1DHCPCD.CONF(5)              BSD File Formats Manual             DHCPCD.CONF(5)
2

NAME

4     dhcpcd.conf — dhcpcd configuration file
5

DESCRIPTION

7     Although dhcpcd can do everything from the command line, there are cases
8     where it's just easier to do it once in a configuration file.  Most of
9     the options found in dhcpcd(8) can be used here.  The first word on the
10     line is the option and the rest of the line is the value.  Leading and
11     trailing whitespace for the option and value are trimmed.  You can escape
12     characters in the value using the \ character.  Comments can be prefixed
13     with the # character.  String values should be quoted with the " charac‐
14     ter.
15
16     Here's a list of available options:
17
18     allowinterfaces pattern
19             When discovering interfaces, the interface name must match
20             pattern which is a space or comma separated list of patterns
21             passed to fnmatch(3).  If the same interface is matched in
22             denyinterfaces then it is still denied.
23
24     denyinterfaces pattern
25             When discovering interfaces, the interface name must not match
26             pattern which is a space or comma separated list of patterns
27             passed to fnmatch(3).
28
29     anonymous
30             Enables Anonymity Profiles for DHCP, RFC 7844.  Any DUID is ig‐
31             nored and ClientID is set to LL only.  All non essential options
32             are then masked at this point, but they could be unmasked by ex‐
33             plicitly requesting the option after the anonymous option is pro‐
34             cessed.  As such, the anonymous option should be the last option
35             in the configuration unless you really want to send something
36             which could identify you.  dhcpcd will not try and reboot an old
37             lease, it will go straight into DISCOVER/SOLICIT.
38
39     randomise_hwaddr
40             Forces a hardware address randomisation when the interface is
41             brought up or when the carrier is lost.  This is generally used
42             in tandem with the anonymous option.
43
44     arping address [address]
45             dhcpcd will arping each address in order before attempting DHCP.
46             If an address is found, we will select the replying hardware ad‐
47             dress as the profile, otherwise the IP address.  Example:
48
49                   interface bge0
50                   arping 192.168.0.1
51
52                   # My specific 192.168.0.1 network
53                   profile dd:ee:aa:dd:bb:ee
54                   static ip_address=192.168.0.10/24
55
56                   # A generic 192.168.0.1 network
57                   profile 192.168.0.1
58                   static ip_address=192.168.0.98/24
59
60     authprotocol protocol [algorithm [rdm]]
61             Authenticate DHCP messages.  See the Supported Authentication
62             Protocols section.  If protocol is token then algorithm is
63             snd_secretid/rcv_secretid so you can send and receive different
64             tokens.
65
66     authtoken secretid realm expire key
67             Define a shared key for use in authentication.  realm can be ""
68             to for use with the delayed protocol.  expire is the date the to‐
69             ken expires and should be formatted "yyy-mm-dd HH:MM".  You can
70             use the keyword forever or 0 which means the token never expires.
71             For the token protocol, secretid needs to be 0 and realm needs to
72             be "".  If dhcpcd has the error
73                   dhcp_auth_encode: Invalid argument
74             then it means that dhcpcd could not find the correct authentica‐
75             tion token in your configuration.
76
77     background
78             Fork to the background immediately.  This is useful for startup
79             scripts which don't disable link messages for carrier status.
80
81     blacklist address[/cidr]
82             Ignores all packets from address[/cidr].
83
84     whitelist address[/cidr]
85             Only accept packets from address[/cidr].  blacklist is ignored if
86             whitelist is set.
87
88     bootp   Be a BOOTP client.  Basically, this just doesn't send a DHCP Mes‐
89             sage Type option and will only interact with a BOOTP server.  All
90             other DHCP options still work.
91
92     broadcast
93             Instructs the DHCP server to broadcast replies back to the
94             client.  Normally this is only set for non-Ethernet interfaces,
95             such as FireWire and InfiniBand.  In most cases, dhcpcd will set
96             this automatically.
97
98     controlgroup group
99             Sets the group ownership of /var/run/dhcpcd/sock so that users
100             other than root can connect to dhcpcd.
101
102     debug   Echo debug messages to the stderr and syslog.
