1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
|
.\" dhcpd.conf.5
.\"
.\" Copyright (c) 1995, 1996 The Internet Software Consortium.
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of The Internet Software Consortium nor the names
.\" of its contributors may be used to endorse or promote products derived
.\" from this software without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND
.\" CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
.\" INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
.\" DISCLAIMED. IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR
.\" CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
.\" USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
.\" ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
.\" OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" This software has been written for the Internet Software Consortium
.\" by Ted Lemon <mellon@fugue.com> in cooperation with Vixie
.\" Enterprises. To learn more about the Internet Software Consortium,
.\" see ``http://www.isc.org/isc''. To learn more about Vixie
.\" Enterprises, see ``http://www.vix.com''.
.TH dhcpd.conf 5
.SH NAME
dhcpd.conf - dhcpd configuration file
.SH DESCRIPTION
The dhcpd.conf file contains configuration information for
.IR dhcpd,
the Internet Software Consortium DHCP Server.
.PP
The dhcpd.conf file is a free-form ASCII text file. It is parsed by
the recursive-descent parser built into dhcpd. The file may contain
extra tabs and newlines for formatting purposes. Keywords in the file
are case-insensitive. Comments may be placed anywhere within the
file (except within quotes). Comments begin with the # character and
end at the end of the line.
.PP
The file essentially consists of a list of statements. Statements
fall into two broad categories - parameters and declarations.
.PP
Parameter statements either say how to do something (e.g., how long a
lease to offer), whether to do something (e.g., should dhcpd provide
addresses to unknown clients), or what parameters to provide to the
client (e.g., use gateway 220.177.244.7).
.PP
Declarations are used to describe the topology of the
network, to describe clients on the network, to provide addresses that
can be assigned to clients, or to apply a group of parameters to a
group of declarations. In any group of parameters and declarations,
all parameters must be specified before any declarations which depend
on those parameters may be specified.
.PP
Declarations about network topology include the
\fIserver-identifier\fR, the \fIshared-network\fR and the \fIsubnet\fR
declarations. If clients on a subnet are to be assigned addresses
dynamically, a \fIrange\fR declaration must appear within the
\fIsubnet\fR declaration. For clients with statically assigned
addresses, or for installations where only known clients will be
served, each such client must have a \fIhost\fR declaration. If
parameters are to be applied to a group of declarations which are not
related strictly on a per-subnet basis, the \fIgroup\fR declaration
can be used.
.PP
Each dhcpd.conf file must have one (and only one)
.I server-identifier
declaration, which tells dhcpd the identifier to use when issuing
leases. For every subnet which will be served, and for every subnet
to which the dhcp server is connected, there must be one \fIsubnet\fR
declaration, which tells dhcpd how to recognize that an address is on
that subnet. A \fIsubnet\fR declaration is required for each subnet
even if no addresses will be dynamically allocated on that subnet.
.PP
Some installations have physical networks on which more than one IP
subnet operates. For example, if there is a site-wide requirement
that 8-bit subnet masks be used, but a department with a single
physical ethernet network expands to the point where it has more than
254 nodes, it may be necessary to run two 8-bit subnets on the same
ethernet until such time as a new physical network can be added. In
this case, the \fIsubnet\fR declarations for these two networks may be
enclosed in a \fIshared-network\fR declaration.
.PP
Some sites may have departments which have clients on more than one
subnet, but it may be desirable to offer those clients a uniform set
of parameters which are different than what would be offered to
clients from other departments on the same subnet. For clients which
will be declared explicitly with \fIhost\fR declarations, these
declarations can be enclosed in a \fIgroup\fR declaration along with
the parameters which are common to that department. For clients
whose addresses will be dynamically assigned, there is currently no
way to group parameter assignments other than by network topology.
.PP
When a client is to be booted, its boot parameters are determined by
first consulting that client's \fIhost\fR declaration (if any), then
consulting the \fIgroup\fR declaration (if any) which enclosed that
\fIhost\fR declaration, then consulting the \fIsubnet\fR declaration
for the subnet on which the client is booting, then consulting the
\fIshared-network\fR declaration (if any) containing that subnet, and
finally consulting the top-level parameters which may be specified
outside of any declaration.
.PP
When dhcpd tries to find a \fIhost\fR declaration for a client, it
first looks for a \fIhost\fR declaration which has a
\fIfixed-address\fR parameter which matches the subnet or shared
network on which the client is booting. If it doesn't find any such
entry, it then tries to find an entry which has no \fIfixed-address\fR
parameter. If no such entry is found, then dhcpd acts as if there is
no entry in the dhcpd.conf file for that client, even if there is an
entry for that client on a different subnet or shared network.
