|DHCPCD.CONF(5)||File Formats Manual||DHCPCD.CONF(5)|
dhcpcd configuration file
dhcpcd can do everything from the
command line, there are cases where it's just easier to do it once in a
configuration file. Most of the options found in
dhcpcd(8) can be used here. The first
word on the line is the option and the rest of the line is the value.
Leading and trailing whitespace for the option and value are trimmed. You
can escape characters in the value using the \ character. Comments can be
prefixed with the # character. String values should be quoted with the
Here's a list of available options:
denyinterfacesthen it is still denied.
anonymousoption is processed. As such, the
anonymousoption should be the last option in the configuration unless you really want to send something which could identify you.
dhcpcdwill not try and reboot an old lease, it will go straight into DISCOVER/SOLICIT.
dhcpcdwill arping each address in order before attempting DHCP. If an address is found, we will select the replying hardware address as the profile, otherwise the IP address. Example:
authprotocolprotocol [algorithm [rdm]]
authtokensecretid realm expire key
dhcpcdhas the error
dhcpcdcould not find the correct authentication token in your configuration.
blacklistis ignored if
dhcpcdwill set this automatically.
dhcpcdwill load the first one found to work, if any.
envforce_hostname=YES. Or set which driver wpa_supplicant(8) should use with
If the hostname is set, it will be will set to the FQDN if
possible as per RFC 4702, section 3.1. If the FQDN option is missing,
dhcpcd will still try and set a FQDN from the
hostname and domain options for consistency. To override this, set
hostname_fqdn=[YES|NO|SERVER]. A value of
SERVER means just what the server says, don't
manipulate it. This could lead to an inconsistent hostname on a DHCPv4
and DHCPv6 network where the DHCPv4 hostname is short and the DHCPv6 has
an FQDN. DHCPv6 has no hostname option.
dhcpcdsends a default clientid of the hardware family and the hardware address.
duid[ll | lt | uuid | value]
clientid. The DUID generated will be held in /var/db/dhcpcd/duid and should not be copied to other hosts. This file also takes precedence over the above rules except for setting a value.
interfaceblock. This defaults to the VLANID (prefixed with 0xff) for the interface if set, otherwise the last 4 bytes of the hardware address assigned to the interface. Each instance of this should be unique within the scope of the client and
dhcpcdwarns if a conflict is detected. If there is a conflict, it is only a problem if the conflicted IAIDs are used on the same network.
requestas above, but sends a DHCP INFORM instead of DISCOVER/REQUEST. This does not get a lease as such, just notifies the DHCP server of the address in use. You should also include the optional cidr network number in case the address is not already configured on the interface.
dhcpcdremains running and pretends it has an infinite lease.
dhcpcdwill not de-configure the interface when it exits. If
dhcpcdfails to contact a DHCP server then it returns a failure instead of falling back on IPv4LL.
dhcpcdis not processing IPv6 RA messages and the need for a DHCPv6 Information Request exists.
dhcpcdnormally de-configures the interface and configuration when it exits. Sometimes, this isn't desirable if, for example, you have root mounted over NFS or SSH clients connect to this host and they need to be notified of the host shutting down. You can use this option to stop this from happening.
Also, see the
env option above to
control how the hostname is set on the host.
ia_na[iaid [/ address]]
iaidoption as described above. You can request more than one ia_na by specifying a unique iaid for each one.
ia_pd[iaid [/ prefix / prefix_len] [interface [/ sla_id [/ prefix_len [/ suffix]]]]]
interfaceblock. Unless a sla_id of 0 is assigned with the same resultant prefix length as the delegation, a reject route is installed for the Delegated Prefix to stop unallocated addresses being resolved upstream. If no interface is given then we will assign a prefix to every other interface with a sla_id equivalent to the interface index assigned by the OS. Otherwise addresses are only assigned for each interface and sla_id. Each assigned address will have a suffix, defaulting to 1. If the suffix is 0 then a SLAAC address is assigned. You cannot assign a prefix to the requesting interface unless the DHCPv6 server supports the
RFC 6603Prefix Exclude Option.
dhcpcdhas to be running for all the interfaces it is delegating to. A default prefix_len of 64 is assumed, unless the maximum sla_id does not fit. In this case prefix_len is increased to the highest multiple of 8 that can accommodate the sla_id. sla_id is an integer which must be unique inside the iaid and is added to the prefix which must fit inside prefix_len less the length of the delegated prefix. You can specify multiple interface / sla_id / prefix_len per
ia_pd, space separated. IPv6RS should be disabled globally when requesting a Prefix Delegation.
