1DHCPCD.CONF(5) BSD File Formats Manual DHCPCD.CONF(5)
2
4 dhcpcd.conf — dhcpcd configuration file
5
7 Although dhcpcd can do everything from the command line, there are cases
8 where it's just easier to do it once in a configuration file. Most of
9 the options found in dhcpcd(8) can be used here. The first word on the
10 line is the option and the rest of the line is the value. Leading and
11 trailing whitespace for the option and value are trimmed. You can escape
12 characters in the value using the \ character. Comments can be prefixed
13 with the # character. String values should be quoted with the " charac‐
14 ter.
15 Here's a list of available options:
17 allowinterfaces pattern
19 When discovering interfaces, the interface name must match
20 pattern which is a space or comma separated list of patterns
21 passed to fnmatch(3). If the same interface is matched in
22 denyinterfaces then it is still denied.
23 denyinterfaces pattern
25 When discovering interfaces, the interface name must not match
26 pattern which is a space or comma separated list of patterns
27 passed to fnmatch(3).
28 anonymous
30 Enables Anonymity Profiles for DHCP, RFC 7844. Any DUID is ig‐
31 nored and ClientID is set to LL only. All non essential options
32 are then masked at this point, but they could be unmasked by ex‐
33 plicitly requesting the option after the anonymous option is pro‐
34 cessed. As such, the anonymous option should be the last option
35 in the configuration unless you really want to send something
36 which could identify you. dhcpcd will not try and reboot an old
37 lease, it will go straight into DISCOVER/SOLICIT.
38 randomise_hwaddr
40 Forces a hardware address randomisation when the interface is
41 brought up or when the carrier is lost. This is generally used
42 in tandem with the anonymous option.
43 arping address [address]
45 dhcpcd will arping each address in order before attempting DHCP.
46 If an address is found, we will select the replying hardware ad‐
47 dress as the profile, otherwise the IP address. Example:
48 interface bge0
50 arping 192.168.0.1
51 # My specific 192.168.0.1 network
53 profile dd:ee:aa:dd:bb:ee
54 static ip_address=192.168.0.10/24
55 # A generic 192.168.0.1 network
57 profile 192.168.0.1
58 static ip_address=192.168.0.98/24
59 authprotocol protocol [algorithm [rdm]]
61 Authenticate DHCP messages. See the Supported Authentication
62 Protocols section. If protocol is token then algorithm is
63 snd_secretid/rcv_secretid so you can send and receive different
64 tokens.
65 authtoken secretid realm expire key
67 Define a shared key for use in authentication. realm can be ""
68 to for use with the delayed protocol. expire is the date the to‐
69 ken expires and should be formatted "yyy-mm-dd HH:MM". You can
70 use the keyword forever or 0 which means the token never expires.
71 For the token protocol, secretid needs to be 0 and realm needs to
72 be "". If dhcpcd has the error
73 dhcp_auth_encode: Invalid argument
74 then it means that dhcpcd could not find the correct authentica‐
75 tion token in your configuration.
76 background
78 Fork to the background immediately. This is useful for startup
79 scripts which don't disable link messages for carrier status.
80 blacklist address[/cidr]
82 Ignores all packets from address[/cidr].
83 whitelist address[/cidr]
85 Only accept packets from address[/cidr]. blacklist is ignored if
86 whitelist is set.
87 bootp Be a BOOTP client. Basically, this just doesn't send a DHCP Mes‐
89 sage Type option and will only interact with a BOOTP server. All
90 other DHCP options still work.
91 broadcast
93 Instructs the DHCP server to broadcast replies back to the
94 client. Normally this is only set for non-Ethernet interfaces,
95 such as FireWire and InfiniBand. In most cases, dhcpcd will set
96 this automatically.
97 controlgroup group
99 Sets the group ownership of /run/dhcpcd/sock so that users other
100 than root can connect to dhcpcd.
101 debug Echo debug messages to the stderr and syslog.
103 dev value
105 Load the value /dev management module. dhcpcd will load the
106 first one found to work, if any.
