Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
dhcpd.conf(5)		      File Formats Manual		 dhcpd.conf(5)

NAME
       dhcpd.conf - dhcpd configuration	file

DESCRIPTION
       The  dhcpd.conf	file contains configuration information	for dhcpd, the
       Internet	Systems	Consortium DHCP	Server.

       The dhcpd.conf file is a	free-form ASCII	text file.   It	is  parsed  by
       the  recursive-descent  parser built into dhcpd.	  The file may contain
       extra tabs and newlines for formatting purposes.	 Keywords in the  file
       are case-insensitive.   Comments	may be placed anywhere within the file
       (except	within	quotes).   Comments begin with the # character and end
       at the end of the line.

       The file	essentially consists of	a  list	 of  statements.    Statements
       fall into two broad categories -	parameters and declarations.

       Parameter  statements  either say how to	do something (e.g., how	long a
       lease to	offer),	whether	to do something	(e.g.,	should	dhcpd  provide
       addresses  to  unknown  clients),  or what parameters to	provide	to the
       client (e.g., use gateway 220.177.244.7).

       Declarations are	used to	describe the topology of the network,  to  de-
       scribe  clients	on  the	 network, to provide addresses that can	be as-
       signed to clients, or to	apply a	group of parameters to a group of dec-
       larations.   In any group of parameters and declarations,  all  parame-
       ters  must  be  specified before	any declarations which depend on those
       parameters may be specified.

       Declarations about network topology include the shared-network and  the
       subnet  declarations.	If  clients on a subnet	are to be assigned ad-
       dresses dynamically, a range declaration	must appear within the	subnet
       declaration.    For  clients with statically assigned addresses,	or for
       installations where only	known clients will be served, each such	client
       must have a host	declaration.   If parameters are to be	applied	 to  a
       group  of  declarations	which are not related strictly on a per-subnet
       basis, the group	declaration can	be used.

       For every subnet	which will be served, and for every  subnet  to	 which
       the  dhcp  server  is  connected, there must be one subnet declaration,
       which tells dhcpd how to	recognize that an address is on	 that  subnet.
       A  subnet  declaration is required for each subnet even if no addresses
       will be dynamically allocated on	that subnet.

       Some installations have physical	networks on which  more	 than  one  IP
       subnet  operates.    For	 example,  if there is a site-wide requirement
       that 8-bit subnet masks be used,	but a department with a	single	physi-
       cal  ethernet  network  expands to the point where it has more than 254
       nodes, it may be	necessary to run two 8-bit subnets on the same	ether-
       net  until  such	time as	a new physical network can be added.   In this
       case, the subnet	declarations for these two networks must  be  enclosed
       in a shared-network declaration.

       Note  that even when the	shared-network declaration is absent, an empty
       one is created by the server to contain the subnet (and any scoped  pa-
       rameters	 included  in the subnet).  For	practical purposes, this means
       that "stateless"	DHCP clients, which are	not  tied  to  addresses  (and
       therefore  subnets)  will  receive  the	same configuration as stateful
       ones.

       Some sites may have departments which have clients  on  more  than  one
       subnet, but it may be desirable to offer	those clients a	uniform	set of
       parameters  which  are  different than what would be offered to clients
       from other departments on the same subnet.   For	clients	which will  be
       declared	 explicitly  with host declarations, these declarations	can be
       enclosed	in a group declaration along with  the	parameters  which  are
       common to that department.   For	clients	whose addresses	will be	dynam-
       ically assigned,	class declarations and conditional declarations	may be
       used  to	 group	parameter  assignments based on	information the	client
       sends.

       When a client is	to be booted, its boot parameters  are	determined  by
       consulting that client's	host declaration (if any), and then consulting
       any  class declarations matching	the client, followed by	the pool, sub-
       net and shared-network declarations for the IP address assigned to  the
       client.	  Each	of  these declarations itself appears within a lexical
       scope, and all declarations at less specific lexical  scopes  are  also
       consulted for client option declarations.   Scopes are never considered
       twice, and if parameters	are declared in	more than one scope, the para-
       meter declared in the most specific scope is the	one that is used.

       When  dhcpd  tries  to  find  a host declaration	for a client, it first
       looks for a host	declaration which has a	fixed-address declaration that
       lists an	IP address that	is valid for the subnet	or shared  network  on
       which  the  client  is booting.	 If it doesn't find any	such entry, it
       tries to	find an	entry which has	no fixed-address declaration.

EXAMPLES
       A typical dhcpd.conf file will look something like this:

       global parameters...

       subnet 204.254.239.0 netmask 255.255.255.224 {
	 subnet-specific parameters...
	 range 204.254.239.10 204.254.239.30;
       }

       subnet 204.254.239.32 netmask 255.255.255.224 {
	 subnet-specific parameters...
	 range 204.254.239.42 204.254.239.62;
       }

       subnet 204.254.239.64 netmask 255.255.255.224 {
	 subnet-specific parameters...
	 range 204.254.239.74 204.254.239.94;
       }

       group {
	 group-specific	parameters...
	 host zappo.test.isc.org {
	   host-specific parameters...
	 }
	 host beppo.test.isc.org {
	   host-specific parameters...
	 }
	 host harpo.test.isc.org {
	   host-specific parameters...
	 }
       }

				      Figure 1

       Notice that at the beginning of the file, there's a  place  for	global
       parameters.    These  might  be	things	like the organization's	domain
       name, the addresses of the name servers (if they	are common to the  en-
       tire organization), and so on.	So, for	example:

	    option domain-name "isc.org";
	    option domain-name-servers ns1.isc.org, ns2.isc.org;

				      Figure 2

       As  you	can see	in Figure 2, you can specify host addresses in parame-
       ters using their	domain names rather than their numeric	IP  addresses.
       If  a given hostname resolves to	more than one IP address (for example,
       if that host has	two ethernet interfaces), then	where  possible,  both
       addresses are supplied to the client.

       The  most obvious reason	for having subnet-specific parameters as shown
       in Figure 1 is that each	subnet,	of necessity, has its own router.   So
       for the first subnet, for example, there	should be something like:

	    option routers 204.254.239.1;

       Note that the address here is specified numerically.   This is not  re-
       quired -	if you have a different	domain name for	each interface on your
       router,	it's  perfectly	legitimate to use the domain name for that in-
       terface instead of the numeric address.	 However, in many cases	 there
       may  be only one	domain name for	all of a router's IP addresses,	and it
       would not be appropriate	to use that name here.

       In Figure 1 there is also a group statement, which provides common  pa-
       rameters	for a set of three hosts - zappo, beppo	and harpo.  As you can
       see,  these  hosts are all in the test.isc.org domain, so it might make
       sense for a group-specific parameter to override	the domain  name  sup-
       plied to	these hosts:

	    option domain-name "test.isc.org";

       Also,  given  the  domain they're in, these are probably	test machines.
       If we wanted to test the	DHCP leasing mechanism,	we might set the lease
       timeout somewhat	shorter	than the default:

	    max-lease-time 120;
	    default-lease-time 120;

       You may have noticed that while some parameters start with  the	option
       keyword,	 some  do  not.	   Parameters starting with the	option keyword
       correspond to actual DHCP options, while	parameters that	do  not	 start
       with  the option	keyword	either control the behavior of the DHCP	server
       (e.g., how long a lease dhcpd will give out), or	specify	client parame-
       ters that are not optional in the DHCP protocol (for  example,  server-
       name and	filename).

       In  Figure 1, each host had host-specific parameters.   These could in-
       clude such things as the	hostname option, the name of a file to	upload
       (the  filename  parameter)  and the address of the server from which to
       upload the file (the next-server	parameter).   In general, any  parame-
       ter  can	 appear	 anywhere that parameters are allowed, and will	be ap-
       plied according to the scope in which the parameter appears.

       Imagine that you	have a site with a lot	of  NCD	 X-Terminals.	 These
       terminals come in a variety of models, and you want to specify the boot
       files for each model.   One way to do this would	be to have host	decla-
       rations for each	server and group them by model:

       group {
	 filename "Xncd19r";
	 next-server ncd-booter;

	 host ncd1 { hardware ethernet 0:c0:c3:49:2b:57; }
	 host ncd4 { hardware ethernet 0:c0:c3:80:fc:32; }
	 host ncd8 { hardware ethernet 0:c0:c3:22:46:81; }
       }

       group {
	 filename "Xncd19c";
	 next-server ncd-booter;

	 host ncd2 { hardware ethernet 0:c0:c3:88:2d:81; }
	 host ncd3 { hardware ethernet 0:c0:c3:00:14:11; }
       }

       group {
	 filename "XncdHMX";
	 next-server ncd-booter;

	 host ncd1 { hardware ethernet 0:c0:c3:11:90:23; }
	 host ncd4 { hardware ethernet 0:c0:c3:91:a7:8;	}
	 host ncd8 { hardware ethernet 0:c0:c3:cc:a:8f;	}
       }

ADDRESS	POOLS
       The  pool  declaration  can be used to specify a	pool of	addresses that
       will be treated differently than	another	pool of	addresses, even	on the
       same network segment or subnet.	 For example, you may want to  provide
       a  large	set of addresses that can be assigned to DHCP clients that are
       registered to your DHCP server, while providing a smaller  set  of  ad-
       dresses,	 possibly  with	 short lease times, that are available for un-
       known clients.	If you have a firewall,	you may	be able	to arrange for
       addresses from one pool to be allowed access to the Internet, while ad-
       dresses in another pool are not,	thus  encouraging  users  to  register
       their  DHCP clients.   To do this, you would set	up a pair of pool dec-
       larations:

       subnet 10.0.0.0 netmask 255.255.255.0 {
	 option	routers	10.0.0.254;

	 # Unknown clients get this pool.
	 pool {
	   option domain-name-servers bogus.example.com;
	   max-lease-time 300;
	   range 10.0.0.200 10.0.0.253;
	   allow unknown-clients;
	 }

	 # Known clients get this pool.
	 pool {
	   option domain-name-servers ns1.example.com, ns2.example.com;
	   max-lease-time 28800;
	   range 10.0.0.5 10.0.0.199;
	   deny	unknown-clients;
	 }
       }

       It is also possible to set up entirely different	subnets	for known  and
       unknown	clients	- address pools	exist at the level of shared networks,
       so address ranges within	pool declarations can be on different subnets.

       As you can see in the preceding example,	pools can  have	 permit	 lists
       that  control  which  clients  are allowed access to the	pool and which
       aren't.	Each entry in a	pool's permit list is introduced with the  al-
       low  or	deny  keyword.	  If a pool has	a permit list, then only those
       clients that match specific entries on the permit list will be eligible
       to be assigned addresses	from the pool.	 If a pool has	a  deny	 list,
       then  only those	clients	that do	not match any entries on the deny list
       will be eligible.    If both permit and deny lists exist	 for  a	 pool,
       then  only clients that match the permit	list and do not	match the deny
       list will be allowed access.

DYNAMIC	ADDRESS	ALLOCATION
       Address allocation is actually only done	when a client is in  the  INIT
       state and has sent a DHCPDISCOVER message.  If the client thinks	it has
       a  valid	lease and sends	a DHCPREQUEST to initiate or renew that	lease,
       the server has only three choices - it can ignore the DHCPREQUEST, send
       a DHCPNAK to tell the client it should stop using the address, or  send
       a  DHCPACK,  telling  the  client to go ahead and use the address for a
       while.

       If the server finds the address the client is requesting, and that  ad-
       dress  is  available to the client, the server will send	a DHCPACK.  If
       the address is no longer	available, or the client  isn't	 permitted  to
       have  it,  the server will send a DHCPNAK.  If the server knows nothing
       about the address, it will remain silent, unless	the address is	incor-
       rect  for the network segment to	which the client has been attached and
       the server is authoritative for that network segment, in	which case the
       server will send	a DHCPNAK even though it doesn't know  about  the  ad-
       dress.

       There  may  be a	host declaration matching the client's identification.
       If that host declaration	 contains  a  fixed-address  declaration  that
       lists  an IP address that is valid for the network segment to which the
       client is connected.  In	this case, the DHCP server will	never  do  dy-
       namic address allocation.  In this case,	the client is required to take
       the  address specified in the host declaration.	 If the	client sends a
       DHCPREQUEST for some other address, the	server	will  respond  with  a
       DHCPNAK.

       When  the  DHCP	server allocates a new address for a client (remember,
       this only happens if the	client has  sent  a  DHCPDISCOVER),  it	 first
       looks  to see if	the client already has a valid lease on	an IP address,
       or if there is an old IP	address	the client had before that hasn't  yet
       been  reassigned.   In that case, the server will take that address and
       check it	to see if the client is	still permitted	to  use	 it.   If  the
       client  is  no  longer  permitted  to use it, the lease is freed	if the
       server thought it was still in use - the	fact that the client has  sent
       a  DHCPDISCOVER proves to the server that the client is no longer using
       the lease.

