1DHCPCD.CONF(5)              BSD File Formats Manual             DHCPCD.CONF(5)
2

NAME

4     dhcpcd.conf — dhcpcd configuration file
5

DESCRIPTION

7     Although dhcpcd can do everything from the command line, there are cases
8     where it's just easier to do it once in a configuration file.  Most of
9     the options found in dhcpcd(8) can be used here.  The first word on the
10     line is the option and the rest of the line is the value.  Leading and
11     trailing whitespace for the option and value are trimmed.  You can escape
12     characters in the value using the \ character.  Comments can be prefixed
13     with the # character.  String values should be quoted with the " charac‐
14     ter.
15
16     Here's a list of available options:
17
18     allowinterfaces pattern
19             When discovering interfaces, the interface name must match
20             pattern which is a space or comma separated list of patterns
21             passed to fnmatch(3).  If the same interface is matched in
22             denyinterfaces then it is still denied.
23
24     denyinterfaces pattern
25             When discovering interfaces, the interface name must not match
26             pattern which is a space or comma separated list of patterns
27             passed to fnmatch(3).
28
29     anonymous
30             Enables Anonymity Profiles for DHCP, RFC 7844.  Any DUID is ig‐
31             nored and ClientID is set to LL only.  All non essential options
32             are then masked at this point, but they could be unmasked by ex‐
33             plicitly requesting the option after the anonymous option is pro‐
34             cessed.  As such, the anonymous option should be the last option
35             in the configuration unless you really want to send something
36             which could identify you.  dhcpcd will not try and reboot an old
37             lease, it will go straight into DISCOVER/SOLICIT.
38
39     randomise_hwaddr
40             Forces a hardware address randomisation when the interface is
41             brought up or when the carrier is lost.  This is generally used
42             in tandem with the anonymous option.
43
44     arping address [address]
45             dhcpcd will arping each address in order before attempting DHCP.
46             If an address is found, we will select the replying hardware ad‐
47             dress as the profile, otherwise the IP address.  Example:
48
49                   interface bge0
50                   arping 192.168.0.1
51
52                   # My specific 192.168.0.1 network
53                   profile dd:ee:aa:dd:bb:ee
54                   static ip_address=192.168.0.10/24
55
56                   # A generic 192.168.0.1 network
57                   profile 192.168.0.1
58                   static ip_address=192.168.0.98/24
59
60     authprotocol protocol [algorithm [rdm]]
61             Authenticate DHCP messages.  See the Supported Authentication
62             Protocols section.  If protocol is token then algorithm is
63             snd_secretid/rcv_secretid so you can send and receive different
64             tokens.
65
66     authtoken secretid realm expire key
67             Define a shared key for use in authentication.  realm can be ""
68             to for use with the delayed protocol.  expire is the date the to‐
69             ken expires and should be formatted "yyy-mm-dd HH:MM".  You can
70             use the keyword forever or 0 which means the token never expires.
71             For the token protocol, secretid needs to be 0 and realm needs to
72             be "".  If dhcpcd has the error
73                   dhcp_auth_encode: Invalid argument
74             then it means that dhcpcd could not find the correct authentica‐
75             tion token in your configuration.
76
77     background
78             Fork to the background immediately.  This is useful for startup
79             scripts which don't disable link messages for carrier status.
80
81     blacklist address[/cidr]
82             Ignores all packets from address[/cidr].
83
84     whitelist address[/cidr]
85             Only accept packets from address[/cidr].  blacklist is ignored if
86             whitelist is set.
87
88     bootp   Be a BOOTP client.  Basically, this just doesn't send a DHCP Mes‐
89             sage Type option and will only interact with a BOOTP server.  All
90             other DHCP options still work.
91
92     broadcast
93             Instructs the DHCP server to broadcast replies back to the
94             client.  Normally this is only set for non-Ethernet interfaces,
95             such as FireWire and InfiniBand.  In most cases, dhcpcd will set
96             this automatically.
97
98     controlgroup group
99             Sets the group ownership of /run/dhcpcd/sock so that users other
100             than root can connect to dhcpcd.
101
102     debug   Echo debug messages to the stderr and syslog.
103
104     dev value
105             Load the value /dev management module.  dhcpcd will load the
106             first one found to work, if any.
