Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
dhcpd.conf(5)		      File Formats Manual		 dhcpd.conf(5)

NAME
       dhcpd.conf - dhcpd configuration	file

DESCRIPTION
       The  dhcpd.conf	file contains configuration information	for dhcpd, the
       Internet	Systems	Consortium DHCP	Server.

       The dhcpd.conf file is a	free-form ASCII	text file.   It	is  parsed  by
       the  recursive-descent  parser built into dhcpd.	  The file may contain
       extra tabs and newlines for formatting purposes.	 Keywords in the  file
       are case-insensitive.   Comments	may be placed anywhere within the file
       (except within quotes).	 Comments begin	with the # character  and  end
       at the end of the line.

       The  file  essentially  consists	 of a list of statements.   Statements
       fall into two broad categories -	parameters and declarations.

       Parameter statements either say how to do something (e.g., how  long  a
       lease  to  offer),  whether to do something (e.g., should dhcpd provide
       addresses to unknown clients), or what parameters  to  provide  to  the
       client (e.g., use gateway 220.177.244.7).

       Declarations  are  used	to  describe  the  topology of the network, to
       describe	clients	on the network,	 to  provide  addresses	 that  can  be
       assigned	 to  clients,  or to apply a group of parameters to a group of
       declarations.   In any group of parameters and declarations, all	param-
       eters  must  be specified before	any declarations which depend on those
       parameters may be specified.

       Declarations about network topology include the shared-network and  the
       subnet  declarations.	If  clients  on	 a  subnet  are	to be assigned
       addresses dynamically, a	range declaration must appear within the  sub-
       net  declaration.    For	clients	with statically	assigned addresses, or
       for installations where only known clients will be  served,  each  such
       client  must have a host	declaration.   If parameters are to be applied
       to a group of declarations which	are not	related	strictly on a per-sub-
       net basis, the group declaration	can be used.

       For  every  subnet  which will be served, and for every subnet to which
       the dhcp	server is connected, there must	 be  one  subnet  declaration,
       which  tells  dhcpd how to recognize that an address is on that subnet.
       A subnet	declaration is required	for each subnet	even if	 no  addresses
       will be dynamically allocated on	that subnet.

       Some  installations  have  physical  networks on	which more than	one IP
       subnet operates.	  For example, if there	 is  a	site-wide  requirement
       that  8-bit subnet masks	be used, but a department with a single	physi-
       cal ethernet network expands to the point where it has  more  than  254
       nodes,  it may be necessary to run two 8-bit subnets on the same	ether-
       net until such time as a	new physical network can be added.    In  this
       case,  the  subnet declarations for these two networks must be enclosed
       in a shared-network declaration.

       Note that even when the shared-network declaration is absent, an	 empty
       one  is	created	 by  the  server to contain the	subnet (and any	scoped
       parameters included in the subnet).  For	practical purposes, this means
       that  "stateless"  DHCP	clients,  which	are not	tied to	addresses (and
       therefore subnets) will receive	the  same  configuration  as  stateful
       ones.

       Some  sites  may	 have  departments which have clients on more than one
       subnet, but it may be desirable to offer	those clients a	uniform	set of
       parameters  which  are  different than what would be offered to clients
       from other departments on the same subnet.   For	clients	which will  be
       declared	 explicitly  with host declarations, these declarations	can be
       enclosed	in a group declaration along with  the	parameters  which  are
       common to that department.   For	clients	whose addresses	will be	dynam-
       ically assigned,	class declarations and conditional declarations	may be
       used  to	 group	parameter  assignments based on	information the	client
       sends.

       When a client is	to be booted, its boot parameters  are	determined  by
       consulting that client's	host declaration (if any), and then consulting
       any class declarations matching the client, followed by the pool,  sub-
       net  and	shared-network declarations for	the IP address assigned	to the
       client.	 Each of these declarations itself appears  within  a  lexical
       scope,  and  all	 declarations at less specific lexical scopes are also
       consulted for client option declarations.   Scopes are never considered
       twice,  and  if	parameters  are	 declared  in more than	one scope, the
       parameter declared in the most specific scope is	the one	that is	used.

       When dhcpd tries	to find	a host declaration  for	 a  client,  it	 first
       looks for a host	declaration which has a	fixed-address declaration that
       lists an	IP address that	is valid for the subnet	or shared  network  on
       which  the  client  is booting.	 If it doesn't find any	such entry, it
       tries to	find an	entry which has	no fixed-address declaration.

EXAMPLES
       A typical dhcpd.conf file will look something like this:

       global parameters...

       subnet 204.254.239.0 netmask 255.255.255.224 {
	 subnet-specific parameters...
	 range 204.254.239.10 204.254.239.30;
       }

       subnet 204.254.239.32 netmask 255.255.255.224 {
	 subnet-specific parameters...
	 range 204.254.239.42 204.254.239.62;
       }

       subnet 204.254.239.64 netmask 255.255.255.224 {
	 subnet-specific parameters...
	 range 204.254.239.74 204.254.239.94;
       }

       group {
	 group-specific	parameters...
	 host zappo.test.isc.org {
	   host-specific parameters...
	 }
	 host beppo.test.isc.org {
	   host-specific parameters...
	 }
	 host harpo.test.isc.org {
	   host-specific parameters...
	 }
       }

				      Figure 1

       Notice that at the beginning of the file, there's a  place  for	global
       parameters.    These  might  be	things	like the organization's	domain
       name, the addresses of the name servers (if  they  are  common  to  the
       entire organization), and so on.	  So, for example:

	    option domain-name "isc.org";
	    option domain-name-servers ns1.isc.org, ns2.isc.org;

				      Figure 2

       As  you	can see	in Figure 2, you can specify host addresses in parame-
       ters using their	domain names rather than their numeric	IP  addresses.
       If  a given hostname resolves to	more than one IP address (for example,
       if that host has	two ethernet interfaces), then	where  possible,  both
       addresses are supplied to the client.