       If no existing lease is found, or if the	client is forbidden to receive
       the existing lease, then	the server will	look in	the  list  of  address
       pools  for  the	network	 segment to which the client is	attached for a
       lease that is not in use	and that the client is permitted to have.   It
       looks through each pool declaration in sequence (all range declarations
       that appear outside of pool declarations	are grouped into a single pool
       with no permit list).   If the permit list  for	the  pool  allows  the
       client  to be allocated an address from that pool, the pool is examined
       to see if there is an address available.	  If so, then  the  client  is
       tentatively  assigned  that  address.	Otherwise,  the	 next  pool is
       tested.	 If no addresses are found that	can be assigned	to the client,
       no response is sent to the client.

       If an address is	found that the client is permitted to have,  and  that
       has  never  been	 assigned to any client	before,	the address is immedi-
       ately allocated to the client.	If the address is available for	 allo-
       cation  but  has	 been  previously  assigned to a different client, the
       server will keep	looking	in hopes of finding an address that has	 never
       before been assigned to a client.

       The  DHCP  server  generates  the list of available IP addresses	from a
       hash table.   This means	that the addresses are not sorted in any  par-
       ticular	order, and so it is not	possible to predict the	order in which
       the DHCP	server will allocate IP	addresses.   Users  of	previous  ver-
       sions  of  the  ISC  DHCP server	may have become	accustomed to the DHCP
       server allocating IP addresses in  ascending  order,  but  this	is  no
       longer  possible,  and  there is	no way to configure this behavior with
       version 3 of the	ISC DHCP server.

IP ADDRESS CONFLICT PREVENTION
       The DHCP	server checks IP addresses to see if they are  in  use	before
       allocating  them	to clients.   It does this by sending an ICMP Echo re-
       quest message to	the IP address being allocated.	  If no	ICMP Echo  re-
       ply  is	received  within  a second, the	address	is assumed to be free.
       This is only done for leases that have been specified in	 range	state-
       ments, and only when the	lease is thought by the	DHCP server to be free
       -  i.e.,	 the DHCP server or its	failover peer has not listed the lease
       as in use.

       If a response is	received to an ICMP Echo request, the DHCP server  as-
       sumes that there	is a configuration error - the IP address is in	use by
       some  host on the network that is not a DHCP client.   It marks the ad-
       dress as	abandoned, and will not	assign it to clients.

       If a DHCP client	tries to get an	IP address, but	 none  are  available,
       but there are abandoned IP addresses, then the DHCP server will attempt
       to  reclaim an abandoned	IP address.   It marks one IP address as free,
       and then	does the same ICMP Echo	request	 check	described  previously.
       If there	is no answer to	the ICMP Echo request, the address is assigned
       to the client.

       The  DHCP  server  does not cycle through abandoned IP addresses	if the
       first IP	address	it tries to reclaim is free.   Rather, when  the  next
       DHCPDISCOVER comes in from the client, it will attempt a	new allocation
       using  the  same	method described here, and will	typically try a	new IP
       address.

DHCP FAILOVER
       This version of the ISC DHCP server supports the	DHCP failover protocol
       as documented in	draft-ietf-dhc-failover-12.txt.	  This is not a	 final
       protocol	 document,  and	we have	not done interoperability testing with
       other vendors' implementations of this protocol,	so you must not	assume
       that this implementation	conforms to the	standard.  If you wish to  use
       the  failover  protocol,	make sure that both failover peers are running
       the same	version	of the ISC DHCP	server.

       The failover protocol allows two	DHCP servers (and no more than two) to
       share a common address pool.   Each server will have about half of  the
       available  IP  addresses	 in the	pool at	any given time for allocation.
       If one server fails, the	other server will continue to renew leases out
       of the pool, and	will allocate new addresses out	of the roughly half of
       available addresses that	it had	when  communications  with  the	 other
       server were lost.

       It  is possible during a	prolonged failure to tell the remaining	server
       that the	other server is	down, in which case the	remaining server  will
       (over  time)  reclaim  all the addresses	the other server had available
       for allocation, and begin to reuse them.	  This is called  putting  the
       server into the PARTNER-DOWN state.

       You  can	put the	server into the	PARTNER-DOWN state either by using the
       omshell (1) command  or	by  stopping  the  server,  editing  the  last
       failover	 state	declaration  in	 the  lease  file,  and	restarting the
       server.	 If you	use this last method, change the "my state" line to:

       failover	peer name state	{
       my state	partner-down;
       peer state state	at date;
       }

       It is only required to change "my state"	as shown above.

       When the	other server comes back	online,	it should automatically	detect
       that it has been	offline	and request a complete update from the	server
       that  was running in the	PARTNER-DOWN state, and	then both servers will
       resume processing together.

       It is possible to get into a dangerous situation: if you	put one	server
       into the	PARTNER-DOWN state, and	then *that* server goes	down, and  the
       other  server  comes  back  up, the other server	will not know that the
       first server was	in the PARTNER-DOWN state,  and	 may  issue  addresses
       previously  issued  by the other	server to different clients, resulting
       in IP address conflicts.	  Before putting a  server  into  PARTNER-DOWN
       state,  therefore, make sure that the other server will not restart au-
       tomatically.

       The failover protocol defines a primary server  role  and  a  secondary
       server  role.	There are some differences in how primaries and	secon-
       daries act, but most of the differences simply have to do with  provid-
       ing  a  way for each peer to behave in the opposite way from the	other.
       So one server must be configured	as primary, and	the other must be con-
       figured as secondary, and it doesn't  matter  too  much	which  one  is
       which.

FAILOVER STARTUP
       When  a	server	starts	that  has not previously communicated with its
       failover	peer, it must establish	communications with its	failover  peer
       and  synchronize	with it	before it can serve clients.   This can	happen
       either because you have just configured your DHCP  servers  to  perform
       failover	 for  the  first time, or because one of your failover servers
       has failed catastrophically and lost its	database.

       The initial recovery process  is	 designed  to  ensure  that  when  one
       failover	 peer  loses  its database and then resynchronizes, any	leases
       that the	failed server gave out before it failed	will be	honored.  When
       the failed server starts	up, it notices that it has no  saved  failover
       state, and attempts to contact its peer.

       When  it	 has established contact, it asks the peer for a complete copy
       its peer's lease	database.  The peer then sends its complete  database,
       and sends a message indicating that it is done.	The failed server then
       waits until MCLT	has passed, and	once MCLT has passed both servers make
       the transition back into	normal operation.  This	waiting	period ensures
       that  any leases	the failed server may have given out while out of con-
       tact with its partner will have expired.

       While the failed	server is recovering, its partner remains in the part-
       ner-down	state, which means that	it is serving all clients.  The	failed
       server provides no service at all to DHCP clients until it has made the
       transition into normal operation.

       In the case where both servers detect that they have never before  com-
       municated  with their partner, they both	come up	in this	recovery state
       and follow the procedure	we have	just described.	   In  this  case,  no
       service will be provided	to DHCP	clients	until MCLT has expired.

CONFIGURING FAILOVER
       In  order  to  configure	failover, you need to write a peer declaration
       that configures the failover protocol, and you need to write peer  ref-
       erences	in  each  pool	declaration for	which you want to do failover.
       You do not have to do failover for all pools on a  given	 network  seg-
       ment.	You must not tell one server it's doing	failover on a particu-
       lar  address pool and tell the other it is not.	 You must not have any
       common address pools on which you are not doing failover.  A pool  dec-
       laration	that utilizes failover would look like this:

       pool {
	    failover peer "foo";
	    pool specific parameters
       };

       The   server currently  does very  little  sanity checking,  so if  you
       configure it wrong, it will just	 fail in odd ways.  I would  recommend
       therefore  that you either do  failover or don't	do failover, but don't
       do any mixed pools.  Also,  use the same	master configuration file  for
       both   servers,	and  have  a  separate file  that  contains  the  peer
       declaration and includes	the master file.  This will help you to	 avoid
       configuration   mismatches.  As our  implementation evolves,  this will
       become  less of	a  problem.  A	basic  sample dhcpd.conf  file for   a
       primary server might look like this:

       failover	peer "foo" {
	 primary;
	 address anthrax.rc.vix.com;
	 port 519;
	 peer address trantor.rc.vix.com;
	 peer port 520;
	 max-response-delay 60;
	 max-unacked-updates 10;
	 mclt 3600;
	 split 128;
	 load balance max seconds 3;
       }

       include "/etc/dhcpd.master";

       The statements in the peer declaration are as follows:

       The primary and secondary statements

	 [ primary | secondary ];

	 This  determines  whether  the	server is primary or secondary,	as de-
	 scribed earlier under DHCP FAILOVER.

       The address statement

	 address address;

	 The address statement declares	the IP address or DNS  name  on	 which
	 the  server should listen for connections from	its failover peer, and
	 also the value	to use for the DHCP Failover Protocol  server  identi-
	 fier.	 Because  this	value  is used as an identifier, it may	not be
	 omitted.

       The peer	address	statement

	 peer address address;

	 The peer address statement declares the IP address  or	 DNS  name  to
	 which	the  server  should  connect  to  reach	 its failover peer for
	 failover messages.

       The port	statement

	 port port-number;

	 The port statement declares the TCP port on which the	server	should
	 listen	 for  connections from its failover peer.   This statement may
	 not currently be omitted, because the failover	protocol does not  yet
	 have a	reserved TCP port number.

       The peer	port statement

	 peer port port-number;

	 The  peer  port  statement  declares the TCP port to which the	server
	 should	connect	to reach its  failover	peer  for  failover  messages.
	 This  statement may not be omitted because the	failover protocol does
	 not yet have a	reserved TCP port number.   The	port  number  declared
	 in  the  peer	port  statement	may be the same	as the port number de-
	 clared	in the port statement.

       The max-response-delay statement

	 max-response-delay seconds;

	 The max-response-delay	statement tells	the DHCP server	how many  sec-
	 onds  may pass	without	receiving a message from its failover peer be-
	 fore it assumes that connection has failed.   This number  should  be
	 small enough that a transient network failure that breaks the connec-
	 tion  will not	result in the servers being out	of communication for a
	 long time, but	large enough that the server isn't  constantly	making
	 and breaking connections.   This parameter must be specified.

       The max-unacked-updates statement

	 max-unacked-updates count;

	 The  max-unacked-updates  statement  tells the	remote DHCP server how
	 many BNDUPD messages it can send before it receives a BNDACK from the
	 local system.	 We don't have enough operational  experience  to  say
	 what a	good value for this is,	but 10 seems to	work.	This parameter
	 must be specified.

       The mclt	statement

	 mclt seconds;

	 The mclt statement defines the	Maximum	Client Lead Time.   It must be
	 specified  on the primary, and	may not	be specified on	the secondary.
	 This is the length of time for	which a	lease may be renewed by	either
	 failover peer without contacting the  other.	 The  longer  you  set
	 this,	the  longer  it	will take for the running server to recover IP
	 addresses after moving	into PARTNER-DOWN state.   The shorter you set
	 it, the more load your	servers	will experience	when they are not com-
	 municating.   A value of something like 3600 is probably  reasonable,
	 but  again  bear  in mind that	we have	no real	operational experience
	 with this.

       The split statement

	 split index;

	 The split statement specifies the split between the primary and  sec-
	 ondary	 for the purposes of load balancing.   Whenever	a client makes
	 a DHCP	request, the DHCP server runs a	hash on	the client identifica-
	 tion, resulting in value from 0 to 255.  This is  used	 as  an	 index
	 into  a  256 bit field.  If the bit at	that index is set, the primary
	 is responsible.  If the bit at	that index is not set,	the  secondary
	 is  responsible.   The	split value determines how many	of the leading
	 bits are set to one.  So, in practice,	higher split values will cause
	 the primary to	serve more clients than	the  secondary.	  Lower	 split
	 values,  the  converse.  Legal	values are between 0 and 255, of which
	 the most reasonable is	128.

       The hba statement

	 hba colon-separated-hex-list;

	 The hba statement specifies the split between the  primary  and  sec-
	 ondary	 as  a bitmap rather than a cutoff, which theoretically	allows
	 for finer-grained control.   In practice, there is probably  no  need
	 for such fine-grained control,	however.   An example hba statement:

	   hba ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
	       00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00;

	 This  is  equivalent  to  a split 128;	statement, and identical.  The
	 following two examples	are also equivalent to a split of 128, but are
	 not identical:

	   hba aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:
	       aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa;

	   hba 55:55:55:55:55:55:55:55:55:55:55:55:55:55:55:55:
	       55:55:55:55:55:55:55:55:55:55:55:55:55:55:55:55;

	 They are equivalent, because half the bits are	set to 0, half are set
	 to 1 (0xa and 0x5 are 1010 and	0101 binary respectively)  and	conse-
	 quently  this	would  roughly	divide the clients equally between the
	 servers.  They	are not	identical, because the actual peers this would
	 load balance to each server are different for each example.

	 You must only have split or hba defined, never	both.  For most	cases,
	 the fine-grained control that hba offers isn't	necessary,  and	 split
	 should	be used.

       The load	balance	max seconds statement

	 load balance max seconds seconds;

	 This statement	allows you to configure	a cutoff after which load bal-
	 ancing	 is  disabled.	 The  cutoff is	based on the number of seconds
	 since the client sent its first DHCPDISCOVER or DHCPREQUEST  message,
	 and only works	with clients that correctly implement the secs field -
	 fortunately  most clients do.	We recommend setting this to something
	 like 3	or 5.  The effect of this is that if one of the	failover peers
	 gets into a state where it is responding to failover messages but not
	 responding to some client requests, the other failover	peer will take
	 over its client load automatically as the clients retry.

