1DHCPCD.CONF(5) BSD File Formats Manual DHCPCD.CONF(5)
2
4 dhcpcd.conf — dhcpcd configuration file
5
7 Although dhcpcd can do everything from the command line, there are cases
8 where it's just easier to do it once in a configuration file. Most of
9 the options found in dhcpcd(8) can be used here. The first word on the
10 line is the option and the rest of the line is the value. Leading and
11 trailing whitespace for the option and value are trimmed. You can escape
12 characters in the value using the \ character. Comments can be prefixed
13 with the # character. String values should be quoted with the " charac‐
14 ter.
15 Here's a list of available options:
17 allowinterfaces pattern
19 When discovering interfaces, the interface name must match
20 pattern which is a space or comma separated list of patterns
21 passed to fnmatch(3). If the same interface is matched in
22 denyinterfaces then it is still denied.
23 denyinterfaces pattern
25 When discovering interfaces, the interface name must not match
26 pattern which is a space or comma separated list of patterns
27 passed to fnmatch(3).
28 anonymous
30 Enables Anonymity Profiles for DHCP, RFC 7844. Any DUID is ig‐
31 nored and ClientID is set to LL only. All non essential options
32 are then masked at this point, but they could be unmasked by ex‐
33 plicitly requesting the option after the anonymous option is pro‐
34 cessed. As such, the anonymous option should be the last option
35 in the configuration unless you really want to send something
36 which could identify you. dhcpcd will not try and reboot an old
37 lease, it will go straight into DISCOVER/SOLICIT.
38 randomise_hwaddr
40 Forces a hardware address randomisation when the interface is
41 brought up or when the carrier is lost. This is generally used
42 in tandem with the anonymous option.
43 arping address [address]
45 dhcpcd will arping each address in order before attempting DHCP.
46 If an address is found, we will select the replying hardware ad‐
47 dress as the profile, otherwise the IP address. Example:
48 interface bge0
50 arping 192.168.0.1
51 # My specific 192.168.0.1 network
53 profile dd:ee:aa:dd:bb:ee
54 static ip_address=192.168.0.10/24
55 # A generic 192.168.0.1 network
57 profile 192.168.0.1
58 static ip_address=192.168.0.98/24
59 authprotocol protocol [algorithm [rdm]]
61 Authenticate DHCP messages. See the Supported Authentication
62 Protocols section. If protocol is token then algorithm is
63 snd_secretid/rcv_secretid so you can send and receive different
64 tokens.
65 authtoken secretid realm expire key
67 Define a shared key for use in authentication. realm can be ""
68 to for use with the delayed protocol. expire is the date the to‐
69 ken expires and should be formatted "yyy-mm-dd HH:MM". You can
70 use the keyword forever or 0 which means the token never expires.
71 For the token protocol, secretid needs to be 0 and realm needs to
72 be "". If dhcpcd has the error
73 dhcp_auth_encode: Invalid argument
74 then it means that dhcpcd could not find the correct authentica‐
75 tion token in your configuration.
76 background
78 Fork to the background immediately. This is useful for startup
79 scripts which don't disable link messages for carrier status.
80 blacklist address[/cidr]
82 Ignores all packets from address[/cidr].
83 whitelist address[/cidr]
85 Only accept packets from address[/cidr]. blacklist is ignored if
86 whitelist is set.
87 bootp Be a BOOTP client. Basically, this just doesn't send a DHCP Mes‐
89 sage Type option and will only interact with a BOOTP server. All
90 other DHCP options still work.
91 broadcast
93 Instructs the DHCP server to broadcast replies back to the
94 client. Normally this is only set for non-Ethernet interfaces,
95 such as FireWire and InfiniBand. In most cases, dhcpcd will set
96 this automatically.
97 controlgroup group
99 Sets the group ownership of /var/run/dhcpcd/sock so that users
100 other than root can connect to dhcpcd.
101 debug Echo debug messages to the stderr and syslog.