       The  most obvious reason	for having subnet-specific parameters as shown
       in Figure 1 is that each	subnet,	of necessity, has its own router.   So
       for the first subnet, for example, there	should be something like:

	    option routers 204.254.239.1;

       Note  that  the	address	 here  is specified numerically.   This	is not
       required	- if you have a	different domain name for  each	 interface  on
       your  router, it's perfectly legitimate to use the domain name for that
       interface instead of the	numeric	 address.    However,  in  many	 cases
       there  may  be only one domain name for all of a	router's IP addresses,
       and it would not	be appropriate to use that name	here.

       In Figure 1 there is also a  group  statement,  which  provides	common
       parameters  for	a set of three hosts - zappo, beppo and	harpo.	As you
       can see,	these hosts are	all in the test.isc.org	domain,	 so  it	 might
       make  sense  for	a group-specific parameter to override the domain name
       supplied	to these hosts:

	    option domain-name "test.isc.org";

       Also, given the domain they're in, these	are  probably  test  machines.
       If we wanted to test the	DHCP leasing mechanism,	we might set the lease
       timeout somewhat	shorter	than the default:

	    max-lease-time 120;
	    default-lease-time 120;

       You may have noticed that while some parameters start with  the	option
       keyword,	 some  do  not.	   Parameters starting with the	option keyword
       correspond to actual DHCP options, while	parameters that	do  not	 start
       with  the option	keyword	either control the behavior of the DHCP	server
       (e.g., how long a lease dhcpd will give out), or	specify	client parame-
       ters  that  are not optional in the DHCP	protocol (for example, server-
       name and	filename).

       In Figure 1, each host  had  host-specific  parameters.	  These	 could
       include	such  things  as  the  hostname	 option, the name of a file to
       upload (the filename parameter) and the	address	 of  the  server  from
       which to	upload the file	(the next-server parameter).   In general, any
       parameter can appear anywhere that parameters are allowed, and will  be
       applied according to the	scope in which the parameter appears.

       Imagine	that  you  have	 a site	with a lot of NCD X-Terminals.	 These
       terminals come in a variety of models, and you want to specify the boot
       files for each model.   One way to do this would	be to have host	decla-
       rations for each	server and group them by model:

       group {
	 filename "Xncd19r";
	 next-server ncd-booter;

	 host ncd1 { hardware ethernet 0:c0:c3:49:2b:57; }
	 host ncd4 { hardware ethernet 0:c0:c3:80:fc:32; }
	 host ncd8 { hardware ethernet 0:c0:c3:22:46:81; }
       }

       group {
	 filename "Xncd19c";
	 next-server ncd-booter;

	 host ncd2 { hardware ethernet 0:c0:c3:88:2d:81; }
	 host ncd3 { hardware ethernet 0:c0:c3:00:14:11; }
       }

       group {
	 filename "XncdHMX";
	 next-server ncd-booter;

	 host ncd1 { hardware ethernet 0:c0:c3:11:90:23; }
	 host ncd4 { hardware ethernet 0:c0:c3:91:a7:8;	}
	 host ncd8 { hardware ethernet 0:c0:c3:cc:a:8f;	}
       }

ADDRESS	POOLS
       The pool	declaration can	be used	to specify a pool  of  addresses  that
       will be treated differently than	another	pool of	addresses, even	on the
       same network segment or subnet.	 For example, you may want to  provide
       a  large	set of addresses that can be assigned to DHCP clients that are
       registered to your DHCP	server,	 while	providing  a  smaller  set  of
       addresses,  possibly  with  short  lease	 times,	that are available for
       unknown clients.	  If you have a	firewall, you may be able  to  arrange
       for addresses from one pool to be allowed access	to the Internet, while
       addresses in another pool are not, thus encouraging users  to  register
       their  DHCP clients.   To do this, you would set	up a pair of pool dec-
       larations:

       subnet 10.0.0.0 netmask 255.255.255.0 {
	 option	routers	10.0.0.254;

	 # Unknown clients get this pool.
	 pool {
	   option domain-name-servers bogus.example.com;
	   max-lease-time 300;
	   range 10.0.0.200 10.0.0.253;
	   allow unknown-clients;
	 }

	 # Known clients get this pool.
	 pool {
	   option domain-name-servers ns1.example.com, ns2.example.com;
	   max-lease-time 28800;
	   range 10.0.0.5 10.0.0.199;
	   deny	unknown-clients;
	 }
       }

       It is also possible to set up entirely different	subnets	for known  and
       unknown	clients	- address pools	exist at the level of shared networks,
       so address ranges within	pool declarations can be on different subnets.

       As you can see in the preceding example,	pools can  have	 permit	 lists
       that  control  which  clients  are allowed access to the	pool and which
       aren't.	Each entry in a	pool's permit  list  is	 introduced  with  the
       allow  or  deny keyword.	  If a pool has	a permit list, then only those
       clients that match specific entries on the permit list will be eligible
       to  be  assigned	 addresses from	the pool.   If a pool has a deny list,
       then only those clients that do not match any entries on	the deny  list
       will  be	 eligible.     If both permit and deny lists exist for a pool,
       then only clients that match the	permit list and	do not match the  deny
       list will be allowed access.

DYNAMIC	ADDRESS	ALLOCATION
       Address	allocation  is actually	only done when a client	is in the INIT
       state and has sent a DHCPDISCOVER message.  If the client thinks	it has
       a  valid	lease and sends	a DHCPREQUEST to initiate or renew that	lease,
       the server has only three choices - it can ignore the DHCPREQUEST, send
       a  DHCPNAK to tell the client it	should stop using the address, or send
       a DHCPACK, telling the client to	go ahead and use  the  address	for  a
       while.