       The Failover pool balance statements.

	  max-lease-misbalance percentage;
	  max-lease-ownership percentage;
	  min-balance seconds;
	  max-balance seconds;

	 This version of the DHCP Server evaluates pool	balance	on a schedule,
	 rather	than on	demand as leases are allocated.	 The  latter  approach
	 proved	 to be slightly	klunky when pool misbalanced reach total satu-
	 ration...when any server ran out of leases to assign,	it  also  lost
	 its ability to	notice it had run dry.

	 In  order  to understand pool balance,	some elements of its operation
	 first need to be defined.   First,  there  are	 'free'	 and  'backup'
	 leases.   Both	 of  these  are	 referred  to  as 'free	state leases'.
	 'free'	and 'backup' are 'the free states' for	the  purpose  of  this
	 document.   The difference is that only the primary may allocate from
	 'free'	leases unless under special circumstances, and only  the  sec-
	 ondary	may allocate 'backup' leases.

	 When  pool balance is performed, the only plausible expectation is to
	 provide a 50/50 split of  the	free  state  leases  between  the  two
	 servers.   This is because no one can predict which server will fail,
	 regardless of the relative load placed	upon the two servers, so  giv-
	 ing each server half the leases gives both servers the	same amount of
	 'failure  endurance'.	 Therefore,  there  is no way to configure any
	 different behaviour, outside of some very small windows we  will  de-
	 scribe	shortly.

	 The  first  thing  calculated	on any pool balance run	is a value re-
	 ferred	to as 'lts', or	"Leases	To Send".  This, simply, is  the  dif-
	 ference  in the count of free and backup leases, divided by two.  For
	 the secondary,	it is the difference in	the backup  and	 free  leases,
	 divided  by  two.   The resulting value is signed: if it is positive,
	 the local server is expected to hand out leases  to  retain  a	 50/50
	 balance.   If	it  is	negative, the remote server would need to send
	 leases	to balance the pool.  Once the lts  value  reaches  zero,  the
	 pool  is perfectly balanced (give or take one lease in	the case of an
	 odd number of total free state	leases).

	 The current approach is still something of a hybrid of	 the  old  ap-
	 proach, marked	by the presence	of the max-lease-misbalance statement.
	 This parameter	configures what	used to	be a 10% fixed value in	previ-
	 ous  versions:	if lts is less than free+backup	* max-lease-misbalance
	 percent, then the server will skip balancing a	given pool  (it	 won't
	 bother	 moving	 any  leases,  even if some leases "should" be moved).
	 The meaning of	this value is also somewhat  overloaded,  however,  in
	 that it also governs the estimation of	when to	attempt	to balance the
	 pool (which may then also be skipped over).  The oldest leases	in the
	 free  and  backup states are examined.	 The time they have resided in
	 their respective queues is used as an estimate	to indicate  how  much
	 time it is probable it	would take before the leases at	the top	of the
	 list  would  be consumed (and thus, how long it would take to use all
	 leases	in that	state).	 This percentage  is  directly	multiplied  by
	 this  time, and fit into the schedule if it falls within the min-bal-
	 ance and max-balance configured values.   The	scheduled  pool	 check
	 time  is  only	moved in a downwards direction,	it is never increased.
	 Lastly, if the	lts is more than double	this number  in	 the  negative
	 direction, the	local server will 'panic' and transmit a Failover pro-
	 tocol	POOLREQ	 message,  in the hopes	that the remote	system will be
	 woken up into action.

	 Once the lts value exceeds the	max-lease-misbalance percentage	of to-
	 tal free state	leases as described above, leases are moved to the re-
	 mote server.  This is done in two passes.

	 In the	first pass, only leases	whose most recent bound	 client	 would
	 have been served by the remote	server - according to the Load Balance
	 Algorithm  (see  above	 split and hba configuration statements) - are
	 given away to the peer.  This first pass  will	 happily  continue  to
	 give  away  leases, decrementing the lts value	by one for each, until
	 the lts value has reached the negative	of the total number of	leases
	 multiplied  by	 the max-lease-ownership percentage.  So it is through
	 this value that you can permit	a small	misbalance of the lease	 pools
	 -  for	 the  purpose  of  giving  the peer more than a	50/50 share of
	 leases	in the hopes that their	clients	might some day return  and  be
	 allocated by the peer (operating normally).  This process is referred
	 to  as	 'MAC Address Affinity', but this is somewhat misnamed:	it ap-
	 plies equally to DHCP Client  Identifier  options.   Note  also  that
	 affinity  is  applied to leases when they enter the state 'free' from
	 'expired' or 'released'.  In this case	also, leases will not be moved
	 from free to backup if	the secondary already has more than its	share.

	 The second pass is only entered into if the first pass	fails  to  re-
	 duce  the lts underneath the total number of free state leases	multi-
	 plied by the max-lease-ownership percentage.  In this pass, the  old-
	 est  leases  are  given over to the peer without second thought about
	 the Load Balance Algorithm, and this continues	until  the  lts	 falls
	 under	this  value.   In this way, the	local server will also happily
	 keep a	small percentage of the	leases that would normally  load  bal-
	 ance to itself.

	 So,  the  max-lease-misbalance	 value	acts  as  a  behavioural gate.
	 Smaller values	will cause more	leases to transition states to balance
	 the pools over	time, higher values will decrease the amount of	change
	 (but may lead to pool starvation if there's a run on leases).

	 The max-lease-ownership value permits a small	(percentage)  skew  in
	 the  lease  balance of	a percentage of	the total number of free state
	 leases.

	 Finally, the min-balance and max-balance make certain that  a	sched-
	 uled rebalance	event happens within a reasonable timeframe (not to be
	 thrown	off by,	for example, a 7 year old free lease).

	 Plausible  values  for	 the percentages lie between 0 and 100,	inclu-
	 sive, but values over 50 are indistinguishable	from one another (once
	 lts exceeds 50% of the	free state leases, one server  must  therefore
	 have  100% of the leases in its respective free state).  It is	recom-
	 mended	to select a max-lease-ownership	value that is lower  than  the
	 value	selected for the max-lease-misbalance value.  max-lease-owner-
	 ship defaults to 10, and max-lease-misbalance defaults	to 15.

	 Plausible values for the min-balance and max-balance times also range
	 from 0	to (2^32)-1 (or	the limit of your local	time_t value), but de-
	 fault to values 60 and	3600 respectively (to place balance events be-
	 tween 1 minute	and 1 hour).

CLIENT CLASSING
       Clients can be separated	into classes, and treated differently  depend-
       ing  on	what  class  they are in.   This separation can	be done	either
       with a conditional statement, or	with  a	 match	statement  within  the
       class  declaration.    It  is  possible to specify a limit on the total
       number of clients within	a particular class or subclass that  may  hold
       leases at one time, and it is possible to specify automatic subclassing
       based on	the contents of	the client packet.

       To  add	clients	 to  classes  based on conditional evaluation, you can
       specify a matching expression in	the class statement:

       class "ras-clients" {
	 match if substring (option dhcp-client-identifier, 1, 3) = "RAS";
       }

       Note that whether you use matching expressions or  add  statements  (or
       both)  to  classify  clients, you must always write a class declaration
       for any class that you use.   If	there will be no match	statement  and
       no  in-scope  statements	 for a class, the declaration should look like
       this:

       class "ras-clients" {
       }

SUBCLASSES
       In addition to classes, it is possible to declare subclasses.   A  sub-
       class is	a class	with the same name as a	regular	class, but with	a spe-
       cific  submatch expression which	is hashed for quick matching.  This is
       essentially a speed hack	- the main  difference	between	 five  classes
       with  match  expressions	 and one class with five subclasses is that it
       will be quicker to find the subclasses.	 Subclasses work as follows:

       class "allocation-class-1" {
	 match pick-first-value	(option	dhcp-client-identifier,	hardware);
       }

       class "allocation-class-2" {
	 match pick-first-value	(option	dhcp-client-identifier,	hardware);
       }

       subclass	"allocation-class-1" 1:8:0:2b:4c:39:ad;
       subclass	"allocation-class-2" 1:8:0:2b:a9:cc:e3;
       subclass	"allocation-class-1" 1:0:0:c4:aa:29:44;

       subnet 10.0.0.0 netmask 255.255.255.0 {
	 pool {
	   allow members of "allocation-class-1";
	   range 10.0.0.11 10.0.0.50;
	 }
	 pool {
	   allow members of "allocation-class-2";
	   range 10.0.0.51 10.0.0.100;
	 }
       }

       The data	following the class name in the	subclass declaration is	a con-
       stant value to use in matching the  match  expression  for  the	class.
       When class matching is done, the	server will evaluate the match expres-
       sion  and  then	look  the result up in the hash	table.	 If it finds a
       match, the client is considered a member	of both	the class and the sub-
       class.

       Subclasses can be declared with or without scope.   In the above	 exam-
       ple,  the  sole purpose of the subclass is to allow some	clients	access
       to one address pool, while other	clients	are given access to the	 other
       pool, so	these subclasses are declared without scopes.	If part	of the
       purpose	of  the	subclass were to define	different parameter values for
       some clients, you might want to declare some subclasses with scopes.

       In the above example, if	you had	a single client	that needed some  con-
       figuration parameters, while most didn't, you might write the following
       subclass	declaration for	that client:

       subclass	"allocation-class-2" 1:08:00:2b:a1:11:31 {
	 option	root-path "samsara:/var/diskless/alphapc";
	 filename "/tftpboot/netbsd.alphapc-diskless";
       }

       In this example,	we've used subclassing as a way	to control address al-
       location	 on  a	per-client  basis.  However, it's also possible	to use
       subclassing in ways that	are not	specific to clients - for example,  to
       use  the	 value of the vendor-class-identifier option to	determine what
       values to send in the vendor-encapsulated-options option.   An  example
       of  this	 is  shown  under  the VENDOR ENCAPSULATED OPTIONS head	in the
       dhcp-options(5) manual page.

PER-CLASS LIMITS ON DYNAMIC ADDRESS ALLOCATION
       You may specify a limit to the number of	clients	in a class that	can be
       assigned	leases.	  The effect of	this will be to	make it	difficult  for
       a  new  client in a class to get	an address.   Once a class with	such a
       limit has reached its limit, the	only way a new client  in  that	 class
       can  get	a lease	is for an existing client to relinquish	its lease, ei-
       ther by	letting	 it  expire,  or  by  sending  a  DHCPRELEASE  packet.
       Classes with lease limits are specified as follows:

       class "limited-1" {
	 lease limit 4;
       }

       This will produce a class in which a maximum of four members may	hold a
       lease at	one time.

SPAWNING CLASSES
       It  is  possible	 to  declare  a	spawning class.	 A spawning class is a
       class that automatically	produces subclasses based on what  the	client
       sends.	 The  reason that spawning classes were	created	was to make it
       possible	to create lease-limited	classes	on the fly.    The  envisioned
       application  is	a cable-modem environment where	the ISP	wishes to pro-
       vide clients at a particular site with more than	one  IP	 address,  but
       does  not  wish to provide such clients with their own subnet, nor give
       them an unlimited number	of IP addresses	from the  network  segment  to
       which they are connected.

       Many  cable  modem  head-end  systems  can be configured	to add a Relay
       Agent Information option	to DHCP	packets	when relaying them to the DHCP
       server.	 These systems typically add a circuit ID or remote ID	option
       that  uniquely  identifies  the	customer  site.	  To take advantage of
       this, you can write a class declaration as follows:

       class "customer"	{
	 spawn with option agent.circuit-id;
	 lease limit 4;
       }

       Now whenever a request comes in from a customer site,  the  circuit  ID
       option  will be checked against the class's hash	table.	 If a subclass
       is found	that matches the circuit ID, the client	will be	classified  in
       that subclass and treated accordingly.	If no subclass is found	match-
       ing  the	 circuit  ID,  a  new  one  will  be created and logged	in the
       dhcpd.leases file, and the client will be classified in this new	class.
       Once the	client has been	classified, it will be	treated	 according  to
       the  rules  of the class, including, in this case, being	subject	to the
       per-site	limit of four leases.

       The use of the subclass spawning	mechanism is not restricted  to	 relay
       agent  options  - this particular example is given only because it is a
       fairly straightforward one.

COMBINING MATCH, MATCH IF AND SPAWN WITH
       In some cases, it may be	useful to  use	one  expression	 to  assign  a
       client  to a particular class, and a second expression to put it	into a
       subclass	of that	class.	 This can be done by combining	the  match  if
       and  spawn with statements, or the match	if and match statements.   For
       example:

       class "jr-cable-modems" {
	 match if option dhcp-vendor-identifier	= "jrcm";
	 spawn with option agent.circuit-id;
	 lease limit 4;
       }

       class "dv-dsl-modems" {
	 match if option dhcp-vendor-identifier	= "dvdsl";
	 spawn with option agent.circuit-id;
	 lease limit 16;
       }

       This allows you to have two classes that	both have the same spawn  with
       expression without getting the clients in the two classes confused with
       each other.

