1dhclient.conf(5) File Formats Manual dhclient.conf(5)
2
3
4
6 dhclient.conf - DHCP client configuration file
7
9 The dhclient.conf file contains configuration information for dhclient,
10 the Internet Systems Consortium DHCP Client.
11
12 The dhclient.conf file is a free-form ASCII text file. It is parsed
13 by the recursive-descent parser built into dhclient. The file may
14 contain extra tabs and newlines for formatting purposes. Keywords in
15 the file are case-insensitive. Comments may be placed anywhere within
16 the file (except within quotes). Comments begin with the # character
17 and end at the end of the line.
18
19 The dhclient.conf file can be used to configure the behaviour of the
20 client in a wide variety of ways: protocol timing, information
21 requested from the server, information required of the server, defaults
22 to use if the server does not provide certain information, values with
23 which to override information provided by the server, or values to
24 prepend or append to information provided by the server. The configu‐
25 ration file can also be preinitialized with addresses to use on net‐
26 works that don't have DHCP servers.
27
29 The timing behaviour of the client need not be configured by the user.
30 If no timing configuration is provided by the user, a fairly reasonable
31 timing behaviour will be used by default - one which results in fairly
32 timely updates without placing an inordinate load on the server.
33
34 The following statements can be used to adjust the timing behaviour of
35 the DHCP client if required, however:
36
37 The timeout statement
38
39 timeout time ;
40
41 The timeout statement determines the amount of time that must pass
42 between the time that the client begins to try to determine its address
43 and the time that it decides that it's not going to be able to contact
44 a server. By default, this timeout is sixty seconds. After the
45 timeout has passed, if there are any static leases defined in the con‐
46 figuration file, or any leases remaining in the lease database that
47 have not yet expired, the client will loop through these leases
48 attempting to validate them, and if it finds one that appears to be
49 valid, it will use that lease's address. If there are no valid static
50 leases or unexpired leases in the lease database, the client will
51 restart the protocol after the defined retry interval.
52
53 The retry statement
54
55 retry time;
56
57 The retry statement determines the time that must pass after the client
58 has determined that there is no DHCP server present before it tries
59 again to contact a DHCP server. By default, this is five minutes.
60
61 The select-timeout statement
62
63 select-timeout time;
64
65 It is possible (some might say desirable) for there to be more than one
66 DHCP server serving any given network. In this case, it is possible
67 that a client may be sent more than one offer in response to its ini‐
68 tial lease discovery message. It may be that one of these offers is
69 preferable to the other (e.g., one offer may have the address the
70 client previously used, and the other may not).
71
72 The select-timeout is the time after the client sends its first lease
73 discovery request at which it stops waiting for offers from servers,
74 assuming that it has received at least one such offer. If no offers
75 have been received by the time the select-timeout has expired, the
76 client will accept the first offer that arrives.
77
78 By default, the select-timeout is zero seconds - that is, the client
79 will take the first offer it sees.
80
81 The reboot statement
82
83 reboot time;
84
85 When the client is restarted, it first tries to reacquire the last
86 address it had. This is called the INIT-REBOOT state. If it is
87 still attached to the same network it was attached to when it last ran,
88 this is the quickest way to get started. The reboot statement sets
89 the time that must elapse after the client first tries to reacquire its
90 old address before it gives up and tries to discover a new address.
91 By default, the reboot timeout is ten seconds.
92
93 The backoff-cutoff statement
94
95 backoff-cutoff time;
96
97 The client uses an exponential backoff algorithm with some randomness,
98 so that if many clients try to configure themselves at the same time,
99 they will not make their requests in lockstep. The backoff-cutoff
100 statement determines the maximum amount of time that the client is
101 allowed to back off, the actual value will be evaluated randomly
102 between 1/2 to 1 1/2 times the time specified. It defaults to two
103 minutes.
