1DHCPCD(8) BSD System Manager's Manual DHCPCD(8)
2
4 dhcpcd — a DHCP client
5
7 dhcpcd [-146ABbDdEGgHJKLMNPpqTV] [-C, --nohook hook]
8 [-c, --script script] [-e, --env value] [-F, --fqdn FQDN]
9 [-f, --config file] [-h, --hostname hostname]
10 [-I, --clientid clientid] [-i, --vendorclassid vendorclassid]
11 [-j, --logfile logfile] [-l, --leasetime seconds]
12 [-m, --metric metric] [-O, --nooption option]
13 [-o, --option option] [-Q, --require option]
14 [-r, --request address] [-S, --static value]
15 [-s, --inform address[/cidr[/broadcast_address]]] [--inform6]
16 [-t, --timeout seconds] [-u, --userclass class]
17 [-v, --vendor code, value] [-W, --whitelist address[/cidr]] [-w]
18 [--waitip=[4 | 6]] [-y, --reboot seconds]
19 [-X, --blacklist address[/cidr]] [-Z, --denyinterfaces pattern]
20 [-z, --allowinterfaces pattern] [--inactive] [--configure]
21 [--noconfigure] [interface] [...]
22 dhcpcd -n, --rebind [interface]
23 dhcpcd -k, --release [interface]
24 dhcpcd -U, --dumplease [interface]
25 dhcpcd --version
26 dhcpcd -x, --exit [interface]
27
29 dhcpcd is an implementation of the DHCP client specified in RFC 2131.
30 dhcpcd gets the host information (IP address, routes, etc) from a DHCP
31 server and configures the network interface of the machine on which it is
32 running. dhcpcd then runs the configuration script which writes DNS in‐
33 formation to resolvconf(8), if available, otherwise directly to
34 /etc/resolv.conf. If the hostname is currently blank, (null) or local‐
35 host, or force_hostname is YES or TRUE or 1 then dhcpcd sets the hostname
36 to the one supplied by the DHCP server. dhcpcd then daemonises and waits
37 for the lease renewal time to lapse. It will then attempt to renew its
38 lease and reconfigure if the new lease changes when the lease begins to
39 expire or the DHCP server sends a message to renew early.
40
41 If any interface reports a working carrier then dhcpcd will try to obtain
42 a lease before forking to the background, otherwise it will fork right
43 away. This behaviour can be modified with the -b, --background and -w,
44 --waitip options.
45
46 dhcpcd is also an implementation of the BOOTP client specified in RFC
47 951.
48
49 dhcpcd is also an implementation of the IPv6 Router Solicitor as speci‐
50 fied in RFC 4861 and RFC 6106.
51
52 dhcpcd is also an implementation of the IPv6 Privacy Extensions to Auto‐
53 Conf as specified in RFC 4941. This feature needs to be enabled in the
54 kernel and dhcpcd will start using it.
55
56 dhcpcd is also an implementation of the DHCPv6 client as specified in RFC
57 3315. By default, dhcpcd only starts DHCPv6 when instructed to do so by
58 an IPV6 Router Advertisement. If no Identity Association is configured,
59 then a Non-temporary Address is requested.
60
61 Local Link configuration
62 If dhcpcd failed to obtain a lease, it probes for a valid IPv4LL address
63 (aka ZeroConf, aka APIPA). Once obtained it restarts the process of
64 looking for a DHCP server to get a proper address.
65
66 When using IPv4LL, dhcpcd nearly always succeeds and returns an exit code
67 of 0. In the rare case it fails, it normally means that there is a re‐
68 verse ARP proxy installed which always defeats IPv4LL probing. To dis‐
69 able this behaviour, you can use the -L, --noipv4ll option.
70
71 Multiple interfaces
72 If a list of interfaces are given on the command line, then dhcpcd only
73 works with those interfaces, otherwise dhcpcd discovers available Ether‐
74 net interfaces that can be configured. When dhcpcd not limited to one
75 interface on the command line, it is running in Manager mode. The
76 dhcpcd-ui project expects dhcpcd to be running this way.