107 env value
109 Push value to the environment for use in dhcpcd-run-hooks(8).
110 For example, you can force the hostname hook to always set the
111 hostname with env force_hostname=YES. Or set which driver
112 wpa_supplicant(8) should use with env
113 wpa_supplicant_driver=nl80211
114 If the hostname is set, it will be will set to the FQDN if possi‐
116 ble as per RFC 4702, section 3.1. If the FQDN option is missing,
117 dhcpcd will still try and set a FQDN from the hostname and domain
118 options for consistency. To override this, set env
119 hostname_fqdn=[YES|NO|SERVER]. A value of SERVER means just what
120 the server says, don't manipulate it. This could lead to an in‐
121 consistent hostname on a DHCPv4 and DHCPv6 network where the
122 DHCPv4 hostname is short and the DHCPv6 has an FQDN. DHCPv6 has
123 no hostname option.
124 clientid string
126 Send the clientid. If the string is of the format 01:02:03 then
127 it is encoded as hex. For interfaces whose hardware address is
128 longer than 8 bytes, or if the clientid is an empty string then
129 dhcpcd sends a default clientid of the hardware family and the
130 hardware address.
131 duid [ll | lt | uuid | value]
133 Use a DHCP Unique Identifier. If a system UUID is available,
134 that will be used to create a DUID-UUID, otherwise if persistent
135 storage is available then a DUID-LLT (link local address + time)
136 is generated, otherwise DUID-LL is generated (link local ad‐
137 dress). The DUID type can be hinted as an optional parameter if
138 the file /var/lib/dhcpcd/duid does not exist. If not ll, lt or
139 uuid then value will be converted from 00:11:22:33 format. This,
140 plus the IAID will be used as the clientid. The DUID generated
141 will be held in /var/lib/dhcpcd/duid and should not be copied to
142 other hosts. This file also takes precedence over the above
143 rules except for setting a value.
144 iaid iaid
146 Set the Interface Association Identifier to iaid. This option
147 must be used in an interface block. This defaults to the VLANID
148 (prefixed with 0xff) for the interface if set, otherwise the last
149 4 bytes of the hardware address assigned to the interface. Each
150 instance of this should be unique within the scope of the client
151 and dhcpcd warns if a conflict is detected. If there is a con‐
152 flict, it is only a problem if the conflicted IAIDs are used on
153 the same network.
154 dhcp Enable DHCP on the interface, on by default.
156 dhcp6 Enable DHCPv6 on the interface, on by default.
158 ipv4 Enable IPv4 on the interface, on by default.
160 ipv6 Enable IPv6 on the interface, on by default.
162 request [address]
164 Request the address in the DHCP DISCOVER message. There is no
165 guarantee this is the address the DHCP server will actually give.
166 If no address is given then the first address currently assigned
167 to the interface is used.
168 inform [address[/cidr[/broadcast_address]]]
170 Behaves like request as above, but sends a DHCP INFORM instead of
171 DISCOVER/REQUEST. This does not get a lease as such, just noti‐
172 fies the DHCP server of the address in use. You should also in‐
173 clude the optional cidr network number in case the address is not
174 already configured on the interface. dhcpcd remains running and
175 pretends it has an infinite lease. dhcpcd will not de-configure
176 the interface when it exits. If dhcpcd fails to contact a DHCP
177 server then it returns a failure instead of falling back on
178 IPv4LL.
179 inform6
181 Performs a DHCPv6 Information Request. No address is requested
182 or specified, but all other DHCPv6 options are allowed. This is
183 normally performed automatically when an IPv6 Router Advertise‐
184 ment indicates that the client should perform this operation.
185 This option is only needed when dhcpcd is not processing IPv6 RA
186 messages and the need for a DHCPv6 Information Request exists.
187 persistent
189 dhcpcd normally de-configures the interface and configuration
190 when it exits. Sometimes, this isn't desirable if, for example,
191 you have root mounted over NFS or SSH clients connect to this
192 host and they need to be notified of the host shutting down. You
193 can use this option to stop this from happening.