.SH EXAMPLES
.PP
A typical dhcpd.conf file will look something like this:
.nf
server-identifier dhcps.isc.org;
.I global parameters...
shared-network ISC-BIGGIE {
\fIshared-network-specific parameters...\fR
subnet 204.254.239.0 netmask 255.255.255.224 {
\fIsubnet-specific parameters...\fR
range 204.254.239.10 204.254.239.30;
}
subnet 204.254.239.32 netmask 255.255.255.224 {
\fIsubnet-specific parameters...\fR
range 204.254.239.42 204.254.239.62;
}
}
subnet 204.254.239.64 netmask 255.255.255.224 {
\fIsubnet-specific parameters...\fR
range 204.254.239.74 204.254.239.94;
}
group {
\fIgroup-specific parameters...\fR
host zappo.test.isc.org {
\fIhost-specific parameters...\fR
}
host beppo.test.isc.org {
\fIhost-specific parameters...\fR
}
host harpo.test.isc.org {
\fIhost-specific parameters...\fR
}
}
.ce 1
Figure 1
.fi
.PP
Notice that after the server-identifier declaration, there's a place
for global parameters. These might be things like the organization's
domain name, the addresses of the name servers (if they are common to
the entire organization), and so on. So, for example:
.nf
option domain-name "isc.org";
option name-servers ns1.isc.org, ns2.isc.org;
.ce 1
Figure 2
.fi
.PP
As you can see in Figure 2, it's legal to specify host addresses in
parameters as domain names rather than as numeric IP addresses. If a
given hostname resolves to more than one IP address (for example, if
that host has two ethernet interfaces), both addresses are supplied to
the client.
.PP
In Figure 1, you can see that both the shared-network statement and
the subnet statements can have parameters. Let us say that the
shared network \fIISC-BIGGIE\fR supports an entire department -
perhaps the accounting department. If accounting has its own domain,
then a shared-network-specific parameter might be:
.nf
option domain-name "accounting.isc.org";
.fi
.PP
All subnet declarations appearing in the shared-network declaration
would then have the domain-name option set to "accounting.isc.org"
instead of just "isc.org".
.PP
The most obvious reason for having subnet-specific parameters as
shown in Figure 1 is that each subnet, of necessity, has its own
router. So for the first subnet, for example, there should be
something like:
.nf
option routers 204.254.239.1;
.fi
.PP
Note that the address here is specified numerically. This is not
required - if you have a different domain name for each interface on
your router, it's perfectly legitimate to use the domain name for that
interface instead of the numeric address. However, in many cases
there may be only one domain name for all of a router's IP addresses, and
it would not be appropriate to use that name here.
.PP
In Figure 1 there is also a \fIgroup\fR statement, which provides
common parameters for a set of three hosts - zappo, beppo and harpo.
As you can see, these hosts are all in the test.isc.org domain, so it
might make sense for a group-specific parameter to override the domain
name supplied to these hosts:
.nf
option domain-name "test.isc.org";
.fi
.PP
Also, given the domain they're in, these are probably test machines.
If we wanted to test the DHCP leasing mechanism, we might set the
lease timeout somewhat shorter than the default:
.nf
max-lease-time 120;
default-lease-time 120;
.fi
.PP
You may have noticed that while some parameters start with the
\fIoption\fR keyword, some do not. Parameters starting with the
\fIoption\fR keyword correspond to actual DHCP options, while
parameters that do not start with the option keyword either control
the behaviour of the DHCP server (e.g., how long a lease dhcpd will
give out), or specify client parameters that are not optional in the
DHCP protocol (for example, server-name and filename).
.PP
In Figure 1, each host had \fIhost-specific parameters\fR. These
could include such things as the \fIhostname\fR option, the name of a
file to upload (the \fIfilename parameter) and the address of the
server from which to upload the file (the \fInext-server\fR
parameter). In general, any parameter can appear anywhere that
parameters are allowed, and will be applied according to the scope in
which the parameter appears.
.PP
Imagine that you have a site with a lot of NCD X-Terminals. These
terminals come in a variety of models, and you want to specify the
boot files for each models. One way to do this would be to have host
declarations for each server and group them by model:
.nf
group {
filename "Xncd19r";
next-server ncd-booter;
host ncd1 { hardware ethernet 0:c0:c3:49:2b:57; }
host ncd4 { hardware ethernet 0:c0:c3:80:fc:32; }
host ncd8 { hardware ethernet 0:c0:c3:22:46:81; }
}
group {
filename "Xncd19c";
next-server ncd-booter;
host ncd2 { hardware ethernet 0:c0:c3:88:2d:81; }
host ncd3 { hardware ethernet 0:c0:c3:00:14:11; }
}
group {
filename "XncdHMX";
next-server ncd-booter;
host ncd1 { hardware ethernet 0:c0:c3:11:90:23; }
host ncd4 { hardware ethernet 0:c0:c3:91:a7:8; }
host ncd8 { hardware ethernet 0:c0:c3:cc:a:8f; }
}
.fi
.SH REFERENCE: DECLARATIONS
.PP
.B The
.I server-identifier
.B statement
.PP
\fBserver-identifier \fIhostname\fR\fB;\fR
.PP
The server-identifier declaration must be used exactly once in each
dhcpd.conf file to tell dhcpd what IP address to use as its server
identifier, as required by the DHCP protocol. On a machine with a
single interface, the server identifier should be the primary address
of that interface. On machines with multiple interfaces, the address
of one such interface must be chosen. Any address may be chosen, as
long as it is the address of one of the interfaces of that machine.