103
104     dev value
105             Load the value /dev management module.  dhcpcd will load the
106             first one found to work, if any.
107
108     env value
109             Push value to the environment for use in dhcpcd-run-hooks(8).
110             For example, you can force the hostname hook to always set the
111             hostname with env force_hostname=YES.  Or set which driver
112             wpa_supplicant(8) should use with env
113             wpa_supplicant_driver=nl80211
114
115             If the hostname is set, it will be will set to the FQDN if possi‐
116             ble as per RFC 4702, section 3.1.  If the FQDN option is missing,
117             dhcpcd will still try and set a FQDN from the hostname and domain
118             options for consistency.  To override this, set env
119             hostname_fqdn=[YES|NO|SERVER].  A value of SERVER means just what
120             the server says, don't manipulate it.  This could lead to an in‐
121             consistent hostname on a DHCPv4 and DHCPv6 network where the
122             DHCPv4 hostname is short and the DHCPv6 has an FQDN.  DHCPv6 has
123             no hostname option.
124
125     clientid string
126             Send the clientid.  If the string is of the format 01:02:03 then
127             it is encoded as hex.  For interfaces whose hardware address is
128             longer than 8 bytes, or if the clientid is an empty string then
129             dhcpcd sends a default clientid of the hardware family and the
130             hardware address.
131
132     duid [ll | lt | uuid | value]
133             Use a DHCP Unique Identifier.  If a system UUID is available,
134             that will be used to create a DUID-UUID, otheriwse if persistent
135             storage is available then a DUID-LLT (link local address + time)
136             is generated, otherwise DUID-LL is generated (link local ad‐
137             dress).  The DUID type can be hinted as an optional parameter if
138             the file /var/lib/dhcpcd/duid does not exist.  If not ll, lt or
139             uuid then value will be converted from 00:11:22:33 format.  This,
140             plus the IAID will be used as the clientid.  The DUID generated
141             will be held in /var/lib/dhcpcd/duid and should not be copied to
142             other hosts.  This file also takes precedence over the above
143             rules except for setting a value.
144
145     iaid iaid
146             Set the Interface Association Identifier to iaid.  This option
147             must be used in an interface block.  This defaults to the VLANID
148             (prefixed with 0xff) for the interface if set, otherwise the last
149             4 bytes of the hardware address assigned to the interface.  Each
150             instance of this should be unique within the scope of the client
151             and dhcpcd warns if a conflict is detected.  If there is a con‐
152             flict, it is only a problem if the conflicted IAIDs are used on
153             the same network.
154
155     dhcp    Enable DHCP on the interface, on by default.
156
157     dhcp6   Enable DHCPv6 on the interface, on by default.
158
159     ipv4    Enable IPv4 on the interface, on by default.
160
161     ipv6    Enable IPv6 on the interface, on by default.
162
163     request [address]
164             Request the address in the DHCP DISCOVER message.  There is no
165             guarantee this is the address the DHCP server will actually give.
166             If no address is given then the first address currently assigned
167             to the interface is used.
168
169     inform [address[/cidr[/broadcast_address]]]
170             Behaves like request as above, but sends a DHCP INFORM instead of
171             DISCOVER/REQUEST.  This does not get a lease as such, just noti‐
172             fies the DHCP server of the address in use.  You should also in‐
173             clude the optional cidr network number in case the address is not
174             already configured on the interface.  dhcpcd remains running and
175             pretends it has an infinite lease.  dhcpcd will not de-configure
176             the interface when it exits.  If dhcpcd fails to contact a DHCP
177             server then it returns a failure instead of falling back on
178             IPv4LL.
179
180     inform6
181             Performs a DHCPv6 Information Request.  No address is requested
182             or specified, but all other DHCPv6 options are allowed.  This is
183             normally performed automatically when an IPv6 Router Advertise‐
184             ment indicates that the client should perform this operation.
185             This option is only needed when dhcpcd is not processing IPv6 RA
186             messages and the need for a DHCPv6 Information Request exists.