194 fallback profile
196 Fall back to using this profile if DHCP fails. This allows you
197 to configure a static profile instead of using ZeroConf.
198 hostname name
200 Sends the hostname name to the DHCP server so it can be regis‐
201 tered in DNS. If name is an empty string then the current system
202 hostname is sent. If name is a FQDN (i.e., contains a .) then it
203 will be encoded as such.
204 hostname_short
206 Sends the short hostname to the DHCP server instead of the FQDN.
207 This is useful because DHCP servers will not register the FQDN in
208 their DNS if the domain part does not match theirs.
209 Also, see the env option above to control how the hostname is set
211 on the host.
212 ia_na [iaid [/ address]]
214 Request a DHCPv6 Normal Address for iaid. iaid defaults to the
215 iaid option as described above. You can request more than one
216 ia_na by specifying a unique iaid for each one.
217 ia_ta [iaid]
219 Request a DHCPv6 Temporary Address for iaid. You can request
220 more than one ia_ta by specifying a unique iaid for each one.
221 ia_pd [iaid [/ prefix / prefix_len] [interface [/ sla_id [/ prefix_len [/
223 suffix]]]]]
224 Request a DHCPv6 Delegated Prefix for iaid. This option must be
225 used in an interface block. Unless a sla_id of 0 is assigned
226 with the same resultant prefix length as the delegation, a reject
227 route is installed for the Delegated Prefix to stop unallocated
228 addresses being resolved upstream. If no interface is given then
229 we will assign a prefix to every other interface with a sla_id
230 equivalent to the interface index assigned by the OS. Otherwise
231 addresses are only assigned for each interface and sla_id. Each
232 assigned address will have a suffix, defaulting to 1. If the
233 suffix is 0 then a SLAAC address is assigned. You cannot assign
234 a prefix to the requesting interface unless the DHCPv6 server
235 supports the RFC 6603 Prefix Exclude Option. dhcpcd has to be
236 running for all the interfaces it is delegating to. A default
237 prefix_len of 64 is assumed, unless the maximum sla_id does not
238 fit. In this case prefix_len is increased to the highest multi‐
239 ple of 8 that can accommodate the sla_id. sla_id is an integer
240 which must be unique inside the iaid and is added to the prefix
241 which must fit inside prefix_len less the length of the delegated
242 prefix. You can specify multiple interface / sla_id / prefix_len
243 per ia_pd, space separated. IPv6RS should be disabled globally
244 when requesting a Prefix Delegation.
245 In the following example eth0 is the externally facing interface
247 to be configured for both IPv4 and IPv6. The DHCPv4 server will
248 provide us with an IPv4 address and a default route. The DHCPv6
249 server is going to provide us with an IPv6 address, a default
250 route and a /64 subnet to be delegated to the internal interface.
251 The eth1 interface will be automatically configured for IPv6 us‐
252 ing the first address (::1) from the delegated prefix. A second
253 prefix is requested and assigned to two other interfaces.
254 rtadvd(8) can be used with an empty configuration file on eth1,
255 eth2 and eth3, to provide automatic IPv6 address configuration
256 for the internal network.
257 noipv6rs # disable routing solicitation
259 denyinterfaces eth2 # Don't touch eth2 at all
260 interface eth0
261 ipv6rs # enable routing solicitation for eth0
262 ia_na 1 # request an IPv6 address
263 ia_pd 2 eth1/0 # request a PD and assign it to eth1
264 ia_pd 3 eth2/1 eth3/2 # req a PD and assign it to eth2 and eth3
265 ipv4only
267 Only configure IPv4.
268 ipv6only
270 Only configure IPv6.
271 fqdn [disable | none | ptr | both]
273 none will not ask the DHCP server to update DNS. ptr just asks
274 the DHCP server to update the PTR record of the host in DNS,
275 whereas both also updates the A record. disable will disable the
276 FQDN option. The default is both. dhcpcd itself never does any
277 DNS updates. dhcpcd encodes the FQDN hostname as specified in
278 RFC 1035.
279 interface interface
281 Subsequent options are only parsed for this interface.
282 ipv6ra_autoconf
284 Generate SLAAC addresses for each Prefix advertised by an IPv6
285 Router Advertisement message with the Auto flag set. On by de‐
286 fault.
