Bug #15023
closedKEA DHCP and ERROR [kea-dhcp4.dhcp4.0x545c1212000] DHCP4_PARSER_FAIL failed to create or run parser for configuration element subnet4: option data does not match option definition (space: dhcp4, code: 42)
0%
Description
Hi Everyone,
I'm using the latest pfSense image, 2.7.1 (amd64). I got the ISC DHCP warning on reboot. I switched to KEA DHCP, saved the setting and rebooted again.
It looks like the KEA DHCP server is not starting on boot. Clicking the triangle to start the services also fails.
Looking at the DHCP logs, I see this:
ERROR [kea-dhcp4.dhcp4.0x545c1212000] DHCP4_PARSER_FAIL failed to create or run parser for configuration element subnet4: option data does not match option definition (space: dhcp4, code: 42): Failed to convert string to address 'time-a-g.nist.gov': Invalid argument (/usr/local/etc/kea/kea-dhcp4.conf:81:33).
I must apologize. I don't know how to list kea-dhcp4.conf to show what is at kea-dhcp4.conf:81. About all I can say is, I did not customize it. It is the same as what pfSense shipped to me.
Obviously, I have NTP servers set in DHCP Server configurations. I am using time-a-g.nist.gov and time-e-g.nist.gov from <https://tf.nist.gov/tf-cgi/servers.cgi>.
I think I am going to switch back to ISC DHCP until KEA DHCP is ready for production.
Sorry to trouble the team with this.
Related issues
Updated by Jeffrey Walton about 1 year ago
After SSH'ing into the box, this is what is reported for kea-dhcp4.conf:
```
$ cat -n /usr/local/etc/kea/kea-dhcp4.conf
...
79 {
80 "name": "ntp-servers",
81 "data": "time-a-g.nist.gov, time-e-g.nist.gov"
82 }
```
And I should probably mention I use the web pages to configure this box. I don't use the shell over SSH. It is rare for me to use SSH for this machine. I don't want to break things.
Updated by Jim Pingle about 1 year ago
- Status changed from New to Duplicate
Given the content of the file causing the error, this is a duplicate of #14991
Updated by Jim Pingle about 1 year ago
- Is duplicate of Bug #14991: Kea does not allow FQDNs for NTP servers but input validation does not prevent them from being added added
Updated by Jeffrey Walton about 1 year ago
Thanks Jim.
I just took a look at RFC 2132, Section 8.3, <https://datatracker.ietf.org/doc/html/rfc2132#section-8.3>. I have been using Option 42 incorrectly for decades. I have been supplying the FQDN rather than the IP address.
I am terribly sorry about this.