I am a PFSENSE User and I manage PFSENSE for some other organizations and the time has come to make the switch for the DHCP Server over to KEA from ISC.
Why switch to KEA from ISC?
- ISC will no longer be supported
- KEA has some nice High availability features for IPV4 & IPV6
- Robust Host Reservations which are per subnet vs global, but global reservations are supported.
ISC has some documentation and tools for migrating over to KEA from ISC. PFSense has a warning on the firewalls which can be ignored at your own peril.
Now in PFSense if you try to just "switch" over you may encounter an error. You can see that my ISC Server is running fine but when I switch over to KEA DHCP "Breaks"
With that setup we can modify our NTP server in PFSense located under services
It is recommended setting up 3 to 5 ntp servers to sync with. For myself I decided to go with
- time.apple.com
- time.windows.com
- time.google.com
- time.cloudflare.com
- time.nist.gov
I have set time.apple.com and time.windows.com as my preferred NTP Servers
I ran the command date +"%T"
and when you check the general setting for the time servers you see the NTP Servers we setup in our NTP Service
With these settings your KES migration should be complete and the DHCP Server should work flawlessly. I had no issues with the migration once I removed my NTP servers using DNS. Time has been in sync with no issues.