287 ipv6ra_noautoconf
289 Disables the above option.
290 ipv6ra_fork
292 By default, when dhcpcd receives an IPv6 Router Advertisement,
293 dhcpcd will only fork to the background if the RA contains at
294 least one unexpired RDNSS option and a valid prefix or no DHCPv6
295 instruction. Set this option so to make dhcpcd always fork on a
296 RA.
297 ipv6rs Enables IPv6 Router Advertisement solicitation. This is on by
299 default, but is documented here in the case where it is disabled
300 globally but needs to be enabled for one interface.
301 leasetime seconds
303 Request DHCP a lease time of seconds. -1 represents an infinite
304 lease time. By default dhcpcd does not request any lease time
305 and leaves it in the hands of the DHCP server. It is not possi‐
306 ble to request a DHCPv6 lease time as this is not RFC compliant.
307 See RFC 8415 21.4, 21.6, 21.21 and 21.22.
308 link_rcvbuf size
310 Override the size of the link receive buffer from the kernel de‐
311 fault. While dhcpcd will recover from link buffer overflows,
312 this may not be desirable on heavily loaded systems.
313 logfile logfile
315 Writes to the specified logfile. dhcpcd still writes to
316 syslog(3). The logfile is reopened when dhcpcd receives the
317 SIGUSR2 signal.
318 metric metric
320 Metrics are used to prefer an interface over another one, lowest
321 wins. dhcpcd will supply a default metric of 1000 +
322 if_nametoindex(3). This will be offset by 2000 for wireless in‐
323 terfaces, with additional offsets of 1000000 for IPv4LL and
324 2000000 for roaming interfaces.
325 mudurl url
327 Specifies the URL for a Manufacturer Usage Description (MUD).
328 The description is used by upstream network devices to instanti‐
329 ate any desired access lists. See draft-ietf-opsawg-mud for more
330 information.
331 noalias
333 Any pre-existing IPv4 addresses will be removed from the inter‐
334 face when adding a new IPv4 address.
335 noarp Don't send any ARP requests. This also disables IPv4LL.
337 noauthrequired
339 Don't require authentication even though we requested it. Also
340 allows FORCERENEW and RECONFIGURE messages without authentica‐
341 tion.
342 nodelay
344 Don't delay for an initial randomised time when starting proto‐
345 cols.
346 nodev Don't load /dev management modules.
348 nodhcp Don't start DHCP or listen to DHCP messages. This is only useful
350 when allowing IPv4LL.
351 nodhcp6
353 Don't start DHCPv6 or listen to DHCPv6 messages. Normally DHCPv6
354 is started by an IPv6 Router Advertisement instruction or config‐
355 uration.
356 nogateway
358 Don't install any default routes.
359 gateway
361 Install a default route if available (default).
362 nohook script
364 Don't run this hook script. Matches full name, or prefixed with
365 2 numbers optionally ending with .sh.
366 So to stop dhcpcd from touching your DNS settings or starting
368 wpa_supplicant you would do:-
369 nohook resolv.conf, wpa_supplicant
370 noipv4 Don't attempt to configure an IPv4 address.
372 noipv4ll
374 Don't attempt to obtain an IPv4LL address if we failed to get one
375 via DHCP. See RFC 3927.
376 noipv6 Don't solicit or accept IPv6 Router Advertisements and DHCPv6.
378 noipv6rs
380 Don't solicit or accept IPv6 Router Advertisements.
381 nolink Don't receive link messages about carrier status. You should
383 only set this for buggy interface drivers.
384 noup Don't bring the interface up when in manager mode.
386 option option
388 Requests the option from the server. It can be a variable to be
389 used in dhcpcd-run-hooks(8) or the numerical value. You can
390 specify more options separated by commas, spaces or more option
391 lines. Prepend dhcp6_ to option to request a DHCPv6 option. If
392 no DHCPv6 options are configured, then DHCPv4 options are mapped
393 to equivalent DHCPv6 options.