187
188     persistent
189             dhcpcd normally de-configures the interface and configuration
190             when it exits.  Sometimes, this isn't desirable if, for example,
191             you have root mounted over NFS or SSH clients connect to this
192             host and they need to be notified of the host shutting down.  You
193             can use this option to stop this from happening.
194
195     fallback profile
196             Fall back to using this profile if DHCP fails.  This allows you
197             to configure a static profile instead of using ZeroConf.
198
199     hostname name
200             Sends the hostname name to the DHCP server so it can be regis‐
201             tered in DNS.  If name is an empty string then the current system
202             hostname is sent.  If name is a FQDN (i.e., contains a .) then it
203             will be encoded as such.
204
205     hostname_short
206             Sends the short hostname to the DHCP server instead of the FQDN.
207             This is useful because DHCP servers will not register the FQDN in
208             their DNS if the domain part does not match theirs.
209
210             Also, see the env option above to control how the hostname is set
211             on the host.
212
213     ia_na [iaid [/ address]]
214             Request a DHCPv6 Normal Address for iaid.  iaid defaults to the
215             iaid option as described above.  You can request more than one
216             ia_na by specifying a unique iaid for each one.
217
218     ia_ta [iaid]
219             Request a DHCPv6 Temporary Address for iaid.  You can request
220             more than one ia_ta by specifying a unique iaid for each one.
221
222     ia_pd [iaid [/ prefix / prefix_len] [interface [/ sla_id [/ prefix_len [/
223             suffix]]]]]
224             Request a DHCPv6 Delegated Prefix for iaid.  This option must be
225             used in an interface block.  Unless a sla_id of 0 is assigned
226             with the same resultant prefix length as the delegation, a reject
227             route is installed for the Delegated Prefix to stop unallocated
228             addresses being resolved upstream.  If no interface is given then
229             we will assign a prefix to every other interface with a sla_id
230             equivalent to the interface index assigned by the OS.  Otherwise
231             addresses are only assigned for each interface and sla_id.  Each
232             assigned address will have a suffix, defaulting to 1.  If the
233             suffix is 0 then a SLAAC address is assigned.  You cannot assign
234             a prefix to the requesting interface unless the DHCPv6 server
235             supports the RFC 6603 Prefix Exclude Option.  dhcpcd has to be
236             running for all the interfaces it is delegating to.  A default
237             prefix_len of 64 is assumed, unless the maximum sla_id does not
238             fit.  In this case prefix_len is increased to the highest multi‐
239             ple of 8 that can accommodate the sla_id.  sla_id is an integer
240             which must be unique inside the iaid and is added to the prefix
241             which must fit inside prefix_len less the length of the delegated
242             prefix.  You can specify multiple interface / sla_id / prefix_len
243             per ia_pd, space separated.  IPv6RS should be disabled globally
244             when requesting a Prefix Delegation.
245
246             In the following example eth0 is the externally facing interface
247             to be configured for both IPv4 and IPv6.  The DHCPv4 server will
248             provide us with an IPv4 address and a default route.  The DHCPv6
249             server is going to provide us with an IPv6 address, a default
250             route and a /64 subnet to be delegated to the internal interface.
251             The eth1 interface will be automatically configured for IPv6 us‐
252             ing the first address (::1) from the delegated prefix.  A second
253             prefix is requested and assigned to two other interfaces.
254             rtadvd(8) can be used with an empty configuration file on eth1,
255             eth2 and eth3, to provide automatic IPv6 address configuration
256             for the internal network.
257
258             noipv6rs                 # disable routing solicitation
259             denyinterfaces eth2      # Don't touch eth2 at all
260             interface eth0
261               ipv6rs                 # enable routing solicitation for eth0
262               ia_na 1                # request an IPv6 address
263               ia_pd 2 eth1/0         # request a PD and assign it to eth1
264               ia_pd 3 eth2/1 eth3/2  # req a PD and assign it to eth2 and eth3
265
266     ipv4only
267             Only configure IPv4.
268
269     ipv6only
270             Only configure IPv6.
271
272     fqdn [disable | none | ptr | both]
273             none will not ask the DHCP server to update DNS.  ptr just asks
274             the DHCP server to update the PTR record of the host in DNS,
275             whereas both also updates the A record.  disable will disable the
276             FQDN option.  The default is both.  dhcpcd itself never does any
277             DNS updates.  dhcpcd encodes the FQDN hostname as specified in
278             RFC 1035.
279
280     interface interface
281             Subsequent options are only parsed for this interface.
282
283     ipv6ra_autoconf
284             Generate SLAAC addresses for each Prefix advertised by an IPv6
285             Router Advertisement message with the Auto flag set.  On by de‐
286             fault.