77
78 If a single interface is given then dhcpcd only works for that interface
79 and runs as a separate instance to other dhcpcd processes. -w, --waitip
80 option is enabled in this instance to maintain compatibility with older
81 versions. Using a single interface also affects the -k, -N, -n and -x
82 options, where the same interface will need to be specified, as a lack of
83 an interface will imply Manager mode which this is not. To force start‐
84 ing in Manager mode with only one interface, the -M, --manager option can
85 be used.
86
87 Interfaces are preferred by carrier, DHCP lease/IPv4LL and then lowest
88 metric. For systems that support route metrics, each route will be
89 tagged with the metric, otherwise dhcpcd changes the routes to use the
90 interface with the same route and the lowest metric. See options below
91 for controlling which interfaces we allow and deny through the use of
92 patterns.
93
94 Non-ethernet interfaces and some virtual ethernet interfaces such as TAP
95 and bridge are ignored by default, as is the FireWire interface. To work
96 with these devices they either need to be specified on the command line,
97 be listed in --allowinterfaces or have an interface directive in
98 /etc/dhcpcd.conf.
99
100 Hooking into events
101 dhcpcd runs /usr/libexec/dhcpcd-run-hooks, or the script specified by the
102 -c, --script option. This script runs each script found in
103 /usr/libexec/dhcpcd-hooks in a lexical order. The default installation
104 supplies the scripts 01-test, 02-dump, 20-resolv.conf and 30-hostname.
105 You can disable each script by using the -C, --nohook option. See
106 dhcpcd-run-hooks(8) for details on how these scripts work. dhcpcd cur‐
107 rently ignores the exit code of the script.
108
109 More scripts are supplied in /usr/share/dhcpcd/hooks and need to be
110 copied to /usr/libexec/dhcpcd-hooks if you intend to use them. For exam‐
111 ple, you could install 29-lookup-hostname so that dhcpcd can lookup the
112 hostname of the IP address in DNS if no hostname is given by the lease
113 and one is not already set.
114
115 Fine tuning
116 You can fine-tune the behaviour of dhcpcd with the following options:
117
118 -b, --background
119 Background immediately. This is useful for startup scripts which
120 don't disable link messages for carrier status.
121
122 -c, --script script
123 Use this script instead of the default
124 /usr/libexec/dhcpcd-run-hooks.
125
126 -D, --duid [ll | lt | uuid | value]
127 Use a DHCP Unique Identifier. If a system UUID is available,
128 that will be used to create a DUID-UUID, otheriwse if persistent
129 storage is available then a DUID-LLT (link local address + time)
130 is generated, otherwise DUID-LL is generated (link local ad‐
131 dress). The DUID type can be hinted as an optional parameter if
132 the file /var/lib/dhcpcd/duid does not exist. If not ll, lt or
133 uuid then value will be converted from 00:11:22:33 format. This,
134 plus the IAID will be used as the -I, --clientid. The DUID gen‐
135 erated will be held in /var/lib/dhcpcd/duid and should not be
136 copied to other hosts. This file also takes precedence over the
137 above rules except for setting a value.
138
139 -d, --debug
140 Echo debug messages to the stderr and syslog.
141
142 -E, --lastlease
143 If dhcpcd cannot obtain a lease, then try to use the last lease
144 acquired for the interface.
145
146 --lastleaseextend
147 Same as the above, but the lease will be retained even if it ex‐
148 pires. dhcpcd will give it up if any other host tries to claim
149 it for their own via ARP. This violates RFC 2131, section 3.7,
150 which states the lease should be dropped once it has expired.
151
152 -e, --env value
153 Push value to the environment for use in dhcpcd-run-hooks(8).
154 For example, you can force the hostname hook to always set the
155 hostname with -e force_hostname=YES.
156
157 -g, --reconfigure
158 dhcpcd will re-apply IP address, routing and run
159 dhcpcd-run-hooks(8) for each interface. This is useful so that a
160 3rd party such as PPP or VPN can change the routing table and /
161 or DNS, etc and then instruct dhcpcd to put things back after‐
162 wards. dhcpcd does not read a new configuration when this hap‐
163 pens - you should rebind if you need that functionality.
164
165 -F, --fqdn fqdn
166 Requests that the DHCP server updates DNS using FQDN instead of
167 just a hostname. Valid values for fqdn are disable, none, ptr
168 and both. dhcpcd itself never does any DNS updates. dhcpcd en‐
169 codes the FQDN hostname as specified in RFC 1035.