.PP
.B The
.I shared-network
.B statement
.PP
.nf
\fBshared-network\fR \fIname\fR \fB{\fR
[ \fIparameters\fR ]
[ \fIdeclarations\fR ]
\fB}\fR
.fi
.PP
The \fIshared-network\fR statement is used to inform the DHCP server
that some IP subnets actually share the same physical network. Any
subnets in a shared network should be declared within a
\fIshared-network\fR statement. Parameters specified in the
\fIshared-network\fR statement will be used when booting clients on
those subnets unless parameters provided at the subnet or host level
override them. If any subnet in a shared network has addresses
available for dynamic allocation, those addresses are collected into a
common pool for that shared network and assigned to clients as needed.
There is no way to distinguish on which subnet of a shared network a
client should boot.
.PP
.I Name
should be the name of the shared network. This name is used when
printing debugging messages, so it should be descriptive for the
shared network. The name may have the syntax of a valid domain name
(although it will never be used as such), or it may be any arbitrary
name, enclosed in quotes.
.PP
.B The
.I subnet
.B statement
.PP
.nf
\fBsubnet\fR \fIsubnet-number\fR \fBnetmask\fR \fInetmask\fR \fB{\fR
[ \fIparameters\fR ]
[ \fIdeclarations\fR ]
\fB}\fR
.fi
.PP
The \fIsubnet\fR statement is used to provide dhcpd with enough
information to tell whether or not an IP address is on that subnet.
It may also be used to provide subnet-specific parameters and to
specify what addresses may be dynamically allocated to clients booting
on that subnet. Such addresses are specified using the \fIrange\fR
declaration.
.PP
The
.I subnet-number
should be an IP address or domain name which resolves to the subnet
number of the subnet being described. The
.I netmask
should be an IP address or domain name which resolves to the subnet mask
of the subnet being described. The subnet number, together with the
netmask, are sufficient to determine whether any given IP address is
on the specified subnet.
.PP
Although a netmask must be given with every subnet declaration, it is
recommended that if there is any variance in subnet masks at a site, a
subnet-mask option statement be used in each subnet declaration to set
the desired subnet mask, since any subnet-mask option statement will
override the subnet mask declared in the subnet statement.
.PP
.B The
.I range
.B statement
.PP
.nf
\fBrange\fR [ \fBdynamic-bootp\fR ] \fIlow-address\fR [ \fIhigh-address\fR]\fB;\fR
.fi
.PP
For any subnet on which addresses will be assigned dynamically, there
must be at least one \fIrange\fR statement. The range statement
gives the lowest and highest IP addresses in a range. All IP
addresses in the range should be in the subnet in which the
\fIrange\fR statement is declared. The \fIdynamic-bootp\fR flag may
be specified if addresses in the specified range may be dynamically
assigned to BOOTP clients as well as DHCP clients. When specifying a
single address, \fIhigh-address\fR can be omitted.
.PP
.B The
.I host
.B statement
.PP
.nf
\fBhost\fR \fIhostname\fR {
[ \fIparameters\fR ]
[ \fIdeclarations\fR ]
\fB}\fR
.fi
.PP
There must be at least one
.B host
statement for every BOOTP client that is to be served.
.B host
statements may also be specified for DHCP clients, although this is
not required unless booting is only enabled for known hosts.
.PP
If it is desirable to be able to boot a DHCP or BOOTP
client on more than one subnet with fixed addresses, more than one
address may be specified in the
.I fixed-address
parameter, or more than one
.B host
statement may be specified.
.PP
If client-specific boot parameters must change based on the network
to which the client is attached, then multiple
.B host
statements should
be used.
.PP
If a client is to be booted using a fixed address if it's
possible, but should be allocated a dynamic address otherwise, then a
.B host
statement must be specified without a
.B fixed-address
clause.
.I hostname
should be a name identifying the host. If a \fIhostname\fR option is
not specified for the host, \fIhostname\fR is used.
