1DHCPCD.CONF(5) BSD File Formats Manual DHCPCD.CONF(5)
2
4 dhcpcd.conf — dhcpcd configuration file
5
7 Although dhcpcd can do everything from the command line, there are cases
8 where it's just easier to do it once in a configuration file. Most of
9 the options found in dhcpcd(8) can be used here. The first word on the
10 line is the option and the rest of the line is the value. Leading and
11 trailing whitespace for the option and value are trimmed. You can escape
12 characters in the value using the \ character. Comments can be prefixed
13 with the # character. String values should be quoted with the " charac‐
14 ter.
15 Here's a list of available options:
17 allowinterfaces pattern
19 When discovering interfaces, the interface name must match
20 pattern which is a space or comma separated list of patterns
21 passed to fnmatch(3). If the same interface is matched in
22 denyinterfaces then it is still denied.
23 denyinterfaces pattern
25 When discovering interfaces, the interface name must not match
26 pattern which is a space or comma separated list of patterns
27 passed to fnmatch(3).
28 anonymous
30 Enables Anonymity Profiles for DHCP, RFC 7844. Any DUID is ig‐
31 nored and ClientID is set to LL only. All non essential options
32 are then masked at this point, but they could be unmasked by ex‐
33 plicitly requesting the option after the anonymous option is pro‐
34 cessed. As such, the anonymous option should be the last option
35 in the configuration unless you really want to send something
36 which could identify you. dhcpcd will not try and reboot an old
37 lease, it will go straight into DISCOVER/SOLICIT.
38 randomise_hwaddr
40 Forces a hardware address randomisation when the interface is
41 brought up or when the carrier is lost. This is generally used
42 in tandem with the anonymous option.
43 arping address [address]
45 dhcpcd will arping each address in order before attempting DHCP.
46 If an address is found, we will select the replying hardware ad‐
47 dress as the profile, otherwise the IP address. Example:
48 interface bge0
50 arping 192.168.0.1
51 # My specific 192.168.0.1 network
53 profile dd:ee:aa:dd:bb:ee
54 static ip_address=192.168.0.10/24
55 # A generic 192.168.0.1 network
57 profile 192.168.0.1
58 static ip_address=192.168.0.98/24
59 authprotocol protocol [algorithm [rdm]]
61 Authenticate DHCP messages. See the Supported Authentication
62 Protocols section. If protocol is token then algorithm is
63 snd_secretid/rcv_secretid so you can send and receive different
64 tokens.
65 authtoken secretid realm expire key
67 Define a shared key for use in authentication. realm can be ""
68 to for use with the delayed protocol. expire is the date the to‐
69 ken expires and should be formatted "yyy-mm-dd HH:MM". You can
70 use the keyword forever or 0 which means the token never expires.
71 For the token protocol, secretid needs to be 0 and realm needs to
72 be "". If dhcpcd has the error
73 dhcp_auth_encode: Invalid argument
74 then it means that dhcpcd could not find the correct authentica‐
75 tion token in your configuration.
76 background
78 Fork to the background immediately. This is useful for startup
79 scripts which don't disable link messages for carrier status.
80 blacklist address[/cidr]
82 Ignores all packets from address[/cidr].
83 whitelist address[/cidr]
85 Only accept packets from address[/cidr]. blacklist is ignored if
86 whitelist is set.
87 bootp Be a BOOTP client. Basically, this just doesn't send a DHCP Mes‐
89 sage Type option and will only interact with a BOOTP server. All
90 other DHCP options still work.
91 broadcast
93 Instructs the DHCP server to broadcast replies back to the
94 client. Normally this is only set for non-Ethernet interfaces,
95 such as FireWire and InfiniBand. In most cases, dhcpcd will set
96 this automatically.
97 controlgroup group
99 Sets the group ownership of /var/run/dhcpcd/sock so that users
100 other than root can connect to dhcpcd.
101 debug Echo debug messages to the stderr and syslog.
