1dhcp-fwd(1) General Commands Manual dhcp-fwd(1)
2
6 dhcp-fwd - starts the DHCP forwarding agent
7
9 dhcp-fwd [-n] [-N] [-d] [-v] [-h] [-c config_file]
10
12 dhcp-fwd starts a DHCP forwarding agents which relays DHCP messages
13 between subnets with different sublayer broadcast domains.
14 When called without arguments, it reads its configuration from
16 /etc/dhcp-fwd.conf and forks itself into background. An alternative
17 configfile can be given by the -c option; the forking can be prevented
18 with the -n switch. There exists a -d option which is indented for
19 debugging purposes and prevents forking too. Currently it is just an
20 alias for -n.
21 Although the program must be started as root, it will drop its privi‐
23 leges and go into a chroot-jail after finishing the initialization.
24
26 -n Prevents daemon from going into background after initialization.
27 This option may be useful when using advanced init-concepts like
28 minit (http://www.fefe.de/minit/).
29 -N Like -n but program sends a SIGSTOP signal to itself when ini‐
31 tialization has been finished. This is interpreted e.g. by the
32 upstart init system.
33 -d Turns on debugging mode and prevents forking; currently it is
35 just an alias for -n.
36 -c config_file
38 Specifies the configfile to use; the default is /etc/dhcp-
39 fwd.conf.
40 -v Shows version
42 -h Shows help
44
46 The default location of the configfile is determined at compilation-
47 time and can be overridden by using the -c option. When an option needs
48 a boolean parameter, the keywords true, false, 0, 1, yes and no are
49 possible values.
50 Within the configfile the following options MUST be set:
52 user username|uid
54 The program setuid()'s to the given user after finishing its
55 initialization. The parameter must be an alphanumeric username
56 or a numeric uid.
57 group groupname|gid
59 The program setgid()'s to the given group after finishing its
60 initialization. The parameter must be an alphanumeric groupname
61 or a numeric gid.
62 chroot path
64 The program goes into this directory and calls there chroot()
65 after finishing its initialization.
66 pidfile filename
68 The file where the pid of the daemon will be written into.
69 Beside the mandatory options above, the following options are possible:
71 ulimit resource limit
73 Sets a maximum limit for the given resource by calling setr‐
74 limit() appropriately. Possible values for resource are stack,
75 data, core, rss, nproc, nofile, memlock, as and (if supported by
76 your OS) locks. For the meaning of this values see setr‐
77 limit(2).
78 limit may be plain unsigned number, a number followed by 'k'
80 (*1000), 'K' (*1024), 'm' (*1000k), 'M' (*1024K) or '-1' to
81 remove the limit for this resource.
82 logfile filename
84 Specifies the file where messages will be stored. This file is
85 located relatively to the directory where dhcp-fwd was started
86 and not to the directory given at the chroot option.
87 if ifname has_clients has_servers allow_bcast
89 Declares an interface and sets parameter of the network topol‐
90 ogy. When an interfacename is used in one of the other options,
91 it must have been declared by if already.
92 ifname is the name of the interface as being used e.g. by ifcon‐
94 fig also (e.g. eth0).
95 has_clients and has_servers tell if messages from clients or
97 servers can be expected on this interface. BOOTREQUESTs are
98 assumed to be client- and BOOTREPLYs are assumed to be server-
99 messages. Unexpected packages will be dropped away.
100 allow_bcast is/was an experimentell features and will be disap‐
102 pear probably. When not set, the interface will not send pack‐
103 ages to IP-broadcast addresses. This affects messages to clients
104 only; when specifying a bcast-server, this option will be
105 ignored.
106 ports ifname client-port server-port
108 Declares the ports which are used on the specified interface
109 ifname for client resp. server functionality.
110 dhcp-fwd acts as client only, when the has_servers flag has been
112 set and sends from client-port then. Interface will be listen on
113 server-port when the has_clients and/or has_servers flags of the
114 interface have been set.
115 Omitting this option for an interface or using a value of "0"
117 for the port arguments uses default values. These are port
118 68/udp (bootpc) for client-port and port 67/udp (bootps) for
119 server-port by default.
120 NOTE: This option exists to avoid conflicts with already running
122 dhcp servers, clients or relay agents which do not bind to spe‐
123 cific interfaces. The DHCP/BOOTP protocol relies on the 67/udp
124 + 68/udp ports and you have e.g. to configure iptable rules
125 which rewrite your custom port numbers to the expected ones.
126 See BUGS below for further restrictions.
128 name ifname agent-id
130 specifies the RFC 3046 agent-id for the given interface. When
131 not used explicitly, the interfacename will be assumed as the
132 agent-id.
133 ip ifname ip
135 assigns the ip to be used in the giaddr field. By default to IP
136 of the interface will be assumed but when having multiple IPs
137 for one interface this option may be usefully.
138 Attention: This IP will not be used in the IP-layer; this means
140 that the UDP packet sent to the server will contain the IP
141 assigned by the system. To setup this address, usual SNAT rule‐
142 sets in a local packetfilter are recommended.
143 server type info
145 Defines the DHCP server to be used. The following types are sup‐
146 ported:
147 server ip address [interface]
149 address is a dotted IP-address and the optional interface
150 the name of an interface. Please note that mixing decla‐
151 rations without an interface parameter and such ones with
152 this parameter will fail.
153 server bcast interface
155 the DHCP server with be assumed at interface interface
156 and contacted with broadcast messages.
157 suboption interface code value
159 sets a relay-agent option. The following values for code are
160 supported:
161 suboption interface 2 agent-id
163 Sets the agent remote id; this is the same as "name
164 interface agent-id".
165 suboption interface 5 ip
167 Set the RFC3527 link selection.
168 suboption interface 11 ip
170 Set the RFC5107 server identifier..
171 compathack type hack
173 Sometimes, new versions of dhcp-fwd will contain changes/fixes
174 which might break existing installations. To restore old behav‐
175 ior, compatibility hacks can be activated. These hacks are
176 specified by the hack integer parameter. See the NEWS file for
177 changes are their corresponding hack value.
178 For a sample configuration file see the contrib/dhcp-fwd.conf template
180 in the source-tarball.
181
184 It is possible to use $VAR style variable expansion for path, file and
185 interface names, and for ip addresses. Value of $VAR will be taken
186 from the corresponding environment variable which must be defined.
187 Quoting of leading `$´ characters is possible by prepending a single
188 backslash.
189 Examples:
191 pidfile $PIDFILE
192 if $IFACE t t t
193 ip $IFACE $IP
194
196 The ports set up by the ports configuration option are used for binding
197 sockets only. The default DHCP port numbers (67 + 68) appear in the
198 UDP headers of the relayed DHCP responses.
199
201 /etc/dhcp-fwd.conf
202 configuration file
203 /usr/sbin/dhcp-fwd
205 executable
206
208 RFC 2131, 2132, 3046
209
211 Enrico Scholz <enrico.scholz@ensc.de>
212dhcp-forwarder 0.6 June 17 2004 dhcp-fwd(1)