DYNAMIC	DNS UPDATES
       The  DHCP  server has the ability to dynamically	update the Domain Name
       System.	Within the configuration files,	you can	define	how  you  want
       the  Domain Name	System to be updated.  These updates are RFC 2136 com-
       pliant so any DNS server	supporting RFC 2136 should be able  to	accept
       updates from the	DHCP server.

       Two  DNS	 update	 schemes  are  currently  implemented,	and another is
       planned.	  The two that are currently available are the ad-hoc DNS  up-
       date  mode  and the interim DHCP-DNS interaction	draft update mode.  If
       and when	the DHCP-DNS interaction draft and the	DHCID  draft  make  it
       through	the  IETF standards process, there will	be a third mode, which
       will be the standard DNS	update method.	 The DHCP server must be  con-
       figured to use one of the two currently-supported methods, or not to do
       dns  updates.	This can be done with the ddns-update-style configura-
       tion parameter.

THE AD-HOC DNS UPDATE SCHEME
       The ad-hoc Dynamic DNS update scheme is now  deprecated	and  does  not
       work.   In future releases of the ISC DHCP server, this scheme will not
       likely be available.  The interim scheme	works,	allows	for  failover,
       and should now be used.	The following description is left here for in-
       formational purposes only.

       The ad-hoc Dynamic DNS update scheme implemented	in this	version	of the
       ISC  DHCP  server is a prototype	design,	which does not have much to do
       with the	standard update	method that is being standardized in the  IETF
       DHC  working  group, but	rather implements some very basic, yet useful,
       update capabilities.   This mode	does not work with the failover	proto-
       col because it does not account for the possibility  of	two  different
       DHCP servers updating the same set of DNS records.

       For  the	 ad-hoc	DNS update method, the client's	FQDN is	derived	in two
       parts.	First, the hostname is determined.   Then, the domain name  is
       determined, and appended	to the hostname.

       The DHCP	server determines the client's hostname	by first looking for a
       ddns-hostname  configuration  option,  and using	that if	it is present.
       If no such option is present, the server	looks for a valid hostname  in
       the  FQDN option	sent by	the client.  If	one is found, it is used; oth-
       erwise, if the client sent a host-name option, that  is	used.	Other-
       wise,  if  there	 is a host declaration that applies to the client, the
       name from that declaration will be used.	 If none of these applies, the
       server will not have a hostname for the client, and will	not be able to
       do a DNS	update.

       The domain name is determined from  the	ddns-domainname	 configuration
       option.	The default configuration for this option is:

	 option	server.ddns-domainname = config-option domain-name;

       So  if this configuration option	is not configured to a different value
       (over-riding the	above default),	or if a	 domain-name  option  has  not
       been  configured	 for  the client's scope, then the server will not at-
       tempt to	perform	a DNS update.

       The client's fully-qualified domain name, derived as we have described,
       is used as the name on which an "A"  record  will  be  stored.	The  A
       record  will contain the	IP address that	the client was assigned	in its
       lease.	If there is already an A record	with the same name in the  DNS
       server, no update of either the A or PTR	records	will occur - this pre-
       vents a client from claiming that its hostname is the name of some net-
       work   server.	  For	example,  if  you  have	 a  fileserver	called
       "fs.sneedville.edu", and	the client claims its hostname is "fs",	no DNS
       update will be done for that client,  and  an  error  message  will  be
       logged.

       If  the	A record update	succeeds, a PTR	record update for the assigned
       IP address will be done,	pointing to the	A record.   This update	is un-
       conditional - it	will be	done even if another PTR record	 of  the  same
       name  exists.	Since  the  IP	address	 has been assigned to the DHCP
       server, this should be safe.

       Please note that	the current implementation assumes clients only	have a
       single network interface.   A client with two network  interfaces  will
       see  unpredictable  behavior.	This  is considered a bug, and will be
       fixed in	a later	release.   It may be helpful to	enable the  one-lease-
       per-client  parameter  so that roaming clients do not trigger this same
       behavior.

       The DHCP	protocol normally involves a four-packet exchange - first  the
       client sends a DHCPDISCOVER message, then the server sends a DHCPOFFER,
       then  the  client sends a DHCPREQUEST, then the server sends a DHCPACK.
       In the current version of the server, the server	will do	a  DNS	update
       after  it has received the DHCPREQUEST, and before it has sent the DHC-
       PACK.   It only sends the DNS update if it has not  sent	 one  for  the
       client's	 address  before,  in order to minimize	the impact on the DHCP
       server.

       When the	client's lease expires,	the DHCP server	(if it is operating at
       the time, or when next it operates) will	remove the client's A and  PTR
       records	from  the  DNS database.   If the client releases its lease by
       sending a DHCPRELEASE message, the server will likewise	remove	the  A
       and PTR records.

THE INTERIM DNS	UPDATE SCHEME
       The  interim  DNS  update  scheme  operates mostly according to several
       drafts that are being considered	by the IETF and	are expected to	become
       standards, but are not yet standards, and may not be  standardized  ex-
       actly as	currently proposed.   These are:

			draft-ietf-dhc-ddns-resolution-??.txt
			  draft-ietf-dhc-fqdn-option-??.txt
			  draft-ietf-dnsext-dhcid-rr-??.txt

       Because	our implementation is slightly different than the standard, we
       will briefly document the operation of this update style	here.

       The first point to understand about this	style of DNS  update  is  that
       unlike  the  ad-hoc  style, the DHCP server does	not necessarily	always
       update both the A and the PTR records.	The  FQDN  option  includes  a
       flag  which,  when sent by the client, indicates	that the client	wishes
       to update its own A record.   In	that case, the server can  be  config-
       ured  either to honor the client's intentions or	ignore them.   This is
       done with the statement allow client-updates; or	the  statement	ignore
       client-updates;.	  By default, client updates are allowed.

       If the server is	configured to allow client updates, then if the	client
       sends a fully-qualified domain name in the FQDN option, the server will
       use  that  name	the  client  sent in the FQDN option to	update the PTR
       record.	 For example, let us say that the client is a visitor from the
       "radish.org" domain, whose hostname is "jschmoe".   The server  is  for
       the  "example.org"  domain.   The DHCP client indicates in the FQDN op-
       tion that its FQDN is "jschmoe.radish.org.".   It also  indicates  that
       it  wants  to update its	own A record.	The DHCP server	therefore does
       not attempt to set up an	A record for the client, but does set up a PTR
       record for the IP address that  it  assigns  the	 client,  pointing  at
       jschmoe.radish.org.    Once  the	 DHCP client has an IP address,	it can
       update its own A	record,	assuming that the "radish.org" DNS server will
       allow it	to do so.

       If the server is	configured not to allow	 client	 updates,  or  if  the
       client doesn't want to do its own update, the server will simply	choose
       a  name	for the	client from either the fqdn option (if present)	or the
       hostname	option (if present).  It will use its own domain name for  the
       client,	just as	in the ad-hoc update scheme.  It will then update both
       the A and PTR record, using the name that it chose for the client.   If
       the client sends	a fully-qualified domain name in the fqdn option,  the
       server  uses only the leftmost part of the domain name -	in the example
       above, "jschmoe"	instead	of "jschmoe.radish.org".

       Further,	if the ignore client-updates;  directive  is  used,  then  the
       server  will  in	addition send a	response in the	DHCP packet, using the
       FQDN Option, that implies to the	client that it should perform its  own
       updates	if it chooses to do so.	 With deny client-updates;, a response
       is sent which indicates the client may not perform updates.

       Also, if	the use-host-decl-names	configuration option is	enabled,  then
       the  host  declaration's	hostname will be used in place of the hostname
       option, and the same rules will apply as	described above.

       The other difference between the	ad-hoc scheme and the  interim	scheme
       is that with the	interim	scheme,	a method is used that allows more than
       one  DHCP server	to update the DNS database without accidentally	delet-
       ing A records that shouldn't be deleted nor failing to  add  A  records
       that should be added.   The scheme works	as follows:

       When  the  DHCP	server	issues a client	a new lease, it	creates	a text
       string that is an MD5 hash over the DHCP	client's  identification  (see
       draft-ietf-dnsext-dhcid-rr-??.txt  for details).	  The update adds an A
       record with the name the	server chose and a TXT record  containing  the
       hashed  identifier  string  (hashid).	If  this  update succeeds, the
       server is done.

       If the update fails because the A record	already	exists,	then the  DHCP
       server  attempts	 to  add the A record with the prerequisite that there
       must be a TXT record in the same	name as	the new	A record, and that TXT
       record's	contents must be equal to hashid.   If this  update  succeeds,
       then  the  client  has its A record and PTR record.   If	it fails, then
       the name	the client has been assigned (or requested)  is	 in  use,  and
       can't  be  used by the client.	At this	point the DHCP server gives up
       trying to do a DNS update for the client	until the client chooses a new
       name.

       The interim DNS update  scheme  is  called  interim  for	 two  reasons.
       First,  it  does	not quite follow the drafts.   The current versions of
       the drafts call for a new DHCID RRtype, but this	is not yet  available.
       The  interim  DNS  update scheme	uses a TXT record instead.   Also, the
       existing	ddns-resolution	draft calls for	the DHCP server	to put a DHCID
       RR on the PTR record, but the interim update method does	not  do	 this.
       It is our position that this is not useful, and we are working with the
       author  in  hopes of removing it	from the next version of the draft, or
       better understanding why	it is considered useful.

       In addition to these differences, the server also does not update  very
       aggressively.  Because each DNS update involves a round trip to the DNS
       server,	there  is a cost associated with doing updates even if they do
       not actually modify the DNS  database.	 So  the  DHCP	server	tracks
       whether	or not it has updated the record in the	past (this information
       is stored on the	lease) and does	not attempt to update records that  it
       thinks it has already updated.

       This  can  lead	to cases where the DHCP	server adds a record, and then
       the record is deleted through some  other  mechanism,  but  the	server
       never  again  updates  the  DNS	because	 it thinks the data is already
       there.	In this	case the data can be removed from  the	lease  through
       operator	intervention, and once this has	been done, the DNS will	be up-
       dated the next time the client renews.

DYNAMIC	DNS UPDATE SECURITY
       When  you set your DNS server up	to allow updates from the DHCP server,
       you may be exposing it to unauthorized updates.	 To  avoid  this,  you
       should  use TSIG	signatures - a method of cryptographically signing up-
       dates using a shared secret key.	  As long as you protect  the  secrecy
       of  this	key, your updates should also be secure.   Note, however, that
       the DHCP	protocol itself	provides no security,  and  that  clients  can
       therefore  provide information to the DHCP server which the DHCP	server
       will then use in	its updates, with  the	constraints  described	previ-
       ously.

       The  DNS	 server	 must be configured to allow updates for any zone that
       the DHCP	server will be updating.  For example, let us say that clients
       in  the	sneedville.edu	domain	will  be  assigned  addresses  on  the
       10.10.17.0/24  subnet.	In  that case, you will	need a key declaration
       for the TSIG key	you will be using, and also two	 zone  declarations  -
       one  for	the zone containing A records that will	be updates and one for
       the zone	containing PTR records - for ISC BIND, something like this:

       key DHCP_UPDATER	{
	 algorithm HMAC-MD5.SIG-ALG.REG.INT;
	 secret	pRP5FapFoJ95JEL06sv4PQ==;
       };

       zone "example.org" {
	    type master;
	    file "example.org.db";
	    allow-update { key DHCP_UPDATER; };
       };

       zone "17.10.10.in-addr.arpa" {
	    type master;
	    file "10.10.17.db";
	    allow-update { key DHCP_UPDATER; };
       };

       You will	also have to configure your DHCP server	to do updates to these
       zones.	To do so,  you	need  to  add  something  like	this  to  your
       dhcpd.conf file:

       key DHCP_UPDATER	{
	 algorithm HMAC-MD5.SIG-ALG.REG.INT;
	 secret	pRP5FapFoJ95JEL06sv4PQ==;
       };

       zone EXAMPLE.ORG. {
	 primary 127.0.0.1;
	 key DHCP_UPDATER;
       }

       zone 17.127.10.in-addr.arpa. {
	 primary 127.0.0.1;
	 key DHCP_UPDATER;
       }

       The primary statement specifies the IP address of the name server whose
       zone information	is to be updated.

       Note that the zone declarations have to correspond to authority records
       in your name server - in	the above example, there must be an SOA	record
       for  "example.org." and for "17.10.10.in-addr.arpa.".   For example, if
       there were a subdomain "foo.example.org"	 with  no  separate  SOA,  you
       could not write a zone declaration for "foo.example.org."  Also keep in
       mind  that  zone	 names in your DHCP configuration should end in	a ".";
       this is the preferred syntax.  If you do	not end	your zone  name	 in  a
       ".",  the  DHCP	server will figure it out.  Also note that in the DHCP
       configuration, zone names are not encapsulated in  quotes  where	 there
       are in the DNS configuration.

