Kea DHCPv4 does not respond to DHCPDISCOVER on VLAN interface despite correct configuration

[mgsdomo]

Environment:

• OPNsense version: 26.1.1
• Kea DHCPv4 enabled
• VLAN interface: WIFI_VLAN50 (vlan0.50)
• Interface IP: 10.4.50.5/28
• DHCP pool: 10.4.50.6–10.4.50.14
• Auto collect option data: enabled
• Firewall rule: allow DHCP on WIFI_VLAN50
• Client: mobile phone connecting via UniFi AP

Problem:
Kea receives no DHCPDISCOVER on WIFI_VLAN50, even though the firewall logs show the packet arriving on the correct interface.

Firewall log example:
UDP 0.0.0.0:68 → 255.255.255.255:67 (pass, allow access to DHCP server)

Kea log shows no DHCPDISCOVER entries at all.

Additional tests:

• Assigning a static IP (10.4.50.10/28) on the client works perfectly: routing, DNS and Internet access all function.
• This confirms VLAN tagging, switching, routing and firewall rules are correct.
• Only Kea DHCPv4 fails to respond.

Expected behavior:
Kea should receive the DHCPDISCOVER and respond with DHCPOFFER.

Actual behavior:
Kea receives nothing and does not respond.

Notes:
The same configuration works instantly if switching to ISC DHCPv4.

VLAN INTERFACE CONFIG:

KEA SUBNET CONFIG:

FIREWALL LOGS SHOWING DISCOVER:

KEA LOGS WITHOUT DISCOVER:

FIREWALL LOGS - CLIENT WITH STATIC ADDRESS:

ISC DHCPv4 LEASES:

[OPNsense-bot]

Thank you for creating an issue.
Since the ticket doesn't seem to be using one of our templates, we're marking this issue as low priority until further notice.

For more information about the policies for this repository,
please read https://github.com/opnsense/core/blob/master/CONTRIBUTING.md for further details.

The easiest option to gain traction is to close this ticket and open a new one using one of our templates.

[adrianhiller]

Maybe duplicate of #9743 ?