103 dev value
105 Load the value /dev management module. dhcpcd will load the
106 first one found to work, if any.
107 env value
109 Push value to the environment for use in dhcpcd-run-hooks(8).
110 For example, you can force the hostname hook to always set the
111 hostname with env force_hostname=YES. Or set which driver
112 wpa_supplicant(8) should use with env
113 wpa_supplicant_driver=nl80211
114 If the hostname is set, it will be will set to the FQDN if possi‐
116 ble as per RFC 4702, section 3.1. If the FQDN option is missing,
117 dhcpcd will still try and set a FQDN from the hostname and domain
118 options for consistency. To override this, set env
119 hostname_fqdn=[YES|NO|SERVER]. A value of SERVER means just what
120 the server says, don't manipulate it. This could lead to an in‐
121 consistent hostname on a DHCPv4 and DHCPv6 network where the
122 DHCPv4 hostname is short and the DHCPv6 has an FQDN. DHCPv6 has
123 no hostname option.
124 clientid string
126 Send the clientid. If the string is of the format 01:02:03 then
127 it is encoded as hex. For interfaces whose hardware address is
128 longer than 8 bytes, or if the clientid is an empty string then
129 dhcpcd sends a default clientid of the hardware family and the
130 hardware address.
131 duid [ll | lt | uuid | value]
133 Use a DHCP Unique Identifier. If a system UUID is available,
134 that will be used to create a DUID-UUID, otheriwse if persistent
135 storage is available then a DUID-LLT (link local address + time)
136 is generated, otherwise DUID-LL is generated (link local ad‐
137 dress). The DUID type can be hinted as an optional parameter if
138 the file /var/lib/dhcpcd/duid does not exist. If not ll, lt or
139 uuid then value will be converted from 00:11:22:33 format. This,
140 plus the IAID will be used as the clientid. The DUID generated
141 will be held in /var/lib/dhcpcd/duid and should not be copied to
142 other hosts. This file also takes precedence over the above
143 rules except for setting a value.
144 iaid iaid
146 Set the Interface Association Identifier to iaid. This option
147 must be used in an interface block. This defaults to the VLANID
148 (prefixed with 0xff) for the interface if set, otherwise the last
149 4 bytes of the hardware address assigned to the interface. Each
150 instance of this should be unique within the scope of the client
151 and dhcpcd warns if a conflict is detected. If there is a con‐
152 flict, it is only a problem if the conflicted IAIDs are used on
153 the same network.
154 dhcp Enable DHCP on the interface, on by default.
156 dhcp6 Enable DHCPv6 on the interface, on by default.
158 ipv4 Enable IPv4 on the interface, on by default.
160 ipv6 Enable IPv6 on the interface, on by default.
162 request [address]
164 Request the address in the DHCP DISCOVER message. There is no
165 guarantee this is the address the DHCP server will actually give.
166 If no address is given then the first address currently assigned
167 to the interface is used.
168 inform [address[/cidr[/broadcast_address]]]
170 Behaves like request as above, but sends a DHCP INFORM instead of
171 DISCOVER/REQUEST. This does not get a lease as such, just noti‐
172 fies the DHCP server of the address in use. You should also in‐
173 clude the optional cidr network number in case the address is not
174 already configured on the interface. dhcpcd remains running and
175 pretends it has an infinite lease. dhcpcd will not de-configure
176 the interface when it exits. If dhcpcd fails to contact a DHCP
177 server then it returns a failure instead of falling back on
178 IPv4LL.
179 inform6
181 Performs a DHCPv6 Information Request. No address is requested
182 or specified, but all other DHCPv6 options are allowed. This is
183 normally performed automatically when an IPv6 Router Advertise‐
184 ment indicates that the client should perform this operation.
185 This option is only needed when dhcpcd is not processing IPv6 RA
186 messages and the need for a DHCPv6 Information Request exists.