107
108     env value
109             Push value to the environment for use in dhcpcd-run-hooks(8).
110             For example, you can force the hostname hook to always set the
111             hostname with env force_hostname=YES.  Or set which driver
112             wpa_supplicant(8) should use with env
113             wpa_supplicant_driver=nl80211
114
115             If the hostname is set, it will be will set to the FQDN if possi‐
116             ble as per RFC 4702, section 3.1.  If the FQDN option is missing,
117             dhcpcd will still try and set a FQDN from the hostname and domain
118             options for consistency.  To override this, set env
119             hostname_fqdn=[YES|NO|SERVER].  A value of SERVER means just what
120             the server says, don't manipulate it.  This could lead to an in‐
121             consistent hostname on a DHCPv4 and DHCPv6 network where the
122             DHCPv4 hostname is short and the DHCPv6 has an FQDN.  DHCPv6 has
123             no hostname option.
124
125     clientid string
126             Send the clientid.  If the string is of the format 01:02:03 then
127             it is encoded as hex.  For interfaces whose hardware address is
128             longer than 8 bytes, or if the clientid is an empty string then
129             dhcpcd sends a default clientid of the hardware family and the
130             hardware address.
131
132     duid [ll | lt | uuid | value]
133             Use a DHCP Unique Identifier.  If a system UUID is available,
134             that will be used to create a DUID-UUID, otherwise if persistent
135             storage is available then a DUID-LLT (link local address + time)
136             is generated, otherwise DUID-LL is generated (link local ad‐
137             dress).  The DUID type can be hinted as an optional parameter if
138             the file /var/lib/dhcpcd/duid does not exist.  If not ll, lt or
139             uuid then value will be converted from 00:11:22:33 format.  This,
140             plus the IAID will be used as the clientid.  The DUID generated
141             will be held in /var/lib/dhcpcd/duid and should not be copied to
142             other hosts.  This file also takes precedence over the above
143             rules except for setting a value.
144
145     iaid iaid
146             Set the Interface Association Identifier to iaid.  This option
147             must be used in an interface block.  This defaults to the VLANID
148             (prefixed with 0xff) for the interface if set, otherwise the last
149             4 bytes of the hardware address assigned to the interface.  Each
150             instance of this should be unique within the scope of the client
151             and dhcpcd warns if a conflict is detected.  If there is a con‐
152             flict, it is only a problem if the conflicted IAIDs are used on
153             the same network.
154
155     dhcp    Enable DHCP on the interface, on by default.
156
157     dhcp6   Enable DHCPv6 on the interface, on by default.
158
159     ipv4    Enable IPv4 on the interface, on by default.
160
161     ipv6    Enable IPv6 on the interface, on by default.
162
163     request [address]
164             Request the address in the DHCP DISCOVER message.  There is no
165             guarantee this is the address the DHCP server will actually give.
166             If no address is given then the first address currently assigned
167             to the interface is used.
168
169     inform [address[/cidr[/broadcast_address]]]
170             Behaves like request as above, but sends a DHCP INFORM instead of
171             DISCOVER/REQUEST.  This does not get a lease as such, just noti‐
172             fies the DHCP server of the address in use.  You should also in‐
173             clude the optional cidr network number in case the address is not
174             already configured on the interface.  dhcpcd remains running and
175             pretends it has an infinite lease.  dhcpcd will not de-configure
176             the interface when it exits.  If dhcpcd fails to contact a DHCP
177             server then it returns a failure instead of falling back on
178             IPv4LL.
179
180     inform6
181             Performs a DHCPv6 Information Request.  No address is requested
182             or specified, but all other DHCPv6 options are allowed.  This is
183             normally performed automatically when an IPv6 Router Advertise‐
184             ment indicates that the client should perform this operation.
185             This option is only needed when dhcpcd is not processing IPv6 RA
186             messages and the need for a DHCPv6 Information Request exists.
187
188     persistent
189             dhcpcd normally de-configures the interface and configuration
190             when it exits.  Sometimes, this isn't desirable if, for example,
191             you have root mounted over NFS or SSH clients connect to this
192             host and they need to be notified of the host shutting down.  You
193             can use this option to stop this from happening.