104
105 The initial-interval statement
106
107 initial-interval time;
108
109 The initial-interval statement sets the amount of time between the
110 first attempt to reach a server and the second attempt to reach a
111 server. Each time a message is sent, the interval between messages is
112 incremented by twice the current interval multiplied by a random number
113 between zero and one. If it is greater than the backoff-cutoff amount,
114 it is set to that amount. It defaults to ten seconds.
115
117 The DHCP protocol allows the client to request that the server send it
118 specific information, and not send it other information that it is not
119 prepared to accept. The protocol also allows the client to reject
120 offers from servers if they don't contain information the client needs,
121 or if the information provided is not satisfactory.
122
123 There is a variety of data contained in offers that DHCP servers send
124 to DHCP clients. The data that can be specifically requested is what
125 are called DHCP Options. DHCP Options are defined in
126 dhcp-options(5).
127
128 The request statement
129
130 [ also ] request [ [ option-space . ] option ] [, ... ];
131
132 The request statement causes the client to request that any server
133 responding to the client send the client its values for the specified
134 options. Only the option names should be specified in the request
135 statement - not option parameters. By default, the DHCPv4 client
136 requests the subnet-mask, broadcast-address, time-offset, routers,
137 domain-search, domain-name, domain-name-servers, host-name, nis-domain,
138 nis-servers, ntp-servers and interface-mtu options while the DHCPv6
139 client requests the dhcp6 name-servers and domain-search options. Note
140 that if you enter a ´request´ statement, you over-ride these defaults
141 and these options will not be requested.
142
143 In some cases, it may be desirable to send no parameter request list at
144 all. To do this, simply write the request statement but specify no
145 parameters:
146
147 request;
148
149 In most cases, it is desirable to simply add one option to the request
150 list which is of interest to the client in question. In this case, it
151 is best to ´also request´ the additional options:
152
153 also request domain-search, dhcp6.sip-servers-addresses;
154
155 The require statement
156
157 [ also ] require [ [ option-space . ] option ] [, ... ];
158
159 The require statement lists options that must be sent in order for an
160 offer to be accepted. Offers that do not contain all the listed
161 options will be ignored. There is no default require list.
162
163 require name-servers;
164
165 interface eth0 {
166 also require domain-search;
167 }
168
169 The
170 send
171 statement
172
173 send { [ option declaration ]
174 [, ... option declaration ]}
175
176 The send statement causes the client to send the specified options to
177 the server with the specified values. These are full option
178 declarations as described in dhcp-options(5). Options that are
179 always sent in the DHCP protocol should not be specified here, except
180 that the client can specify a requested dhcp-lease-time option other
181 than the default requested lease time, which is two hours. The other
182 obvious use for this statement is to send information to the server
183 that will allow it to differentiate between this client and other
184 clients or kinds of clients.
185
187 The client now has some very limited support for doing DNS updates when
188 a lease is acquired. This is prototypical, and probably doesn't do
189 what you want. It also only works if you happen to have control over
190 your DNS server, which isn't very likely.
191
192 Note that everything in this section is true whether you are using
193 DHCPv4 or DHCPv6. The exact same syntax is used for both.
194
195 To make it work, you have to declare a key and zone as in the DHCP
196 server (see dhcpd.conf(5) for details). You also need to configure
197 the fqdn option on the client, as follows:
198
199 send fqdn.fqdn "grosse.fugue.com.";
200 send fqdn.encoded on;
201 send fqdn.server-update off;
202 also request fqdn, dhcp6.fqdn;
203
204 The fqdn.fqdn option MUST be a fully-qualified domain name. You MUST
205 define a zone statement for the zone to be updated. The fqdn.encoded
206 option may need to be set to on or off, depending on the DHCP server
207 you are using.
208
209 The do-forward-updates statement
210
211 do-forward-updates [ flag ] ;
212
213 If you want to do DNS updates in the DHCP client script (see dhclient-
214 script(8)) rather than having the DHCP client do the update directly
215 (for example, if you want to use SIG(0) authentication, which is not
216 supported directly by the DHCP client, you can instruct the client not
217 to do the update using the do-forward-updates statement. Flag should
218 be true if you want the DHCP client to do the update, and false if you
219 don't want the DHCP client to do the update. By default, the DHCP
220 client will do the DNS update.