103 dev value
105 Load the value /dev management module. dhcpcd will load the
106 first one found to work, if any.
107 env value
109 Push value to the environment for use in dhcpcd-run-hooks(8).
110 For example, you can force the hostname hook to always set the
111 hostname with env force_hostname=YES. Or set which driver
112 wpa_supplicant(8) should use with env
113 wpa_supplicant_driver=nl80211
114 If the hostname is set, it will be will set to the FQDN if possi‐
116 ble as per RFC 4702, section 3.1. If the FQDN option is missing,
117 dhcpcd will still try and set a FQDN from the hostname and domain
118 options for consistency. To override this, set env
119 hostname_fqdn=[YES|NO|SERVER]. A value of SERVER means just what
120 the server says, don't manipulate it. This could lead to an in‐
121 consistent hostname on a DHCPv4 and DHCPv6 network where the
122 DHCPv4 hostname is short and the DHCPv6 has an FQDN. DHCPv6 has
123 no hostname option.
124 clientid string
126 Send the clientid. If the string is of the format 01:02:03 then
127 it is encoded as hex. For interfaces whose hardware address is
128 longer than 8 bytes, or if the clientid is an empty string then
129 dhcpcd sends a default clientid of the hardware family and the
130 hardware address.
131 duid [ll | lt | uuid | value]
133 Use a DHCP Unique Identifier. If a system UUID is available,
134 that will be used to create a DUID-UUID, otheriwse if persistent
135 storage is available then a DUID-LLT (link local address + time)
136 is generated, otherwise DUID-LL is generated (link local ad‐
137 dress). The DUID type can be hinted as an optional parameter if
138 the file /var/lib/dhcpcd/duid does not exist. If not ll, lt or
139 uuid then value will be converted from 00:11:22:33 format. This,
140 plus the IAID will be used as the clientid. The DUID generated
141 will be held in /var/lib/dhcpcd/duid and should not be copied to
142 other hosts. This file also takes precedence over the above
143 rules except for setting a value.
144 iaid iaid
146 Set the Interface Association Identifier to iaid. This option
147 must be used in an interface block. This defaults to the VLANID
148 (prefixed with 0xff) for the interface if set, otherwise the last
149 4 bytes of the hardware address assigned to the interface. Each
150 instance of this should be unique within the scope of the client
151 and dhcpcd warns if a conflict is detected. If there is a con‐
152 flict, it is only a problem if the conflicted IAIDs are used on
153 the same network.
154 dhcp Enable DHCP on the interface, on by default.
156 dhcp6 Enable DHCPv6 on the interface, on by default.
158 ipv4 Enable IPv4 on the interface, on by default.
160 ipv6 Enable IPv6 on the interface, on by default.
162 request [address]
164 Request the address in the DHCP DISCOVER message. There is no
165 guarantee this is the address the DHCP server will actually give.
166 If no address is given then the first address currently assigned
167 to the interface is used.
168 inform [address[/cidr[/broadcast_address]]]
170 Behaves like request as above, but sends a DHCP INFORM instead of
171 DISCOVER/REQUEST. This does not get a lease as such, just noti‐
172 fies the DHCP server of the address in use. You should also in‐
173 clude the optional cidr network number in case the address is not
174 already configured on the interface. dhcpcd remains running and
175 pretends it has an infinite lease. dhcpcd will not de-configure
176 the interface when it exits. If dhcpcd fails to contact a DHCP
177 server then it returns a failure instead of falling back on
178 IPv4LL.
179 inform6
181 Performs a DHCPv6 Information Request. No address is requested
182 or specified, but all other DHCPv6 options are allowed. This is
183 normally performed automatically when an IPv6 Router Advertise‐
184 ment indicates that the client should perform this operation.
185 This option is only needed when dhcpcd is not processing IPv6 RA
186 messages and the need for a DHCPv6 Information Request exists.