394 Prepend nd_ to option to handle ND options, but this only works
396 for the nooption, reject and require options.
397 To see a list of options you can use, call dhcpcd with the -V,
399 --variables argument.
400 nooption option
402 Remove the option from the message before it's processed.
403 require option
405 Requires the option to be present in all messages, otherwise the
406 message is ignored. To enforce that dhcpcd only responds to DHCP
407 servers and not BOOTP servers, you can require dhcp_message_type.
408 This isn't an exact science though because a BOOTP server can
409 send DHCP-like options.
410 reject option
412 Reject a message that contains the option. This is useful when
413 you cannot use require to select / de-select BOOTP messages.
414 destination option
416 If dhcpcd.conf detects an address added to a point to point in‐
417 terface (PPP, TUN, etc) then it will set the listed DHCP options
418 to the destination address of the interface.
419 profile name
421 Subsequent options are only parsed for this profile name.
422 quiet Suppress any dhcpcd output to the console, except for errors.
424 reboot seconds
426 Allow reboot seconds before moving to the DISCOVER phase if we
427 have an old lease to use. Allow reboot seconds before starting
428 fallback states from the DISCOVER phase. IPv4LL is started when
429 the first reboot timeout is reached. The default is 5 seconds.
430 A setting of 0 seconds causes dhcpcd.conf to skip the reboot
431 phase and go straight into DISCOVER. This is desirable for mo‐
432 bile users because if you change from network A to network B and
433 they use the same subnet and the address from network A isn't in
434 use on network B, then the DHCP server will remain silent even if
435 authoritative which means dhcpcd will timeout before moving back
436 to the DISCOVER phase. This has no effect on DHCPv6 other than
437 skipping the reboot phase.
438 release
440 dhcpcd will release the lease prior to stopping the interface.
441 script script
443 Use script instead of the default /usr/libexec/dhcpcd-run-hooks.
444 ssid ssid
446 Subsequent options are only parsed for this wireless ssid.
447 slaac hwaddr | private | token token [temp | temporary]
449 Selects the interface identifier used for SLAAC generated IPv6
450 addresses. If private is used, a RFC 7217 address is generated.
451 If token token is used then the token is combined with the prefix
452 to make the final address. The temporary directive will create a
453 temporary address for the prefix as well.
454 static value
456 Configures a static value. If you set ip_address then dhcpcd
457 will not attempt to obtain a lease and will just use the value
458 for the address with an infinite lease time. If you set an empty
459 value this removes all prior static allocations to the same
460 value. This is useful when using profiles and in the case of
461 ip_address it will remove the static allocation. Note that set‐
462 ting 0.0.0.0 keeps the static allocation but waits for a 3rdparty
463 to configure the address. If you set ip6_address, dhcpcd will
464 continue auto-configuration as normal.
465 Here is an example which configures two static address, overrid‐
467 ing the default IPv4 broadcast address, an IPv4 router, DNS and
468 disables IPv6 auto-configuration. You could also use the inform6
469 command here if you wished to obtain more information via DHCPv6.
470 For IPv4, you should use the inform ipaddress option instead of
471 setting a static address.
472 interface eth0
473 noipv6rs
474 static ip_address=192.168.0.10/24
475 static broadcast_address=192.168.0.63
476 static ip6_address=fd51:42f8:caae:d92e::ff/64
477 static routers=192.168.0.1
478 static domain_name_servers=192.168.0.1
479 fd51:42f8:caae:d92e::1
480 Here is an example for PPP which gives the destination a default
482 route. It uses the special destination keyword to insert the
483 destination address into the value.
484 interface ppp0
485 static ip_address=0.0.0.0
486 destination routers
487 timeout seconds
489 Time out after seconds, instead of the default 30. A setting of
490 0 seconds causes dhcpcd to wait forever to get a lease. If
491 dhcpcd is working on a single interface then dhcpcd will exit
492 when a timeout occurs, otherwise dhcpcd will fork into the back‐
493 ground. If using IPv4LL then dhcpcd start the IPv4LL process af‐
494 ter the timeout and then wait a little longer before really tim‐
495 ing out.