287
288     ipv6ra_noautoconf
289             Disables the above option.
290
291     ipv6ra_fork
292             By default, when dhcpcd receives an IPv6 Router Advertisement,
293             dhcpcd will only fork to the background if the RA contains at
294             least one unexpired RDNSS option and a valid prefix or no DHCPv6
295             instruction.  Set this option so to make dhcpcd always fork on a
296             RA.
297
298     ipv6rs  Enables IPv6 Router Advertisement solicitation.  This is on by
299             default, but is documented here in the case where it is disabled
300             globally but needs to be enabled for one interface.
301
302     leasetime seconds
303             Request a lease time of seconds.  -1 represents an infinite lease
304             time.  By default dhcpcd does not request any lease time and
305             leaves it in the hands of the DHCP server.
306
307     link_rcvbuf size
308             Override the size of the link receive buffer from the kernel de‐
309             fault.  While dhcpcd will recover from link buffer overflows,
310             this may not be desirable on heavily loaded systems.
311
312     logfile logfile
313             Writes to the specified logfile.  dhcpcd still writes to
314             syslog(3).  The logfile is reopened when dhcpcd receives the
315             SIGUSR2 signal.
316
317     metric metric
318             Metrics are used to prefer an interface over another one, lowest
319             wins.  dhcpcd will supply a default metric of 1000 +
320             if_nametoindex(3).  This will be offset by 2000 for wireless in‐
321             terfaces, with additional offsets of 1000000 for IPv4LL and
322             2000000 for roaming interfaces.
323
324     mudurl url
325             Specifies the URL for a Manufacturer Usage Description (MUD).
326             The description is used by upstream network devices to instanti‐
327             ate any desired access lists.  See draft-ietf-opsawg-mud for more
328             information.
329
330     noalias
331             Any pre-existing IPv4 addresses will be removed from the inter‐
332             face when adding a new IPv4 address.
333
334     noarp   Don't send any ARP requests.  This also disables IPv4LL.
335
336     noauthrequired
337             Don't require authentication even though we requested it.  Also
338             allows FORCERENEW and RECONFIGURE messages without authentica‐
339             tion.
340
341     nodelay
342             Don't delay for an initial randomised time when starting proto‐
343             cols.
344
345     nodev   Don't load /dev management modules.
346
347     nodhcp  Don't start DHCP or listen to DHCP messages.  This is only useful
348             when allowing IPv4LL.
349
350     nodhcp6
351             Don't start DHCPv6 or listen to DHCPv6 messages.  Normally DHCPv6
352             is started by an IPv6 Router Advertisement instruction or config‐
353             uration.
354
355     nogateway
356             Don't install any default routes.
357
358     gateway
359             Install a default route if available (default).
360
361     nohook script
362             Don't run this hook script.  Matches full name, or prefixed with
363             2 numbers optionally ending with .sh.
364
365             So to stop dhcpcd from touching your DNS settings or starting
366             wpa_supplicant you would do:-
367                   nohook resolv.conf, wpa_supplicant
368
369     noipv4  Don't attempt to configure an IPv4 address.
370
371     noipv4ll
372             Don't attempt to obtain an IPv4LL address if we failed to get one
373             via DHCP.  See RFC 3927.
374
375     noipv6  Don't solicit or accept IPv6 Router Advertisements and DHCPv6.
376
377     noipv6rs
378             Don't solicit or accept IPv6 Router Advertisements.
379
380     nolink  Don't receive link messages about carrier status.  You should
381             only set this for buggy interface drivers.
382
383     noup    Don't bring the interface up when in manager mode.