.PP
\fIHost\fR declarations are matched to actual DHCP or BOOTP clients
by matching the \fRdhcp-client-identifier\fR option specified in the
\fIhost\fR declaration to the one supplied by the client, or, if the
\fIhost\fR declaration or the client does not provide a
\fRdhcp-client-identifier\fR option, by matching the \fIhardware\fR
parameter in the \fIhost\fR declaration to the network hardware
address supplied by the client. BOOTP clients do not normally
provide a \fIdhcp-client-identifier\fR, so the hardware address must
be used for all clients that may boot using the BOOTP protocol.
.PP
.B The
.I group
.B statement
.PP
.nf
\fBgroup\fR {
[ \fIparameters\fR ]
[ \fIdeclarations\fR ]
\fB}\fR
.fi
.PP
The group statement is used simply to apply one or more parameters to
a group of declarations. It can be used to group hosts, shared
networks, subnets, or even other groups.
.SH REFERENCE: ALLOW and DENY
.PP
The
.I allow
and
.I deny
statements can be used to control the behaviour of dhcpd to various
sorts of requests.
.PP
.PP
.B The
.I unknown-clients
.B keyword
.PP
\fBallow unknown-clients;\fR
\fBdeny unknown-clients;\fR
.PP
The \fBunknown-clients\fR flag is used to tell dhcpd whether
or not to dynamically assign addresses to unknown clients. Dynamic
address assignment to unknown clients is \fBallow\fRed by default.
.PP
.B The
.I bootp
.B keyword
.PP
\fBallow bootp;\fR
\fBdeny bootp;\fR
.PP
The \fBunknown-clients\fR flag is used to tell dhcpd whether
or not to respond to bootp queries. Bootp queries are \fBallow\fRed
by default.
.PP
.B The
.I booting
.B keyword
.PP
\fBallow booting;\fR
\fBdeny booting;\fR
.PP
The \fBbooting\fR flag is used to tell dhcpd whether or not to respond
to queries from a particular client. This keyword only has meaning
when it appears in a host declaration. By default, booting is
\fBallow\fRed, but if it is disabled for a particular client, then
that client will not be able to get and address from the DHCP server.
.SH REFERENCE: PARAMETERS
.PP
.B The
.I default-lease-time
.B statement
.PP
\fBdefault-lease-time\fR \fItime\fR\fB;\fR
.PP
.I Time
should be the length in seconds that will be assigned to a lease if
the client requesting the lease does not ask for a specific expiration
time.
.PP
.B The
.I max-lease-time
.B statement
.PP
\fBmax-lease-time\fR \fItime\fR\fB;\fR
.PP
.I Time
should be the maximum length in seconds that will be assigned to a
lease if the client requesting the lease asks for a specific
expiration time.
.PP
.B The
.I hardware
.B statement
.PP
\fBhardware\fR \fIhardware-type\fR \fIhardware-address\fR\fB;\fR
.PP
In order for a BOOTP client to be recognized, its network hardware
address must be declared using a \fIhardware\fR clause in the
.I host
statement.
.I hardware-type
must be the name of a physical hardware interface type. Currently,
only the
.B ethernet
type is recognized, although support for
.B token-ring
and
.B fddi
hardware types would also be desirable.
The
.I hardware-address
should be a set of hexadecimal octets (numbers from 0 through ff)
seperated by colons. The \fIhardwarefR statement may also be used
for DHCP clients.
.PP
.B The
.I filename
.B statement
.PP
\fBfilename\fR \fB"\fR\fIfilename\fR\fB";\fR
.PP
The \fIfilename\fR statement can be used to specify the name of the
initial boot file which is to be loaded by a client. The
.I filename
should be a filename recognizable to whatever file transfer protocol
the client can be expected to use to load the file.
.PP
.B The
.I server-name
.B statement
.PP
\fBserver-name\fR \fB"\fR\fIname\fR\fB";\fR
.PP
The \fIserver-name\fR statement can be used to inform the client of
the name of the server from which it is booting. \fIName\fR should
be the name that will be provided to the client.
.PP
.B The
.I next-server
.B statement
.PP
\fBnext-server\fR \fIserver-name\fR\fB;\fR
.PP
The \fInext-server\fR statement is used to specify the host address of
the server from which the initial boot file (specified in the
\fIfilename\fR statement) is to be loaded. \fIServer-name\fR should
be a numeric IP address or a domain name. If no \fInext-server\fR
parameter applies to a given client, the address specified in the
\fIserver-identifier\fR statement is used.