194
195     fallback profile
196             Fall back to using this profile if DHCP fails.  This allows you
197             to configure a static profile instead of using ZeroConf.
198
199     hostname name
200             Sends the hostname name to the DHCP server so it can be regis‐
201             tered in DNS.  If name is an empty string then the current system
202             hostname is sent.  If name is a FQDN (i.e., contains a .) then it
203             will be encoded as such.
204
205     hostname_short
206             Sends the short hostname to the DHCP server instead of the FQDN.
207             This is useful because DHCP servers will not register the FQDN in
208             their DNS if the domain part does not match theirs.
209
210             Also, see the env option above to control how the hostname is set
211             on the host.
212
213     ia_na [iaid [/ address]]
214             Request a DHCPv6 Normal Address for iaid.  iaid defaults to the
215             iaid option as described above.  You can request more than one
216             ia_na by specifying a unique iaid for each one.
217
218     ia_ta [iaid]
219             Request a DHCPv6 Temporary Address for iaid.  You can request
220             more than one ia_ta by specifying a unique iaid for each one.
221
222     ia_pd [iaid [/ prefix / prefix_len] [interface [/ sla_id [/ prefix_len [/
223             suffix]]]]]
224             Request a DHCPv6 Delegated Prefix for iaid.  This option must be
225             used in an interface block.  Unless a sla_id of 0 is assigned
226             with the same resultant prefix length as the delegation, a reject
227             route is installed for the Delegated Prefix to stop unallocated
228             addresses being resolved upstream.  If no interface is given then
229             we will assign a prefix to every other interface with a sla_id
230             equivalent to the interface index assigned by the OS.  Otherwise
231             addresses are only assigned for each interface and sla_id.  Each
232             assigned address will have a suffix, defaulting to 1.  If the
233             suffix is 0 then a SLAAC address is assigned.  You cannot assign
234             a prefix to the requesting interface unless the DHCPv6 server
235             supports the RFC 6603 Prefix Exclude Option.  dhcpcd has to be
236             running for all the interfaces it is delegating to.  A default
237             prefix_len of 64 is assumed, unless the maximum sla_id does not
238             fit.  In this case prefix_len is increased to the highest multi‐
239             ple of 8 that can accommodate the sla_id.  sla_id is an integer
240             which must be unique inside the iaid and is added to the prefix
241             which must fit inside prefix_len less the length of the delegated
242             prefix.  You can specify multiple interface / sla_id / prefix_len
243             per ia_pd, space separated.  IPv6RS should be disabled globally
244             when requesting a Prefix Delegation.
245
246             In the following example eth0 is the externally facing interface
247             to be configured for both IPv4 and IPv6.  The DHCPv4 server will
248             provide us with an IPv4 address and a default route.  The DHCPv6
249             server is going to provide us with an IPv6 address, a default
250             route and a /64 subnet to be delegated to the internal interface.
251             The eth1 interface will be automatically configured for IPv6 us‐
252             ing the first address (::1) from the delegated prefix.  A second
253             prefix is requested and assigned to two other interfaces.
254             rtadvd(8) can be used with an empty configuration file on eth1,
255             eth2 and eth3, to provide automatic IPv6 address configuration
256             for the internal network.
257
258             noipv6rs                 # disable routing solicitation
259             denyinterfaces eth2      # Don't touch eth2 at all
260             interface eth0
261               ipv6rs                 # enable routing solicitation for eth0
262               ia_na 1                # request an IPv6 address
263               ia_pd 2 eth1/0         # request a PD and assign it to eth1
264               ia_pd 3 eth2/1 eth3/2  # req a PD and assign it to eth2 and eth3
265
266     ipv4only
267             Only configure IPv4.
268
269     ipv6only
270             Only configure IPv6.
271
272     fqdn [disable | none | ptr | both]
273             none will not ask the DHCP server to update DNS.  ptr just asks
274             the DHCP server to update the PTR record of the host in DNS,
275             whereas both also updates the A record.  disable will disable the
276             FQDN option.  The default is both.  dhcpcd itself never does any
277             DNS updates.  dhcpcd encodes the FQDN hostname as specified in
278             RFC 1035.
279
280     interface interface
281             Subsequent options are only parsed for this interface.
282
283     ipv6ra_autoconf
284             Generate SLAAC addresses for each Prefix advertised by an IPv6
285             Router Advertisement message with the Auto flag set.  On by de‐
286             fault.
