temporarily by passing <span
style="font-style: normal; font-weight: 400; letter-spacing: normal; text-indent: 0px; text-transform: none; white-space: pre-wrap; word-spacing: 0px; text-decoration: none; color: #e3e4e8; font-family: 'open sans' , sans-serif; font-size: 14px; text-align: left; background-color: #191b1f; float: none; display: inline !important;">KEA_LOGGER_SEVERITY="DEBUG" KEA_LOGGER_DBGLEVEL=99 KEA_LOGGER_DESTINATION="stdout"</span></div>
<div> before ./kea-dhcp4 -c …</div>
<div>
<div id="OLK_SRC_BODY_SECTION">
<blockquote
style="margin: 0 0 0 0.8em; border-left: 1px #ccc solid; padding-left: 1em;">
<hr id="MESSAGE_DATA_MARKER"><strong>From: </strong>Stuart
<a href="mailto:sleepygriogar@gmail.com"
target="_blank" rel="noopener noreferrer"
moz-do-not-send="true"><sleepygriogar@gmail.com></a><br>
<strong>To: </strong>Kea <a
href="mailto:kea-users@lists.isc.org"
target="_blank" rel="noopener noreferrer"
moz-do-not-send="true"><kea-users@lists.isc.org></a>;
Razvan <a href="mailto:razvan@isc.org"
target="_blank" rel="noopener noreferrer"
moz-do-not-send="true"><razvan@isc.org></a><br>
<strong>Date: </strong>Saturday, 21 February
2026 12:35 PM EET<br>
<strong>Subject: </strong>Re: [Kea-users] Kea
DHCP4 not working on newly configured bridged
network<br>
<br>
<p>Razvan,</p>
<p>The secondary kea server is on a completely
seperate computer. My home network
infrastructure consists of on decent (ish)
server and several, old, second hand computers
I bought cheap. One of these runs the
secondary server. It binds to the standard
ethernet port of that machine and then
services the network via the router. As I said
the main server is connected to the router
through br0. It connects to the internet and
to other computers on the network (e.g. it
shares files via samba). It even contacts the
secondary dhcp server to ask it to turn off
when I restart kea-dhcp4-server. It then just
doesn't offer leases. The VMs connect to the
router via the Bridged Network and then
receive dhcp DORA from the secondary server
via the router, so long as the main server is
off and failover is complete.</p>
<p>There are no files at all in /var/log/kea.
There is also no fles called kea-dhcp4.log in
/var/log, where the config file indicates it
should be. I think my logging parameters are
screwed up, perhaps I need to change the debug
level or severity, perhaps there is a stupid
typo.</p>
<p>Regards</p>
<p>Stuart MacGregor</p>
<div class="moz-cite-prefix">On 21/2/26 20:10,
Razvan Becheriu wrote:</div>
<blockquote>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;">
<div>Hi,</div>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;"> </div>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;">How
is it that the vms acquire ip using
secondary server? does the secondary bind
on the same interface at the same time?</div>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;"> </div>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;">Logs
should be under
/kea/install/path/var/log/kea</div>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;"> </div>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;">I
think that only one of your servers
successfully binds to the interface and
because the server uses reuse port/address
the secondary if starts second will
receive traffic.</div>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;"> </div>
<div
style="font-size: 12pt; font-family: 'arial' , 'helvetica' , sans-serif; color: #000000;"> </div>
<div> </div>
<div>
<div id="OLK_SRC_BODY_SECTION">
<div id="OLK_SRC_BODY_SECTION">
<blockquote
style="margin: 0 0 0 0.8em; border-left: 1px #ccc solid; padding-left: 1em;">
<hr id="MESSAGE_DATA_MARKER"><strong>From:
</strong>Stuart <a
href="mailto:sleepygriogar@gmail.com" target="_blank"
rel="noopener noreferrer"
moz-do-not-send="true"><sleepygriogar@gmail.com></a><br>
<strong>To: </strong>kea-users <a
href="mailto:kea-users@lists.isc.org" target="_blank"
rel="noopener noreferrer"
moz-do-not-send="true"><kea-users@lists.isc.org></a><br>
<strong>Date: </strong>Saturday, 21
February 2026 3:31 AM EET<br>
<strong>Subject: </strong>[Kea-users]
Kea DHCP4 not working on newly
configured bridged network<br>
<br>
<p>Good Morning,</p>
<p>I am running Ubuntu 24.04, Kea
2.4.1. I have been using Kea
without major issues for a year or
two, isc-dhcp for a couple of
years prior. During recent kernel
updates I decided I was sick of
Virtualbox compatibility issues,
so I created a bridged network so
that I could move my vms
(Nextcloud, Stork) to KVM. I am
somewhat incompetent, but after
about 100 attempts I have managed
to setup a bridged network that
connects my server to the rest of
the network and to the internet.