       If  the	server	finds  the  address the	client is requesting, and that
       address is available to the client, the server will send	a DHCPACK.  If
       the  address  is	 no longer available, or the client isn't permitted to
       have it,	the server will	send a DHCPNAK.	 If the	server	knows  nothing
       about  the address, it will remain silent, unless the address is	incor-
       rect for	the network segment to which the client	has been attached  and
       the server is authoritative for that network segment, in	which case the
       server will send	a DHCPNAK  even	 though	 it  doesn't  know  about  the
       address.

       There  may  be a	host declaration matching the client's identification.
       If that host declaration	 contains  a  fixed-address  declaration  that
       lists  an IP address that is valid for the network segment to which the
       client is connected.  In	this case,  the	 DHCP  server  will  never  do
       dynamic	address	 allocation.   In this case, the client	is required to
       take the	address	specified in the host  declaration.    If  the	client
       sends  a	 DHCPREQUEST  for  some	other address, the server will respond
       with a DHCPNAK.

       When the	DHCP server allocates a	new address for	 a  client  (remember,
       this  only  happens  if	the  client has	sent a DHCPDISCOVER), it first
       looks to	see if the client already has a	valid lease on an IP  address,
       or  if there is an old IP address the client had	before that hasn't yet
       been reassigned.	 In that case, the server will take that  address  and
       check  it  to  see  if the client is still permitted to use it.	If the
       client is no longer permitted to	use it,	the  lease  is	freed  if  the
       server  thought it was still in use - the fact that the client has sent
       a DHCPDISCOVER proves to	the server that	the client is no longer	 using
       the lease.

       If no existing lease is found, or if the	client is forbidden to receive
       the existing lease, then	the server will	look in	the  list  of  address
       pools  for  the	network	 segment to which the client is	attached for a
       lease that is not in use	and that the client is permitted to have.   It
       looks through each pool declaration in sequence (all range declarations
       that appear outside of pool declarations	are grouped into a single pool
       with  no	 permit	 list).	   If  the permit list for the pool allows the
       client to be allocated an address from that pool, the pool is  examined
       to  see	if  there is an	address	available.   If	so, then the client is
       tentatively assigned  that  address.    Otherwise,  the	next  pool  is
       tested.	 If no addresses are found that	can be assigned	to the client,
       no response is sent to the client.

       If an address is	found that the client is permitted to have,  and  that
       has  never  been	 assigned to any client	before,	the address is immedi-
       ately allocated to the client.	If the address is available for	 allo-
       cation  but  has	 been  previously  assigned to a different client, the
       server will keep	looking	in hopes of finding an address that has	 never
       before been assigned to a client.

       The  DHCP  server  generates  the list of available IP addresses	from a
       hash table.   This means	that the addresses are not sorted in any  par-
       ticular	order, and so it is not	possible to predict the	order in which
       the DHCP	server will allocate IP	addresses.   Users  of	previous  ver-
       sions  of  the  ISC  DHCP server	may have become	accustomed to the DHCP
       server allocating IP addresses in  ascending  order,  but  this	is  no
       longer  possible,  and  there is	no way to configure this behavior with
       version 3 of the	ISC DHCP server.

IP ADDRESS CONFLICT PREVENTION
       The DHCP	server checks IP addresses to see if they are  in  use	before
       allocating  them	 to  clients.	 It  does this by sending an ICMP Echo
       request message to the IP address being allocated.   If	no  ICMP  Echo
       reply  is  received within a second, the	address	is assumed to be free.
       This is only done for leases that have been specified in	 range	state-
       ments, and only when the	lease is thought by the	DHCP server to be free
       - i.e., the DHCP	server or its failover peer has	not listed  the	 lease
       as in use.

       If  a  response	is  received  to an ICMP Echo request, the DHCP	server
       assumes that there is a configuration error - the IP address is in  use
       by  some	 host on the network that is not a DHCP	client.	  It marks the
       address as abandoned, and will not assign it to clients.

       If a DHCP client	tries to get an	IP address, but	 none  are  available,
       but there are abandoned IP addresses, then the DHCP server will attempt
       to reclaim an abandoned IP address.   It	marks one IP address as	 free,
       and  then  does	the same ICMP Echo request check described previously.
       If there	is no answer to	the ICMP Echo request, the address is assigned
       to the client.

       The  DHCP  server  does not cycle through abandoned IP addresses	if the
       first IP	address	it tries to reclaim is free.   Rather, when  the  next
       DHCPDISCOVER comes in from the client, it will attempt a	new allocation
       using the same method described here, and will typically	try a  new  IP
       address.

DHCP FAILOVER
       This version of the ISC DHCP server supports the	DHCP failover protocol
       as documented in	draft-ietf-dhc-failover-12.txt.	  This is not a	 final
       protocol	 document,  and	we have	not done interoperability testing with
       other vendors' implementations of this protocol,	so you must not	assume
       that  this implementation conforms to the standard.  If you wish	to use
       the failover protocol, make sure	that both failover peers  are  running
       the same	version	of the ISC DHCP	server.

       The failover protocol allows two	DHCP servers (and no more than two) to
       share a common address pool.   Each server will have about half of  the
       available  IP  addresses	 in the	pool at	any given time for allocation.
       If one server fails, the	other server will continue to renew leases out
       of the pool, and	will allocate new addresses out	of the roughly half of
       available addresses that	it had	when  communications  with  the	 other
       server were lost.

       It  is possible during a	prolonged failure to tell the remaining	server
       that the	other server is	down, in which case the	remaining server  will
       (over  time)  reclaim  all the addresses	the other server had available
       for allocation, and begin to reuse them.	  This is called  putting  the
       server into the PARTNER-DOWN state.