       You should choose your own secret key, of course.  The ISC BIND 8 and 9
       distributions  come  with  a  program for generating secret keys	called
       dnssec-keygen.  The version that	comes with BIND	9 is likely to produce
       a substantially more random key,	so we recommend	you use	that one  even
       if  you are not using BIND 9 as your DNS	server.	 If you	are using BIND
       9's dnssec-keygen, the above key	would be created as follows:

	    dnssec-keygen -a HMAC-MD5 -b 128 -n	USER DHCP_UPDATER

       If you are using	the BIND 8 dnskeygen program,  the  following  command
       will generate a key as seen above:

	    dnskeygen -H 128 -u	-c -n DHCP_UPDATER

       You  may	 wish to enable	logging	of DNS updates on your DNS server.  To
       do so, you might	write a	logging	statement like the following:

       logging {
	    channel update_debug {
		 file "/var/log/update-debug.log";
		 severity  debug 3;
		 print-category	yes;
		 print-severity	yes;
		 print-time	yes;
	    };
	    channel security_info    {
		 file "/var/log/named-auth.info";
		 severity  info;
		 print-category	yes;
		 print-severity	yes;
		 print-time	yes;
	    };

	    category update { update_debug; };
	    category security {	security_info; };
       };

       You must	create the  /var/log/named-auth.info  and  /var/log/update-de-
       bug.log	files  before starting the name	server.	  For more information
       on configuring ISC BIND,	consult	the documentation that accompanies it.

REFERENCE: EVENTS
       There are three kinds of	events that can	happen regarding a lease,  and
       it  is  possible	 to  declare  statements  that occur when any of these
       events happen.	These events are the commit event, when	the server has
       made a commitment of a certain lease to a client,  the  release	event,
       when  the  client  has released the server from its commitment, and the
       expiry event, when the commitment expires.

       To declare a set	of statements to execute when an  event	 happens,  you
       must  use the on	statement, followed by the name	of the event, followed
       by a series of statements to execute when the event  happens,  enclosed
       in  braces.    Events  are used to implement DNS	updates, so you	should
       not define your own event handlers if you are using  the	 built-in  DNS
       update mechanism.

       The  built-in  version  of the DNS update mechanism is in a text	string
       towards the top of server/dhcpd.c.   If you  want  to  use  events  for
       things  other than DNS updates, and you also want DNS updates, you will
       have to start out by copying this code into your	 dhcpd.conf  file  and
       modifying it.

REFERENCE: DECLARATIONS
       The include statement

	include	"filename";

       The  include statement is used to read in a named file, and process the
       contents	of that	file as	though it were entered in place	of the include
       statement.

       The shared-network statement

	shared-network name {
	  [ parameters ]
	  [ declarations ]
	}

       The shared-network statement is used to inform  the  DHCP  server  that
       some  IP	subnets	actually share the same	physical network.  Any subnets
       in a shared network should be declared within a	shared-network	state-
       ment.   Parameters  specified  in  the shared-network statement will be
       used when booting clients on those subnets unless  parameters  provided
       at  the	subnet or host level override them.  If	any subnet in a	shared
       network has addresses available for dynamic allocation, those addresses
       are collected into a common pool	for that shared	network	 and  assigned
       to  clients  as needed.	There is no way	to distinguish on which	subnet
       of a shared network a client should boot.

       Name should be the name of the shared network.	This name is used when
       printing	debugging messages, so it should be descriptive	for the	shared
       network.	  The name may have the	syntax of a  valid  domain  name  (al-
       though it will never be used as such), or it may	be any arbitrary name,
       enclosed	in quotes.

       The subnet statement

	subnet subnet-number netmask netmask {
	  [ parameters ]
	  [ declarations ]
	}

       The  subnet  statement is used to provide dhcpd with enough information
       to tell whether or not an IP address is on that subnet.	It may also be
       used to provide subnet-specific parameters  and	to  specify  what  ad-
       dresses may be dynamically allocated to clients booting on that subnet.
       Such addresses are specified using the range declaration.

       The subnet-number should	be an IP address or domain name	which resolves
       to  the	subnet	number	of  the	 subnet	being described.   The netmask
       should be an IP address or domain name which  resolves  to  the	subnet
       mask  of	the subnet being described.   The subnet number, together with
       the netmask, are	sufficient to determine	whether	any given  IP  address
       is on the specified subnet.

       Although	 a  netmask must be given with every subnet declaration, it is
       recommended that	if there is any	variance in subnet masks at a site,  a
       subnet-mask  option statement be	used in	each subnet declaration	to set
       the desired subnet mask,	since any subnet-mask  option  statement  will
       override	the subnet mask	declared in the	subnet statement.

       The subnet6 statement

	subnet6	subnet6-number {
	  [ parameters ]
	  [ declarations ]
	}

       The  subnet6 statement is used to provide dhcpd with enough information
       to tell whether or not an IPv6 address is on that subnet6.  It may also
       be used to provide subnet-specific parameters and to specify  what  ad-
       dresses may be dynamically allocated to clients booting on that subnet.

       The  subnet6-number  should be an IPv6 network identifier, specified as
       ip6-address/bits.

       The range statement

       range [ dynamic-bootp ] low-address [ high-address];

       For any subnet on which addresses will be assigned  dynamically,	 there
       must  be	 at least one range statement.	 The range statement gives the
       lowest and highest IP addresses in a range.   All IP addresses  in  the
       range should be in the subnet in	which the range	statement is declared.
       The  dynamic-bootp  flag	may be specified if addresses in the specified
       range may be dynamically	assigned to BOOTP  clients  as	well  as  DHCP
       clients.	   When	specifying a single address, high-address can be omit-
       ted.

       The range6 statement

       range6 low-address high-address;
       range6 subnet6-number;
       range6 subnet6-number temporary;
       range6 address temporary;

       For any IPv6 subnet6 on which addresses will be	assigned  dynamically,
       there  must  be at least	one range6 statement. The range6 statement can
       either be the lowest and	highest	IPv6 addresses in  a  range6,  or  use
       CIDR  notation,	specified as ip6-address/bits. All IP addresses	in the
       range6 should be	in the subnet6 in which	the range6  statement  is  de-
       clared.

       The temporay variant makes the prefix (by default on 64 bits) available
       for  temporary  (RFC  4941)  addresses. A new address per prefix	in the
       shared network is computed at each request with an  IA_TA  option.  Re-
       lease and Confirm ignores temporary addresses.

       Any IPv6	addresses given	to hosts with fixed-address6 are excluded from
       the range6, as are IPv6 addresses on the	server itself.

       The prefix6 statement

       prefix6 low-address high-address	/ bits;

       The  prefix6 is the range6 equivalent for Prefix	Delegation (RFC	3633).
       Prefixes	of bits	length are assigned between low-address	 and  high-ad-
       dress.

       Any  IPv6  prefixes  given to static entries (hosts) with fixed-prefix6
       are excluded from the prefix6.

       This statement is currently global but it should	have a	shared-network
       scope.

       The host	statement

	host hostname {
	  [ parameters ]
	  [ declarations ]
	}

       The host	declaration provides a scope in	which to provide configuration
       information  about a specific client, and also provides a way to	assign
       a client	a fixed	address.  The host declaration provides	a way for  the
       DHCP  server  to	identify a DHCP	or BOOTP client, and also a way	to as-
       sign the	client a static	IP address.

       If it is	desirable to be	able to	boot a DHCP or BOOTP  client  on  more
       than  one  subnet  with	fixed  addresses, more than one	address	may be
       specified in the	fixed-address  declaration,  or	 more  than  one  host
       statement may be	specified matching the same client.

       If  client-specific boot	parameters must	change based on	the network to
       which the client	is attached, then multiple host	declarations should be
       used.  The host declarations will only match a client if	one  of	 their
       fixed-address  statements  is  viable on	the subnet (or shared network)
       where the client	is attached.  Conversely, for a	 host  declaration  to
       match  a	client being allocated a dynamic address, it must not have any
       fixed-address statements.  You may therefore need a mixture of host de-
       clarations for any given	client...some having fixed-address statements,
       others without.

       hostname	should be a name identifying the host.	If a  hostname	option
       is not specified	for the	host, hostname is used.

       Host declarations are matched to	actual DHCP or BOOTP clients by	match-
       ing the dhcp-client-identifier option specified in the host declaration
       to  the	one supplied by	the client, or,	if the host declaration	or the
       client does not provide a dhcp-client-identifier	 option,  by  matching
       the  hardware parameter in the host declaration to the network hardware
       address supplied	by the client.	 BOOTP clients do not normally provide
       a dhcp-client-identifier, so the	hardware address must be used for  all
       clients that may	boot using the BOOTP protocol.

       DHCPv6 servers can use the host-identifier option parameter in the host
       declaration,  and  specify  any	option	with a fixed value to identify
       hosts.

       Please be aware that only the  dhcp-client-identifier  option  and  the
       hardware	 address can be	used to	match a	host declaration, or the host-
       identifier option parameter for DHCPv6 servers.	 For  example,	it  is
       not  possible to	match a	host declaration to a host-name	option.	  This
       is because the host-name	option cannot be guaranteed to be  unique  for
       any  given  client,  whereas both the hardware address and dhcp-client-
       identifier option are at	least theoretically guaranteed to be unique to
       a given client.

       The group statement

	group {
	  [ parameters ]
	  [ declarations ]
	}

       The group statement is used simply to apply one or more parameters to a
       group of	declarations.	It can be used to  group  hosts,  shared  net-
       works, subnets, or even other groups.

REFERENCE: ALLOW AND DENY
       The  allow  and	deny statements	can be used to control the response of
       the DHCP	server to various sorts	of requests.  The allow	and deny  key-
       words  actually have different meanings depending on the	context.  In a
       pool context, these keywords can	be used	to set up access lists for ad-
       dress allocation	pools.	In other contexts, the keywords	simply control
       general server behavior with respect to clients based on	scope.	 In  a
       non-pool	 context,  the ignore keyword can be used in place of the deny
       keyword to prevent logging of denied requests.

ALLOW DENY AND IGNORE IN SCOPE
       The following usages of allow and deny will work	in any scope, although
       it is not recommended that they be used in pool declarations.

       The unknown-clients keyword

	allow unknown-clients;
	deny unknown-clients;
	ignore unknown-clients;

       The unknown-clients flag	is used	to tell	dhcpd whether or not to	dynam-
       ically assign addresses to unknown clients.   Dynamic  address  assign-
       ment  to	 unknown  clients is allowed by	default.  An unknown client is
       simply a	client that has	no host	declaration.

       The use of this option is now deprecated.  If you  are  trying  to  re-
       strict access on	your network to	known clients, you should use deny un-
       known-clients;  inside  of  your	 address  pool,	as described under the
       heading ALLOW AND DENY WITHIN POOL DECLARATIONS.

       The bootp keyword

	allow bootp;
	deny bootp;
	ignore bootp;

       The bootp flag is used to tell dhcpd whether or not to respond to bootp
       queries.	 Bootp queries are allowed by default.

       This option does	not satisfy the	 requirement  of  failover  peers  for
       denying	dynamic	bootp clients.	The deny dynamic bootp clients;	option
       should be used instead. See the ALLOW AND DENY WITHIN POOL DECLARATIONS
       section of this man page	for more details.

       The booting keyword

	allow booting;
	deny booting;
	ignore booting;

       The booting flag	is used	to tell	dhcpd whether or  not  to  respond  to
       queries	from  a	particular client.  This keyword only has meaning when
       it appears in a host declaration.   By default, booting is allowed, but
       if it is	disabled for a particular client, then that client will	not be
       able to get an address from the DHCP server.

       The duplicates keyword

	allow duplicates;
	deny duplicates;

       Host declarations can match client messages based on  the  DHCP	Client
       Identifier  option  or  based on	the client's network hardware type and
       MAC address.   If the MAC address is used, the  host  declaration  will
       match  any  client  with	that MAC address - even	clients	with different
       client identifiers.   This doesn't normally  happen,  but  is  possible
       when  one computer has more than	one operating system installed on it -
       for example, Microsoft Windows and NetBSD or Linux.

       The duplicates flag tells the DHCP server that if a request is received
       from a client that matches the MAC address of a host  declaration,  any
       other  leases  matching	that  MAC  address  should be discarded	by the
       server, even if the UID is not the same.	  This is a violation  of  the
       DHCP  protocol, but can prevent clients whose client identifiers	change
       regularly from holding many leases at the same time.  By	 default,  du-
       plicates	are allowed.

       The declines keyword

	allow declines;
	deny declines;
	ignore declines;

       The  DHCPDECLINE	 message  is used by DHCP clients to indicate that the
       lease the server	has offered is not valid.   When the server receives a
       DHCPDECLINE for a particular address, it	 normally  abandons  that  ad-
       dress,  assuming	 that  some unauthorized system	is using it.  Unfortu-
       nately, a malicious or buggy client can,	 using	DHCPDECLINE  messages,
       completely exhaust the DHCP server's allocation pool.   The server will
       reclaim these leases, but while the client is running through the pool,
       it  may	cause serious thrashing	in the DNS, and	it will	also cause the
       DHCP server to forget old DHCP client address allocations.

       The declines flag tells the DHCP	server whether or not to honor DHCPDE-
       CLINE messages.	 If it is set to deny or ignore	in a particular	scope,
       the DHCP	server will not	respond	to DHCPDECLINE messages.

       The client-updates keyword

	allow client-updates;
	deny client-updates;

       The client-updates flag tells the DHCP server whether or	not  to	 honor
       the  client's  intention	to do its own update of	its A record.  This is
       only relevant when doing	interim	DNS updates.   See  the	 documentation
       under the heading THE INTERIM DNS UPDATE	SCHEME for details.