In the following example eth0 is the externally facing interface to be configured for both IPv4 and IPv6. The DHCPv4 server will provide us with an IPv4 address and a default route. The DHCPv6 server is going to provide us with an IPv6 address, a default route and a /64 subnet to be delegated to the internal interface. The eth1 interface will be automatically configured for IPv6 using the first address (::1) from the delegated prefix. A second prefix is requested and assigned to two other interfaces. rtadvd(8) can be used with an empty configuration file on eth1, eth2 and eth3, to provide automatic IPv6 address configuration for the internal network.
noipv6rs # disable routing solicitation denyinterfaces eth2 # Don't touch eth2 at all interface eth0 ipv6rs # enable routing solicitation for eth0 ia_na 1 # request an IPv6 address ia_pd 2 eth1/0 # request a PD and assign it to eth1 ia_pd 3 eth2/1 eth3/2 # req a PD and assign it to eth2 and eth3
fqdn[disable | none | ptr | both]
dhcpcditself never does any DNS updates.
dhcpcdencodes the FQDN hostname as specified in
dhcpcdreceives an IPv6 Router Advertisement,
dhcpcdwill only fork to the background if the RA contains at least one unexpired RDNSS option and a valid prefix or no DHCPv6 instruction. Set this option so to make
dhcpcdalways fork on a RA.
dhcpcddoes not request any lease time and leaves it in the hands of the DHCP server. It is not possible to request a DHCPv6 lease time as this is not RFC compliant. See RFC 8415 21.4, 21.6, 21.21 and 21.22.
dhcpcdwill recover from link buffer overflows, this may not be desirable on heavily loaded systems.
dhcpcdstill writes to syslog(3). The logfile is reopened when
dhcpcdwill supply a default metric of 1000 + if_nametoindex(3). This will be offset by 2000 for wireless interfaces, with additional offsets of 1000000 for IPv4LL and 2000000 for roaming interfaces.
So to stop
dhcpcd from touching your
DNS settings or starting wpa_supplicant you would do:-
optionlines. Prepend dhcp6_ to option to request a DHCPv6 option. If no DHCPv6 options are configured, then DHCPv4 options are mapped to equivalent DHCPv6 options.
Prepend nd_ to option to handle ND
options, but this only works for the
To see a list of options you can use, call
dhcpcd with the
dhcpcdonly responds to DHCP servers and not BOOTP servers, you can
requiredhcp_message_type. This isn't an exact science though because a BOOTP server can send DHCP-like options.
requireto select / de-select BOOTP messages.
dhcpcd.confdetects an address added to a point to point interface (PPP, TUN, etc) then it will set the listed DHCP options to the destination address of the interface.
dhcpcd.confto skip the reboot phase and go straight into DISCOVER. This is desirable for mobile users because if you change from network A to network B and they use the same subnet and the address from network A isn't in use on network B, then the DHCP server will remain silent even if authoritative which means
dhcpcdwill timeout before moving back to the DISCOVER phase. This has no effect on DHCPv6 other than skipping the reboot phase.
dhcpcdwill release the lease prior to stopping the interface.
privateis used, a RFC 7217 address is generated. If
tokentoken is used then the token is combined with the prefix to make the final address. The
temporarydirective will create a temporary address for the prefix as well.
dhcpcdwill not attempt to obtain a lease and will just use the value for the address with an infinite lease time. If you set an empty value this removes all prior static allocations to the same value. This is useful when using profiles and in the case of
ip_addressit will remove the static allocation. Note that setting 0.0.0.0 keeps the static allocation but waits for a 3rdparty to configure the address. If you set
dhcpcdwill continue auto-configuration as normal.
Here is an example which configures two static address,
overriding the default IPv4 broadcast address, an IPv4 router, DNS and
disables IPv6 auto-configuration. You could also use the
inform6 command here if you wished to obtain
more information via DHCPv6. For IPv4, you should use the
inform ipaddress option
instead of setting a static address.
Here is an example for PPP which gives the destination a default route. It uses the special destination keyword to insert the destination address into the value.
dhcpcdto wait forever to get a lease. If
dhcpcdis working on a single interface then
dhcpcdwill exit when a timeout occurs, otherwise
dhcpcdwill fork into the background. If using IPv4LL then
dhcpcdstart the IPv4LL process after the timeout and then wait a little longer before really timing out.
userclassoption, this one can only be added once. It should only be used for Microsoft DHCP servers and the
vendorclassidshould be set to "MSFT 98" or "MSFT 5.0". This option is not RFC compliant.
Set the vendor option 01 with an IP address.
waitip[4 | 6]
dhcpcd.confwill wait for any address protocol to be assigned. It is possible to wait for more than one address protocol and
dhcpcd.confwill only fork to the background when all waiting conditions are satisfied.
DHCP, ND and DHCPv6 allow for the use of custom options, and RFC
3925 vendor options for DHCP can also be supplied. Each option needs to be
started with the
vendopt directive. This can optionally be followed
options. Both can be specified more than once and
embed must come before
definecode type variable
definendcode type variable
define6code type variable
vendoptcode type variable
encapcode type variable
These keywords come before the type itself, to describe it more fully. You can use more than one, but they must appear in the order listed below.
The type directly affects the length of data consumed inside the option. Any remaining data is normally discarded. Lengths can be specified for string and binhex types, but this is generally with other data embedded afterwards in the same option.
dhcpcdwill send an authentication option with no key or MAC. The server will see this option, and select a key for
dhcpcd.conf, writing the realm and secretid in it.
dhcpcdwill then look for an unexpired token with a matching realm and secretid. This token is used to authenticate all other messages.
If none specified,
hmac-md5 is the
If none specified,
monotonic is the
default. If this is changed from what was previously used, or the means of
calculating or storing it is broken, then the DHCP server will probably have
to have its notion of the client's Replay Detection Value reset.
Roy Marples <firstname.lastname@example.org>
Please report them to https://roy.marples.name/projects/dhcpcd
|August 31, 2022||x86_64|