170
171 -f, --config file
172 Specify a config to load instead of /etc/dhcpcd.conf. dhcpcd al‐
173 ways processes the config file before any command line options.
174
175 -h, --hostname hostname
176 Sends hostname to the DHCP server so it can be registered in DNS.
177 If hostname is an empty string then the current system hostname
178 is sent. If hostname is a FQDN (i.e., contains a .) then it will
179 be encoded as such.
180
181 -I, --clientid clientid
182 Send the clientid. If the string is of the format 01:02:03 then
183 it is encoded as hex. For interfaces whose hardware address is
184 longer than 8 bytes, or if the clientid is an empty string then
185 dhcpcd sends a default clientid of the hardware family and the
186 hardware address.
187
188 -i, --vendorclassid vendorclassid
189 Override the DHCPv4 vendorclassid field sent. The default is
190 dhcpcd-<version>:<os>:<machine>:<platform>. For example
191 dhcpcd-5.5.6:NetBSD-6.99.5:i386:i386
192 If not set then none is sent. Some badly configured DHCP servers
193 reject unknown vendorclassids. To work around it, try and imper‐
194 sonate Windows by using the MSFT vendorclassid.
195
196 -j, --logfile logfile
197 Writes to the specified logfile. dhcpcd still writes to
198 syslog(3). The logfile is reopened when dhcpcd receives the
199 SIGUSR2 signal.
200
201 -k, --release [interface]
202 This causes an existing dhcpcd process running on the interface
203 to release its lease and de-configure the interface regardless of
204 the -p, --persistent option. If no interface is specified then
205 this applies to all interfaces in Manager mode. If no interfaces
206 are left running, dhcpcd will exit.
207
208 -l, --leasetime seconds
209 Request a lease time of seconds. -1 represents an infinite lease
210 time. By default dhcpcd does not request any lease time and
211 leaves it in the hands of the DHCP server.
212
213 -M, --manager
214 Start dhcpcd in Manager mode even if only one interface specified
215 on the command line. See the Multiple Interfaces section above.
216
217 -m, --metric metric
218 Metrics are used to prefer an interface over another one, lowest
219 wins. dhcpcd will supply a default metric of 1000 +
220 if_nametoindex(3). This will be offset by 2000 for wireless in‐
221 terfaces, with additional offsets of 1000000 for IPv4LL and
222 2000000 for roaming interfaces.
223
224 -n, --rebind [interface]
225 Notifies dhcpcd to reload its configuration and rebind the speci‐
226 fied interface. If no interface is specified then this applies
227 to all interfaces in Manager mode. If dhcpcd is not running,
228 then it starts up as normal.
229
230 -N, --renew [interface]
231 Notifies dhcpcd to renew existing addresses on the specified
232 interface. If no interface is specified then this applies to all
233 interfaces in Manager mode. If dhcpcd is not running, then it
234 starts up as normal. Unlike the -n, --rebind option above, the
235 configuration for dhcpcd is not reloaded.
236
237 -o, --option option
238 Request the DHCP option variable for use in
239 /usr/libexec/dhcpcd-run-hooks.
240
241 -p, --persistent
242 dhcpcd normally de-configures the interface and configuration
243 when it exits. Sometimes, this isn't desirable if, for example,
244 you have root mounted over NFS or SSH clients connect to this
245 host and they need to be notified of the host shutting down. You
246 can use this option to stop this from happening.
247
248 -r, --request address
249 Request the address in the DHCP DISCOVER message. There is no
250 guarantee this is the address the DHCP server will actually give.
251 If no address is given then the first address currently assigned
252 to the interface is used.
253
254 -s, --inform address[/cidr[/broadcast_address]]
255 Behaves like -r, --request as above, but sends a DHCP INFORM in‐
256 stead of DISCOVER/REQUEST. This does not get a lease as such,
257 just notifies the DHCP server of the address in use. You should
258 also include the optional cidr network number in case the address
259 is not already configured on the interface. dhcpcd remains run‐
260 ning and pretends it has an infinite lease. dhcpcd will not de-
261 configure the interface when it exits. If dhcpcd fails to con‐
262 tact a DHCP server then it returns a failure instead of falling
263 back on IPv4LL.