       The leasequery keyword

	allow leasequery;
	deny leasequery;

       The leasequery flag tells the DHCP server whether or not	to answer DHC-
       PLEASEQUERY packets. The	answer to a DHCPLEASEQUERY packet includes in-
       formation  about	 a specific lease, such	as when	it was issued and when
       it will expire. By default, the server will not respond to these	 pack-
       ets.

ALLOW AND DENY WITHIN POOL DECLARATIONS
       The  uses  of the allow and deny	keywords shown in the previous section
       work pretty much	the same way whether the client	is sending a  DHCPDIS-
       COVER  or  a  DHCPREQUEST message - an address will be allocated	to the
       client (either the old address it's requesting, or a new	 address)  and
       then  that address will be tested to see	if it's	okay to	let the	client
       have it.	  If the client	requested it, and it's not  okay,  the	server
       will  send  a  DHCPNAK message.	 Otherwise, the	server will simply not
       respond to the client.	If it is okay  to  give	 the  address  to  the
       client, the server will send a DHCPACK message.

       The  primary motivation behind pool declarations	is to have address al-
       location	pools whose allocation policies	are different.	 A client  may
       be denied access	to one pool, but allowed access	to another pool	on the
       same  network  segment.	 In order for this to work, access control has
       to be done during address allocation, not after address	allocation  is
       done.

       When a DHCPREQUEST message is processed,	address	allocation simply con-
       sists  of looking up the	address	the client is requesting and seeing if
       it's still available for	the client.  If	it is, then  the  DHCP	server
       checks both the address pool permit lists and the relevant in-scope al-
       low  and	 deny  statements to see if it's okay to give the lease	to the
       client.	In the case of a DHCPDISCOVER message, the allocation  process
       is done as described previously in the ADDRESS ALLOCATION section.

       When declaring permit lists for address allocation pools, the following
       syntaxes	are recognized following the allow or deny keywords:

	known-clients;

       If  specified, this statement either allows or prevents allocation from
       this pool to any	client that has	a host declaration (i.e.,  is  known).
       A  client  is known if it has a host declaration	in any scope, not just
       the current scope.

	unknown-clients;

       If specified, this statement either allows or prevents allocation  from
       this  pool  to  any  client  that has no	host declaration (i.e.,	is not
       known).

	members	of "class";

       If specified, this statement either allows or prevents allocation  from
       this pool to any	client that is a member	of the named class.

	dynamic	bootp clients;

       If  specified, this statement either allows or prevents allocation from
       this pool to any	bootp client.

	authenticated clients;

       If specified, this statement either allows or prevents allocation  from
       this  pool to any client	that has been authenticated using the DHCP au-
       thentication protocol.	This is	not yet	supported.

	unauthenticated	clients;

       If specified, this statement either allows or prevents allocation  from
       this  pool to any client	that has not been authenticated	using the DHCP
       authentication protocol.	  This is not yet supported.

	all clients;

       If specified, this statement either allows or prevents allocation  from
       this  pool  to all clients.   This can be used when you want to write a
       pool declaration	for some reason, but hold it in	reserve, or  when  you
       want  to	 renumber  your	 network  quickly, and thus want the server to
       force all clients that have been	allocated addresses from this pool  to
       obtain new addresses immediately	when they next renew.

	after time;

       If  specified, this statement either allows or prevents allocation from
       this pool after a given date. This can be used when you	want  to  move
       clients	from one pool to another. The server adjusts the regular lease
       time so that the	latest expiry time is  at  the	given  time+min-lease-
       time.   A short min-lease-time enforces a step change, whereas a	longer
       min-lease-time allows for a gradual  change.   time  is	either	second
       since  epoch,  or  a  UTC  time string e.g.  4 2007/08/24 09:14:32 or a
       string with time	zone offset in	seconds	 e.g.  4  2007/08/24  11:14:32
       -7200

REFERENCE: PARAMETERS
       The adaptive-lease-time-threshold statement

	 adaptive-lease-time-threshold percentage;

	 When  the  number  of	allocated leases within	a pool rises above the
	 percentage given in this statement, the  DHCP	server	decreases  the
	 lease	length for new clients within this pool	to min-lease-time sec-
	 onds. Clients renewing	an already valid (long)	leases	get  at	 least
	 the  remaining	 time  from the	current	lease. Since the leases	expire
	 faster, the server may	either recover more quickly or avoid pool  ex-
	 haustion  entirely.   Once  the number	of allocated leases drop below
	 the threshold,	the server reverts back	to normal lease	times.	 Valid
	 percentages are between 1 and 99.

       The always-broadcast statement

	 always-broadcast flag;

	 The  DHCP  and	BOOTP protocols	both require DHCP and BOOTP clients to
	 set the broadcast bit in the flags field of the BOOTP message header.
	 Unfortunately,	some DHCP and BOOTP clients do not do this, and	there-
	 fore may not receive responses	 from  the  DHCP  server.    The  DHCP
	 server	 can  be  made to always broadcast its responses to clients by
	 setting this flag to 'on' for the  relevant  scope;  relevant	scopes
	 would	be inside a conditional	statement, as a	parameter for a	class,
	 or as a parameter for a host declaration.   To	avoid creating	excess
	 broadcast traffic on your network, we recommend that you restrict the
	 use  of this option to	as few clients as possible.   For example, the
	 Microsoft DHCP	client is known	not to have this problem, as  are  the
	 OpenTransport and ISC DHCP clients.

       The always-reply-rfc1048	statement

	 always-reply-rfc1048 flag;

	 Some  BOOTP clients expect RFC1048-style responses, but do not	follow
	 RFC1048 when sending their requests.	You can	tell that a client  is
	 having	this problem if	it is not getting the options you have config-
	 ured  for  it	and  if	 you  see in the server	log the	message	"(non-
	 rfc1048)" printed with	each BOOTREQUEST that is logged.

	 If you	want to	send rfc1048 options to	such a client, you can set the
	 always-reply-rfc1048 option in	that client's  host  declaration,  and
	 the  DHCP  server  will respond with an RFC-1048-style	vendor options
	 field.	  This flag can	be set in  any	scope,	and  will  affect  all
	 clients covered by that scope.

       The authoritative statement

	 authoritative;

	 not authoritative;

	 The  DHCP server will normally	assume that the	configuration informa-
	 tion about a given network segment is not known to be correct and  is
	 not  authoritative.   This is so that if a naive user installs	a DHCP
	 server	not fully understanding	how to configure it, it	does not  send
	 spurious  DHCPNAK  messages  to  clients that have obtained addresses
	 from a	legitimate DHCP	server on the network.

	 Network administrators	setting	 up  authoritative  DHCP  servers  for
	 their networks	should always write authoritative; at the top of their
	 configuration file to indicate	that the DHCP server should send DHCP-
	 NAK messages to misconfigured clients.	  If this is not done, clients
	 will be unable	to get a correct IP address after changing subnets un-
	 til their old lease has expired, which	could take quite a long	time.

	 Usually,  writing  authoritative; at the top level of the file	should
	 be sufficient.	  However, if a	DHCP server is to be set up so that it
	 is aware of some networks for which it	is authoritative and some net-
	 works for which it is not, it may be more appropriate to declare  au-
	 thority on a per-network-segment basis.

	 Note  that the	most specific scope for	which the concept of authority
	 makes any sense is the	physical network segment -  either  a  shared-
	 network  statement or a subnet	statement that is not contained	within
	 a shared-network statement.  It is not	meaningful to specify that the
	 server	is authoritative for some subnets within a shared network, but
	 not authoritative for others, nor is it meaningful  to	 specify  that
	 the  server  is authoritative for some	host declarations and not oth-
	 ers.

       The boot-unknown-clients	statement

	 boot-unknown-clients flag;

	 If the	boot-unknown-clients statement is present and has a  value  of
	 false	or  off,  then	clients	for which there	is no host declaration
	 will not be allowed to	obtain IP addresses.   If  this	 statement  is
	 not  present  or has a	value of true or on, then clients without host
	 declarations will be allowed to obtain	IP addresses, as long as those
	 addresses are not restricted by  allow	 and  deny  statements	within
	 their pool declarations.

       The db-time-format statement

	 db-time-format	[ default | local ] ;

	 The  DHCP  server  software  outputs  several timestamps when writing
	 leases	to persistent storage.	This configuration  parameter  selects
	 one  of two output formats.  The default format prints	the day, date,
	 and time in UTC, while	the local format prints	 the  system  seconds-
	 since-epoch,  and  helpfully  provides	the day	and time in the	system
	 timezone in a comment.	 The time formats are described	in  detail  in
	 the dhcpd.leases(5) manpage.

       The ddns-hostname statement

	 ddns-hostname name;

	 The  name  parameter should be	the hostname that will be used in set-
	 ting up the client's A	and PTR	 records.    If	 no  ddns-hostname  is
	 specified in scope, then the server will derive the hostname automat-
	 ically,  using	an algorithm that varies for each of the different up-
	 date methods.

       The ddns-domainname statement

	 ddns-domainname name;

	 The name parameter should be the domain name that will	be appended to
	 the client's hostname to form a fully-qualified domain-name (FQDN).

       The ddns-rev-domainname statement

	 ddns-rev-domainname name; The name parameter  should  be  the	domain
	 name  that  will  be  appended	to the client's	reversed IP address to
	 produce a name	for use	in the client's	PTR record.   By default, this
	 is "in-addr.arpa.", but the default can be overridden here.

	 The reversed IP address to which this domain name is appended is  al-
	 ways  the IP address of the client, in	dotted quad notation, reversed
	 -  for	 example,  if  the  IP	address	 assigned  to  the  client  is
	 10.17.92.74,  then  the  reversed  IP	address	is 74.92.17.10.	  So a
	 client	with that IP address would, by default,	be given a PTR	record
	 of 10.17.92.74.in-addr.arpa.

       The ddns-update-style parameter

	 ddns-update-style style;

	 The  style  parameter	must  be  one of ad-hoc, interim or none.  The
	 ddns-update-style statement is	only meaningful	in the outer  scope  -
	 it  is	 evaluated once	after reading the dhcpd.conf file, rather than
	 each time a client is assigned	an IP address, so there	is no  way  to
	 use different DNS update styles for different clients.	The default is
	 none.

       The ddns-updates	statement

	  ddns-updates flag;

	 The  ddns-updates  parameter  controls	whether	or not the server will
	 attempt to do a DNS update when a lease is confirmed.	 Set  this  to
	 off  if  the server should not	attempt	to do updates within a certain
	 scope.	 The ddns-updates parameter is on by default.	To disable DNS
	 updates in all	scopes,	it is preferable to use	the  ddns-update-style
	 statement, setting the	style to none.

       The default-lease-time statement

	 default-lease-time time;

	 Time should be	the length in seconds that will	be assigned to a lease
	 if  the client	requesting the lease does not ask for a	specific expi-
	 ration	time.  This is used for	both DHCPv4 and	DHCPv6 leases  (it  is
	 also  known as	the "valid lifetime" in	DHCPv6).  The default is 43200
	 seconds.

       The delayed-ack and max-ack-delay statements

	 delayed-ack count; max-ack-delay microseconds;

	 Count should be an integer value from zero to 2^16-1, and defaults to
	 28.  The count	represents how many DHCPv4  replies  maximum  will  be
	 queued	 pending transmission until after a database commit event.  If
	 this number is	reached, a database commit event  (commonly  resulting
	 in  fsync() and representing a	performance penalty) will be made, and
	 the reply packets will	be transmitted in a  batch  afterwards.	  This
	 preserves  the	 RFC2131  direction  that  "stable storage" be updated
	 prior to replying to clients.	Should the  DHCPv4  sockets  "go  dry"
	 (select()  returns  immediately  with no read sockets), the commit is
	 made and any queued packets are transmitted.

	 Similarly, microseconds indicates how many microseconds are permitted
	 to pass inbetween queuing a packet pending an fsync,  and  performing
	 the  fsync.   Valid  values  range  from 0 to 2^32-1, and defaults to
	 250,000 (1/4 of a second).

	 Please	note that as delayed-ack is currently  experimental,  the  de-
	 layed-ack  feature is not compiled in by default, but must be enabled
	 at compile time with './configure --enable-delayed-ack'.

       The do-forward-updates statement

	 do-forward-updates flag;

	 The do-forward-updates	statement instructs  the  DHCP	server	as  to
	 whether it should attempt to update a DHCP client's A record when the
	 client	acquires or renews a lease.   This statement has no effect un-
	 less DNS updates are enabled and ddns-update-style is set to interim.
	 Forward  updates  are enabled by default.   If	this statement is used
	 to disable forward updates, the DHCP server will never	attempt	to up-
	 date the client's A record, and will only ever	attempt	to update  the
	 client's  PTR	record	if  the	client supplies	an FQDN	that should be
	 placed	in the PTR record using	the fqdn option.  If  forward  updates
	 are  enabled,	the  DHCP  server  will	still honor the	setting	of the
	 client-updates	flag.