287
288     ipv6ra_noautoconf
289             Disables the above option.
290
291     ipv6ra_fork
292             By default, when dhcpcd receives an IPv6 Router Advertisement,
293             dhcpcd will only fork to the background if the RA contains at
294             least one unexpired RDNSS option and a valid prefix or no DHCPv6
295             instruction.  Set this option so to make dhcpcd always fork on a
296             RA.
297
298     ipv6rs  Enables IPv6 Router Advertisement solicitation.  This is on by
299             default, but is documented here in the case where it is disabled
300             globally but needs to be enabled for one interface.
301
302     leasetime seconds
303             Request DHCP a lease time of seconds.  -1 represents an infinite
304             lease time.  By default dhcpcd does not request any lease time
305             and leaves it in the hands of the DHCP server.  It is not possi‐
306             ble to request a DHCPv6 lease time as this is not RFC compliant.
307             See RFC 8415 21.4, 21.6, 21.21 and 21.22.
308
309     link_rcvbuf size
310             Override the size of the link receive buffer from the kernel de‐
311             fault.  While dhcpcd will recover from link buffer overflows,
312             this may not be desirable on heavily loaded systems.
313
314     logfile logfile
315             Writes to the specified logfile.  dhcpcd still writes to
316             syslog(3).  The logfile is reopened when dhcpcd receives the
317             SIGUSR2 signal.
318
319     metric metric
320             Metrics are used to prefer an interface over another one, lowest
321             wins.  dhcpcd will supply a default metric of 1000 +
322             if_nametoindex(3).  This will be offset by 2000 for wireless in‐
323             terfaces, with additional offsets of 1000000 for IPv4LL and
324             2000000 for roaming interfaces.
325
326     mudurl url
327             Specifies the URL for a Manufacturer Usage Description (MUD).
328             The description is used by upstream network devices to instanti‐
329             ate any desired access lists.  See draft-ietf-opsawg-mud for more
330             information.
331
332     noalias
333             Any pre-existing IPv4 addresses will be removed from the inter‐
334             face when adding a new IPv4 address.
335
336     noarp   Don't send any ARP requests.  This also disables IPv4LL.
337
338     noauthrequired
339             Don't require authentication even though we requested it.  Also
340             allows FORCERENEW and RECONFIGURE messages without authentica‐
341             tion.
342
343     nodelay
344             Don't delay for an initial randomised time when starting proto‐
345             cols.
346
347     nodev   Don't load /dev management modules.
348
349     nodhcp  Don't start DHCP or listen to DHCP messages.  This is only useful
350             when allowing IPv4LL.
351
352     nodhcp6
353             Don't start DHCPv6 or listen to DHCPv6 messages.  Normally DHCPv6
354             is started by an IPv6 Router Advertisement instruction or config‐
355             uration.
356
357     nogateway
358             Don't install any default routes.
359
360     gateway
361             Install a default route if available (default).
362
363     nohook script
364             Don't run this hook script.  Matches full name, or prefixed with
365             2 numbers optionally ending with .sh.
366
367             So to stop dhcpcd from touching your DNS settings or starting
368             wpa_supplicant you would do:-
369                   nohook resolv.conf, wpa_supplicant
370
371     noipv4  Don't attempt to configure an IPv4 address.
372
373     noipv4ll
374             Don't attempt to obtain an IPv4LL address if we failed to get one
375             via DHCP.  See RFC 3927.
376
377     noipv6  Don't solicit or accept IPv6 Router Advertisements and DHCPv6.
378
379     noipv6rs
380             Don't solicit or accept IPv6 Router Advertisements.
381
382     nolink  Don't receive link messages about carrier status.  You should
383             only set this for buggy interface drivers.
384
385     noup    Don't bring the interface up when in manager mode.
386
387     option option
388             Requests the option from the server.  It can be a variable to be
389             used in dhcpcd-run-hooks(8) or the numerical value.  You can
390             specify more options separated by commas, spaces or more option
391             lines.  Prepend dhcp6_ to option to request a DHCPv6 option.  If
392             no DHCPv6 options are configured, then DHCPv4 options are mapped
393             to equivalent DHCPv6 options.