187 persistent
189 dhcpcd normally de-configures the interface and configuration
190 when it exits. Sometimes, this isn't desirable if, for example,
191 you have root mounted over NFS or SSH clients connect to this
192 host and they need to be notified of the host shutting down. You
193 can use this option to stop this from happening.
194 fallback profile
196 Fall back to using this profile if DHCP fails. This allows you
197 to configure a static profile instead of using ZeroConf.
198 hostname name
200 Sends the hostname name to the DHCP server so it can be regis‐
201 tered in DNS. If name is an empty string then the current system
202 hostname is sent. If name is a FQDN (i.e., contains a .) then it
203 will be encoded as such.
204 hostname_short
206 Sends the short hostname to the DHCP server instead of the FQDN.
207 This is useful because DHCP servers will not register the FQDN in
208 their DNS if the domain part does not match theirs.
209 Also, see the env option above to control how the hostname is set
211 on the host.
212 ia_na [iaid [/ address]]
214 Request a DHCPv6 Normal Address for iaid. iaid defaults to the
215 iaid option as described above. You can request more than one
216 ia_na by specifying a unique iaid for each one.
217 ia_ta [iaid]
219 Request a DHCPv6 Temporary Address for iaid. You can request
220 more than one ia_ta by specifying a unique iaid for each one.
221 ia_pd [iaid [/ prefix / prefix_len] [interface [/ sla_id [/ prefix_len [/
223 suffix]]]]]
224 Request a DHCPv6 Delegated Prefix for iaid. This option must be
225 used in an interface block. Unless a sla_id of 0 is assigned
226 with the same resultant prefix length as the delegation, a reject
227 route is installed for the Delegated Prefix to stop unallocated
228 addresses being resolved upstream. If no interface is given then
229 we will assign a prefix to every other interface with a sla_id
230 equivalent to the interface index assigned by the OS. Otherwise
231 addresses are only assigned for each interface and sla_id. Each
232 assigned address will have a suffix, defaulting to 1. If the
233 suffix is 0 then a SLAAC address is assigned. You cannot assign
234 a prefix to the requesting interface unless the DHCPv6 server
235 supports the RFC 6603 Prefix Exclude Option. dhcpcd has to be
236 running for all the interfaces it is delegating to. A default
237 prefix_len of 64 is assumed, unless the maximum sla_id does not
238 fit. In this case prefix_len is increased to the highest multi‐
239 ple of 8 that can accommodate the sla_id. sla_id is an integer
240 which must be unique inside the iaid and is added to the prefix
241 which must fit inside prefix_len less the length of the delegated
242 prefix. You can specify multiple interface / sla_id / prefix_len
243 per ia_pd, space separated. IPv6RS should be disabled globally
244 when requesting a Prefix Delegation.
245 In the following example eth0 is the externally facing interface
247 to be configured for both IPv4 and IPv6. The DHCPv4 server will
248 provide us with an IPv4 address and a default route. The DHCPv6
249 server is going to provide us with an IPv6 address, a default
250 route and a /64 subnet to be delegated to the internal interface.
251 The eth1 interface will be automatically configured for IPv6 us‐
252 ing the first address (::1) from the delegated prefix. A second
253 prefix is requested and assigned to two other interfaces.
254 rtadvd(8) can be used with an empty configuration file on eth1,
255 eth2 and eth3, to provide automatic IPv6 address configuration
256 for the internal network.
257 noipv6rs # disable routing solicitation
259 denyinterfaces eth2 # Don't touch eth2 at all
260 interface eth0
261 ipv6rs # enable routing solicitation for eth0
262 ia_na 1 # request an IPv6 address
263 ia_pd 2 eth1/0 # request a PD and assign it to eth1
264 ia_pd 3 eth2/1 eth3/2 # req a PD and assign it to eth2 and eth3
265 ipv4only
267 Only configure IPv4.
268 ipv6only
270 Only configure IPv6.
271 fqdn [disable | none | ptr | both]
273 none will not ask the DHCP server to update DNS. ptr just asks
274 the DHCP server to update the PTR record of the host in DNS,
275 whereas both also updates the A record. disable will disable the
276 FQDN option. The default is both. dhcpcd itself never does any
277 DNS updates. dhcpcd encodes the FQDN hostname as specified in
278 RFC 1035.
279 interface interface
281 Subsequent options are only parsed for this interface.
282 ipv6ra_autoconf
284 Generate SLAAC addresses for each Prefix advertised by an IPv6
285 Router Advertisement message with the Auto flag set. On by de‐
286 fault.