187 persistent
189 dhcpcd normally de-configures the interface and configuration
190 when it exits. Sometimes, this isn't desirable if, for example,
191 you have root mounted over NFS or SSH clients connect to this
192 host and they need to be notified of the host shutting down. You
193 can use this option to stop this from happening.
194 fallback profile
196 Fall back to using this profile if DHCP fails. This allows you
197 to configure a static profile instead of using ZeroConf.
198 hostname name
200 Sends the hostname name to the DHCP server so it can be regis‐
201 tered in DNS. If name is an empty string then the current system
202 hostname is sent. If name is a FQDN (i.e., contains a .) then it
203 will be encoded as such.
204 hostname_short
206 Sends the short hostname to the DHCP server instead of the FQDN.
207 This is useful because DHCP servers will not register the FQDN in
208 their DNS if the domain part does not match theirs.
209 Also, see the env option above to control how the hostname is set
211 on the host.
212 ia_na [iaid [/ address]]
214 Request a DHCPv6 Normal Address for iaid. iaid defaults to the
215 iaid option as described above. You can request more than one
216 ia_na by specifying a unique iaid for each one.
217 ia_ta [iaid]
219 Request a DHCPv6 Temporary Address for iaid. You can request
220 more than one ia_ta by specifying a unique iaid for each one.
221 ia_pd [iaid [/ prefix / prefix_len] [interface [/ sla_id [/ prefix_len [/
223 suffix]]]]]
224 Request a DHCPv6 Delegated Prefix for iaid. This option must be
225 used in an interface block. Unless a sla_id of 0 is assigned
226 with the same resultant prefix length as the delegation, a reject
227 route is installed for the Delegated Prefix to stop unallocated
228 addresses being resolved upstream. If no interface is given then
229 we will assign a prefix to every other interface with a sla_id
230 equivalent to the interface index assigned by the OS. Otherwise
231 addresses are only assigned for each interface and sla_id. Each
232 assigned address will have a suffix, defaulting to 1. If the
233 suffix is 0 then a SLAAC address is assigned. You cannot assign
234 a prefix to the requesting interface unless the DHCPv6 server
235 supports the RFC 6603 Prefix Exclude Option. dhcpcd has to be
236 running for all the interfaces it is delegating to. A default
237 prefix_len of 64 is assumed, unless the maximum sla_id does not
238 fit. In this case prefix_len is increased to the highest multi‐
239 ple of 8 that can accommodate the sla_id. sla_id is an integer
240 which must be unique inside the iaid and is added to the prefix
241 which must fit inside prefix_len less the length of the delegated
242 prefix. You can specify multiple interface / sla_id / prefix_len
243 per ia_pd, space separated. IPv6RS should be disabled globally
244 when requesting a Prefix Delegation.
245 In the following example eth0 is the externally facing interface
247 to be configured for both IPv4 and IPv6. The DHCPv4 server will
248 provide us with an IPv4 address and a default route. The DHCPv6
249 server is going to provide us with an IPv6 address, a default
250 route and a /64 subnet to be delegated to the internal interface.
251 The eth1 interface will be automatically configured for IPv6 us‐
252 ing the first address (::1) from the delegated prefix. A second
253 prefix is requested and assigned to two other interfaces.
254 rtadvd(8) can be used with an empty configuration file on eth1,
255 eth2 and eth3, to provide automatic IPv6 address configuration
256 for the internal network.
257 noipv6rs # disable routing solicitation
259 denyinterfaces eth2 # Don't touch eth2 at all
260 interface eth0
261 ipv6rs # enable routing solicitation for eth0
262 ia_na 1 # request an IPv6 address
263 ia_pd 2 eth1/0 # request a PD and assign it to eth1
264 ia_pd 3 eth2/1 eth3/2 # req a PD and assign it to eth2 and eth3
265 ipv4only
267 Only configure IPv4.
268 ipv6only
270 Only configure IPv6.
271 fqdn [disable | none | ptr | both]
273 none will not ask the DHCP server to update DNS. ptr just asks
274 the DHCP server to update the PTR record of the host in DNS,
275 whereas both also updates the A record. disable will disable the
276 FQDN option. The default is both. dhcpcd itself never does any
277 DNS updates. dhcpcd encodes the FQDN hostname as specified in
278 RFC 1035.
279 interface interface
281 Subsequent options are only parsed for this interface.
282 ipv6ra_autoconf
284 Generate SLAAC addresses for each Prefix advertised by an IPv6
285 Router Advertisement message with the Auto flag set. On by de‐
286 fault.