My new KVM VMs are joining the
network as if they were real
devices. My problem is my kea
DHCP4 server. I guess have done
something stupid, either with
selecting the interface in
kea-dhcp4.conf or with configuring
my bridged network (br0). At this
stage, when I start
kea-dhcp4-server, it communicates
to my HA standby to to take
control of DHCP but then
completely fails to provide ip
addresses itself. So, the network
currently looks like this:</p>
<p><i>dad@<a class="moz-txt-link-freetext" href="macserver:~$">macserver:~$</a> ip a<br>
1: lo:
<LOOPBACK,UP,LOWER_UP> mtu
65536 qdisc noqueue state
UNKNOWN group default qlen 1000<br>
link/loopback
00:00:00:00:00:00 brd
00:00:00:00:00:00<br>
inet 127.0.0.1/8 scope host
lo<br>
valid_lft forever
preferred_lft forever<br>
inet6 ::1/128 scope host
noprefixroute <br>
valid_lft forever
preferred_lft forever<br>
2: enp34s0:
<BROADCAST,MULTICAST,UP,LOWER_UP>
mtu 1500 qdisc fq_codel master
br0 state UP group default qlen
1000<br>
link/ether 2c:<a class="moz-txt-link-freetext" href="f0:5d:2d:88:35">f0:5d:2d:88:35</a>
brd <a class="moz-txt-link-freetext" href="ff:ff:ff:ff:ff:ff">ff:ff:ff:ff:ff:ff</a><br>
3: br0:
<BROADCAST,MULTICAST,UP,LOWER_UP>
mtu 1500 qdisc noqueue state UP
group default qlen 1000<br>
link/ether 42:4c:23:6c:4d:7f
brd <a class="moz-txt-link-freetext" href="ff:ff:ff:ff:ff:ff">ff:ff:ff:ff:ff:ff</a><br>
inet 192.168.1.104/23 brd
192.168.1.255 scope global
noprefixroute br0<br>
valid_lft forever
preferred_lft forever<br>
inet6
<a class="moz-txt-link-freetext" href="fe80::e54c:73f4:f662:95fb/64">fe80::e54c:73f4:f662:95fb/64</a>
scope link noprefixroute <br>
valid_lft forever
preferred_lft forever<br>
4: virbr0:
<NO-CARRIER,BROADCAST,MULTICAST,UP>
mtu 1500 qdisc noqueue state
DOWN group default qlen 1000<br>
link/ether 52:54:00:5b:<a class="moz-txt-link-freetext" href="e6:4e">e6:4e</a>
brd <a class="moz-txt-link-freetext" href="ff:ff:ff:ff:ff:ff">ff:ff:ff:ff:ff:ff</a><br>
inet 192.168.100.1/24 brd
192.168.100.255 scope global
virbr0<br>
valid_lft forever
preferred_lft forever<br>
5: vnet0:
<BROADCAST,MULTICAST,UP,LOWER_UP>
mtu 1500 qdisc noqueue master
br0 state UNKNOWN group default
qlen 1000<br>
link/ether <a class="moz-txt-link-freetext" href="fe:00:27:dc:06:7e">fe:00:27:dc:06:7e</a>
brd <a class="moz-txt-link-freetext" href="ff:ff:ff:ff:ff:ff">ff:ff:ff:ff:ff:ff</a><br>
inet6
<a class="moz-txt-link-freetext" href="fe80::fc00:27ff:fedc:67e/64">fe80::fc00:27ff:fedc:67e/64</a>
scope link <br>
valid_lft forever
preferred_lft forever<br>
6: vnet1:
<BROADCAST,MULTICAST,UP,LOWER_UP>
mtu 1500 qdisc noqueue master
br0 state UNKNOWN group default
qlen 1000<br>
link/ether <a class="moz-txt-link-freetext" href="fe:54:00:80:eb:73">fe:54:00:80:eb:73</a>
brd <a class="moz-txt-link-freetext" href="ff:ff:ff:ff:ff:ff">ff:ff:ff:ff:ff:ff</a><br>
inet6
<a class="moz-txt-link-freetext" href="fe80::fc54:ff:fe80:eb73/64">fe80::fc54:ff:fe80:eb73/64</a> scope