       You  can	put the	server into the	PARTNER-DOWN state either by using the
       omshell (1) command  or	by  stopping  the  server,  editing  the  last
       failover	 state	declaration  in	 the  lease  file,  and	restarting the
       server.	 If you	use this last method, change the "my state" line to:

       failover	peer name state	{
       my state	partner-down;
       peer state state	at date;
       }

       It is only required to change "my state"	as shown above.

       When the	other server comes back	online,	it should automatically	detect
       that  it	has been offline and request a complete	update from the	server
       that was	running	in the PARTNER-DOWN state, and then both servers  will
       resume processing together.

       It is possible to get into a dangerous situation: if you	put one	server
       into the	PARTNER-DOWN state, and	then *that* server goes	down, and  the
       other  server  comes  back  up, the other server	will not know that the
       first server was	in the PARTNER-DOWN state,  and	 may  issue  addresses
       previously  issued  by the other	server to different clients, resulting
       in IP address conflicts.	  Before putting a  server  into  PARTNER-DOWN
       state,  therefore,  make	 sure  that  the other server will not restart
       automatically.

       The failover protocol defines a primary server  role  and  a  secondary
       server  role.	There are some differences in how primaries and	secon-
       daries act, but most of the differences simply have to do with  provid-
       ing  a  way for each peer to behave in the opposite way from the	other.
       So one server must be configured	as primary, and	the other must be con-
       figured	as  secondary,	and  it	 doesn't  matter too much which	one is
       which.

FAILOVER STARTUP
       When a server starts that has  not  previously  communicated  with  its
       failover	 peer, it must establish communications	with its failover peer
       and synchronize with it before it can serve clients.   This can	happen
       either  because	you  have just configured your DHCP servers to perform
       failover	for the	first time, or because one of  your  failover  servers
       has failed catastrophically and lost its	database.

       The  initial  recovery  process	is  designed  to  ensure that when one
       failover	peer loses its database	and then  resynchronizes,  any	leases
       that the	failed server gave out before it failed	will be	honored.  When
       the failed server starts	up, it notices that it has no  saved  failover
       state, and attempts to contact its peer.

       When  it	 has established contact, it asks the peer for a complete copy
       its peer's lease	database.  The peer then sends its complete  database,
       and sends a message indicating that it is done.	The failed server then
       waits until MCLT	has passed, and	once MCLT has passed both servers make
       the transition back into	normal operation.  This	waiting	period ensures
       that any	leases the failed server may have given	out while out of  con-
       tact with its partner will have expired.

       While the failed	server is recovering, its partner remains in the part-
       ner-down	state, which means that	it is serving all clients.  The	failed
       server provides no service at all to DHCP clients until it has made the
       transition into normal operation.

       In the case where both servers detect that they have never before  com-
       municated  with their partner, they both	come up	in this	recovery state
       and follow the procedure	we have	just described.	   In  this  case,  no
       service will be provided	to DHCP	clients	until MCLT has expired.

CONFIGURING FAILOVER
       In  order  to  configure	failover, you need to write a peer declaration
       that configures the failover protocol, and you need to write peer  ref-
       erences	in  each  pool	declaration for	which you want to do failover.
       You do not have to do failover for all pools on a  given	 network  seg-
       ment.	You must not tell one server it's doing	failover on a particu-
       lar address pool	and tell the other it is not.	You must not have  any
       common  address pools on	which you are not doing	failover.  A pool dec-
       laration	that utilizes failover would look like this:

       pool {
	    failover peer "foo";
	    pool specific parameters
       };

       The  server currently  does very	 little	 sanity	checking,  so if   you
       configure  it wrong, it will just  fail in odd ways.  I would recommend
       therefore that you either do  failover or don't do failover, but	 don't
       do  any mixed pools.  Also,  use	the same master	configuration file for
       both  servers,  and  have  a  separate file  that  contains  the	  peer
       declaration  and	includes the master file.  This	will help you to avoid
       configuration  mismatches.  As our  implementation evolves,  this  will
       become	less of	 a  problem.  A	 basic	sample dhcpd.conf  file	for  a
       primary server might look like this:

       failover	peer "foo" {
	 primary;
	 address anthrax.rc.vix.com;
	 port 519;
	 peer address trantor.rc.vix.com;
	 peer port 520;
	 max-response-delay 60;
	 max-unacked-updates 10;
	 mclt 3600;
	 split 128;
	 load balance max seconds 3;
       }

       include "/etc/dhcpd.master";

       The statements in the peer declaration are as follows:

       The primary and secondary statements

	 [ primary | secondary ];

	 This determines whether  the  server  is  primary  or	secondary,  as
	 described earlier under DHCP FAILOVER.

       The address statement

	 address address;

	 The  address  statement  declares the IP address or DNS name on which
	 the server should listen for connections from its failover peer,  and
	 also  the  value to use for the DHCP Failover Protocol	server identi-
	 fier.	Because	this value is used as an identifier,  it  may  not  be
	 omitted.

       The peer	address	statement

	 peer address address;

	 The  peer  address  statement	declares the IP	address	or DNS name to
	 which the server should  connect  to  reach  its  failover  peer  for
	 failover messages.

       The port	statement

	 port port-number;

	 The  port  statement declares the TCP port on which the server	should
	 listen	for connections	from its failover peer.	  This	statement  may
	 not  currently	be omitted, because the	failover protocol does not yet
	 have a	reserved TCP port number.

       The peer	port statement

	 peer port port-number;

	 The peer port statement declares the TCP port	to  which  the	server
	 should	 connect  to  reach  its  failover peer	for failover messages.
	 This statement	may not	be omitted because the failover	protocol  does
	 not  yet  have	a reserved TCP port number.   The port number declared
	 in the	peer port statement  may  be  the  same	 as  the  port	number
	 declared in the port statement.