.PP
.B The
.I fixed-address
.B statement
.PP
\fBfixed-address\fR \fIaddress\fR [\fB,\fR \fIaddress\fR ... ]\fB;\fR
.PP
The \fIfixed-address\fR statement is used to assign one or more fixed
IP addresses to a client. It should only appear in a \fIhost\fR
declaration. If more than one address is supplied, then when the
client boots, it will be assigned the address which corresponds to the
network on which it is booting. If none of the addresses in the
\fIfixed-address\fR statement are on the network on which the client
is booting, that client will not match the \fIhost\fR declaration
containing that \fIfixed-address\fR statement. Each \fIaddress\fR
should be either an IP address or a domain name which resolves to one
or more IP addresses.
.PP
.B The
.I dynamic-bootp-lease-cutoff
.B statement
.PP
\fBdynamic-bootp-lease-cutoff\fR \fIdate\fR\fB;\fR
.PP
The \fIdynamic-bootp-lease-cutoff\fR statement sets the ending time
for all leases assigned dynamically to BOOTP clients. Because BOOTP
clients do not have any way of renewing leases, and don't know that
their leases could expire, by default dhcpd assignes infinite leases
to all BOOTP clients. However, it may make sense in some situations
to set a cutoff date for all BOOTP leases - for example, the end of a
school term, or the time at night when a facility is closed and all
machines are required to be powered off.
.PP
.I Date
should be the date on which all assigned BOOTP leases will end. The
date is specified in the form:
.PP
.ce 1
W YYYY/MM/DD HH:MM:SS
.PP
W is the day of the week expressed as a number
from zero (Sunday) to six (Saturday). YYYY is the year, including the
century. MM is the month expressed as a number from 1 to 12. DD is
the day of the month, counting from 1. HH is the hour, from zero to
23. MM is the minute and SS is the second. The time is always in
Greenwich Mean Time (GMT), not local time.
.PP
.B The
.I dynamic-bootp-lease-length
.B statement
.PP
\fBdynamic-bootp-lease-length\fR \fIlength\fR\fB;\fR
.PP
The \fIdynamic-bootp-lease-length\fR statement is used to set the
length of leases dynamically assigned to BOOTP clients. At some
sites, it may be possible to assume that a lease is no longer in
use if its holder has not used BOOTP or DHCP to get its address within
a certain time period. The period is specified in \fIlength\fR as a
number of seconds. If a client reboots using BOOTP during the
timeout period, the lease duration is reset to \fIlength\fR, so a
BOOTP client that boots frequently enough will never lose its lease.
Needless to say, this parameter should be adjusted with extreme
caution.
.PP
.B The
.I get-lease-hostnames
.B statement
.PP
\fBget-lease-hostnames\fR \fIflag\fR\fB;\fR
.PP
The \fIget-lease-hostnames\fR statement is used to tell dhcpd whether
or not to look up the domain name corresponding to the IP address of
each address in the lease pool and use that address for the DHCP
\fIhostname\fR option. If \fIflag\fR is true, then this lookup is
done for all addresses in the current scope. By default, or if
\fIflag\fR is false, no lookups are done.
.PP
.B The
.I use-host-decl-names
.B statement
.PP
\fBuse-host-decl-names\fR \fIflag\fR\fB;\fR
.PP
If the \fIuse-host-decl-names\fR parameter is true in a given scope,
then for every host declaration within that scope, the name provided
for the host declaration will be supplied to the client as its
hostname. So, for example,
.PP
.nf
group {
use-host-decl-names on;
host joe {
hardware ethernet 08:00:2b:4c:29:32;
fixed-address joe.fugue.com;
}
}
is equivalent to
host joe {
hardware ethernet 08:00:2b:4c:29:32;
fixed-address joe.fugue.com;
option host-name "joe";
}
.fi
.PP
An \fIoption host-name\fR statement within a host declaration will
override the use of the name in the host declaration.
.SH REFERENCE: OPTION STATEMENTS
.PP
DHCP \fIoption\fR statements always start with the \fIoption\fR
keyword, followed by an option name, followed by option data. The
option names and data formats are described below. It is not
necessary to exhaustively specify all DHCP options - only those
options which are needed by clients must be specified.
.PP
Option data comes in a variety of formats, as defined below:
.PP
The
.B ip-address
data type can be entered either as an explicit IP
address (e.g., 239.254.197.10) or as a domain name (e.g.,
haagen.isc.org). When entering a domain name, be sure that that
domain name resolves to a single IP address.
.PP
The
.B int32
data type specifies a signed 32-bit integer. The
.B uint32
data type specifies an unsigned 32-bit integer. The
.B int16
and
.B uint16
data types specify signed and unsigned 16-bit integers. The
.B int8
and
.B uint8
data types specify signed and unsigned 8-bit integers.
Unsigned 8-bit integers are also sometimes referred to as octets.
.PP
The
.B string
data type specifies an NVT ASCII string, which must be
enclosed in double quotes - for example, to specify a domain-name
option, the syntax would be
.nf
.sp 1
option domain-name "isc.org";
.fi
.PP
The
.B flag
data type specifies a boolean value. Booleans can be either true or
false (or on or off, if that makes more sense to you).
