DHCPCD.CONF(5) | File Formats Manual | DHCPCD.CONF(5) |
dhcpcd.conf
—
dhcpcd configuration file
Although dhcpcd
can do everything from the
command line, there are cases where it's just easier to do it once in a
configuration file. Most of the options found in
dhcpcd(8) can be used here. The first
word on the line is the option and the rest of the line is the value.
Leading and trailing whitespace for the option and value are trimmed. You
can escape characters in the value using the \ character. Comments can be
prefixed with the # character. String values should be quoted with the
" character.
Here's a list of available options:
allowinterfaces
patterndenyinterfaces
then
it is still denied.denyinterfaces
patternanonymous
anonymous
option is processed. As such, the
anonymous
option
should
be the last option in the configuration unless you really want to send
something which could identify you. dhcpcd
will
not try and reboot an old lease, it will go straight into
DISCOVER/SOLICIT.randomise_hwaddr
arping
address [address]dhcpcd
will arping each address in order before
attempting DHCP. If an address is found, we will select the replying
hardware address as the profile, otherwise the IP address. Example:
authprotocol
protocol [algorithm
[rdm]]authtoken
secretid realm
expire keydhcpcd
has the error
dhcpcd
could not find the correct
authentication token in your configuration.background
blacklist
address[/cidr]whitelist
address[/cidr]blacklist
is ignored if
whitelist
is set.bootp
broadcast
dhcpcd
will set
this automatically.controlgroup
groupdhcpcd
.debug
dev
valuedhcpcd
will load the first one
found to work, if any.env
valueenv
force_hostname=YES. Or
set which driver
wpa_supplicant(8) should use
with env
wpa_supplicant_driver=nl80211
If the hostname is set, it will be will set to the FQDN if
possible as per RFC 4702, section 3.1. If the FQDN option is missing,
dhcpcd
will still try and set a FQDN from the
hostname and domain options for consistency. To override this, set
env
hostname_fqdn=[YES|NO|SERVER]. A value of
SERVER means just what the server says, don't
manipulate it. This could lead to an inconsistent hostname on a DHCPv4
and DHCPv6 network where the DHCPv4 hostname is short and the DHCPv6 has
an FQDN. DHCPv6 has no hostname option.
clientid
stringdhcpcd
sends a default
clientid of the hardware family and the hardware
address.duid
[ll | lt | uuid | value]clientid
. The DUID generated will be held in
/var/db/dhcpcd/duid and should not be copied to
other hosts. This file also takes precedence over the above rules except
for setting a value.iaid
iaidinterface
block.
This defaults to the VLANID (prefixed with 0xff) for the interface if set,
otherwise the last 4 bytes of the hardware address assigned to the
interface. Each instance of this should be unique within the scope of the
client and dhcpcd
warns if a conflict is detected.
If there is a conflict, it is only a problem if the conflicted IAIDs are
used on the same network.dhcp
dhcp6
ipv4
ipv6
request
[address]inform
[address[/cidr[/broadcast_address]]]request
as above, but sends a DHCP
INFORM instead of DISCOVER/REQUEST. This does not get a lease as such,
just notifies the DHCP server of the address in use.
You should also include the optional cidr network
number in case the address is not already configured on the interface.
dhcpcd
remains running and pretends it has an
infinite lease. dhcpcd
will not de-configure the
interface when it exits. If dhcpcd
fails to
contact a DHCP server then it returns a failure instead of falling back on
IPv4LL.inform6
dhcpcd
is not processing IPv6 RA messages and the
need for a DHCPv6 Information Request exists.persistent
dhcpcd
normally de-configures the interface and
configuration when it exits. Sometimes, this isn't desirable if, for
example, you have root mounted over NFS or SSH clients connect to this
host and they need to be notified of the host shutting down. You can use
this option to stop this from happening.fallback
profilefallback_time
secondshostname
namehostname_short
Also, see the env
option above to
control how the hostname is set on the host.