       The max-response-delay statement

	 max-response-delay seconds;

	 The  max-response-delay statement tells the DHCP server how many sec-
	 onds may pass without receiving a  message  from  its	failover  peer
	 before	it assumes that	connection has failed.	 This number should be
	 small enough that a transient network failure that breaks the connec-
	 tion  will not	result in the servers being out	of communication for a
	 long time, but	large enough that the server isn't  constantly	making
	 and breaking connections.   This parameter must be specified.

       The max-unacked-updates statement

	 max-unacked-updates count;

	 The  max-unacked-updates  statement  tells the	remote DHCP server how
	 many BNDUPD messages it can send before it receives a BNDACK from the
	 local	system.	   We  don't have enough operational experience	to say
	 what a	good value for this is,	but 10 seems to	work.	This parameter
	 must be specified.

       The mclt	statement

	 mclt seconds;

	 The mclt statement defines the	Maximum	Client Lead Time.   It must be
	 specified on the primary, and may not be specified on the  secondary.
	 This is the length of time for	which a	lease may be renewed by	either
	 failover peer without contacting the  other.	 The  longer  you  set
	 this,	the  longer  it	will take for the running server to recover IP
	 addresses after moving	into PARTNER-DOWN state.   The shorter you set
	 it, the more load your	servers	will experience	when they are not com-
	 municating.   A value of something like 3600 is probably  reasonable,
	 but  again  bear  in mind that	we have	no real	operational experience
	 with this.

       The split statement

	 split index;

	 The split statement specifies the split between the primary and  sec-
	 ondary	 for the purposes of load balancing.   Whenever	a client makes
	 a DHCP	request, the DHCP server runs a	hash on	the client identifica-
	 tion,	resulting  in  value  from 0 to	255.  This is used as an index
	 into a	256 bit	field.	If the bit at that index is set,  the  primary
	 is  responsible.   If the bit at that index is	not set, the secondary
	 is responsible.  The split value determines how many of  the  leading
	 bits are set to one.  So, in practice,	higher split values will cause
	 the primary to	serve more clients than	the  secondary.	  Lower	 split
	 values,  the  converse.  Legal	values are between 0 and 255, of which
	 the most reasonable is	128.

       The hba statement

	 hba colon-separated-hex-list;

	 The hba statement specifies the split between the  primary  and  sec-
	 ondary	 as  a bitmap rather than a cutoff, which theoretically	allows
	 for finer-grained control.   In practice, there is probably  no  need
	 for such fine-grained control,	however.   An example hba statement:

	   hba ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
	       00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00;

	 This  is  equivalent  to  a split 128;	statement, and identical.  The
	 following two examples	are also equivalent to a split of 128, but are
	 not identical:

	   hba aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:
	       aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa;

	   hba 55:55:55:55:55:55:55:55:55:55:55:55:55:55:55:55:
	       55:55:55:55:55:55:55:55:55:55:55:55:55:55:55:55;

	 They are equivalent, because half the bits are	set to 0, half are set
	 to 1 (0xa and 0x5 are 1010 and	0101 binary respectively)  and	conse-
	 quently  this	would  roughly	divide the clients equally between the
	 servers.  They	are not	identical, because the actual peers this would
	 load balance to each server are different for each example.

	 You must only have split or hba defined, never	both.  For most	cases,
	 the fine-grained control that hba offers isn't	necessary,  and	 split
	 should	be used.

       The load	balance	max seconds statement

	 load balance max seconds seconds;

	 This statement	allows you to configure	a cutoff after which load bal-
	 ancing	is disabled.  The cutoff is based on  the  number  of  seconds
	 since	the client sent	its first DHCPDISCOVER or DHCPREQUEST message,
	 and only works	with clients that correctly implement the secs field -
	 fortunately  most clients do.	We recommend setting this to something
	 like 3	or 5.  The effect of this is that if one of the	failover peers
	 gets into a state where it is responding to failover messages but not
	 responding to some client requests, the other failover	peer will take
	 over its client load automatically as the clients retry.

       The Failover pool balance statements.

	  max-lease-misbalance percentage;
	  max-lease-ownership percentage;
	  min-balance seconds;
	  max-balance seconds;

	 This version of the DHCP Server evaluates pool	balance	on a schedule,
	 rather	than on	demand as leases are allocated.	 The  latter  approach
	 proved	 to be slightly	klunky when pool misbalanced reach total satu-
	 ration...when any server ran out of leases to assign,	it  also  lost
	 its ability to	notice it had run dry.

	 In  order  to understand pool balance,	some elements of its operation
	 first need to be defined.   First,  there  are	 'free'	 and  'backup'
	 leases.   Both	 of  these  are	 referred  to  as 'free	state leases'.
	 'free'	and 'backup' are 'the free states' for	the  purpose  of  this
	 document.   The difference is that only the primary may allocate from
	 'free'	leases unless under special circumstances, and only  the  sec-
	 ondary	may allocate 'backup' leases.

	 When  pool balance is performed, the only plausible expectation is to
	 provide a 50/50 split of  the	free  state  leases  between  the  two
	 servers.   This is because no one can predict which server will fail,
	 regardless of the relative load placed	upon the two servers, so  giv-
	 ing each server half the leases gives both servers the	same amount of
	 'failure endurance'.  Therefore, there	is no  way  to	configure  any
	 different  behaviour,	outside	 of  some  very	 small windows we will
	 describe shortly.

	 The first thing calculated  on	 any  pool  balance  run  is  a	 value
	 referred to as	'lts', or "Leases To Send".  This, simply, is the dif-
	 ference in the	count of free and backup leases, divided by two.   For
	 the  secondary,  it  is the difference	in the backup and free leases,
	 divided by two.  The resulting	value is signed: if  it	 is  positive,
	 the  local  server  is	 expected to hand out leases to	retain a 50/50
	 balance.  If it is negative, the remote server	 would	need  to  send
	 leases	 to  balance  the  pool.  Once the lts value reaches zero, the
	 pool is perfectly balanced (give or take one lease in the case	of  an
	 odd number of total free state	leases).