287 ipv6ra_noautoconf
289 Disables the above option.
290 ipv6ra_fork
292 By default, when dhcpcd receives an IPv6 Router Advertisement,
293 dhcpcd will only fork to the background if the RA contains at
294 least one unexpired RDNSS option and a valid prefix or no DHCPv6
295 instruction. Set this option so to make dhcpcd always fork on a
296 RA.
297 ipv6rs Enables IPv6 Router Advertisement solicitation. This is on by
299 default, but is documented here in the case where it is disabled
300 globally but needs to be enabled for one interface.
301 leasetime seconds
303 Request a lease time of seconds. -1 represents an infinite lease
304 time. By default dhcpcd does not request any lease time and
305 leaves it in the hands of the DHCP server.
306 link_rcvbuf size
308 Override the size of the link receive buffer from the kernel de‐
309 fault. While dhcpcd will recover from link buffer overflows,
310 this may not be desirable on heavily loaded systems.
311 logfile logfile
313 Writes to the specified logfile. dhcpcd still writes to
314 syslog(3). The logfile is reopened when dhcpcd receives the
315 SIGUSR2 signal.
316 metric metric
318 Metrics are used to prefer an interface over another one, lowest
319 wins. dhcpcd will supply a default metric of 200 +
320 if_nametoindex(3). An extra 100 will be added for wireless in‐
321 terfaces.
322 mudurl url
324 Specifies the URL for a Manufacturer Usage Description (MUD).
325 The description is used by upstream network devices to instanti‐
326 ate any desired access lists. See draft-ietf-opsawg-mud for more
327 information.
328 noalias
330 Any pre-existing IPv4 addresses will be removed from the inter‐
331 face when adding a new IPv4 address.
332 noarp Don't send any ARP requests. This also disables IPv4LL.
334 noauthrequired
336 Don't require authentication even though we requested it. Also
337 allows FORCERENEW and RECONFIGURE messages without authentica‐
338 tion.
339 nodelay
341 Don't delay for an initial randomised time when starting proto‐
342 cols.
343 nodev Don't load /dev management modules.
345 nodhcp Don't start DHCP or listen to DHCP messages. This is only useful
347 when allowing IPv4LL.
348 nodhcp6
350 Don't start DHCPv6 or listen to DHCPv6 messages. Normally DHCPv6
351 is started by an IPv6 Router Advertisement instruction or config‐
352 uration.
353 nogateway
355 Don't install any default routes.
356 gateway
358 Install a default route if available (default).
359 nohook script
361 Don't run this hook script. Matches full name, or prefixed with
362 2 numbers optionally ending with .sh.
363 So to stop dhcpcd from touching your DNS settings or starting
365 wpa_supplicant you would do:-
366 nohook resolv.conf, wpa_supplicant
367 noipv4 Don't attempt to configure an IPv4 address.
369 noipv4ll
371 Don't attempt to obtain an IPv4LL address if we failed to get one
372 via DHCP. See RFC 3927.
373 noipv6 Don't solicit or accept IPv6 Router Advertisements and DHCPv6.
375 noipv6rs
377 Don't solicit or accept IPv6 Router Advertisements.
378 nolink Don't receive link messages about carrier status. You should
380 only set this for buggy interface drivers.
381 noup Don't bring the interface up when in master mode.