394
395             Prepend nd_ to option to handle ND options, but this only works
396             for the nooption, reject and require options.
397
398             To see a list of options you can use, call dhcpcd with the -V,
399             --variables argument.
400
401     nooption option
402             Remove the option from the message before it's processed.
403
404     require option
405             Requires the option to be present in all messages, otherwise the
406             message is ignored.  To enforce that dhcpcd only responds to DHCP
407             servers and not BOOTP servers, you can require dhcp_message_type.
408             This isn't an exact science though because a BOOTP server can
409             send DHCP-like options.
410
411     reject option
412             Reject a message that contains the option.  This is useful when
413             you cannot use require to select / de-select BOOTP messages.
414
415     destination option
416             If dhcpcd.conf detects an address added to a point to point in‐
417             terface (PPP, TUN, etc) then it will set the listed DHCP options
418             to the destination address of the interface.
419
420     profile name
421             Subsequent options are only parsed for this profile name.
422
423     quiet   Suppress any dhcpcd output to the console, except for errors.
424
425     reboot seconds
426             Allow reboot seconds before moving to the DISCOVER phase if we
427             have an old lease to use.  Allow reboot seconds before starting
428             fallback states from the DISCOVER phase.  IPv4LL is started when
429             the first reboot timeout is reached.  The default is 5 seconds.
430             A setting of 0 seconds causes dhcpcd.conf to skip the reboot
431             phase and go straight into DISCOVER.  This is desirable for mo‐
432             bile users because if you change from network A to network B and
433             they use the same subnet and the address from network A isn't in
434             use on network B, then the DHCP server will remain silent even if
435             authoritative which means dhcpcd will timeout before moving back
436             to the DISCOVER phase.  This has no effect on DHCPv6 other than
437             skipping the reboot phase.
438
439     release
440             dhcpcd will release the lease prior to stopping the interface.
441
442     script script
443             Use script instead of the default /usr/libexec/dhcpcd-run-hooks.
444
445     ssid ssid
446             Subsequent options are only parsed for this wireless ssid.
447
448     slaac hwaddr | private | token token [temp | temporary]
449             Selects the interface identifier used for SLAAC generated IPv6
450             addresses.  If private is used, a RFC 7217 address is generated.
451             If token token is used then the token is combined with the prefix
452             to make the final address.  The temporary directive will create a
453             temporary address for the prefix as well.
454
455     static value
456             Configures a static value.  If you set ip_address then dhcpcd
457             will not attempt to obtain a lease and will just use the value
458             for the address with an infinite lease time.  If you set an empty
459             value this removes all prior static allocations to the same
460             value.  This is useful when using profiles and in the case of
461             ip_address it will remove the static allocation.  Note that set‐
462             ting 0.0.0.0 keeps the static allocation but waits for a 3rdparty
463             to configure the address.  If you set ip6_address, dhcpcd will
464             continue auto-configuration as normal.
465
466             Here is an example which configures two static address, overrid‐
467             ing the default IPv4 broadcast address, an IPv4 router, DNS and
468             disables IPv6 auto-configuration.  You could also use the inform6
469             command here if you wished to obtain more information via DHCPv6.
470             For IPv4, you should use the inform ipaddress option instead of
471             setting a static address.
472                   interface eth0
473                   noipv6rs
474                   static ip_address=192.168.0.10/24
475                   static broadcast_address=192.168.0.63
476                   static ip6_address=fd51:42f8:caae:d92e::ff/64
477                   static routers=192.168.0.1
478                   static domain_name_servers=192.168.0.1
479                   fd51:42f8:caae:d92e::1
480
481             Here is an example for PPP which gives the destination a default
482             route.  It uses the special destination keyword to insert the
483             destination address into the value.
484                   interface ppp0
485                   static ip_address=0.0.0.0
486                   destination routers
487
488     timeout seconds
489             Time out after seconds, instead of the default 30.  A setting of
490             0 seconds causes dhcpcd to wait forever to get a lease.  If
491             dhcpcd is working on a single interface then dhcpcd will exit
492             when a timeout occurs, otherwise dhcpcd will fork into the back‐
493             ground.  If using IPv4LL then dhcpcd start the IPv4LL process af‐
494             ter the timeout and then wait a little longer before really tim‐
495             ing out.