221
223 In some cases, a client may receive option data from the server which
224 is not really appropriate for that client, or may not receive informa‐
225 tion that it needs, and for which a useful default value exists. It
226 may also receive information which is useful, but which needs to be
227 supplemented with local information. To handle these needs, several
228 option modifiers are available.
229
230 The default statement
231
232 default [ option declaration ] ;
233
234 If for some option the client should use the value supplied by the
235 server, but needs to use some default value if no value was supplied by
236 the server, these values can be defined in the default statement.
237
238 The supersede statement
239
240 supersede [ option declaration ] ;
241
242 If for some option the client should always use a locally-configured
243 value or values rather than whatever is supplied by the server, these
244 values can be defined in the supersede statement.
245
246 The prepend statement
247
248 prepend [ option declaration ] ;
249
250 If for some set of options the client should use a value you supply,
251 and then use the values supplied by the server, if any, these values
252 can be defined in the prepend statement. The prepend statement can
253 only be used for options which allow more than one value to be given.
254 This restriction is not enforced - if you ignore it, the behaviour will
255 be unpredictable.
256
257 The append statement
258
259 append [ option declaration ] ;
260
261 If for some set of options the client should first use the values sup‐
262 plied by the server, if any, and then use values you supply, these val‐
263 ues can be defined in the append statement. The append statement can
264 only be used for options which allow more than one value to be given.
265 This restriction is not enforced - if you ignore it, the behaviour will
266 be unpredictable.
267
269 The lease declaration
270
271 lease { lease-declaration [ ... lease-declaration ] }
272
273 The DHCP client may decide after some period of time (see PROTOCOL TIM‐
274 ING) that it is not going to succeed in contacting a server. At that
275 time, it consults its own database of old leases and tests each one
276 that has not yet timed out by pinging the listed router for that lease
277 to see if that lease could work. It is possible to define one or more
278 fixed leases in the client configuration file for networks where there
279 is no DHCP or BOOTP service, so that the client can still automatically
280 configure its address. This is done with the lease statement.
281
282 NOTE: the lease statement is also used in the dhclient.leases file in
283 order to record leases that have been received from DHCP servers. Some
284 of the syntax for leases as described below is only needed in the
285 dhclient.leases file. Such syntax is documented here for complete‐
286 ness.
287
288 A lease statement consists of the lease keyword, followed by a left
289 curly brace, followed by one or more lease declaration statements, fol‐
290 lowed by a right curly brace. The following lease declarations are
291 possible:
292
293 bootp;
294
295 The bootp statement is used to indicate that the lease was acquired
296 using the BOOTP protocol rather than the DHCP protocol. It is never
297 necessary to specify this in the client configuration file. The
298 client uses this syntax in its lease database file.
299
300 interface "string";
301
302 The interface lease statement is used to indicate the interface on
303 which the lease is valid. If set, this lease will only be tried on a
304 particular interface. When the client receives a lease from a server,
305 it always records the interface number on which it received that lease.
306 If predefined leases are specified in the dhclient.conf file, the
307 interface should also be specified, although this is not required.
308
309 fixed-address ip-address;
310
311 The fixed-address statement is used to set the ip address of a particu‐
312 lar lease. This is required for all lease statements. The IP
313 address must be specified as a dotted quad (e.g., 12.34.56.78).
314
315 filename "string";
316
317 The filename statement specifies the name of the boot filename to use.
318 This is not used by the standard client configuration script, but is
319 included for completeness.
320
321 server-name "string";
322
323 The server-name statement specifies the name of the boot server name to
324 use. This is also not used by the standard client configuration
325 script.
326
327 option option-declaration;
328
329 The option statement is used to specify the value of an option supplied
330 by the server, or, in the case of predefined leases declared in
331 dhclient.conf, the value that the user wishes the client configuration
332 script to use if the predefined lease is used.