link <br>
valid_lft forever
preferred_lft forever</i></p>
<p>The key sections (eliminating all
my lease reservations and such) of
my dhcp4.conf look like this:</p>
<p><i>{<br>
"Dhcp4": {<br>
"interfaces-config": {<br>
"interfaces": [ "br0" ]<br>
},<br>
"control-socket": {<br>
"socket-type": "unix",<br>
"socket-name":
"/run/kea/kea4-ctrl-socket"<br>
},<br>
"lease-database": {<br>
"type": "memfile",<br>
"lfc-interval": 3600<br>
},<br>
"multi-threading": {<br>
"enable-multi-threading": true,<br>
"thread-pool-size": 2,<br>
"packet-queue-size": 14<br>
},<br>
"client-classes": [<br>
{<br>
"name": "homeauto"<br>
},<br>
{<br>
"name": "normal",<br>
"test": "not
member('homeauto')"<br>
}<br>
],<br>
"option-data": [<br>
{<br>
"space": "dhcp4",<br>
"name": "domain-name",<br>
"code": 15,<br>
"data":
"skfaf.servesarcasm.com"<br>
},<br>
{<br>
"space": "dhcp4",<br>
"name":
"domain-name-servers",<br>
"code": 6,<br>
"data": "192.168.1.1"<br>
},<br>
{<br>
"space": "dhcp4",<br>
"name":
"broadcast-address",<br>
"code": 28,<br>
"data": "192.168.1.255"<br>
},<br>
{<br>
"space": "dhcp4",<br>
"name": "routers",<br>
"code": 3,<br>
"data": "192.168.1.1"<br>
},<br>
{<br>
"space": "dhcp4",<br>
"name": "subnet-mask",<br>
"code": 1,<br>
"data": "255.255.254.0"<br>
}<br>
],<br>
"valid-lifetime": 43200,<br>
"renew-timer": 21600,<br>
"rebind-timer": 32400,<br>
"expired-leases-processing":
{<br>
"reclaim-timer-wait-time": 3600,<br>
"hold-reclaimed-time":
172800,<br>
"max-reclaim-leases": 0,<br>
"max-reclaim-time": 0<br>
}, <br>
"dhcp-ddns": {<br>
"enable-updates": false<br>
},<br>
"authoritative": true,<br>
"hooks-libraries": [<br>
{<br>
"library":
"/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so"<br>
},<br>
{<br>
"library":
"/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_stat_cmds.so"<br>
},<br>
{<br>
"library":
"/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so",<br>
"parameters": {<br>
"high-availability":
[ {<br>
"this-server-name":
"macserver",<br>
"mode":
"hot-standby",<br>
"heatbeat-delay":
10000,<br>
"max-response-delay": 60000,<br>
"max-ack-delay":
5000,<br>
"max-unacked-clients": 5,<br>
"sync-timeout":
60000,<br>
"multi-threading": {<br>
"enable-multi-threading": true,<br>
"http-dedicated-listener": true,<br>
"http-listener-threads": 0,<br>
"http-client-threads": 0<br>
},<br>
"peers": [<br>
{<br>
"name":
"macserver",<br>
"url": <a
href="http://192.168.1.104:8003/" target="_blank"
rel="noopener noreferrer"
moz-do-not-send="true">"http://192.168.1.104:8003/"</a>,<br>
"role":
"primary"<br>
},<br>
{ <br>
"name":
"oldhp",<br>
"url": <a
href="http://192.168.1.110:8003/" target="_blank"
rel="noopener noreferrer"
moz-do-not-send="true">"http://192.168.1.110:8003/"</a>,<br>
"role":
"standby"<br>
}<br>
]<br>
} ]<br>
}<br>
}</i></p>
<p><i> </i></p>
<p><i>],<br>
"shared-networks": [<br>
{<br>
"name": "macnet",<br>
"subnet4": [<br>
{<br>
"id": 1,<br>
"subnet":
"192.168.1.0/24",<br>