287 ipv6ra_noautoconf
289 Disables the above option.
290 ipv6ra_fork
292 By default, when dhcpcd receives an IPv6 Router Advertisement,
293 dhcpcd will only fork to the background if the RA contains at
294 least one unexpired RDNSS option and a valid prefix or no DHCPv6
295 instruction. Set this option so to make dhcpcd always fork on a
296 RA.
297 ipv6rs Enables IPv6 Router Advertisement solicitation. This is on by
299 default, but is documented here in the case where it is disabled
300 globally but needs to be enabled for one interface.
301 leasetime seconds
303 Request a lease time of seconds. -1 represents an infinite lease
304 time. By default dhcpcd does not request any lease time and
305 leaves it in the hands of the DHCP server.
306 link_rcvbuf size
308 Override the size of the link receive buffer from the kernel de‐
309 fault. While dhcpcd will recover from link buffer overflows,
310 this may not be desirable on heavily loaded systems.
311 logfile logfile
313 Writes to the specified logfile. dhcpcd still writes to
314 syslog(3). The logfile is reopened when dhcpcd receives the
315 SIGUSR2 signal.
316 metric metric
318 Metrics are used to prefer an interface over another one, lowest
319 wins. dhcpcd will supply a default metric of 1000 +
320 if_nametoindex(3). This will be offset by 2000 for wireless in‐
321 terfaces, with additional offsets of 1000000 for IPv4LL and
322 2000000 for roaming interfaces.
323 mudurl url
325 Specifies the URL for a Manufacturer Usage Description (MUD).
326 The description is used by upstream network devices to instanti‐
327 ate any desired access lists. See draft-ietf-opsawg-mud for more
328 information.
329 noalias
331 Any pre-existing IPv4 addresses will be removed from the inter‐
332 face when adding a new IPv4 address.
333 noarp Don't send any ARP requests. This also disables IPv4LL.
335 noauthrequired
337 Don't require authentication even though we requested it. Also
338 allows FORCERENEW and RECONFIGURE messages without authentica‐
339 tion.
340 nodelay
342 Don't delay for an initial randomised time when starting proto‐
343 cols.
344 nodev Don't load /dev management modules.
346 nodhcp Don't start DHCP or listen to DHCP messages. This is only useful
348 when allowing IPv4LL.
349 nodhcp6
351 Don't start DHCPv6 or listen to DHCPv6 messages. Normally DHCPv6
352 is started by an IPv6 Router Advertisement instruction or config‐
353 uration.
354 nogateway
356 Don't install any default routes.
357 gateway
359 Install a default route if available (default).
360 nohook script
362 Don't run this hook script. Matches full name, or prefixed with
363 2 numbers optionally ending with .sh.
364 So to stop dhcpcd from touching your DNS settings or starting
366 wpa_supplicant you would do:-
367 nohook resolv.conf, wpa_supplicant
368 noipv4 Don't attempt to configure an IPv4 address.
370 noipv4ll
372 Don't attempt to obtain an IPv4LL address if we failed to get one
373 via DHCP. See RFC 3927.
374 noipv6 Don't solicit or accept IPv6 Router Advertisements and DHCPv6.
376 noipv6rs
378 Don't solicit or accept IPv6 Router Advertisements.
379 nolink Don't receive link messages about carrier status. You should
381 only set this for buggy interface drivers.
382 noup Don't bring the interface up when in manager mode.