383 option option
385 Requests the option from the server. It can be a variable to be
386 used in dhcpcd-run-hooks(8) or the numerical value. You can
387 specify more options separated by commas, spaces or more option
388 lines. Prepend dhcp6_ to option to request a DHCPv6 option. If
389 no DHCPv6 options are configured, then DHCPv4 options are mapped
390 to equivalent DHCPv6 options.
391 Prepend nd_ to option to handle ND options, but this only works
393 for the nooption, reject and require options.
394 To see a list of options you can use, call dhcpcd with the -V,
396 --variables argument.
397 nooption option
399 Remove the option from the message before it's processed.
400 require option
402 Requires the option to be present in all messages, otherwise the
403 message is ignored. To enforce that dhcpcd only responds to DHCP
404 servers and not BOOTP servers, you can require dhcp_message_type.
405 This isn't an exact science though because a BOOTP server can
406 send DHCP-like options.
407 reject option
409 Reject a message that contains the option. This is useful when
410 you cannot use require to select / de-select BOOTP messages.
411 destination option
413 If dhcpcd.conf detects an address added to a point to point in‐
414 terface (PPP, TUN, etc) then it will set the listed DHCP options
415 to the destination address of the interface.
416 profile name
418 Subsequent options are only parsed for this profile name.
419 quiet Suppress any dhcpcd output to the console, except for errors.
421 reboot seconds
423 Allow reboot seconds before moving to the DISCOVER phase if we
424 have an old lease to use. Allow reboot seconds before starting
425 fallback states from the DISCOVER phase. IPv4LL is started when
426 the first reboot timeout is reached. The default is 5 seconds.
427 A setting of 0 seconds causes dhcpcd.conf to skip the reboot
428 phase and go straight into DISCOVER. This is desirable for mo‐
429 bile users because if you change from network A to network B and
430 they use the same subnet and the address from network A isn't in
431 use on network B, then the DHCP server will remain silent even if
432 authoritative which means dhcpcd will timeout before moving back
433 to the DISCOVER phase. This has no effect on DHCPv6 other than
434 skipping the reboot phase.
435 release
437 dhcpcd will release the lease prior to stopping the interface.
438 script script
440 Use script instead of the default /usr/libexec/dhcpcd-run-hooks.
441 ssid ssid
443 Subsequent options are only parsed for this wireless ssid.
444 slaac hwaddr | private [temp | temporary]
446 Selects the interface identifier used for SLAAC generated IPv6
447 addresses. If private is used, a RFC 7217 address is generated.
448 The temporary directive will create a temporary address for the
449 prefix as well.
450 static value
452 Configures a static value. If you set ip_address then dhcpcd
453 will not attempt to obtain a lease and will just use the value
454 for the address with an infinite lease time. If you set
455 ip6_address, dhcpcd will continue auto-configuration as normal.
456 Here is an example which configures two static address, overrid‐
458 ing the default IPv4 broadcast address, an IPv4 router, DNS and
459 disables IPv6 auto-configuration. You could also use the inform6
460 command here if you wished to obtain more information via DHCPv6.
461 For IPv4, you should use the inform ipaddress option instead of
462 setting a static address.
463 interface eth0
464 noipv6rs
465 static ip_address=192.168.0.10/24
466 static broadcast_address=192.168.0.63
467 static ip6_address=fd51:42f8:caae:d92e::ff/64
468 static routers=192.168.0.1
469 static domain_name_servers=192.168.0.1
470 fd51:42f8:caae:d92e::1
471 Here is an example for PPP which gives the destination a default
473 route. It uses the special destination keyword to insert the
474 destination address into the value.
475 interface ppp0
476 static ip_address=
477 destination routers
478 timeout seconds
480 Time out after seconds, instead of the default 30. A setting of
481 0 seconds causes dhcpcd to wait forever to get a lease. If
482 dhcpcd is working on a single interface then dhcpcd will exit
483 when a timeout occurs, otherwise dhcpcd will fork into the back‐
484 ground. If using IPv4LL then dhcpcd start the IPv4LL process af‐
485 ter the timeout and then wait a little longer before really tim‐
486 ing out.