384
385     option option
386             Requests the option from the server.  It can be a variable to be
387             used in dhcpcd-run-hooks(8) or the numerical value.  You can
388             specify more options separated by commas, spaces or more option
389             lines.  Prepend dhcp6_ to option to request a DHCPv6 option.  If
390             no DHCPv6 options are configured, then DHCPv4 options are mapped
391             to equivalent DHCPv6 options.
392
393             Prepend nd_ to option to handle ND options, but this only works
394             for the nooption, reject and require options.
395
396             To see a list of options you can use, call dhcpcd with the -V,
397             --variables argument.
398
399     nooption option
400             Remove the option from the message before it's processed.
401
402     require option
403             Requires the option to be present in all messages, otherwise the
404             message is ignored.  To enforce that dhcpcd only responds to DHCP
405             servers and not BOOTP servers, you can require dhcp_message_type.
406             This isn't an exact science though because a BOOTP server can
407             send DHCP-like options.
408
409     reject option
410             Reject a message that contains the option.  This is useful when
411             you cannot use require to select / de-select BOOTP messages.
412
413     destination option
414             If dhcpcd.conf detects an address added to a point to point in‐
415             terface (PPP, TUN, etc) then it will set the listed DHCP options
416             to the destination address of the interface.
417
418     profile name
419             Subsequent options are only parsed for this profile name.
420
421     quiet   Suppress any dhcpcd output to the console, except for errors.
422
423     reboot seconds
424             Allow reboot seconds before moving to the DISCOVER phase if we
425             have an old lease to use.  Allow reboot seconds before starting
426             fallback states from the DISCOVER phase.  IPv4LL is started when
427             the first reboot timeout is reached.  The default is 5 seconds.
428             A setting of 0 seconds causes dhcpcd.conf to skip the reboot
429             phase and go straight into DISCOVER.  This is desirable for mo‐
430             bile users because if you change from network A to network B and
431             they use the same subnet and the address from network A isn't in
432             use on network B, then the DHCP server will remain silent even if
433             authoritative which means dhcpcd will timeout before moving back
434             to the DISCOVER phase.  This has no effect on DHCPv6 other than
435             skipping the reboot phase.
436
437     release
438             dhcpcd will release the lease prior to stopping the interface.
439
440     script script
441             Use script instead of the default /usr/libexec/dhcpcd-run-hooks.
442
443     ssid ssid
444             Subsequent options are only parsed for this wireless ssid.
445
446     slaac hwaddr | private [temp | temporary]
447             Selects the interface identifier used for SLAAC generated IPv6
448             addresses.  If private is used, a RFC 7217 address is generated.
449             The temporary directive will create a temporary address for the
450             prefix as well.
451
452     static value
453             Configures a static value.  If you set ip_address then dhcpcd
454             will not attempt to obtain a lease and will just use the value
455             for the address with an infinite lease time.  If you set
456             ip6_address, dhcpcd will continue auto-configuration as normal.
457
458             Here is an example which configures two static address, overrid‐
459             ing the default IPv4 broadcast address, an IPv4 router, DNS and
460             disables IPv6 auto-configuration.  You could also use the inform6
461             command here if you wished to obtain more information via DHCPv6.
462             For IPv4, you should use the inform ipaddress option instead of
463             setting a static address.
464                   interface eth0
465                   noipv6rs
466                   static ip_address=192.168.0.10/24
467                   static broadcast_address=192.168.0.63
468                   static ip6_address=fd51:42f8:caae:d92e::ff/64
469                   static routers=192.168.0.1
470                   static domain_name_servers=192.168.0.1
471                   fd51:42f8:caae:d92e::1
472
473             Here is an example for PPP which gives the destination a default
474             route.  It uses the special destination keyword to insert the
475             destination address into the value.
476                   interface ppp0
477                   static ip_address=
478                   destination routers
479
480     timeout seconds
481             Time out after seconds, instead of the default 30.  A setting of
482             0 seconds causes dhcpcd to wait forever to get a lease.  If
483             dhcpcd is working on a single interface then dhcpcd will exit
484             when a timeout occurs, otherwise dhcpcd will fork into the back‐
485             ground.  If using IPv4LL then dhcpcd start the IPv4LL process af‐
486             ter the timeout and then wait a little longer before really tim‐
487             ing out.