       The dynamic-bootp-lease-cutoff statement

	 dynamic-bootp-lease-cutoff date;

	 The dynamic-bootp-lease-cutoff	statement sets the ending time for all
	 leases	assigned dynamically to	BOOTP clients.	Because	BOOTP  clients
	 do  not  have	any  way of renewing leases, and don't know that their
	 leases	could expire, by default dhcpd assigns infinite	leases to  all
	 BOOTP	clients.  However, it may make sense in	some situations	to set
	 a cutoff date for all BOOTP leases - for example, the end of a	school
	 term, or the time at night when a facility is closed and all machines
	 are required to be powered off.

	 Date should be	the date on which all assigned BOOTP leases will  end.
	 The date is specified in the form:

				 W YYYY/MM/DD HH:MM:SS

	 W  is the day of the week expressed as	a number from zero (Sunday) to
	 six (Saturday).  YYYY is the year, including the century.  MM is  the
	 month	expressed  as  a  number  from	1 to 12.  DD is	the day	of the
	 month,	counting from 1.  HH is	the hour, from zero to 23.  MM is  the
	 minute	 and SS	is the second.	The time is always in Coordinated Uni-
	 versal	Time (UTC), not	local time.

       The dynamic-bootp-lease-length statement

	 dynamic-bootp-lease-length length;

	 The dynamic-bootp-lease-length	statement is used to set the length of
	 leases	dynamically assigned to	BOOTP clients.	 At some sites,	it may
	 be possible to	assume that a lease is no longer in use	if its	holder
	 has  not  used	BOOTP or DHCP to get its address within	a certain time
	 period.   The period is specified in length as	a number  of  seconds.
	 If  a client reboots using BOOTP during the timeout period, the lease
	 duration is reset to length, so a BOOTP client	that boots  frequently
	 enough	 will  never  lose its lease.  Needless	to say,	this parameter
	 should	be adjusted with extreme caution.

       The filename statement

	 filename "filename";

	 The filename statement	can be used to specify the name	of the initial
	 boot file which is to be loaded by a client.  The filename should  be
	 a filename recognizable to whatever file transfer protocol the	client
	 can be	expected to use	to load	the file.

       The fixed-address declaration

	 fixed-address address [, address ... ];

	 The  fixed-address declaration	is used	to assign one or more fixed IP
	 addresses to a	client.	 It should only	appear in a host  declaration.
	 If  more than one address is supplied,	then when the client boots, it
	 will be assigned the address that corresponds to the network on which
	 it is booting.	 If none of the	addresses in the fixed-address	state-
	 ment are valid	for the	network	to which the client is connected, that
	 client	 will not match	the host declaration containing	that fixed-ad-
	 dress declaration.  Each address  in  the  fixed-address  declaration
	 should	 be either an IP address or a domain name that resolves	to one
	 or more IP addresses.

       The fixed-address6 declaration

	 fixed-address6	ip6-address ;

	 The fixed-address6 declaration	is used	to assign  a  fixed  IPv6  ad-
	 dresses to a client.  It should only appear in	a host declaration.

       The get-lease-hostnames statement

	 get-lease-hostnames flag;

	 The  get-lease-hostnames  statement  is used to tell dhcpd whether or
	 not to	look up	the domain name	corresponding to  the  IP  address  of
	 each  address	in  the	 lease	pool and use that address for the DHCP
	 hostname option.  If flag is true, then this lookup is	done  for  all
	 addresses in the current scope.   By default, or if flag is false, no
	 lookups are done.

       The hardware statement

	 hardware hardware-type	hardware-address;

	 In  order  for	 a BOOTP client	to be recognized, its network hardware
	 address must be declared using	a hardware clause in the  host	state-
	 ment.	 hardware-type	must be	the name of a physical hardware	inter-
	 face type.   Currently, only the ethernet and	token-ring  types  are
	 recognized,  although	support	 for a fddi hardware type (and others)
	 would also be desirable.  The hardware-address	should	be  a  set  of
	 hexadecimal  octets  (numbers from 0 through ff) separated by colons.
	 The hardware statement	may also be used for DHCP clients.

       The host-identifier option statement

	 host-identifier option	option-name option-data;

	 This identifies a DHCPv6 client in a host statement.  option-name  is
	 any  option,  and  option-data	 is  the value for the option that the
	 client	will send. The option-data must	be a constant value.

       The infinite-is-reserved	statement

	 infinite-is-reserved flag;

	 ISC DHCP now supports 'reserved' leases.  See the section on RESERVED
	 LEASES	below.	If this	flag is	on, the	server will automatically  re-
	 serve	leases	allocated  to  clients	which  requested  an  infinite
	 (0xffffffff) lease-time.

	 The default is	off.

       The lease-file-name statement

	 lease-file-name name;

	 Name should be	the name of the	DHCP server's  lease  file.    By  de-
	 fault,	 this  is  DBDIR/dhcpd.leases.	 This statement	must appear in
	 the outer scope of the	configuration file - if	 it  appears  in  some
	 other	scope,	it will	have no	effect.	 Furthermore, it has no	effect
	 if overridden by the -lf flag or the PATH_DHCPD_DB environment	 vari-
	 able.

       The limit-addrs-per-ia statement

	 limit-addrs-per-ia number;

	 By default, the DHCPv6	server will limit clients to one IAADDR	per IA
	 option,  meaning  one address.	 If you	wish to	permit clients to hang
	 onto multiple addresses at a time, configure a	larger number here.

	 Note that there is no present	method	to  configure  the  server  to
	 forcibly  configure the client	with one IP address per	each subnet on
	 a shared network.  This is left to future work.

       The dhcpv6-lease-file-name statement

	 dhcpv6-lease-file-name	name;

	 Name is the name of the lease file to use if and only if  the	server
	 is  running in	DHCPv6 mode.  By default, this is DBDIR/dhcpd6.leases.
	 This statement, like lease-file-name, must appear in the outer	 scope
	 of the	configuration file.  It	has no effect if overridden by the -lf
	 flag  or  the	PATH_DHCPD6_DB environment variable.  If dhcpv6-lease-
	 file-name is not specified, but lease-file-name is, the latter	 value
	 will be used.

       The local-port statement

	 local-port port;

	 This  statement causes	the DHCP server	to listen for DHCP requests on
	 the UDP port specified	in port, rather	than on	port 67.

       The local-address statement

	 local-address address;

	 This statement	causes the DHCP	server to  listen  for	DHCP  requests
	 sent  to  the specified address, rather than requests sent to all ad-
	 dresses.  Since serving directly attached DHCP	clients	 implies  that
	 the  server must respond to requests sent to the all-ones IP address,
	 this option cannot be used if clients are on directly	attached  net-
	 works...it  is	 only  realistically  useful  for  a server whose only
	 clients are reached via unicasts, such	as via DHCP relay agents.

	 Note:	This statement is only effective if the	 server	 was  compiled
	 using	the USE_SOCKETS	#define	statement, which is default on a small
	 number	of operating systems, and must be explicitly  chosen  at  com-
	 pile-time for all others.  You	can be sure if your server is compiled
	 with USE_SOCKETS if you see lines of this format at startup:

	  Listening on Socket/eth0

	 Note  also  that since	this bind()s all DHCP sockets to the specified
	 address, that only one	address	may be supported  in  a	 daemon	 at  a
	 given time.

       The log-facility	statement

	 log-facility facility;

	 This statement	causes the DHCP	server to do all of its	logging	on the
	 specified  log	 facility once the dhcpd.conf file has been read.   By
	 default the DHCP server logs to the daemon facility.	 Possible  log
	 facilities  include  auth,  authpriv,	cron,  daemon, ftp, kern, lpr,
	 mail, mark, news, ntp,	 security,  syslog,  user,  uucp,  and	local0
	 through  local7.    Not  all of these facilities are available	on all
	 systems, and there may	be other facilities available  on  other  sys-
	 tems.

	 In  addition  to setting this value, you may need to modify your sys-
	 log.conf file to configure logging of the DHCP	server.	  For example,
	 you might add a line like this:

	      local7.debug /var/log/dhcpd.log

	 The syntax of the syslog.conf file may	be different on	some operating
	 systems - consult the syslog.conf manual page to  be  sure.   To  get
	 syslog	 to  start  logging to the new file, you must first create the
	 file with correct ownership and permissions (usually, the same	 owner
	 and  permissions  of your /var/log/messages or	/usr/adm/messages file
	 should	be fine) and send a SIGHUP to syslogd.	Some  systems  support
	 log  rollover	using  a  shell	 script	or program called newsyslog or
	 logrotate, and	you may	be able	to configure this as well so that your
	 log file doesn't grow uncontrollably.

	 Because the log-facility setting  is  controlled  by  the  dhcpd.conf
	 file,	log  messages printed while parsing the	dhcpd.conf file	or be-
	 fore parsing it are logged to the default log facility.   To  prevent
	 this,	see the	README file included with this distribution, which de-
	 scribes how to	change the default log facility.  When this  parameter
	 is used, the DHCP server prints its startup message a second time af-
	 ter  parsing  the configuration file, so that the log will be as com-
	 plete as possible.

       The max-lease-time statement

	 max-lease-time	time;

	 Time should be	the maximum length in seconds that will	be assigned to
	 a lease.  If not defined, the default maximum lease  time  is	86400.
	 The only exception to this is that Dynamic BOOTP lease	lengths, which
	 are not specified by the client, are not limited by this maximum.

       The min-lease-time statement

	 min-lease-time	time;

	 Time should be	the minimum length in seconds that will	be assigned to
	 a  lease.   The  default  is the minimum of 300 seconds or max-lease-
	 time.

       The min-secs statement

	 min-secs seconds;

	 Seconds should	be the minimum number of seconds since a client	 began
	 trying	 to acquire a new lease	before the DHCP	server will respond to
	 its request.  The number of seconds is	based on what the  client  re-
	 ports,	 and  the maximum value	that the client	can report is 255 sec-
	 onds.	 Generally, setting this to one	will result in the DHCP	server
	 not responding	to the client's	first request, but  always  responding
	 to its	second request.

	 This can be used to set up a secondary	DHCP server which never	offers
	 an  address  to  a  client  until the primary server has been given a
	 chance	to do so.   If the primary server is  down,  the  client  will
	 bind  to  the	secondary  server, but otherwise clients should	always
	 bind to the primary.	Note that this does not, by itself,  permit  a
	 primary server	and a secondary	server to share	a pool of dynamically-
	 allocatable addresses.

       The next-server statement

	 next-server server-name;

	 The  next-server statement is used to specify the host	address	of the
	 server	from which the initial boot file (specified  in	 the  filename
	 statement)  is	to be loaded.	Server-name should be a	numeric	IP ad-
	 dress or a domain name.

       The omapi-port statement

	 omapi-port port;

	 The omapi-port	statement causes the DHCP server to listen  for	 OMAPI
	 connections  on  the  specified port.	 This statement	is required to
	 enable	the OMAPI protocol, which is used to examine  and  modify  the
	 state of the DHCP server as it	is running.

       The one-lease-per-client	statement

	 one-lease-per-client flag;

	 If  this flag is enabled, whenever a client sends a DHCPREQUEST for a
	 particular lease, the server will automatically free any other	leases
	 the client holds.   This  presumes  that  when	 the  client  sends  a
	 DHCPREQUEST,  it has forgotten	any lease not mentioned	in the DHCPRE-
	 QUEST - i.e., the client has only a single network interface  and  it
	 does  not remember leases it's	holding	on networks to which it	is not
	 currently attached.   Neither of these	assumptions are	guaranteed  or
	 provable, so we urge caution in the use of this statement.

       The pid-file-name statement

	 pid-file-name name;

	 Name  should be the name of the DHCP server's process ID file.	  This
	 is the	file in	which the DHCP server's	process	ID is stored when  the
	 server	 starts.    By	default,  this is RUNDIR/dhcpd.pid.   Like the
	 lease-file-name statement, this statement must	appear	in  the	 outer
	 scope	of  the	configuration file.  It	has no effect if overridden by
	 the -pf flag or the PATH_DHCPD_PID environment	variable.

	 The dhcpv6-pid-file-name statement

	    dhcpv6-pid-file-name name;

	    Name is the	name of	the pid	file to	use if and only	if the	server
	    is	running	in DHCPv6 mode.	 By default, this is DBDIR/dhcpd6.pid.
	    This statement, like pid-file-name,	must appear in the outer scope
	    of the configuration file.	It has no effect if overridden by  the
	    -pf	  flag	 or  the  PATH_DHCPD6_PID  environment	variable.   If
	    dhcpv6-pid-file-name is not	specified, but pid-file-name  is,  the
	    latter value will be used.

	 The ping-check	statement

	    ping-check flag;

	    When  the  DHCP server is considering dynamically allocating an IP
	    address to a client, it first sends	an ICMP	Echo request (a	 ping)
	    to	the address being assigned.   It waits for a second, and if no
	    ICMP Echo response has been	heard, it assigns the address.	 If  a
	    response is	heard, the lease is abandoned, and the server does not
	    respond to the client.

	    This  ping check introduces	a default one-second delay in respond-
	    ing	to DHCPDISCOVER	messages, which	can  be	 a  problem  for  some
	    clients.   The default delay of one	second may be configured using
	    the	 ping-timeout parameter.  The ping-check configuration parame-
	    ter	can be used to control checking	- if its value	is  false,  no
	    ping check is done.