487 userclass string
489 Tag the DHCPv4 message with the userclass. You can specify more
490 than one.
491 msuserclass string
493 Tag the DHCPv4 mesasge with the Microsoft userclass. Unlike the
494 userclass option, this one can only be added once. It should
495 only be used for Microsoft DHCP servers and the vendorclassid
496 should be set to "MSFT 98" or "MSFT 5.0". This option is not RFC
497 compliant.
498 vendor code,value
500 Add an encapsulated vendor option. code should be between 1 and
501 254 inclusive. To add a raw vendor string, omit code but keep
502 the comma. Examples.
503 Set the vendor option 01 with an IP address.
505 vendor 01,192.168.0.2
506 Set the vendor option 02 with a hex code.
507 vendor 02,01:02:03:04:05
508 Set the vendor option 03 with an IP address as a string.
509 vendor 03,\"192.168.0.2\"
510 Set un-encapsulated vendor option to hello world.
511 vendor ,"hello world"
512 vendorclassid string
514 Set the DHCP Vendor Class. DHCPv6 has its own option as shown
515 below. The default is dhcpcd-<version>:<os>:<machine>:<plat‐
516 form>. For example
517 dhcpcd-5.5.6:NetBSD-6.99.5:i386:i386
518 If not set then none is sent. Some badly configured DHCP servers
519 reject unknown vendorclassids. To work around it, try and imper‐
520 sonate Windows by using the MSFT vendorclassid.
521 vendclass en data
523 Add the DHCPv6 Vendor Indetifying Vendor Class with the IANA as‐
524 signed Enterprise Number en with the data. This option can be
525 set more than once to add more data, but the behaviour, as per
526 RFC 3925 is undefined if the Enterprise Number differs.
527 waitip [4 | 6]
529 Wait for an address to be assigned before forking to the back‐
530 ground. 4 means wait for an IPv4 address to be assigned. 6
531 means wait for an IPv6 address to be assigned. If no argument is
532 given, dhcpcd.conf will wait for any address protocol to be as‐
533 signed. It is possible to wait for more than one address proto‐
534 col and dhcpcd.conf will only fork to the background when all
535 waiting conditions are satisfied.
536 xidhwaddr
538 Use the last four bytes of the hardware address as the DHCP xid
539 instead of a randomly generated number.
540 Defining new options
542 DHCP, ND and DHCPv6 allow for the use of custom options, and RFC 3925
543 vendor options for DHCP can also be supplied. Each option needs to be
544 started with the define, definend, define6 or vendopt directive. This
545 can optionally be followed by both embed or encap options. Both can be
546 specified more than once and embed must come before encap.
547 define code type variable
549 Defines the DHCP option code of type with a name of variable ex‐
550 ported to dhcpcd-run-hooks(8).
551 definend code type variable
553 Defines the ND option code of type with a name of variable ex‐
554 ported to dhcpcd-run-hooks(8), with a prefix of nd_.
555 define6 code type variable
557 Defines the DHCPv6 option code of type with a name of variable
558 exported to dhcpcd-run-hooks(8), with a prefix of dhcp6_.
559 vendopt code type variable
561 Defines the Vendor-Identifying Vendor Options. The code is the
562 IANA Enterprise Number which will uniquely describe the encapsu‐
563 lated options. type is normally encap. variable names the Ven‐
564 dor option to be exported.
565 embed type variable
567 Defines an embedded variable within the defined option. The
568 length is determined by the type. If the variable is not the
569 same as defined in the parent option, it is prefixed with the
570 parent variable first with an underscore. If the variable has
571 the name of reserved then it is not processed.
572 encap code type variable
574 Defines an encapsulated variable within the defined option. The
575 length is determined by the type. If the variable is not the
576 same as defined in the parent option, it is prefixed with the
577 parent variable first with an underscore.