496 userclass string
498 Tag the DHCPv4 message with the userclass. You can specify more
499 than one.
500 msuserclass string
502 Tag the DHCPv4 mesasge with the Microsoft userclass. Unlike the
503 userclass option, this one can only be added once. It should
504 only be used for Microsoft DHCP servers and the vendorclassid
505 should be set to "MSFT 98" or "MSFT 5.0". This option is not RFC
506 compliant.
507 vendor code,value
509 Add an encapsulated vendor option. code should be between 1 and
510 254 inclusive. To add a raw vendor string, omit code but keep
511 the comma. Examples.
512 Set the vendor option 01 with an IP address.
514 vendor 01,192.168.0.2
515 Set the vendor option 02 with a hex code.
516 vendor 02,01:02:03:04:05
517 Set the vendor option 03 with an IP address as a string.
518 vendor 03,\"192.168.0.2\"
519 Set un-encapsulated vendor option to hello world.
520 vendor ,"hello world"
521 vendorclassid string
523 Set the DHCP Vendor Class. DHCPv6 has its own option as shown
524 below. The default is dhcpcd-<version>:<os>:<machine>:<plat‐
525 form>. For example
526 dhcpcd-5.5.6:NetBSD-6.99.5:i386:i386
527 If not set then none is sent. Some badly configured DHCP servers
528 reject unknown vendorclassids. To work around it, try and imper‐
529 sonate Windows by using the MSFT vendorclassid.
530 vendclass en data
532 Add the DHCPv6 Vendor Indetifying Vendor Class with the IANA as‐
533 signed Enterprise Number en with the data. This option can be
534 set more than once to add more data, but the behaviour, as per
535 RFC 3925 is undefined if the Enterprise Number differs.
536 waitip [4 | 6]
538 Wait for an address to be assigned before forking to the back‐
539 ground. 4 means wait for an IPv4 address to be assigned. 6
540 means wait for an IPv6 address to be assigned. If no argument is
541 given, dhcpcd.conf will wait for any address protocol to be as‐
542 signed. It is possible to wait for more than one address proto‐
543 col and dhcpcd.conf will only fork to the background when all
544 waiting conditions are satisfied.
545 xidhwaddr
547 Use the last four bytes of the hardware address as the DHCP xid
548 instead of a randomly generated number.
549 Defining new options
551 DHCP, ND and DHCPv6 allow for the use of custom options, and RFC 3925
552 vendor options for DHCP can also be supplied. Each option needs to be
553 started with the define, definend, define6 or vendopt directive. This
554 can optionally be followed by both embed or encap options. Both can be
555 specified more than once and embed must come before encap.
556 define code type variable
558 Defines the DHCP option code of type with a name of variable ex‐
559 ported to dhcpcd-run-hooks(8).
560 definend code type variable
562 Defines the ND option code of type with a name of variable ex‐
563 ported to dhcpcd-run-hooks(8), with a prefix of nd_.
564 define6 code type variable
566 Defines the DHCPv6 option code of type with a name of variable
567 exported to dhcpcd-run-hooks(8), with a prefix of dhcp6_.
568 vendopt code type variable
570 Defines the Vendor-Identifying Vendor Options. The code is the
571 IANA Enterprise Number which will uniquely describe the encapsu‐
572 lated options. type is normally encap. variable names the Ven‐
573 dor option to be exported.
574 embed type variable
576 Defines an embedded variable within the defined option. The
577 length is determined by the type. If the variable is not the
578 same as defined in the parent option, it is prefixed with the
579 parent variable first with an underscore. If the variable has
580 the name of reserved then it is not processed.
581 encap code type variable
583 Defines an encapsulated variable within the defined option. The
584 length is determined by the type. If the variable is not the
585 same as defined in the parent option, it is prefixed with the
586 parent variable first with an underscore.
587 Type prefix
589 These keywords come before the type itself, to describe it more fully.
590 You can use more than one, but they must appear in the order listed be‐
591 low.