	 The  current  approach	 is  still  something  of  a hybrid of the old
	 approach, marked by the presence of the  max-lease-misbalance	state-
	 ment.	This parameter configures what used to be a 10%	fixed value in
	 previous versions: if lts is less than	free+backup  *	max-lease-mis-
	 balance percent, then the server will skip balancing a	given pool (it
	 won't bother moving any leases,  even	if  some  leases  "should"  be
	 moved).   The meaning of this value is	also somewhat overloaded, how-
	 ever, in that it also governs the estimation of when  to  attempt  to
	 balance  the  pool (which may then also be skipped over).  The	oldest
	 leases	in the free and	backup states are  examined.   The  time  they
	 have  resided	in  their  respective queues is	used as	an estimate to
	 indicate how much time	it is probable it would	take before the	leases
	 at the	top of the list	would be consumed (and thus, how long it would
	 take to use all leases	in that	state).	 This percentage  is  directly
	 multiplied by this time, and fit into the schedule if it falls	within
	 the min-balance and max-balance  configured  values.	The  scheduled
	 pool  check  time is only moved in a downwards	direction, it is never
	 increased.  Lastly, if	the lts	is more	than double this number	in the
	 negative  direction,  the  local  server  will	'panic'	and transmit a
	 Failover protocol POOLREQ message, in the hopes that the remote  sys-
	 tem will be woken up into action.

	 Once  the  lts	 value	exceeds	the max-lease-misbalance percentage of
	 total free state leases as described above, leases are	moved  to  the
	 remote	server.	 This is done in two passes.

	 In  the  first	pass, only leases whose	most recent bound client would
	 have been served by the remote	server - according to the Load Balance
	 Algorithm  (see  above	 split and hba configuration statements) - are
	 given away to the peer.  This first pass  will	 happily  continue  to
	 give  away  leases, decrementing the lts value	by one for each, until
	 the lts value has reached the negative	of the total number of	leases
	 multiplied  by	 the max-lease-ownership percentage.  So it is through
	 this value that you can permit	a small	misbalance of the lease	 pools
	 -  for	 the  purpose  of  giving  the peer more than a	50/50 share of
	 leases	in the hopes that their	clients	might some day return  and  be
	 allocated by the peer (operating normally).  This process is referred
	 to as 'MAC Address Affinity',	but  this  is  somewhat	 misnamed:  it
	 applies  equally  to  DHCP Client Identifier options.	Note also that
	 affinity is applied to	leases when they enter the state  'free'  from
	 'expired' or 'released'.  In this case	also, leases will not be moved
	 from free to backup if	the secondary already has more than its	share.

	 The second pass is only entered into  if  the	first  pass  fails  to
	 reduce	 the lts underneath the	total number of	free state leases mul-
	 tiplied by the	max-lease-ownership percentage.	  In  this  pass,  the
	 oldest	leases are given over to the peer without second thought about
	 the Load Balance Algorithm, and this continues	until  the  lts	 falls
	 under	this  value.   In this way, the	local server will also happily
	 keep a	small percentage of the	leases that would normally  load  bal-
	 ance to itself.

	 So,  the  max-lease-misbalance	 value	acts  as  a  behavioural gate.
	 Smaller values	will cause more	leases to transition states to balance
	 the pools over	time, higher values will decrease the amount of	change
	 (but may lead to pool starvation if there's a run on leases).

	 The max-lease-ownership value permits a small	(percentage)  skew  in
	 the  lease  balance of	a percentage of	the total number of free state
	 leases.

	 Finally, the min-balance and max-balance make certain that  a	sched-
	 uled rebalance	event happens within a reasonable timeframe (not to be
	 thrown	off by,	for example, a 7 year old free lease).

	 Plausible values for the percentages lie between 0  and  100,	inclu-
	 sive, but values over 50 are indistinguishable	from one another (once
	 lts exceeds 50% of the	free state leases, one server  must  therefore
	 have  100% of the leases in its respective free state).  It is	recom-
	 mended	to select a max-lease-ownership	value that is lower  than  the
	 value	selected for the max-lease-misbalance value.  max-lease-owner-
	 ship defaults to 10, and max-lease-misbalance defaults	to 15.

	 Plausible values for the min-balance and max-balance times also range
	 from  0  to  (2^32)-1	(or the	limit of your local time_t value), but
	 default to values 60 and 3600 respectively (to	place  balance	events
	 between 1 minute and 1	hour).

CLIENT CLASSING
       Clients	can be separated into classes, and treated differently depend-
       ing on what class they are in.	This separation	 can  be  done	either
       with  a	conditional  statement,	 or  with a match statement within the
       class declaration.   It is possible to specify a	 limit	on  the	 total
       number  of  clients within a particular class or	subclass that may hold
       leases at one time, and it is possible to specify automatic subclassing
       based on	the contents of	the client packet.