333
334 script "script-name";
335
336 The script statement is used to specify the pathname of the dhcp client
337 configuration script. This script is used by the dhcp client to set
338 each interface's initial configuration prior to requesting an address,
339 to test the address once it has been offered, and to set the inter‐
340 face's final configuration once a lease has been acquired. If no
341 lease is acquired, the script is used to test predefined leases, if
342 any, and also called once if no valid lease can be identified. For
343 more information, see dhclient-script(8).
344
345 vendor option space "name";
346
347 The vendor option space statement is used to specify which option space
348 should be used for decoding the vendor-encapsulate-options option if
349 one is received. The dhcp-vendor-identifier can be used to request a
350 specific class of vendor options from the server. See dhcp-options(5)
351 for details.
352
353 medium "media setup";
354
355 The medium statement can be used on systems where network interfaces
356 cannot automatically determine the type of network to which they are
357 connected. The media setup string is a system-dependent parameter
358 which is passed to the dhcp client configuration script when initializ‐
359 ing the interface. On Unix and Unix-like systems, the argument is
360 passed on the ifconfig command line when configuring the interface.
361
362 The dhcp client automatically declares this parameter if it uses a
363 media type (see the media statement) when configuring the interface in
364 order to obtain a lease. This statement should be used in predefined
365 leases only if the network interface requires media type configuration.
366
367 renew date;
368
369 rebind date;
370
371 expire date;
372
373 The renew statement defines the time at which the dhcp client should
374 begin trying to contact its server to renew a lease that it is using.
375 The rebind statement defines the time at which the dhcp client should
376 begin to try to contact any dhcp server in order to renew its lease.
377 The expire statement defines the time at which the dhcp client must
378 stop using a lease if it has not been able to contact a server in order
379 to renew it.
380
381 These declarations are automatically set in leases acquired by the DHCP
382 client, but must also be configured in predefined leases - a predefined
383 lease whose expiry time has passed will not be used by the DHCP client.
384
385 Dates are specified in one of two ways. The software will output times
386 in these two formats depending on if the db-time-format configuration
387 parameter has been set to default or local.
388
389 If it is set to default, then date values appear as follows:
390
391 <weekday> <year>/<month>/<day> <hour>:<minute>:<second>
392
393 The weekday is present to make it easy for a human to tell when a lease
394 expires - it's specified as a number from zero to six, with zero being
395 Sunday. When declaring a predefined lease, it can always be specified
396 as zero. The year is specified with the century, so it should gener‐
397 ally be four digits except for really long leases. The month is speci‐
398 fied as a number starting with 1 for January. The day of the month is
399 likewise specified starting with 1. The hour is a number between 0 and
400 23, the minute a number between 0 and 59, and the second also a number
401 between 0 and 59.
402
403 If the db-time-format configuration was set to local, then the date
404 values appear as follows:
405
406 epoch <seconds-since-epoch>; # <day-name> <month-name> <day-number>
407 <hours>:<minutes>:<seconds> <year>
408
409 The seconds-since-epoch is as according to the system's local clock
410 (often referred to as "unix time"). The # symbol supplies a comment
411 that describes what actual time this is as according to the system's
412 configured timezone, at the time the value was written. It is provided
413 only for human inspection, the epoch time is the only recommended value
414 for machine inspection.
415
416 Note that when defining a static lease, one may use either time format
417 one wishes, and need not include the comment or values after it.
418
419 If the time is infinite in duration, then the date is never instead of
420 an actual date.
421
423 alias { declarations ... }
424
425 Some DHCP clients running TCP/IP roaming protocols may require that in
426 addition to the lease they may acquire via DHCP, their interface also
427 be configured with a predefined IP alias so that they can have a perma‐
428 nent IP address even while roaming. The Internet Systems Consortium
429 DHCP client doesn't support roaming with fixed addresses directly, but
430 in order to facilitate such experimentation, the dhcp client can be set
431 up to configure an IP alias using the alias declaration.