	 The ping-timeout statement

	    ping-timeout seconds;

	    If	the DHCP server	determined it should send an ICMP echo request
	    (a ping) because the ping-check statement  is  true,  ping-timeout
	    allows  you	 to  configure how many	seconds	the DHCP server	should
	    wait for an	ICMP Echo response to be heard,	if no  ICMP  Echo  re-
	    sponse  has	 been  received	before the timeout expires, it assigns
	    the	address.  If a response	is heard, the lease is abandoned,  and
	    the	 server	 does  not respond to the client.  If no value is set,
	    ping-timeout defaults to 1 second.

	 The preferred-lifetime	statement

	    preferred-lifetime seconds;

	    IPv6 addresses have	'valid'	and 'preferred'	lifetimes.  The	 valid
	    lifetime  determines  at what point	at lease might be said to have
	    expired, and is no longer useable.	A preferred lifetime is	an ad-
	    visory condition to	help applications move off of the address  and
	    onto currently valid addresses (should there still be any open TCP
	    sockets or similar).

	    The	preferred lifetime defaults to the renew+rebind	timers,	or 3/4
	    the	default	lease time if none were	specified.

	 The remote-port statement

	    remote-port	port;

	    This  statement  causes the	DHCP server to transmit	DHCP responses
	    to DHCP clients upon the UDP port specified	in port,  rather  than
	    on	port 68.  In the event that the	UDP response is	transmitted to
	    a DHCP Relay, the server generally uses the	local-port  configura-
	    tion  value.   Should  the	DHCP  Relay  happen to be addressed as
	    127.0.0.1, however,	the DHCP Server	transmits its response to  the
	    remote-port	 configuration	value.	 This is generally only	useful
	    for	testing	purposes, and this configuration value	should	gener-
	    ally not be	used.

	 The server-identifier statement

	    server-identifier hostname;

	    The	 server-identifier  statement  can be used to define the value
	    that is sent in the	DHCP Server  Identifier	 option	 for  a	 given
	    scope.    The  value  specified must be an IP address for the DHCP
	    server, and	must be	reachable by all clients served	by a  particu-
	    lar	scope.

	    The	 use  of  the server-identifier	statement is not recommended -
	    the	only reason to use it is to force a value other	than  the  de-
	    fault  value to be sent on occasions where the default value would
	    be incorrect.   The	default	value is the first IP address  associ-
	    ated  with the physical network interface on which the request ar-
	    rived.

	    The	usual case where the server-identifier statement needs	to  be
	    sent  is  when  a physical interface has more than one IP address,
	    and	the one	being sent by default isn't appropriate	 for  some  or
	    all	clients	served by that interface.  Another common case is when
	    an	alias is defined for the purpose of having a consistent	IP ad-
	    dress for the DHCP server, and it is desired that the clients  use
	    this IP address when contacting the	server.

	    Supplying a	value for the dhcp-server-identifier option is equiva-
	    lent to using the server-identifier	statement.

	 The server-duid statement

	    server-duid	LLT [ hardware-type timestamp hardware-address ] ;

	    server-duid	EN enterprise-number enterprise-identifier ;

	    server-duid	LL [ hardware-type hardware-address ] ;

	    The	server-duid statement configures the server DUID. You may pick
	    either  LLT	(link local address plus time),	EN (enterprise), or LL
	    (link local).

	    If you choose LLT or LL, you may specify the exact contents	of the
	    DUID.  Otherwise the server	will generate a	DUID of	the  specified
	    type.

	    If	you  choose EN,	you must include the enterprise	number and the
	    enterprise-identifier.

	    The	default	server-duid type is LLT.

	 The server-name statement

	    server-name	name ;

	    The	server-name statement can be used to inform the	client of  the
	    name  of the server	from which it is booting.   Name should	be the
	    name that will be provided to the client.

	 The site-option-space statement

	    site-option-space name ;

	    The	site-option-space statement can	be used	to determine from what
	    option space site-local options will be taken.   This can be  used
	    in	much the same way as the vendor-option-space statement.	 Site-
	    local options in DHCP are those options whose  numeric  codes  are
	    greater  than  224.	  These	options	are intended for site-specific
	    uses, but are frequently used by vendors of	embedded hardware that
	    contains DHCP clients.   Because site-specific options  are	 allo-
	    cated  on  an ad hoc basis,	it is quite possible that one vendor's
	    DHCP client	might use the same option code that  another  vendor's
	    client  uses,  for different purposes.   The site-option-space op-
	    tion can be	used to	assign a different set	of  site-specific  op-
	    tions  for	each  such  vendor,  using conditional evaluation (see
	    dhcp-eval (5) for details).

	 The stash-agent-options statement

	    stash-agent-options	flag;

	    If the stash-agent-options parameter is true for a	given  client,
	    the	 server	 will  record the relay	agent information options sent
	    during the client's	initial	DHCPREQUEST message  when  the	client
	    was	 in the	SELECTING state	and behave as if those options are in-
	    cluded in all subsequent DHCPREQUEST messages sent in the RENEWING
	    state.   This works	around a problem with relay agent  information
	    options, which is that they	usually	not appear in DHCPREQUEST mes-
	    sages  sent	by the client in the RENEWING state, because such mes-
	    sages are unicast directly to the server and not  sent  through  a
	    relay agent.

	 The update-conflict-detection statement

	    update-conflict-detection flag;

	    If	the  update-conflict-detection	parameter  is true, the	server
	    will perform standard DHCID	multiple-client, one-name conflict de-
	    tection.  If the parameter has been	set  false,  the  server  will
	    skip this check and	instead	simply tear down any previous bindings
	    to install the new binding without question.  The default is true.

	 The update-optimization statement

	    update-optimization	flag;

	    If	the update-optimization	parameter is false for a given client,
	    the	server will attempt a DNS update for that client each time the
	    client renews its lease, rather than  only	attempting  an	update
	    when it appears to be necessary.   This will allow the DNS to heal
	    from  database  inconsistencies  more easily, but the cost is that
	    the	DHCP server must do many  more	DNS  updates.	 We  recommend
	    leaving  this  option  enabled, which is the default.  This	option
	    only affects the behavior of the interim DNS  update  scheme,  and
	    has	no effect on the ad-hoc	DNS update scheme.   If	this parameter
	    is	not  specified,	 or  is	true, the DHCP server will only	update
	    when the client information	changes, the client gets  a  different
	    lease, or the client's lease expires.

	 The update-static-leases statement

	    update-static-leases flag;

	    The	 update-static-leases flag, if enabled,	causes the DHCP	server
	    to do DNS updates for clients even if those	clients	are being  as-
	    signed their IP address using a fixed-address statement - that is,
	    the	 client	 is  being  given a static assignment.	 This can only
	    work with the interim DNS update scheme.   It is  not  recommended
	    because  the  DHCP	server	has no way to tell that	the update has
	    been done, and therefore will not delete the record	when it	is not
	    in use.   Also, the	server must attempt the	update each  time  the
	    client  renews  its	 lease,	which could have a significant perfor-
	    mance impact in environments that place heavy demands on the  DHCP
	    server.

	 The use-host-decl-names statement

	    use-host-decl-names	flag;

	    If	the  use-host-decl-names  parameter  is	true in	a given	scope,
	    then for every host	declaration within that	scope, the  name  pro-
	    vided  for	the host declaration will be supplied to the client as
	    its	hostname.   So,	for example,

		group {
		  use-host-decl-names on;

		  host joe {
		    hardware ethernet 08:00:2b:4c:29:32;
		    fixed-address joe.fugue.com;
		  }
		}

	    is equivalent to

		  host joe {
		    hardware ethernet 08:00:2b:4c:29:32;
		    fixed-address joe.fugue.com;
		    option host-name "joe";
		  }

	    An option host-name	statement within a host	declaration will over-
	    ride the use of the	name in	the host declaration.

	    It should be noted here that most DHCP clients  completely	ignore
	    the	 host-name option sent by the DHCP server, and there is	no way
	    to configure them not to do	this.	So you generally have a	choice
	    of either not having any hostname to  client  IP  address  mapping
	    that  the client will recognize, or	doing DNS updates.   It	is be-
	    yond the scope of this document to describe	how to make  this  de-
	    termination.

	 The use-lease-addr-for-default-route statement

	    use-lease-addr-for-default-route flag;

	    If	the  use-lease-addr-for-default-route  parameter  is true in a
	    given scope, then instead of sending the value  specified  in  the
	    routers option (or sending no value	at all), the IP	address	of the
	    lease  being  assigned  is	sent  to the client.   This supposedly
	    causes Win95 machines to ARP for all IP addresses,	which  can  be
	    helpful  if	 your router is	configured for proxy ARP.   The	use of
	    this feature is not	recommended, because it	won't  work  for  many
	    DHCP clients.

	 The vendor-option-space statement

	    vendor-option-space	string;

	    The	 vendor-option-space  parameter	 determines  from  what	option
	    space vendor options are taken.   The use  of  this	 configuration
	    parameter  is  illustrated	in the dhcp-options(5) manual page, in
	    the	VENDOR ENCAPSULATED OPTIONS section.

SETTING	PARAMETER VALUES USING EXPRESSIONS
       Sometimes it's helpful to be able to set	the value of a DHCP server pa-
       rameter based on	some value that	the client has sent.   To do this, you
       can use expression evaluation.	The dhcp-eval(5) manual	page describes
       how to write expressions.   To assign the result	of an evaluation to an
       option, define the option as follows:

	 my-parameter =	expression ;

       For example:

	 ddns-hostname = binary-to-ascii (16, 8, "-",
					  substring (hardware, 1, 6));

RESERVED LEASES
       It's often useful to allocate a single address to a single  client,  in
       approximate perpetuity.	Host statements	with fixed-address clauses ex-
       ist  to a certain extent	to serve this purpose, but because host	state-
       ments are intended to approximate 'static configuration',  they	suffer
       from  not  being	referenced in a	littany	of other Server	Services, such
       as dynamic DNS, failover, 'on events' and so forth.

       If a standard dynamic lease, as from any	 range	statement,  is	marked
       'reserved', then	the server will	only allocate this lease to the	client
       it is identified	by (be that by client identifier or hardware address).

       In practice, this means that the	lease follows the normal state engine,
       enters  ACTIVE state when the client is bound to	it, expires, or	is re-
       leased, and any events or services that would normally be supplied dur-
       ing these events	are processed normally,	 as  with  any	other  dynamic
       lease.	The  only  difference  is that failover	servers	treat reserved
       leases as special when they enter the FREE  or  BACKUP  states  -  each
       server  applies the lease into the state	it may allocate	from - and the
       leases are not placed on	the queue for  allocation  to  other  clients.
       Instead	they  may  only	 be 'found' by client identity.	 The result is
       that the	lease is only offered to the returning client.

       Care should probably be taken to	ensure that the	client	only  has  one
       lease within a given subnet that	it is identified by.

       Leases  may be set 'reserved' either through OMAPI, or through the 'in-
       finite-is-reserved' configuration option	(if this is applicable to your
       environment and mixture of clients).

       It should also be noted that leases marked 'reserved'  are  effectively
       treated the same	as leases marked 'bootp'.

REFERENCE: OPTION STATEMENTS
       DHCP  option  statements	 are  documented in the	dhcp-options(5)	manual
       page.

REFERENCE: EXPRESSIONS
       Expressions used	in DHCP	option statements and elsewhere	are documented
       in the dhcp-eval(5) manual page.

SEE ALSO
       dhcpd(8),  dhcpd.leases(5),  dhcp-options(5),  dhcp-eval(5),   RFC2132,
       RFC2131.

AUTHOR
       dhcpd.conf(5)  was  written  by	Ted  Lemon under a contract with Vixie
       Labs.   Funding for this	project	was provided by	Internet Systems  Con-
       sortium.	 Information about Internet Systems Consortium can be found at
       https://www.isc.org.

								 dhcpd.conf(5)

NAME | DESCRIPTION | EXAMPLES | ADDRESS POOLS | DYNAMIC ADDRESS ALLOCATION | IP ADDRESS CONFLICT PREVENTION | DHCP FAILOVER | FAILOVER STARTUP | CONFIGURING FAILOVER | CLIENT CLASSING | SUBCLASSES | PER-CLASS LIMITS ON DYNAMIC ADDRESS ALLOCATION | SPAWNING CLASSES | COMBINING MATCH, MATCH IF AND SPAWN WITH | DYNAMIC DNS UPDATES | THE AD-HOC DNS UPDATE SCHEME | THE INTERIM DNS UPDATE SCHEME | DYNAMIC DNS UPDATE SECURITY | REFERENCE: EVENTS | REFERENCE: DECLARATIONS | REFERENCE: ALLOW AND DENY | ALLOW DENY AND IGNORE IN SCOPE | ALLOW AND DENY WITHIN POOL DECLARATIONS | REFERENCE: PARAMETERS | SETTING PARAMETER VALUES USING EXPRESSIONS | RESERVED LEASES | REFERENCE: OPTION STATEMENTS | REFERENCE: EXPRESSIONS | SEE ALSO | AUTHOR

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=dhcpd.conf&sektion=5&manpath=FreeBSD+8.2-RELEASE+and+Ports>

home | help