       To  add	clients	 to  classes  based on conditional evaluation, you can
       specify a matching expression in	the class statement:

       class "ras-clients" {
	 match if substring (option dhcp-client-identifier, 1, 3) = "RAS";
       }

       Note that whether you use matching expressions or  add  statements  (or
       both)  to  classify  clients, you must always write a class declaration
       for any class that you use.   If	there will be no match	statement  and
       no  in-scope  statements	 for a class, the declaration should look like
       this:

       class "ras-clients" {
       }

SUBCLASSES
       In addition to classes, it is possible to declare subclasses.   A  sub-
       class is	a class	with the same name as a	regular	class, but with	a spe-
       cific submatch expression which is hashed for quick matching.  This  is
       essentially  a  speed  hack  - the main difference between five classes
       with match expressions and one class with five subclasses  is  that  it
       will be quicker to find the subclasses.	 Subclasses work as follows:

       class "allocation-class-1" {
	 match pick-first-value	(option	dhcp-client-identifier,	hardware);
       }

       class "allocation-class-2" {
	 match pick-first-value	(option	dhcp-client-identifier,	hardware);
       }

       subclass	"allocation-class-1" 1:8:0:2b:4c:39:ad;
       subclass	"allocation-class-2" 1:8:0:2b:a9:cc:e3;
       subclass	"allocation-class-1" 1:0:0:c4:aa:29:44;

       subnet 10.0.0.0 netmask 255.255.255.0 {
	 pool {
	   allow members of "allocation-class-1";
	   range 10.0.0.11 10.0.0.50;
	 }
	 pool {
	   allow members of "allocation-class-2";
	   range 10.0.0.51 10.0.0.100;
	 }
       }

       The data	following the class name in the	subclass declaration is	a con-
       stant value to use in matching the  match  expression  for  the	class.
       When class matching is done, the	server will evaluate the match expres-
       sion and	then look the result up	in the hash table.    If  it  finds  a
       match, the client is considered a member	of both	the class and the sub-
       class.

       Subclasses can be declared with or without scope.   In the above	 exam-
       ple,  the  sole purpose of the subclass is to allow some	clients	access
       to one address pool, while other	clients	are given access to the	 other
       pool, so	these subclasses are declared without scopes.	If part	of the
       purpose of the subclass were to define different	parameter  values  for
       some clients, you might want to declare some subclasses with scopes.

       In  the above example, if you had a single client that needed some con-
       figuration parameters, while most didn't, you might write the following
       subclass	declaration for	that client:

       subclass	"allocation-class-2" 1:08:00:2b:a1:11:31 {
	 option	root-path "samsara:/var/diskless/alphapc";
	 filename "/tftpboot/netbsd.alphapc-diskless";
       }

       In  this	 example,  we've  used subclassing as a	way to control address
       allocation on a per-client basis.  However, it's	also possible  to  use
       subclassing  in ways that are not specific to clients - for example, to
       use the value of	the vendor-class-identifier option to  determine  what
       values  to  send	in the vendor-encapsulated-options option.  An example
       of this is shown	under the VENDOR  ENCAPSULATED	OPTIONS	 head  in  the
       dhcp-options(5) manual page.

PER-CLASS LIMITS ON DYNAMIC ADDRESS ALLOCATION
       You may specify a limit to the number of	clients	in a class that	can be
       assigned	leases.	  The effect of	this will be to	make it	difficult  for
       a  new  client in a class to get	an address.   Once a class with	such a
       limit has reached its limit, the	only way a new client  in  that	 class
       can  get	 a  lease  is  for an existing client to relinquish its	lease,
       either by letting it  expire,  or  by  sending  a  DHCPRELEASE  packet.
       Classes with lease limits are specified as follows:

       class "limited-1" {
	 lease limit 4;
       }

       This will produce a class in which a maximum of four members may	hold a
       lease at	one time.

SPAWNING CLASSES
       It is possible to declare a spawning class.   A	spawning  class	 is  a
       class  that  automatically produces subclasses based on what the	client
       sends.	The reason that	spawning classes were created was to  make  it
       possible	 to  create lease-limited classes on the fly.	The envisioned
       application is a	cable-modem environment	where the ISP wishes  to  pro-
       vide  clients  at  a particular site with more than one IP address, but
       does not	wish to	provide	such clients with their	own subnet,  nor  give
       them  an	 unlimited  number of IP addresses from	the network segment to
       which they are connected.

       Many cable modem	head-end systems can be	 configured  to	 add  a	 Relay
       Agent Information option	to DHCP	packets	when relaying them to the DHCP
       server.	 These systems typically add a circuit ID or remote ID	option
       that  uniquely  identifies  the	customer  site.	  To take advantage of
       this, you can write a class declaration as follows:

       class "customer"	{
	 spawn with option agent.circuit-id;
	 lease limit 4;
       }

       Now whenever a request comes in from a customer site,  the  circuit  ID
       option  will be checked against the class's hash	table.	 If a subclass
       is found	that matches the circuit ID, the client	will be	classified  in
       that subclass and treated accordingly.	If no subclass is found	match-
       ing the circuit ID, a new  one  will  be	 created  and  logged  in  the
       dhcpd.leases file, and the client will be classified in this new	class.
       Once the	client has been	classified, it will be	treated	 according  to
       the  rules  of the class, including, in this case, being	subject	to the
       per-site	limit of four leases.

       The use of the subclass spawning	mechanism is not restricted  to	 relay
       agent  options  - this particular example is given only because it is a
       fairly straightforward one.

COMBINING MATCH, MATCH IF AND SPAWN WITH
       In some cases, it may be	useful to  use	one  expression	 to  assign  a
       client  to a particular class, and a second expression to put it	into a
       subclass	of that	class.	 This can be done by combining	the  match  if
       and  spawn with statements, or the match	if and match statements.   For
       example:

       class "jr-cable-modems" {
	 match if option dhcp-vendor-identifier	= "jrcm";
	 spawn with option agent.circuit-id;
	 lease limit 4;
       }

       class "dv-dsl-modems" {
	 match if option dhcp-vendor-identifier	= "dvdsl";
	 spawn with option agent.circuit-id;
	 lease limit 16;
       }

       This allows you to have two classes that	both have the same spawn  with
       expression without getting the clients in the two classes confused with
       each other.

DYNAMIC	DNS UPDATES
       The DHCP	server has the ability to dynamically update the  Domain  Name
       System.	 Within	 the  configuration files, you can define how you want
       the Domain Name System to be updated.  These updates are	RFC 2136  com-
       pliant  so  any DNS server supporting RFC 2136 should be	able to	accept
       updates from the	DHCP server.