432
433 The alias declaration resembles a lease declaration, except that
434 options other than the subnet-mask option are ignored by the standard
435 client configuration script, and expiry times are ignored. A typical
436 alias declaration includes an interface declaration, a fixed-address
437 declaration for the IP alias address, and a subnet-mask option declara‐
438 tion. A medium statement should never be included in an alias decla‐
439 ration.
440
442 db-time-format [ default | local ] ;
443
444 The db-time-format option determines which of two output methods are
445 used for printing times in leases files. The default format provides
446 day-and-time in UTC, whereas local uses a seconds-since-epoch to store
447 the time value, and helpfully places a local timezone time in a comment
448 on the same line. The formats are described in detail in this manpage,
449 whithin the LEASE DECLARATIONS section.
450
451 reject cidr-ip-address [, ... cidr-ip-address ] ;
452
453 The reject statement causes the DHCP client to reject offers from
454 servers whose server identifier matches any of the specified hosts or
455 subnets. This can be used to avoid being configured by rogue or mis‐
456 configured dhcp servers, although it should be a last resort - better
457 to track down the bad DHCP server and fix it.
458
459 The cidr-ip-address configuration type is of the form ip-address[/pre‐
460 fixlen], where ip-address is a dotted quad IP address, and prefixlen is
461 the CIDR prefix length of the subnet, counting the number of signifi‐
462 cant bits in the netmask starting from the leftmost end. Example con‐
463 figuration syntax:
464
465 reject 192.168.0.0/16, 10.0.0.5;
466
467 The above example would cause offers from any server identifier in the
468 entire RFC 1918 "Class C" network 192.168.0.0/16, or the specific sin‐
469 gle address 10.0.0.5, to be rejected.
470
471 interface "name" { declarations ... }
472
473 A client with more than one network interface may require different be‐
474 haviour depending on which interface is being configured. All timing
475 parameters and declarations other than lease and alias declarations can
476 be enclosed in an interface declaration, and those parameters will then
477 be used only for the interface that matches the specified name.
478 Interfaces for which there is no interface declaration will use the
479 parameters declared outside of any interface declaration, or the
480 default settings.
481
482 Note well: ISC dhclient only maintains one list of interfaces, which is
483 either determined at startup from command line arguments, or otherwise
484 is autodetected. If you supplied the list of interfaces on the command
485 line, this configuration clause will add the named interface to the
486 list in such a way that will cause it to be configured by DHCP. Which
487 may not be the result you had intended. This is an undesirable side
488 effect that will be addressed in a future release.
489
490 pseudo "name" "real-name" { declarations ... }
491
492 Under some circumstances it can be useful to declare a pseudo-interface
493 and have the DHCP client acquire a configuration for that interface.
494 Each interface that the DHCP client is supporting normally has a DHCP
495 client state machine running on it to acquire and maintain its lease.
496 A pseudo-interface is just another state machine running on the inter‐
497 face named real-name, with its own lease and its own state. If you
498 use this feature, you must provide a client identifier for both the
499 pseudo-interface and the actual interface, and the two identifiers must
500 be different. You must also provide a separate client script for the
501 pseudo-interface to do what you want with the IP address. For exam‐
502 ple:
503
504 interface "ep0" {
505 send dhcp-client-identifier "my-client-ep0";
506 }
507 pseudo "secondary" "ep0" {
508 send dhcp-client-identifier "my-client-ep0-secondary";
509 script "/etc/dhclient-secondary";
510 }
511
512 The client script for the pseudo-interface should not configure the
513 interface up or down - essentially, all it needs to handle are the
514 states where a lease has been acquired or renewed, and the states where
515 a lease has expired. See dhclient-script(8) for more information.
516
517 media "media setup" [ , "media setup", ... ];
518
519 The media statement defines one or more media configuration parameters
520 which may be tried while attempting to acquire an IP address. The
521 dhcp client will cycle through each media setup string on the list,
522 configuring the interface using that setup and attempting to boot, and
523 then trying the next one. This can be used for network interfaces
524 which aren't capable of sensing the media type unaided - whichever
525 media type succeeds in getting a request to the server and hearing the
526 reply is probably right (no guarantees).