.PP
The
.B data-string
data type specifies either an NVT ASCII string
enclosed in double quotes, or a series of octets specified in
hexadecimal, seperated by colons. For example:
.nf
.sp 1
option client-identifier "CLIENT-FOO";
or
option client-identifier 43:4c:49:45:54:2d:46:4f:4f;
.fi
.PP
The documentation for the various options mentioned below is taken
from the latest IETF draft document on DHCP options. Options which
are not listed by name may be defined by the name option-\fInnn\fR,
where \fInnn\fI is the decimal number of the option code. These
options may be followed either by a string, enclosed in quotes, or by
a series of octets, expressed as two-digit hexadecimal numbers seperated
by colons. For example:
.PP
.nf
option option-133 "my-option-133-text";
option option-129 1:54:c9:2b:47;
.fi
.PP
Because dhcpd does not know the format of these undefined option codes,
no checking is done to ensure the correctness of the entered data.
.PP
The standard options are:
.PP
\fBoption subnet-mask\fR \fIip-address\fR\fB;\fR
.PP
The subnet mask option specifies the client's subnet mask as per RFC
950. If no subnet mask option is provided anywhere in scope, as a
last resort dhcpd will use the subnet mask from the subnet declaration
for the network on which an address is being assigned. However,
.I any
subnet-mask option declaration that is in scope for the address being
assigned will override the subnet mask specified in the subnet
declaration.
.PP
\fBoption time-offset\fR \fIint32\fR\fB;\fR
.PP
The time-offset option specifies the offset of the client's subnet in
seconds from Coordinated Universal Time (UTC).
.PP
\fBoption routers\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
The routers option specifies a list of IP addresses for routers on the
client's subnet. Routers should be listed in order of preference.
.PP
\fBoption time-servers\fR \fIip-address [, \fIip-address\fR ... ]\fB;\fR
.PP
The time-server option specifies a list of RFC 868 time servers
available to the client. Servers should be listed in order of
preference.
.PP
\fBoption\fR \fBname-servers\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ];
.PP
The name-servers option specifies a list of IEN 116 name servers
available to the client. Servers should be listed in order of
preference.
.PP
\fBoption\fR \fBdomain-name-servers\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
The domain-name-servers option specifies a list of Domain Name System
(STD 13, RFC 1035) name servers available to the client. Servers
should be listed in order of preference.
.PP
\fBoption\fR \fBlog-servers\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
The log-server option specifies a list of MIT-LCS UDP log servers
available to the client. Servers should be listed in order of
preference.
.PP
\fBoption\fR \fBcookie-servers\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
The cookie server option specifies a list of RFC 865 cookie
servers available to the client. Servers should be listed in order
of preference.
.PP
\fBoption\fR \fBlpr-servers\fR \fIip-address \fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
The LPR server option specifies a list of RFC 1179 line printer
servers available to the client. Servers should be listed in order
of preference.
.PP
\fBoption\fR \fBimpress-servers\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
The impress-server option specifies a list of Imagen Impress servers
available to the client. Servers should be listed in order of
preference.
.PP
\fBoption\fR \fBresource-location-servers\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
This option specifies a list of RFC 887 Resource Location
servers available to the client. Servers should be listed in order
of preference.
.PP
\fBoption\fR \fBhost-name\fR \fIstring\fR\fB;\fR
.PP
This option specifies the name of the client. The name may or may
not be qualified with the local domain name (it is preferable to use
the domain-name option to specify the domain name). See RFC 1035 for
character set restrictions.
.PP
\fBoption\fR \fBboot-size\fR \fIuint16\fR\fB;\fR
.PP
This option specifies the length in 512-octet blocks of the default
boot image for the client.
.PP
\fBoption\fR \fBmerit-dump\fR \fIstring\fR\fB;\fR
.PP
This option specifies the path-name of a file to which the client's
core image should be dumped in the event the client crashes. The
path is formatted as a character string consisting of characters from
the NVT ASCII character set.
.PP
\fBoption\fR \fBdomain-name\fR \fIstring\fR\fB;\fR
.PP
This option specifies the domain name that client should use when
resolving hostnames via the Domain Name System.
.PP
\fBoption\fR \fBswap-server\fR \fIip-address\fR\fB;\fR
.PP
This specifies the IP address of the client's swap server.
.PP
\fBoption\fR \fBroot-path\fR \fIstring\fB;\fR\fR
.PP
This option specifies the path-name that contains the client's root
disk. The path is formatted as a character string consisting of
characters from the NVT ASCII character set.