384 option option
386 Requests the option from the server. It can be a variable to be
387 used in dhcpcd-run-hooks(8) or the numerical value. You can
388 specify more options separated by commas, spaces or more option
389 lines. Prepend dhcp6_ to option to request a DHCPv6 option. If
390 no DHCPv6 options are configured, then DHCPv4 options are mapped
391 to equivalent DHCPv6 options.
392 Prepend nd_ to option to handle ND options, but this only works
394 for the nooption, reject and require options.
395 To see a list of options you can use, call dhcpcd with the -V,
397 --variables argument.
398 nooption option
400 Remove the option from the message before it's processed.
401 require option
403 Requires the option to be present in all messages, otherwise the
404 message is ignored. To enforce that dhcpcd only responds to DHCP
405 servers and not BOOTP servers, you can require dhcp_message_type.
406 This isn't an exact science though because a BOOTP server can
407 send DHCP-like options.
408 reject option
410 Reject a message that contains the option. This is useful when
411 you cannot use require to select / de-select BOOTP messages.
412 destination option
414 If dhcpcd.conf detects an address added to a point to point in‐
415 terface (PPP, TUN, etc) then it will set the listed DHCP options
416 to the destination address of the interface.
417 profile name
419 Subsequent options are only parsed for this profile name.
420 quiet Suppress any dhcpcd output to the console, except for errors.
422 reboot seconds
424 Allow reboot seconds before moving to the DISCOVER phase if we
425 have an old lease to use. Allow reboot seconds before starting
426 fallback states from the DISCOVER phase. IPv4LL is started when
427 the first reboot timeout is reached. The default is 5 seconds.
428 A setting of 0 seconds causes dhcpcd.conf to skip the reboot
429 phase and go straight into DISCOVER. This is desirable for mo‐
430 bile users because if you change from network A to network B and
431 they use the same subnet and the address from network A isn't in
432 use on network B, then the DHCP server will remain silent even if
433 authoritative which means dhcpcd will timeout before moving back
434 to the DISCOVER phase. This has no effect on DHCPv6 other than
435 skipping the reboot phase.
436 release
438 dhcpcd will release the lease prior to stopping the interface.
439 script script
441 Use script instead of the default /usr/libexec/dhcpcd-run-hooks.
442 ssid ssid
444 Subsequent options are only parsed for this wireless ssid.
445 slaac hwaddr | private [temp | temporary]
447 Selects the interface identifier used for SLAAC generated IPv6
448 addresses. If private is used, a RFC 7217 address is generated.
449 The temporary directive will create a temporary address for the
450 prefix as well.
451 static value
453 Configures a static value. If you set ip_address then dhcpcd
454 will not attempt to obtain a lease and will just use the value
455 for the address with an infinite lease time. If you set
456 ip6_address, dhcpcd will continue auto-configuration as normal.
457 Here is an example which configures two static address, overrid‐
459 ing the default IPv4 broadcast address, an IPv4 router, DNS and
460 disables IPv6 auto-configuration. You could also use the inform6
461 command here if you wished to obtain more information via DHCPv6.
462 For IPv4, you should use the inform ipaddress option instead of
463 setting a static address.
464 interface eth0
465 noipv6rs
466 static ip_address=192.168.0.10/24
467 static broadcast_address=192.168.0.63
468 static ip6_address=fd51:42f8:caae:d92e::ff/64
469 static routers=192.168.0.1
470 static domain_name_servers=192.168.0.1
471 fd51:42f8:caae:d92e::1
472 Here is an example for PPP which gives the destination a default
474 route. It uses the special destination keyword to insert the
475 destination address into the value.
476 interface ppp0
477 static ip_address=
478 destination routers
479 timeout seconds
481 Time out after seconds, instead of the default 30. A setting of
482 0 seconds causes dhcpcd to wait forever to get a lease. If
483 dhcpcd is working on a single interface then dhcpcd will exit
484 when a timeout occurs, otherwise dhcpcd will fork into the back‐
485 ground. If using IPv4LL then dhcpcd start the IPv4LL process af‐
486 ter the timeout and then wait a little longer before really tim‐
487 ing out.