264
265 --inform6
266 Performs a DHCPv6 Information Request. No address is requested
267 or specified, but all other DHCPv6 options are allowed. This is
268 normally performed automatically when the IPv6 Router Advertises
269 that the client should perform this operation. This option is
270 only needed when dhcpcd is not processing IPv6RA messages and the
271 need for DHCPv6 Information Request exists.
272
273 -S, --static value
274 Configures a static DHCP value. If you set ip_address then
275 dhcpcd will not attempt to obtain a lease and just use the value
276 for the address with an infinite lease time.
277
278 Here is an example which configures a static address, routes and
279 DNS.
280 dhcpcd -S ip_address=192.168.0.10/24 \
281 -S routers=192.168.0.1 \
282 -S domain_name_servers=192.168.0.1 \
283 eth0
284
285 You cannot presently set static DHCPv6 values. Use the -e, --env
286 option instead.
287
288 -t, --timeout seconds
289 Timeout after seconds, instead of the default 30. A setting of 0
290 seconds causes dhcpcd to wait forever to get a lease. If dhcpcd
291 is working on a single interface then dhcpcd will exit when a
292 timeout occurs, otherwise dhcpcd will fork into the background.
293
294 -u, --userclass class
295 Tags the DHCPv4 message with the userclass class. DHCP servers
296 use this to give members of the class DHCP options other than the
297 default, without having to know things like hardware address or
298 hostname.
299
300 -v, --vendor code,value
301 Add an encapsulated vendor option. code should be between 1 and
302 254 inclusive. To add a raw vendor string, omit code but keep
303 the comma. Examples.
304
305 Set the vendor option 01 with an IP address.
306 dhcpcd -v 01,192.168.0.2 eth0
307 Set the vendor option 02 with a hex code.
308 dhcpcd -v 02,01:02:03:04:05 eth0
309 Set the vendor option 03 with an IP address as a string.
310 dhcpcd -v 03,\"192.168.0.2\" eth0
311 Set un-encapsulated vendor option to hello world.
312 dhcpcd -v ,"hello world" eth0
313
314 --version
315 Display both program version and copyright information. dhcpcd
316 then exits before doing any configuration.
317
318 -w Wait for an address to be assigned before forking to the back‐
319 ground. Does not take an argument, unlike the below option.
320
321 --waitip=[4 | 6]
322 Wait for an address to be assigned before forking to the back‐
323 ground. 4 means wait for an IPv4 address to be assigned. 6
324 means wait for an IPv6 address to be assigned. If no argument is
325 given, dhcpcd will wait for any address protocol to be assigned.
326 It is possible to wait for more than one address protocol and
327 dhcpcd will only fork to the background when all waiting condi‐
328 tions are satisfied.
329
330 -x, --exit [interface]
331 This will signal an existing dhcpcd process running on the
332 interface to exit. If no interface is specified, then the above
333 is applied to all interfaces in Manager mode. See the -p,
334 --persistent option to control configuration persistence on exit,
335 which is enabled by default in dhcpcd.conf(5). dhcpcd then waits
336 until this process has exited.
337
338 -y, --reboot seconds
339 Allow reboot seconds before moving to the discover phase if we
340 have an old lease to use. Allow reboot seconds before starting
341 fallback states from the discover phase. IPv4LL is started when
342 the first reboot timeout is reached. The default is 5 seconds.
343 A setting of 0 seconds causes dhcpcd to skip the reboot phase and
344 go straight into discover. This has no effect on DHCPv6 other
345 than skipping the reboot phase.
346
347 Restricting behaviour
348 dhcpcd will try to do as much as it can by default. However, there are
349 sometimes situations where you don't want the things to be configured ex‐
350 actly how the DHCP server wants. Here are some options that deal with
351 turning these bits off.
352
353 Note that when dhcpcd is restricted to a single interface then the inter‐
354 face also needs to be specified when asking dhcpcd to exit using the com‐
355 mandline. If the protocol is restricted as well then the protocol needs
356 to be included with the exit instruction.
357
358 -1, --oneshot
359 Exit after configuring an interface. Use the -w, --waitip option
360 to specify which protocol(s) to configure before exiting.
361
362 -4, --ipv4only
363 Configure IPv4 only.
364
365 -6, --ipv6only
366 Configure IPv6 only.
367
368 -A, --noarp
369 Don't request or claim the address by ARP. This also disables
370 IPv4LL.
371
372 -B, --nobackground
373 Don't run in the background when we acquire a lease. This is
374 mainly useful for running under the control of another process,
375 such as a debugger or a network manager.