ia_na
[iaid [/ address]]iaid
option as described above. You can request more than one ia_na by
specifying a unique iaid for each one.ia_ta
[iaid]ia_pd
[iaid [/ prefix /
prefix_len] [interface [/
sla_id [/ prefix_len [/
suffix]]]]]interface
block. Unless
a sla_id of 0 is assigned with the same resultant
prefix length as the delegation, a reject route is installed for the
Delegated Prefix to stop unallocated addresses being resolved upstream. If
no interface is given then we will assign a prefix
to every other interface with a sla_id equivalent to
the interface index assigned by the OS. Otherwise addresses are only
assigned for each interface and
sla_id. To avoid delegating to any interface, use -
as the invalid interface name. Each assigned address will have a
suffix, defaulting to 1. If the
suffix is 0 then a SLAAC address is assigned. You
cannot assign a prefix to the requesting interface unless the DHCPv6
server supports the RFC 6603
Prefix Exclude
Option. dhcpcd
has to be running for all the
interfaces it is delegating to. A default prefix_len
of 64 is assumed, unless the maximum sla_id does not
fit. In this case prefix_len is increased to the
highest multiple of 8 that can accommodate the
sla_id. sla_id is an integer
which must be unique inside the iaid and is added to
the prefix which must fit inside prefix_len less the
length of the delegated prefix. You can specify multiple
interface / sla_id /
prefix_len per ia_pd
, space
separated. IPv6RS should be disabled globally when requesting a Prefix
Delegation.
In the following example eth0 is the externally facing interface to be configured for both IPv4 and IPv6. The DHCPv4 server will provide us with an IPv4 address and a default route. The DHCPv6 server is going to provide us with an IPv6 address, a default route and a /64 subnet to be delegated to the internal interface. The eth1 interface will be automatically configured for IPv6 using the first address (::1) from the delegated prefix. A second prefix is requested and assigned to two other interfaces. rtadvd(8) can be used with an empty configuration file on eth1, eth2 and eth3, to provide automatic IPv6 address configuration for the internal network.
noipv6rs # disable routing solicitation denyinterfaces eth2 # Don't touch eth2 at all interface eth0 ipv6rs # enable routing solicitation for eth0 ia_na 1 # request an IPv6 address ia_pd 2 eth1/0 # request a PD and assign it to eth1 ia_pd 3 eth2/1 eth3/2 # req a PD and assign it to eth2 and eth3 ia_pd 4 - # request a PD but don't assign it
ipv4only
ipv6only
fqdn
[disable | none | ptr | both]dhcpcd
itself never does any DNS updates. dhcpcd
encodes
the FQDN hostname as specified in RFC 1035
.interface
interfaceipv4ll_time
secondsipv6ra_autoconf
ipv6ra_noautoconf
ipv6ra_fork
dhcpcd
receives an IPv6 Router
Advertisement, dhcpcd
will only fork to the
background if the RA contains at least one unexpired RDNSS option and a
valid prefix or no DHCPv6 instruction. Set this option so to make
dhcpcd
always fork on a RA.ipv6rs
leasetime
secondsdhcpcd
does not request any lease time and leaves
it in the hands of the DHCP server. It is not possible to request a DHCPv6
lease time as this is not RFC compliant. See RFC 8415 21.4, 21.6, 21.21
and 21.22.link_rcvbuf
sizedhcpcd
will recover from link buffer
overflows, this may not be desirable on heavily loaded systems.logfile
logfiledhcpcd
still writes to
syslog(3). The
logfile is reopened when
dhcpcd
receives the
SIGUSR2
signal.metric
metricdhcpcd
will supply a default metric of 1000 +
if_nametoindex(3). This will be
offset by 2000 for wireless interfaces, with additional offsets of 1000000
for IPv4LL and 2000000 for roaming interfaces.mudurl
urlnoalias
noarp
arp_persistdefence
noauthrequired
nodelay
nodev
nodhcp
nodhcp6
nogateway
gateway
nohook
scriptSo to stop dhcpcd
from touching your
DNS settings or starting wpa_supplicant you would do:-
noipv4
noipv4ll
noipv6
noipv6rs
nolink
noup
option
optionoption
lines.
Prepend dhcp6_ to option to request a DHCPv6 option.
If no DHCPv6 options are configured, then DHCPv4 options are mapped to
equivalent DHCPv6 options.
Prepend nd_ to option to handle ND
options, but this only works for the nooption
,
reject
and require
options.