592 request Requests the option by default without having to be specified in
594 user configuration.
595 norequest
597 This option cannot be requested, regardless of user configura‐
598 tion.
599 optional
601 This option is optional. Only makes sense for embedded options
602 like the client FQDN option, where the FQDN string itself is op‐
603 tional.
604 index The option can appear more than once and will be indexed.
606 array The option data is split into a space separated array, each ele‐
608 ment being the same type.
609 Types to define
611 The type directly affects the length of data consumed inside the option.
612 Any remaining data is normally discarded. Lengths can be specified for
613 string and binhex types, but this is generally with other data embedded
614 afterwards in the same option.
615 ipaddress
617 An IPv4 address, 4 bytes.
618 ip6address
620 An IPv6 address, 16 bytes.
621 string [: length]
623 A NVT ASCII string of printable characters.
624 byte A byte.
626 bitflags: flags
628 A byte represented as a string of flags, most significant bit
629 first. For example, using ABCDEFGH then A would equal 10000000,
630 B 01000000, C 00100000, etc. If the bit is not set, the flag is
631 not printed. A flag of 0 is not printed even if the bit position
632 is set. This is to allow reservation of the first bits while as‐
633 signing the last bits.
634 int16 A signed 16bit integer, 2 bytes.
636 uint16 An unsigned 16bit integer, 2 bytes.
638 int32 A signed 32bit integer, 4 bytes.
640 uint32 An unsigned 32bit integer, 4 bytes.
642 flag A fixed value (1) to indicate that the option is present, 0
644 bytes.
645 domain An RFC 3397 encoded string.
647 dname An RFC 1035 validated string.
649 uri If an array then the first two bytes are the URI length inside
651 the option data. Otherwise, the whole option data is the URI.
652 As a space is not allowed in the URI encoding, the URIs are space
653 separated.
654 binhex [: length]
656 Binary data expressed as hexadecimal.
657 embed Contains embedded options (implies encap as well).
659 encap Contains encapsulated options (implies embed as well).
661 option References an option from the global definition.
663 Example definition
665 # DHCP option 81, Fully Qualified Domain Name, RFC 4702
666 define 81 embed fqdn
667 embed byte flags
668 embed byte rcode1
669 embed byte rcode2
670 embed domain fqdn
671 # DHCP option 125, Vendor Specific Information Option, RFC 3925
673 define 125 encap vsio
674 embed uint32 enterprise_number
675 # Options defined for the enterprise number
676 encap 1 ipaddress ipaddress
677 Supported Authentication Protocols
679 token Sends a plain text token the server expects and matches a token
680 sent by the server. The tokens do not have to be the same. If
681 unspecified, the token with a secretid of 0 will be used in
682 sending messages and validating received messages.
683 delayedrealm
685 Delayed Authentication. dhcpcd will send an authentication op‐
686 tion with no key or MAC. The server will see this option, and
687 select a key for dhcpcd.conf, writing the realm and secretid in
688 it. dhcpcd will then look for an unexpired token with a match‐
689 ing realm and secretid. This token is used to authenticate all
690 other messages.
691 delayed Same as above, but without a realm.
693 Supported Authentication Algorithms
695 If none specified, hmac-md5 is the default.
696 hmac-md5
698 Supported Replay Detection Mechanisms
700 If none specified, monotonic is the default. If this is changed from
701 what was previously used, or the means of calculating or storing it is
702 broken, then the DHCP server will probably have to have its notion of the
703 client's Replay Detection Value reset.
704 monocounter
706 Read the number in the file /var/lib/dhcpcd/dhcpcd-rdm.monotonic
707 and add one to it.
708 monotime
710 Create an NTP timestamp from the system time.
711 monotonic
713 Same as monotime.
714
716 fnmatch(3), if_nametoindex(3), dhcpcd(8), dhcpcd-run-hooks(8)
717
719 Roy Marples <roy@marples.name>
720
722 Please report them to https://roy.marples.name/projects/dhcpcd
723BSD October 4, 2023 BSD