488
489     userclass string
490             Tag the DHCPv4 message with the userclass.  You can specify more
491             than one.
492
493     msuserclass string
494             Tag the DHCPv4 mesasge with the Microsoft userclass.  Unlike the
495             userclass option, this one can only be added once.  It should
496             only be used for Microsoft DHCP servers and the vendorclassid
497             should be set to "MSFT 98" or "MSFT 5.0".  This option is not RFC
498             compliant.
499
500     vendor code,value
501             Add an encapsulated vendor option.  code should be between 1 and
502             254 inclusive.  To add a raw vendor string, omit code but keep
503             the comma.  Examples.
504
505             Set the vendor option 01 with an IP address.
506                   vendor 01,192.168.0.2
507             Set the vendor option 02 with a hex code.
508                   vendor 02,01:02:03:04:05
509             Set the vendor option 03 with an IP address as a string.
510                   vendor 03,\"192.168.0.2\"
511             Set un-encapsulated vendor option to hello world.
512                   vendor ,"hello world"
513
514     vendorclassid string
515             Set the DHCP Vendor Class.  DHCPv6 has its own option as shown
516             below.  The default is dhcpcd-<version>:<os>:<machine>:<plat‐
517             form>.  For example
518                   dhcpcd-5.5.6:NetBSD-6.99.5:i386:i386
519             If not set then none is sent.  Some badly configured DHCP servers
520             reject unknown vendorclassids.  To work around it, try and imper‐
521             sonate Windows by using the MSFT vendorclassid.
522
523     vendclass en data
524             Add the DHCPv6 Vendor Indetifying Vendor Class with the IANA as‐
525             signed Enterprise Number en with the data.  This option can be
526             set more than once to add more data, but the behaviour, as per
527             RFC 3925 is undefined if the Enterprise Number differs.
528
529     waitip [4 | 6]
530             Wait for an address to be assigned before forking to the back‐
531             ground.  4 means wait for an IPv4 address to be assigned.  6
532             means wait for an IPv6 address to be assigned.  If no argument is
533             given, dhcpcd.conf will wait for any address protocol to be as‐
534             signed.  It is possible to wait for more than one address proto‐
535             col and dhcpcd.conf will only fork to the background when all
536             waiting conditions are satisfied.
537
538     xidhwaddr
539             Use the last four bytes of the hardware address as the DHCP xid
540             instead of a randomly generated number.
541
542   Defining new options
543     DHCP, ND and DHCPv6 allow for the use of custom options, and RFC 3925
544     vendor options for DHCP can also be supplied.  Each option needs to be
545     started with the define, definend, define6 or vendopt directive.  This
546     can optionally be followed by both embed or encap options.  Both can be
547     specified more than once and embed must come before encap.
548
549     define code type variable
550             Defines the DHCP option code of type with a name of variable ex‐
551             ported to dhcpcd-run-hooks(8).
552
553     definend code type variable
554             Defines the ND option code of type with a name of variable ex‐
555             ported to dhcpcd-run-hooks(8), with a prefix of nd_.
556
557     define6 code type variable
558             Defines the DHCPv6 option code of type with a name of variable
559             exported to dhcpcd-run-hooks(8), with a prefix of dhcp6_.
560
561     vendopt code type variable
562             Defines the Vendor-Identifying Vendor Options.  The code is the
563             IANA Enterprise Number which will uniquely describe the encapsu‐
564             lated options.  type is normally encap.  variable names the Ven‐
565             dor option to be exported.
566
567     embed type variable
568             Defines an embedded variable within the defined option.  The
569             length is determined by the type.  If the variable is not the
570             same as defined in the parent option, it is prefixed with the
571             parent variable first with an underscore.  If the variable has
572             the name of reserved then it is not processed.
573
574     encap code type variable
575             Defines an encapsulated variable within the defined option.  The
576             length is determined by the type.  If the variable is not the
577             same as defined in the parent option, it is prefixed with the
578             parent variable first with an underscore.
579
580   Type prefix
581     These keywords come before the type itself, to describe it more fully.
582     You can use more than one, but they must appear in the order listed be‐
583     low.