.PP
\fBoption\fR \fBip-forwarding\fR \fIflag\fR\fB;\fR
.PP
This option specifies whether the client should configure its IP
layer for packet forwarding. A value of 0 means disable IP
forwarding, and a value of 1 means enable IP forwarding.
.PP
\fBoption\fR \fBnon-local-source-routing\fR \fIflag\fR\fB;\fR
.PP
This option specifies whether the client should configure its IP
layer to allow forwarding of datagrams with non-local source routes
(see Section 3.3.5 of [4] for a discussion of this topic). A value
of 0 means disallow forwarding of such datagrams, and a value of 1
means allow forwarding.
.PP
\fBoption\fR \fBpolicy-filter\fR \fIip-address ip-address\fR [\fB,\fR \fIip-address ip-address\fR ... ]\fB;\fR
.PP
This option specifies policy filters for non-local source routing.
The filters consist of a list of IP addresses and masks which specify
destination/mask pairs with which to filter incoming source routes.
.PP
Any source routed datagram whose next-hop address does not match one
of the filters should be discarded by the client.
.PP
See STD 3 (RFC1122) for further information.
.PP
\fBoption\fR \fBmax-dgram-reassembly\fR \fIuint16\fR\fB;\fR
.PP
This option specifies the maximum size datagram that the client
should be prepared to reassemble. The minimum value legal value is
576.
.PP
\fBoption\fR \fBdefault-ip-ttl\fR \fIuint8;\fR
.PP
This option specifies the default time-to-live that the client should
use on outgoing datagrams.
.PP
\fBoption\fR \fBpath-mtu-aging-timeout\fR \fIuint32\fR\fB;\fR
.PP
This option specifies the timeout (in seconds) to use when aging Path
MTU values discovered by the mechanism defined in RFC 1191.
.PP
\fBoption\fR \fBpath-mtu-plateau-table\fR \fIuint16\fR [\fB,\fR \fIuint16\fR ... ]\fB;\fR
.PP
This option specifies a table of MTU sizes to use when performing
Path MTU Discovery as defined in RFC 1191. The table is formatted as
a list of 16-bit unsigned integers, ordered from smallest to largest.
The minimum MTU value cannot be smaller than 68.
.PP
\fBoption\fR \fBinterface-mtu\fR \fIuint16\fR\fB;\fR
.PP
This option specifies the MTU to use on this interface. The minimum
legal value for the MTU is 68.
.PP
\fBoption\fR \fBall-subnets-local\fR \fIflag\fR\fB;\fR
.PP
This option specifies whether or not the client may assume that all
subnets of the IP network to which the client is connected use the
same MTU as the subnet of that network to which the client is
directly connected. A value of 1 indicates that all subnets share
the same MTU. A value of 0 means that the client should assume that
some subnets of the directly connected network may have smaller MTUs.
.PP
\fBoption\fR \fBbroadcast-address\fR \fIip-address\fR\fB;\fR
.PP
This option specifies the broadcast address in use on the client's
subnet. Legal values for broadcast addresses are specified in
section 3.2.1.3 of STD 3 (RFC1122).
.PP
\fBoption\fR \fBperform-mask-discovery\fR \fIflag\fR\fB;\fR
.PP
This option specifies whether or not the client should perform subnet
mask discovery using ICMP. A value of 0 indicates that the client
should not perform mask discovery. A value of 1 means that the
client should perform mask discovery.
.PP
\fBoption\fR \fBmask-supplier\fR \fIflag\fR\fB;\fR
.PP
This option specifies whether or not the client should respond to
subnet mask requests using ICMP. A value of 0 indicates that the
client should not respond. A value of 1 means that the client should
respond.
.PP
\fBoption\fR \fBrouter-discovery\fR \fIflag\fR\fB;\fR
.PP
This option specifies whether or not the client should solicit
routers using the Router Discovery mechanism defined in RFC 1256.
A value of 0 indicates that the client should not perform
router discovery. A value of 1 means that the client should perform
router discovery.
.PP
\fBoption\fR \fBrouter-solicitation-address\fR \fIip-address\fR\fB;\fR
.PP
This option specifies the address to which the client should transmit
router solicitation requests.
.PP
\fBoption\fR \fBstatic-routes\fR \fIip-address ip-address\fR [\fB,\fR \fIip-address ip-address\fR ... ]\fB;\fR
.PP
This option specifies a list of static routes that the client should
install in its routing cache. If multiple routes to the same
destination are specified, they are listed in descending order of
priority.
.PP
The routes consist of a list of IP address pairs. The first address
is the destination address, and the second address is the router for
the destination.
.PP
The default route (0.0.0.0) is an illegal destination for a static
route. To specify the default route, use the
.B routers
option.