376
377 -C, --nohook script
378 Don't run this hook script. Matches full name, or prefixed with
379 2 numbers optionally ending with .sh.
380
381 So to stop dhcpcd from touching your DNS settings you would do:-
382 dhcpcd -C resolv.conf eth0
383
384 -G, --nogateway
385 Don't set any default routes.
386
387 -H, --xidhwaddr
388 Use the last four bytes of the hardware address as the DHCP xid
389 instead of a randomly generated number.
390
391 -J, --broadcast
392 Instructs the DHCP server to broadcast replies back to the
393 client. Normally this is only set for non-Ethernet interfaces,
394 such as FireWire and InfiniBand. In most instances, dhcpcd will
395 set this automatically.
396
397 -K, --nolink
398 Don't receive link messages for carrier status. You should only
399 have to use this with buggy device drivers or running dhcpcd
400 through a network manager.
401
402 -L, --noipv4ll
403 Don't use IPv4LL (aka APIPA, aka Bonjour, aka ZeroConf).
404
405 -O, --nooption option
406 Removes the option from the DHCP message before processing.
407
408 -P, --printpidfile
409 Print the pidfile dhcpcd will use based on commmand-line argu‐
410 ments to stdout.
411
412 -Q, --require option
413 Requires the option to be present in all DHCP messages, otherwise
414 the message is ignored. To enforce that dhcpcd only responds to
415 DHCP servers and not BOOTP servers, you can -Q dhcp_message_type.
416
417 -q, --quiet
418 Quiet dhcpcd on the command line, only warnings and errors will
419 be displayed. If this option is used another time then all con‐
420 sole output is disabled. These messages are still logged via
421 syslog(3).
422
423 -T, --test
424 On receipt of DHCP messages just call
425 /usr/libexec/dhcpcd-run-hooks with the reason of TEST which echos
426 the DHCP variables found in the message to the console. The in‐
427 terface configuration isn't touched and neither are any configu‐
428 ration files. The rapid_commit option is not sent in TEST mode
429 so that the server does not lease an address. To test INFORM the
430 interface needs to be configured with the desired address before
431 starting dhcpcd.
432
433 -U, --dumplease [interface]
434 Dumps the current lease for the interface to stdout. If no
435 interface is given then all interfaces are dumped. Use the -4 or
436 -6 flags to specify an address family. If a lease is piped in
437 via standard input then that is dumped. In this case, specifying
438 an address family is mandatory.
439
440 -V, --variables
441 Display a list of option codes, the associated variable and en‐
442 coding for use in dhcpcd-run-hooks(8). Variables are prefixed
443 with new_ and old_ unless the option number is -. Variables
444 without an option are part of the DHCP message and cannot be di‐
445 rectly requested.
446
447 -W, --whitelist address[/cidr]
448 Only accept packets from address[/cidr]. -X, --blacklist is ig‐
449 nored if -W, --whitelist is set.
450
451 -X, --blacklist address[/cidr]
452 Ignore all packets from address[/cidr].
453
454 -Z, --denyinterfaces pattern
455 When discovering interfaces, the interface name must not match
456 pattern which is a space or comma separated list of patterns
457 passed to fnmatch(3).
458
459 -z, --allowinterfaces pattern
460 When discovering interfaces, the interface name must match
461 pattern which is a space or comma separated list of patterns
462 passed to fnmatch(3). If the same interface is matched in -Z,
463 --denyinterfaces then it is still denied.
464
465 --inactive
466 Don't start any interfaces other than those specified on the com‐
467 mand line. This allows dhcpcd to be started in Manager mode and
468 then wait for subsequent dhcpcd commands to start each interface
469 as required.
470
471 --configure
472 Allows dhcpcd to configure the system. This is the default be‐
473 haviour and sets if_configured=true.
474
475 --noconfigure
476 dhcpcd will not configure the system at all. This is only of use
477 if the --script that dhcpcd calls at each network event config‐
478 ures the system instead. This is different from -T, --test mode
479 in that it's not one shot and the only change to the environment
480 is the addition of if_configured=false.