To see a list of options you can use, call
dhcpcd
with the -V
,
--variables
argument.
nooption
optionrequire
optiondhcpcd
only responds to DHCP servers and not BOOTP
servers, you can require
dhcp_message_type. This isn't an exact science
though because a BOOTP server can send DHCP-like options.reject
optionrequire
to select /
de-select BOOTP messages.destination
optiondhcpcd.conf
detects an address added to a point
to point interface (PPP, TUN, etc) then it will set the listed DHCP
options to the destination address of the interface.profile
namequiet
reboot
secondsdhcpcd.conf
to skip the reboot phase and go
straight into DISCOVER. This is desirable for mobile users because if you
change from network A to network B and they use the same subnet and the
address from network A isn't in use on network B, then the DHCP server
will remain silent even if authoritative which means
dhcpcd
will timeout before moving back to the
DISCOVER phase. This has no effect on DHCPv6 other than skipping the
reboot phase.release
dhcpcd
will release the lease prior to stopping
the interface.script
scriptrequest_time
secondsssid
ssidslaac
hwaddr
|
private
|
token
token [temp
|
temporary
]private
is used, a RFC 7217 address is
generated. If token
token is
used then the token is combined with the prefix to make the final address.
The temporary
directive will create a temporary
address for the prefix as well.static
valueip_address
then dhcpcd
will not attempt to obtain a lease and will just use the value for the
address with an infinite lease time. If you set an empty value this
removes all prior static allocations to the same value. This is useful
when using profiles and in the case of ip_address
it will remove the static allocation. Note that setting 0.0.0.0 keeps the
static allocation but waits for a 3rdparty to configure the address. If
you set ip6_address
,
dhcpcd
will continue auto-configuration as normal.
Here is an example which configures two static address,
overriding the default IPv4 broadcast address, an IPv4 router, DNS and
disables IPv6 auto-configuration. You could also use the
inform6
command here if you wished to obtain
more information via DHCPv6. For IPv4, you should use the
inform
ipaddress option
instead of setting a static address.
Here is an example for PPP which gives the destination a default route. It uses the special destination keyword to insert the destination address into the value.
timeout
secondsdhcpcd
to wait forever to get a lease. If
dhcpcd
is working on a single interface then
dhcpcd
will exit when a timeout occurs, otherwise
dhcpcd
will fork into the background. If using
IPv4LL then dhcpcd
start the IPv4LL process after
the timeout and then wait a little longer before really timing out.userclass
stringmsuserclass
stringuserclass
option, this one can only be added once.
It should only be used for Microsoft DHCP servers and the
vendorclassid
should be set to "MSFT 98"
or "MSFT 5.0". This option is not RFC compliant.vendor
code,valueSet the vendor option 01 with an IP address.
vendorclassid
stringvendclass
en datawaitip
[4 | 6]dhcpcd.conf
will wait for any address protocol to
be assigned. It is possible to wait for more than one address protocol and
dhcpcd.conf
will only fork to the background when
all waiting conditions are satisfied.xidhwaddr
DHCP, ND and DHCPv6 allow for the use of custom options, and RFC
3925 vendor options for DHCP can also be supplied. Each option needs to be
started with the define
,
definend
, define6
or
vendopt
directive. This can optionally be followed
by both embed
or encap
options. Both can be specified more than once and
embed
must come before
encap
.
define
code type
variabledefinend
code type
variabledefine6
code type
variablevendopt
code type
variableembed
type variableencap
code type
variableThese keywords come before the type itself, to describe it more fully. You can use more than one, but they must appear in the order listed below.
request
norequest
optional
index
array
The type directly affects the length of data consumed inside the option. Any remaining data is normally discarded. Lengths can be specified for string and binhex types, but this is generally with other data embedded afterwards in the same option.
ipaddress
ip6address
string
[: length
]byte
bitflags
:
flags
int16
uint16
int32
uint32
flag
domain
dname
uri
binhex
[: length
]embed
encap
option
token
delayedrealm
dhcpcd
will send an
authentication option with no key or MAC. The server will see this option,
and select a key for dhcpcd.conf
, writing the
realm and secretid in it.
dhcpcd
will then look for an unexpired token with
a matching realm and secretid.
This token is used to authenticate all other messages.delayed
If none specified, hmac-md5
is the
default.
If none specified, monotonic
is the
default. If this is changed from what was previously used, or the means of
calculating or storing it is broken, then the DHCP server will probably have
to have its notion of the client's Replay Detection Value reset.
monocounter
monotime
monotonic
monotime
.fnmatch(3), if_nametoindex(3), dhcpcd(8), dhcpcd-run-hooks(8)
Roy Marples <roy@marples.name>
Please report them to https://roy.marples.name/projects/dhcpcd
May 24, 2024 | x86_64 |