488 userclass string
490 Tag the DHCPv4 message with the userclass. You can specify more
491 than one.
492 msuserclass string
494 Tag the DHCPv4 mesasge with the Microsoft userclass. Unlike the
495 userclass option, this one can only be added once. It should
496 only be used for Microsoft DHCP servers and the vendorclassid
497 should be set to "MSFT 98" or "MSFT 5.0". This option is not RFC
498 compliant.
499 vendor code,value
501 Add an encapsulated vendor option. code should be between 1 and
502 254 inclusive. To add a raw vendor string, omit code but keep
503 the comma. Examples.
504 Set the vendor option 01 with an IP address.
506 vendor 01,192.168.0.2
507 Set the vendor option 02 with a hex code.
508 vendor 02,01:02:03:04:05
509 Set the vendor option 03 with an IP address as a string.
510 vendor 03,\"192.168.0.2\"
511 Set un-encapsulated vendor option to hello world.
512 vendor ,"hello world"
513 vendorclassid string
515 Set the DHCP Vendor Class. DHCPv6 has its own option as shown
516 below. The default is dhcpcd-<version>:<os>:<machine>:<plat‐
517 form>. For example
518 dhcpcd-5.5.6:NetBSD-6.99.5:i386:i386
519 If not set then none is sent. Some badly configured DHCP servers
520 reject unknown vendorclassids. To work around it, try and imper‐
521 sonate Windows by using the MSFT vendorclassid.
522 vendclass en data
524 Add the DHCPv6 Vendor Indetifying Vendor Class with the IANA as‐
525 signed Enterprise Number en with the data. This option can be
526 set more than once to add more data, but the behaviour, as per
527 RFC 3925 is undefined if the Enterprise Number differs.
528 waitip [4 | 6]
530 Wait for an address to be assigned before forking to the back‐
531 ground. 4 means wait for an IPv4 address to be assigned. 6
532 means wait for an IPv6 address to be assigned. If no argument is
533 given, dhcpcd.conf will wait for any address protocol to be as‐
534 signed. It is possible to wait for more than one address proto‐
535 col and dhcpcd.conf will only fork to the background when all
536 waiting conditions are satisfied.
537 xidhwaddr
539 Use the last four bytes of the hardware address as the DHCP xid
540 instead of a randomly generated number.
541 Defining new options
543 DHCP, ND and DHCPv6 allow for the use of custom options, and RFC 3925
544 vendor options for DHCP can also be supplied. Each option needs to be
545 started with the define, definend, define6 or vendopt directive. This
546 can optionally be followed by both embed or encap options. Both can be
547 specified more than once and embed must come before encap.
548 define code type variable
550 Defines the DHCP option code of type with a name of variable ex‐
551 ported to dhcpcd-run-hooks(8).
552 definend code type variable
554 Defines the ND option code of type with a name of variable ex‐
555 ported to dhcpcd-run-hooks(8), with a prefix of nd_.
556 define6 code type variable
558 Defines the DHCPv6 option code of type with a name of variable
559 exported to dhcpcd-run-hooks(8), with a prefix of dhcp6_.
560 vendopt code type variable
562 Defines the Vendor-Identifying Vendor Options. The code is the
563 IANA Enterprise Number which will uniquely describe the encapsu‐
564 lated options. type is normally encap. variable names the Ven‐
565 dor option to be exported.
566 embed type variable
568 Defines an embedded variable within the defined option. The
569 length is determined by the type. If the variable is not the
570 same as defined in the parent option, it is prefixed with the
571 parent variable first with an underscore. If the variable has
572 the name of reserved then it is not processed.
573 encap code type variable
575 Defines an encapsulated variable within the defined option. The
576 length is determined by the type. If the variable is not the
577 same as defined in the parent option, it is prefixed with the
578 parent variable first with an underscore.