481
482 --nodev
483 Don't load any /dev management modules.
484
486 Some interfaces require configuration by 3rd parties, such as PPP or VPN.
487 When an interface configuration in dhcpcd is marked as STATIC or INFORM
488 without an address then dhcpcd will monitor the interface until an ad‐
489 dress is added or removed from it and act accordingly. For point to
490 point interfaces (like PPP), a default route to its destination is auto‐
491 matically added to the configuration. If the point to point interface is
492 configured for INFORM, then dhcpcd unicasts INFORM to the destination,
493 otherwise it defaults to STATIC.
494
496 dhcpcd requires a Berkley Packet Filter, or BPF device on BSD based sys‐
497 tems and a Linux Socket Filter, or LPF device on Linux based systems for
498 all IPv4 configuration.
499
500 If restricting dhcpcd to a single interface and optionally address family
501 via the command-line then all further calls to dhcpcd to rebind, recon‐
502 figure or exit need to include the same restrictive flags so that dhcpcd
503 knows which process to signal.
504
505 Some DHCP servers implement ClientID filtering. If dhcpcd is replacing
506 an in-use DHCP client then you might need to adjust the clientid option
507 dhcpcd sends to match. If using a DUID in place of the ClientID, edit
508 /var/lib/dhcpcd/duid accordingly.
509
511 /etc/dhcpcd.conf
512 Configuration file for dhcpcd. If you always use the same options, put
513 them here.
514
515 /usr/libexec/dhcpcd-run-hooks
516 Bourne shell script that is run to configure or de-configure an inter‐
517 face.
518
519 /usr/lib64/dhcpcd/dev
520 Linux /dev management modules.
521
522 /usr/libexec/dhcpcd-hooks
523 A directory containing bourne shell scripts that are run by the above
524 script. Each script can be disabled by using the -C, --nohook option de‐
525 scribed above.
526
527 /var/lib/dhcpcd/duid
528 Text file that holds the DUID used to identify the host.
529
530 /var/lib/dhcpcd/secret
531 Text file that holds a secret key known only to the host.
532
533 /var/lib/dhcpcd/interface-ssid.lease
534 The actual DHCP message sent by the server. We use this when reading the
535 last lease and use the file's mtime as when it was issued.
536
537 /var/lib/dhcpcd/interface-ssid.lease6
538 The actual DHCPv6 message sent by the server. We use this when reading
539 the last lease and use the file's mtime as when it was issued.
540
541 /var/lib/dhcpcd/rdm_monotonic
542 Stores the monotonic counter used in the replay field in Authentication
543 Options.
544
545 /var/run/dhcpcd/pid
546 Stores the PID of dhcpcd running on all interfaces.
547
548 /var/run/dhcpcd/interface.pid
549 Stores the PID of dhcpcd running on the interface.
550
551 /var/run/dhcpcd/sock
552 Control socket to the manager daemon.
553
554 /var/run/dhcpcd/unpriv.sock
555 Unprivileged socket to the manager daemon, only allows state retrieval.
556
557 /var/run/dhcpcd/interface.sock
558 Control socket to per interface daemon.
559
560 /var/run/dhcpcd/interface.unpriv.sock
561 Unprivileged socket to per interface daemon, only allows state retrieval.
562
564 fnmatch(3), if_nametoindex(3), dhcpcd.conf(5), resolv.conf(5),
565 dhcpcd-run-hooks(8), resolvconf(8)
566
568 RFC 951, RFC 1534, RFC 2104, RFC 2131, RFC 2132, RFC 2563, RFC 2855,
569 RFC 3004, RFC 3118, RFC 3203, RFC 3315, RFC 3361, RFC 3633, RFC 3396,
570 RFC 3397, RFC 3442, RFC 3495, RFC 3925, RFC 3927, RFC 4039, RFC 4075,
571 RFC 4242, RFC 4361, RFC 4390, RFC 4702, RFC 4074, RFC 4861, RFC 4833,
572 RFC 4941, RFC 5227, RFC 5942, RFC 5969, RFC 6106, RFC 6334, RFC 6355,
573 RFC 6603, RFC 6704, RFC 7217, RFC 7550, RFC 7844.
574
576 Roy Marples <roy@marples.name>
577
579 Please report them to http://roy.marples.name/projects/dhcpcd
580
581BSD August 23, 2021 BSD