.PP
\fBoption\fR \fBtrailer-encapsulation\fR \fIflag\fR\fB;\fR
.PP
This option specifies whether or not the client should negotiate the
use of trailers (RFC 893 [14]) when using the ARP protocol. A value
of 0 indicates that the client should not attempt to use trailers. A
value of 1 means that the client should attempt to use trailers.
.PP
\fBoption\fR \fBarp-cache-timeout\fR \fIuint32\fR\fB;\fR
.PP
This option specifies the timeout in seconds for ARP cache entries.
.PP
\fBoption\fR \fBieee802-3-encapsulation\fR \fIflag\fR\fB;\fR
.PP
This option specifies whether or not the client should use Ethernet
Version 2 (RFC 894) or IEEE 802.3 (RFC 1042) encapsulation if the
interface is an Ethernet. A value of 0 indicates that the client
should use RFC 894 encapsulation. A value of 1 means that the client
should use RFC 1042 encapsulation.
.PP
\fBoption\fR \fBdefault-tcp-ttl\fR \fIuint8\fR\fB;\fR
.PP
This option specifies the default TTL that the client should use when
sending TCP segments. The minimum value is 1.
.PP
\fBoption\fR \fBtcp-keepalive-interval\fR \fIuint32\fR\fB;\fR
.PP
This option specifies the interval (in seconds) that the client TCP
should wait before sending a keepalive message on a TCP connection.
The time is specified as a 32-bit unsigned integer. A value of zero
indicates that the client should not generate keepalive messages on
connections unless specifically requested by an application.
.PP
\fBoption\fR \fBtcp-keepalive-garbage\fR \fIflag\fR\fB;\fR
.PP
This option specifies the whether or not the client should send TCP
keepalive messages with a octet of garbage for compatibility with
older implementations. A value of 0 indicates that a garbage octet
should not be sent. A value of 1 indicates that a garbage octet
should be sent.
.PP
\fBoption\fR \fBnis-domain\fR \fIstring\fR\fB;\fR
.PP
This option specifies the name of the client's NIS (Sun Network
Information Services) domain. The domain is formatted as a character
string consisting of characters from the NVT ASCII character set.
.PP
\fBoption\fR \fBnis-servers\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
This option specifies a list of IP addresses indicating NIS servers
available to the client. Servers should be listed in order of
preference.
.PP
\fBoption\fR \fBntp-servers\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
This option specifies a list of IP addresses indicating NTP (RFC 1035)
servers available to the client. Servers should be listed in order
of preference.
.PP
\fBoption\fR \fBnetbios-name-servers\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
The NetBIOS name server (NBNS) option specifies a list of RFC
1001/1002 NBNS name servers listed in order of preference.
.PP
\fBoption\fR \fBnetbios-dd-server\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
The NetBIOS datagram distribution server (NBDD) option specifies a
list of RFC 1001/1002 NBDD servers listed in order of preference.
.PP
\fBoption\fR \fBnetbios-node-type\fR \fIuint8\fR\fB;\fR
.PP
The NetBIOS node type option allows NetBIOS over TCP/IP clients which
are configurable to be configured as described in RFC 1001/1002. The
value is specified as a single octet which identifies the client type.
A value of 1 corresponds to a NetBIOS B-node; a value of 2 corresponds
to a P-node; a value of 4 corresponds to an M-node; a value of 8
corresponds to an H-node.
.PP
\fBoption\fR \fBnetbios-scope\fR \fIstring\fR\fB;\fR
.PP
The NetBIOS scope option specifies the NetBIOS over TCP/IP scope
parameter for the client as specified in RFC 1001/1002. See RFC1001,
RFC1002, and RFC1035 for character-set restrictions.
.PP
\fBoption\fR \fBfont-servers\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
This option specifies a list of X Window System Font servers available
to the client. Servers should be listed in order of preference.
.PP
\fBoption\fR \fBx-display-manager\fR \fIip-address\fR [\fB,\fR \fIip-address\fR ... ]\fB;\fR
.PP
This option specifies a list of systems that are running the X Window
System Display Manager and are available to the client. Addresses
should be listed in order of preference.
.PP
\fBoption\fR \fBdhcp-client-identifier\fR \fIdata-string\fR\fB;\fR
.PP
This option can be used to specify the a DHCP client identifier in a
host declaration, so that dhcpd can find the host record by matching
against the client identifier.
.SH SEE ALSO
dhcpd.conf(5), dhcpd.leases(5),
draft-ietf-dhc-options-1533update-04.txt, draft-ietf-dhc-dhcp-07.txt.
.SH AUTHOR
.B dhcpd(8)
was written by Ted Lemon <mellon@vix.com>
under a contract with Vixie Labs. Funding
for this project was provided by the Internet Software Corporation.
Information about the Internet Software Consortium can be found at
.B http://www.isc.org/isc.
|