"pools": [<br>
{<br>
"pool":
"192.168.1.124 - 192.168.1.198",<br>
"client-class":
"normal"<br>
}<br>
],<br>
"option-data": [<br>
{<br>
"space": "dhcp4",<br>
"name":
"routers",<br>
"code": 3,<br>
"data":
"192.168.1.1"<br>
}<br>
]<br>
},<br>
{<br>
"id": 2,<br>
"subnet":
"192.168.0.0/23",<br>
"pools": [<br>
{<br>
"pool":
"192.168.0.150 - 192.168.0.175",<br>
"client-class":
"homeauto"<br>
}<br>
],<br>
"option-data": [<br>
{<br>
"space": "dhcp4",<br>
"name":
"routers",<br>
"code": 3,<br>
"data":
"192.168.1.1"<br>
},<br>
{<br>
"space": "dhcp4",<br>
"name":
"domain-name-servers",<br>
"code": 6,<br>
"data":
"192.168.1.1"<br>
}<br>
]<br>
}<br>
]<br>
}<br>
],<br>
"loggers": [<br>
{<br>
"name": "kea-dhcp4",<br>
"output_options": [<br>
{<br>
"output":
"/var/log/kea-dhcp4.log",<br>
"maxsize": 2048000,<br>
"maxver": 4<br>
}<br>
],<br>
"severity": "INFO",<br>
"debuglevel": 0<br>
}<br>
]<br>
}<br>
}</i></p>
<p> </p>
<p>I changed my "interface" to "br0"
because my previous setup (exerp
below) stopped working when I
started the br0 network. </p>
<p> <i>{<br>
"Dhcp4": {<br>
"interfaces-config": {<br>
"interfaces": [ "enp34s0" ]</i></p>
<p>Changing the interface to "br0"
has had exactly no effect.</p>
<p>I realise that I have missed
something fundamental and I am
wasting your valuable time.
However I have been trying to sort
this out for days (in whatever
spare time is available) and I
have acheived nothing. Each time I
start kea-dhcp-server on my main
server it appears in Stork with no
errors, systemd says its running
fine and my HA standby stops
providing dhcp. Unfortunately if I
then turn on a device it simply
does not receive an ip lease. If I
turn off DHCP on the main server
then eventually the standby starts
takes over dhcp again and network
functions return to normal (though
this takes a very long time &
sometimes requires a restart of
kea-dhcp4-server on the stanby
server, perhaps another error to
fix later). Even my new VMs
receive ips seamlessly from the
standby server.</p>
<p>If you need to see some logs,
please tell me where I can
retreive them because I haven't
been able to work that out either
(I think I need to change my
logging parameters in
kea-dhcp4.conf). I used Wireshark
to capture network coms before and
after turning on the main dhcp
server but I then realised that I
was too stupid/ignorant to work
out what was going on from the
output. I can provided the
Wireshark output, but it is a
large file (ran it for too long
and filtered it poorly, I think)
that I won't inflict on you unless
you wish it.</p>
<p>Please give me some ideas of what
I have to do to troubleshoot/fix
this.</p>
<p>Regards</p>
<p>Stuart MacGregor</p>
<p> </p>
<p> </p>
</blockquote>
</div>
</div>
</div>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
</blockquote>
</blockquote>
</div>
</div>
</div>
</blockquote>
</blockquote>
</div>
</div>
</div>
</blockquote>
</body>
<lt-container></lt-container>
</html>