579 Type prefix
581 These keywords come before the type itself, to describe it more fully.
582 You can use more than one, but they must appear in the order listed be‐
583 low.
584 request Requests the option by default without having to be specified in
586 user configuration.
587 norequest
589 This option cannot be requested, regardless of user configura‐
590 tion.
591 optional
593 This option is optional. Only makes sense for embedded options
594 like the client FQDN option, where the FQDN string itself is op‐
595 tional.
596 index The option can appear more than once and will be indexed.
598 array The option data is split into a space separated array, each ele‐
600 ment being the same type.
601 Types to define
603 The type directly affects the length of data consumed inside the option.
604 Any remaining data is normally discarded. Lengths can be specified for
605 string and binhex types, but this is generally with other data embedded
606 afterwards in the same option.
607 ipaddress
609 An IPv4 address, 4 bytes.
610 ip6address
612 An IPv6 address, 16 bytes.
613 string [: length]
615 A NVT ASCII string of printable characters.
616 byte A byte.
618 bitflags: flags
620 A byte represented as a string of flags, most significant bit
621 first. For example, using ABCDEFGH then A would equal 10000000,
622 B 01000000, C 00100000, etc. If the bit is not set, the flag is
623 not printed. A flag of 0 is not printed even if the bit position
624 is set. This is to allow reservation of the first bits while as‐
625 signing the last bits.
626 int16 A signed 16bit integer, 2 bytes.
628 uint16 An unsigned 16bit integer, 2 bytes.
630 int32 A signed 32bit integer, 4 bytes.
632 uint32 An unsigned 32bit integer, 4 bytes.
634 flag A fixed value (1) to indicate that the option is present, 0
636 bytes.
637 domain An RFC 3397 encoded string.
639 dname An RFC 1035 validated string.
641 binhex [: length]
643 Binary data expressed as hexadecimal.
644 embed Contains embedded options (implies encap as well).
646 encap Contains encapsulated options (implies embed as well).
648 option References an option from the global definition.
650 Example definition
652 # DHCP option 81, Fully Qualified Domain Name, RFC 4702
653 define 81 embed fqdn
654 embed byte flags
655 embed byte rcode1
656 embed byte rcode2
657 embed domain fqdn
658 # DHCP option 125, Vendor Specific Information Option, RFC 3925
660 define 125 encap vsio
661 embed uint32 enterprise_number
662 # Options defined for the enterprise number
663 encap 1 ipaddress ipaddress
664 Supported Authentication Protocols
666 token Sends a plain text token the server expects and matches a token
667 sent by the server. The tokens do not have to be the same. If
668 unspecified, the token with a secretid of 0 will be used in
669 sending messages and validating received messages.
670 delayedrealm
672 Delayed Authentication. dhcpcd will send an authentication op‐
673 tion with no key or MAC. The server will see this option, and
674 select a key for dhcpcd.conf, writing the realm and secretid in
675 it. dhcpcd will then look for an unexpired token with a match‐
676 ing realm and secretid. This token is used to authenticate all
677 other messages.
678 delayed Same as above, but without a realm.
680 Supported Authentication Algorithms
682 If none specified, hmac-md5 is the default.
683 hmac-md5
685 Supported Replay Detection Mechanisms
687 If none specified, monotonic is the default. If this is changed from
688 what was previously used, or the means of calculating or storing it is
689 broken, then the DHCP server will probably have to have its notion of the
690 client's Replay Detection Value reset.
691 monocounter
693 Read the number in the file /var/lib/dhcpcd/dhcpcd-rdm.monotonic
694 and add one to it.
695 monotime
697 Create an NTP timestamp from the system time.
698 monotonic
700 Same as monotime.
701
703 fnmatch(3), if_nametoindex(3), dhcpcd(8), dhcpcd-run-hooks(8)
704
706 Roy Marples <roy@marples.name>
707
709 Please report them to http://roy.marples.name/projects/dhcpcd
710BSD August 23, 2021 BSD