584
585     request  Requests the option by default without having to be specified in
586              user configuration.
587
588     norequest
589              This option cannot be requested, regardless of user configura‐
590              tion.
591
592     optional
593              This option is optional.  Only makes sense for embedded options
594              like the client FQDN option, where the FQDN string itself is op‐
595              tional.
596
597     index    The option can appear more than once and will be indexed.
598
599     array    The option data is split into a space separated array, each ele‐
600              ment being the same type.
601
602   Types to define
603     The type directly affects the length of data consumed inside the option.
604     Any remaining data is normally discarded.  Lengths can be specified for
605     string and binhex types, but this is generally with other data embedded
606     afterwards in the same option.
607
608     ipaddress
609             An IPv4 address, 4 bytes.
610
611     ip6address
612             An IPv6 address, 16 bytes.
613
614     string [: length]
615             A NVT ASCII string of printable characters.
616
617     byte    A byte.
618
619     bitflags: flags
620             A byte represented as a string of flags, most significant bit
621             first.  For example, using ABCDEFGH then A would equal 10000000,
622             B 01000000, C 00100000, etc.  If the bit is not set, the flag is
623             not printed.  A flag of 0 is not printed even if the bit position
624             is set.  This is to allow reservation of the first bits while as‐
625             signing the last bits.
626
627     int16   A signed 16bit integer, 2 bytes.
628
629     uint16  An unsigned 16bit integer, 2 bytes.
630
631     int32   A signed 32bit integer, 4 bytes.
632
633     uint32  An unsigned 32bit integer, 4 bytes.
634
635     flag    A fixed value (1) to indicate that the option is present, 0
636             bytes.
637
638     domain  An RFC 3397 encoded string.
639
640     dname   An RFC 1035 validated string.
641
642     binhex [: length]
643             Binary data expressed as hexadecimal.
644
645     embed   Contains embedded options (implies encap as well).
646
647     encap   Contains encapsulated options (implies embed as well).
648
649     option  References an option from the global definition.
650
651   Example definition
652           # DHCP option 81, Fully Qualified Domain Name, RFC 4702
653           define 81 embed fqdn
654           embed byte flags
655           embed byte rcode1
656           embed byte rcode2
657           embed domain fqdn
658
659           # DHCP option 125, Vendor Specific Information Option, RFC 3925
660           define 125 encap vsio
661           embed uint32 enterprise_number
662           # Options defined for the enterprise number
663           encap 1 ipaddress ipaddress
664
665   Supported Authentication Protocols
666     token    Sends a plain text token the server expects and matches a token
667              sent by the server.  The tokens do not have to be the same.  If
668              unspecified, the token with a secretid of 0 will be used in
669              sending messages and validating received messages.
670
671     delayedrealm
672              Delayed Authentication.  dhcpcd will send an authentication op‐
673              tion with no key or MAC.  The server will see this option, and
674              select a key for dhcpcd.conf, writing the realm and secretid in
675              it.  dhcpcd will then look for an unexpired token with a match‐
676              ing realm and secretid.  This token is used to authenticate all
677              other messages.
678
679     delayed  Same as above, but without a realm.
680
681   Supported Authentication Algorithms
682     If none specified, hmac-md5 is the default.
683
684     hmac-md5
685
686   Supported Replay Detection Mechanisms
687     If none specified, monotonic is the default.  If this is changed from
688     what was previously used, or the means of calculating or storing it is
689     broken, then the DHCP server will probably have to have its notion of the
690     client's Replay Detection Value reset.
691
692     monocounter
693              Read the number in the file /var/lib/dhcpcd/dhcpcd-rdm.monotonic
694              and add one to it.
695
696     monotime
697              Create an NTP timestamp from the system time.
698
699     monotonic
700              Same as monotime.
701

SEE ALSO

703     fnmatch(3), if_nametoindex(3), dhcpcd(8), dhcpcd-run-hooks(8)
704

AUTHORS

706     Roy Marples <roy@marples.name>
707

BUGS

709     Please report them to http://roy.marples.name/projects/dhcpcd
710
711BSD                             August 23, 2021                            BSD
Impressum