496
497     userclass string
498             Tag the DHCPv4 message with the userclass.  You can specify more
499             than one.
500
501     msuserclass string
502             Tag the DHCPv4 mesasge with the Microsoft userclass.  Unlike the
503             userclass option, this one can only be added once.  It should
504             only be used for Microsoft DHCP servers and the vendorclassid
505             should be set to "MSFT 98" or "MSFT 5.0".  This option is not RFC
506             compliant.
507
508     vendor code,value
509             Add an encapsulated vendor option.  code should be between 1 and
510             254 inclusive.  To add a raw vendor string, omit code but keep
511             the comma.  Examples.
512
513             Set the vendor option 01 with an IP address.
514                   vendor 01,192.168.0.2
515             Set the vendor option 02 with a hex code.
516                   vendor 02,01:02:03:04:05
517             Set the vendor option 03 with an IP address as a string.
518                   vendor 03,\"192.168.0.2\"
519             Set un-encapsulated vendor option to hello world.
520                   vendor ,"hello world"
521
522     vendorclassid string
523             Set the DHCP Vendor Class.  DHCPv6 has its own option as shown
524             below.  The default is dhcpcd-<version>:<os>:<machine>:<plat‐
525             form>.  For example
526                   dhcpcd-5.5.6:NetBSD-6.99.5:i386:i386
527             If not set then none is sent.  Some badly configured DHCP servers
528             reject unknown vendorclassids.  To work around it, try and imper‐
529             sonate Windows by using the MSFT vendorclassid.
530
531     vendclass en data
532             Add the DHCPv6 Vendor Indetifying Vendor Class with the IANA as‐
533             signed Enterprise Number en with the data.  This option can be
534             set more than once to add more data, but the behaviour, as per
535             RFC 3925 is undefined if the Enterprise Number differs.
536
537     waitip [4 | 6]
538             Wait for an address to be assigned before forking to the back‐
539             ground.  4 means wait for an IPv4 address to be assigned.  6
540             means wait for an IPv6 address to be assigned.  If no argument is
541             given, dhcpcd.conf will wait for any address protocol to be as‐
542             signed.  It is possible to wait for more than one address proto‐
543             col and dhcpcd.conf will only fork to the background when all
544             waiting conditions are satisfied.
545
546     xidhwaddr
547             Use the last four bytes of the hardware address as the DHCP xid
548             instead of a randomly generated number.
549
550   Defining new options
551     DHCP, ND and DHCPv6 allow for the use of custom options, and RFC 3925
552     vendor options for DHCP can also be supplied.  Each option needs to be
553     started with the define, definend, define6 or vendopt directive.  This
554     can optionally be followed by both embed or encap options.  Both can be
555     specified more than once and embed must come before encap.
556
557     define code type variable
558             Defines the DHCP option code of type with a name of variable ex‐
559             ported to dhcpcd-run-hooks(8).
560
561     definend code type variable
562             Defines the ND option code of type with a name of variable ex‐
563             ported to dhcpcd-run-hooks(8), with a prefix of nd_.
564
565     define6 code type variable
566             Defines the DHCPv6 option code of type with a name of variable
567             exported to dhcpcd-run-hooks(8), with a prefix of dhcp6_.
568
569     vendopt code type variable
570             Defines the Vendor-Identifying Vendor Options.  The code is the
571             IANA Enterprise Number which will uniquely describe the encapsu‐
572             lated options.  type is normally encap.  variable names the Ven‐
573             dor option to be exported.
574
575     embed type variable
576             Defines an embedded variable within the defined option.  The
577             length is determined by the type.  If the variable is not the
578             same as defined in the parent option, it is prefixed with the
579             parent variable first with an underscore.  If the variable has
580             the name of reserved then it is not processed.
581
582     encap code type variable
583             Defines an encapsulated variable within the defined option.  The
584             length is determined by the type.  If the variable is not the
585             same as defined in the parent option, it is prefixed with the
586             parent variable first with an underscore.
587
588   Type prefix
589     These keywords come before the type itself, to describe it more fully.
590     You can use more than one, but they must appear in the order listed be‐
591     low.
592
593     request  Requests the option by default without having to be specified in
594              user configuration.