578 Type prefix
580 These keywords come before the type itself, to describe it more fully.
581 You can use more than one, but they must appear in the order listed be‐
582 low.
583 request Requests the option by default without having to be specified in
585 user configuration.
586 norequest
588 This option cannot be requested, regardless of user configura‐
589 tion.
590 optional
592 This option is optional. Only makes sense for embedded options
593 like the client FQDN option, where the FQDN string itself is op‐
594 tional.
595 index The option can appear more than once and will be indexed.
597 array The option data is split into a space separated array, each ele‐
599 ment being the same type.
600 Types to define
602 The type directly affects the length of data consumed inside the option.
603 Any remaining data is normally discarded. Lengths can be specified for
604 string and binhex types, but this is generally with other data embedded
605 afterwards in the same option.
606 ipaddress
608 An IPv4 address, 4 bytes.
609 ip6address
611 An IPv6 address, 16 bytes.
612 string [: length]
614 A NVT ASCII string of printable characters.
615 byte A byte.
617 bitflags: flags
619 A byte represented as a string of flags, most significant bit
620 first. For example, using ABCDEFGH then A would equal 10000000,
621 B 01000000, C 00100000, etc. If the bit is not set, the flag is
622 not printed. A flag of 0 is not printed even if the bit position
623 is set. This is to allow reservation of the first bits while as‐
624 signing the last bits.
625 int16 A signed 16bit integer, 2 bytes.
627 uint16 An unsigned 16bit integer, 2 bytes.
629 int32 A signed 32bit integer, 4 bytes.
631 uint32 An unsigned 32bit integer, 4 bytes.
633 flag A fixed value (1) to indicate that the option is present, 0
635 bytes.
636 domain An RFC 3397 encoded string.
638 dname An RFC 1035 validated string.
640 binhex [: length]
642 Binary data expressed as hexadecimal.
643 embed Contains embedded options (implies encap as well).
645 encap Contains encapsulated options (implies embed as well).
647 option References an option from the global definition.
649 Example definition
651 # DHCP option 81, Fully Qualified Domain Name, RFC 4702
652 define 81 embed fqdn
653 embed byte flags
654 embed byte rcode1
655 embed byte rcode2
656 embed domain fqdn
657 # DHCP option 125, Vendor Specific Information Option, RFC 3925
659 define 125 encap vsio
660 embed uint32 enterprise_number
661 # Options defined for the enterprise number
662 encap 1 ipaddress ipaddress
663 Supported Authentication Protocols
665 token Sends a plain text token the server expects and matches a token
666 sent by the server. The tokens do not have to be the same. If
667 unspecified, the token with a secretid of 0 will be used in
668 sending messages and validating received messages.
669 delayedrealm
671 Delayed Authentication. dhcpcd will send an authentication op‐
672 tion with no key or MAC. The server will see this option, and
673 select a key for dhcpcd.conf, writing the realm and secretid in
674 it. dhcpcd will then look for an unexpired token with a match‐
675 ing realm and secretid. This token is used to authenticate all
676 other messages.
677 delayed Same as above, but without a realm.
679 Supported Authentication Algorithms
681 If none specified, hmac-md5 is the default.
682 hmac-md5
684 Supported Replay Detection Mechanisms
686 If none specified, monotonic is the default. If this is changed from
687 what was previously used, or the means of calculating or storing it is
688 broken, then the DHCP server will probably have to have its notion of the
689 client's Replay Detection Value reset.
690 monocounter
692 Read the number in the file /var/lib/dhcpcd/dhcpcd-rdm.monotonic
693 and add one to it.
694 monotime
696 Create an NTP timestamp from the system time.
697 monotonic
699 Same as monotime.
700
702 fnmatch(3), if_nametoindex(3), dhcpcd(8), dhcpcd-run-hooks(8)
703
705 Roy Marples <roy@marples.name>
706
708 Please report them to http://roy.marples.name/projects/dhcpcd
709BSD December 27, 2020 BSD