527
528 The media setup is only used for the initial phase of address acquisi‐
529 tion (the DHCPDISCOVER and DHCPOFFER packets). Once an address has
530 been acquired, the dhcp client will record it in its lease database and
531 will record the media type used to acquire the address. Whenever the
532 client tries to renew the lease, it will use that same media type.
533 The lease must expire before the client will go back to cycling through
534 media types.
535
536 hardware link-type mac-address;
537
538 The hardware statement defines the hardware MAC address to use for this
539 interface, for DHCP servers or relays to direct their replies.
540 dhclient will determine the interface's MAC address automatically, so
541 use of this parameter is not recommended. The link-type corresponds to
542 the interface's link layer type (example: ´ethernet´), while the mac-
543 address is a string of colon-separated hexadecimal values for octets.
544
545 anycast-mac link-type mac-address;
546
547 The anycast-mac statement over-rides the all-ones broadcast MAC address
548 dhclient will use when it is transmitting packets to the all-ones lim‐
549 ited broadcast IPv4 address. This configuration parameter is useful to
550 reduce the number of broadcast packets transmitted by DHCP clients, but
551 is only useful if you know the DHCP service(s) anycast MAC address
552 prior to configuring your client. The link-type and mac-address param‐
553 eters are configured in a similar manner to the hardware statement.
554
555 bootp-broadcast-always;
556
557 The bootp-broadcast-always statement instructs dhclient to always set
558 the bootp broadcast flag in request packets, so that servers will
559 always broadcast replies. This is equivalent to supplying the dhclient
560 -B argument, and has the same effect as specifying 'always-broadcast'
561 in the server's dhcpd.conf. This option is provided as an extension to
562 enable dhclient to work on IBM s390 Linux guests.
563
565 The following configuration file is used on a laptop running NetBSD
566 1.3. The laptop has an IP alias of 192.5.5.213, and has one inter‐
567 face, ep0 (a 3com 3C589C). Booting intervals have been shortened
568 somewhat from the default, because the client is known to spend most of
569 its time on networks with little DHCP activity. The laptop does roam
570 to multiple networks.
571
572
573 timeout 60;
574 retry 60;
575 reboot 10;
576 select-timeout 5;
577 initial-interval 2;
578 reject 192.33.137.209;
579
580 interface "ep0" {
581 send host-name "andare.fugue.com";
582 hardware ethernet 00:a0:24:ab:fb:9c;
583 send dhcp-client-identifier 1:0:a0:24:ab:fb:9c;
584 send dhcp-lease-time 3600;
585 supersede domain-search "fugue.com", "rc.vix.com", "home.vix.com";
586 prepend domain-name-servers 127.0.0.1;
587 request subnet-mask, broadcast-address, time-offset, routers,
588 domain-search, domain-name, domain-name-servers, host-name;
589 require subnet-mask, domain-name-servers;
590 script "/sbin/dhclient-script";
591 media "media 10baseT/UTP", "media 10base2/BNC";
592 }
593
594 alias {
595 interface "ep0";
596 fixed-address 192.5.5.213;
597 option subnet-mask 255.255.255.255;
598 }
599 This is a very complicated dhclient.conf file - in general, yours
600 should be much simpler. In many cases, it's sufficient to just create
601 an empty dhclient.conf file - the defaults are usually fine.
602
604 dhcp-options(5), dhcp-eval(5), dhclient.leases(5), dhcpd(8),
605 dhcpd.conf(5), RFC2132, RFC2131.
606
608 dhclient(8) was written by Ted Lemon under a contract with Vixie Labs.
609 Funding for this project was provided by Internet Systems Consortium.
610 Information about Internet Systems Consortium can be found at
611 https://www.isc.org.
612
613
614
615 dhclient.conf(5)