595
596     norequest
597              This option cannot be requested, regardless of user configura‐
598              tion.
599
600     optional
601              This option is optional.  Only makes sense for embedded options
602              like the client FQDN option, where the FQDN string itself is op‐
603              tional.
604
605     index    The option can appear more than once and will be indexed.
606
607     array    The option data is split into a space separated array, each ele‐
608              ment being the same type.
609
610   Types to define
611     The type directly affects the length of data consumed inside the option.
612     Any remaining data is normally discarded.  Lengths can be specified for
613     string and binhex types, but this is generally with other data embedded
614     afterwards in the same option.
615
616     ipaddress
617             An IPv4 address, 4 bytes.
618
619     ip6address
620             An IPv6 address, 16 bytes.
621
622     string [: length]
623             A NVT ASCII string of printable characters.
624
625     byte    A byte.
626
627     bitflags: flags
628             A byte represented as a string of flags, most significant bit
629             first.  For example, using ABCDEFGH then A would equal 10000000,
630             B 01000000, C 00100000, etc.  If the bit is not set, the flag is
631             not printed.  A flag of 0 is not printed even if the bit position
632             is set.  This is to allow reservation of the first bits while as‐
633             signing the last bits.
634
635     int16   A signed 16bit integer, 2 bytes.
636
637     uint16  An unsigned 16bit integer, 2 bytes.
638
639     int32   A signed 32bit integer, 4 bytes.
640
641     uint32  An unsigned 32bit integer, 4 bytes.
642
643     flag    A fixed value (1) to indicate that the option is present, 0
644             bytes.
645
646     domain  An RFC 3397 encoded string.
647
648     dname   An RFC 1035 validated string.
649
650     uri     If an array then the first two bytes are the URI length inside
651             the option data.  Otherwise, the whole option data is the URI.
652             As a space is not allowed in the URI encoding, the URIs are space
653             separated.
654
655     binhex [: length]
656             Binary data expressed as hexadecimal.
657
658     embed   Contains embedded options (implies encap as well).
659
660     encap   Contains encapsulated options (implies embed as well).
661
662     option  References an option from the global definition.
663
664   Example definition
665           # DHCP option 81, Fully Qualified Domain Name, RFC 4702
666           define 81 embed fqdn
667           embed byte flags
668           embed byte rcode1
669           embed byte rcode2
670           embed domain fqdn
671
672           # DHCP option 125, Vendor Specific Information Option, RFC 3925
673           define 125 encap vsio
674           embed uint32 enterprise_number
675           # Options defined for the enterprise number
676           encap 1 ipaddress ipaddress
677
678   Supported Authentication Protocols
679     token    Sends a plain text token the server expects and matches a token
680              sent by the server.  The tokens do not have to be the same.  If
681              unspecified, the token with a secretid of 0 will be used in
682              sending messages and validating received messages.
683
684     delayedrealm
685              Delayed Authentication.  dhcpcd will send an authentication op‐
686              tion with no key or MAC.  The server will see this option, and
687              select a key for dhcpcd.conf, writing the realm and secretid in
688              it.  dhcpcd will then look for an unexpired token with a match‐
689              ing realm and secretid.  This token is used to authenticate all
690              other messages.
691
692     delayed  Same as above, but without a realm.
693
694   Supported Authentication Algorithms
695     If none specified, hmac-md5 is the default.
696
697     hmac-md5
698
699   Supported Replay Detection Mechanisms
700     If none specified, monotonic is the default.  If this is changed from
701     what was previously used, or the means of calculating or storing it is
702     broken, then the DHCP server will probably have to have its notion of the
703     client's Replay Detection Value reset.
704
705     monocounter
706              Read the number in the file /var/lib/dhcpcd/dhcpcd-rdm.monotonic
707              and add one to it.
708
709     monotime
710              Create an NTP timestamp from the system time.
711
712     monotonic
713              Same as monotime.
714

SEE ALSO

716     fnmatch(3), if_nametoindex(3), dhcpcd(8), dhcpcd-run-hooks(8)
717

AUTHORS

719     Roy Marples <roy@marples.name>
720

BUGS

722     Please report them to https://roy.marples.name/projects/dhcpcd
723
724BSD                             October 4, 2023                            BSD
Impressum