       Two DNS update  schemes	are  currently	implemented,  and  another  is
       planned.	   The	two  that  are	currently available are	the ad-hoc DNS
       update mode and the interim DHCP-DNS interaction	draft update mode.  If
       and  when  the  DHCP-DNS	 interaction draft and the DHCID draft make it
       through the IETF	standards process, there will be a third  mode,	 which
       will  be	the standard DNS update	method.	  The DHCP server must be con-
       figured to use one of the two currently-supported methods, or not to do
       dns  updates.	This can be done with the ddns-update-style configura-
       tion parameter.

THE AD-HOC DNS UPDATE SCHEME
       The ad-hoc Dynamic DNS update scheme is now  deprecated	and  does  not
       work.   In future releases of the ISC DHCP server, this scheme will not
       likely be available.  The interim scheme	works,	allows	for  failover,
       and  should  now	 be  used.  The	following description is left here for
       informational purposes only.

       The ad-hoc Dynamic DNS update scheme implemented	in this	version	of the
       ISC  DHCP  server is a prototype	design,	which does not have much to do
       with the	standard update	method that is being standardized in the  IETF
       DHC  working  group, but	rather implements some very basic, yet useful,
       update capabilities.   This mode	does not work with the failover	proto-
       col  because  it	 does not account for the possibility of two different
       DHCP servers updating the same set of DNS records.

       For the ad-hoc DNS update method, the client's FQDN is derived  in  two
       parts.	 First,	the hostname is	determined.   Then, the	domain name is
       determined, and appended	to the hostname.

       The DHCP	server determines the client's hostname	by first looking for a
       ddns-hostname  configuration  option,  and using	that if	it is present.
       If no such option is present, the server	looks for a valid hostname  in
       the  FQDN option	sent by	the client.  If	one is found, it is used; oth-
       erwise, if the client sent a host-name option, that  is	used.	Other-
       wise,  if  there	 is a host declaration that applies to the client, the
       name from that declaration will be used.	 If none of these applies, the
       server will not have a hostname for the client, and will	not be able to
       do a DNS	update.

       The domain name is determined from  the	ddns-domainname	 configuration
       option.	The default configuration for this option is:

	 option	server.ddns-domainname = config-option domain-name;

       So  if this configuration option	is not configured to a different value
       (over-riding the	above default),	or if a	 domain-name  option  has  not
       been  configured	 for  the  client's  scope,  then  the server will not
       attempt to perform a DNS	update.

       The client's fully-qualified domain name, derived as we have described,
       is  used	 as  the  name	on  which an "A" record	will be	stored.	 The A
       record will contain the IP address that the client was assigned in  its
       lease.	 If there is already an	A record with the same name in the DNS
       server, no update of either the A or PTR	records	will occur - this pre-
       vents a client from claiming that its hostname is the name of some net-
       work  server.	For  example,  if  you	have   a   fileserver	called
       "fs.sneedville.edu", and	the client claims its hostname is "fs",	no DNS
       update will be done for that client,  and  an  error  message  will  be
       logged.

       If  the	A record update	succeeds, a PTR	record update for the assigned
       IP address will be done,	pointing to the	A  record.    This  update  is
       unconditional  -	it will	be done	even if	another	PTR record of the same
       name exists.   Since the	IP address  has	 been  assigned	 to  the  DHCP
       server, this should be safe.

       Please note that	the current implementation assumes clients only	have a
       single network interface.   A client with two network  interfaces  will
       see  unpredictable  behavior.	This  is considered a bug, and will be
       fixed in	a later	release.   It may be helpful to	enable the  one-lease-
       per-client  parameter  so that roaming clients do not trigger this same
       behavior.

       The DHCP	protocol normally involves a four-packet exchange - first  the
       client sends a DHCPDISCOVER message, then the server sends a DHCPOFFER,
       then the	client sends a DHCPREQUEST, then the server sends  a  DHCPACK.
       In  the	current	version	of the server, the server will do a DNS	update
       after it	has received the DHCPREQUEST, and before it has	sent the  DHC-
       PACK.	It  only  sends	 the DNS update	if it has not sent one for the
       client's	address	before,	in order to minimize the impact	 on  the  DHCP
       server.

       When the	client's lease expires,	the DHCP server	(if it is operating at
       the time, or when next it operates) will	remove the client's A and  PTR
       records	from  the  DNS database.   If the client releases its lease by
       sending a DHCPRELEASE message, the server will likewise	remove	the  A
       and PTR records.

THE INTERIM DNS	UPDATE SCHEME
       The  interim  DNS  update  scheme  operates mostly according to several
       drafts that are being considered	by the IETF and	are expected to	become
       standards,  but	are  not  yet  standards,  and may not be standardized
       exactly as currently proposed.	These are:

			draft-ietf-dhc-ddns-resolution-??.txt
			  draft-ietf-dhc-fqdn-option-??.txt
			  draft-ietf-dnsext-dhcid-rr-??.txt

       Because our implementation is slightly different	than the standard,  we
       will briefly document the operation of this update style	here.

       The  first  point  to understand	about this style of DNS	update is that
       unlike the ad-hoc style,	the DHCP server	does  not  necessarily	always
       update  both  the  A  and the PTR records.   The	FQDN option includes a
       flag which, when	sent by	the client, indicates that the	client	wishes
       to  update  its own A record.   In that case, the server	can be config-
       ured either to honor the	client's intentions or ignore them.   This  is
       done  with  the statement allow client-updates; or the statement	ignore
       client-updates;.	  By default, client updates are allowed.

       If the server is	configured to allow client updates, then if the	client
       sends a fully-qualified domain name in the FQDN option, the server will
       use that	name the client	sent in	the FQDN  option  to  update  the  PTR
       record.	 For example, let us say that the client is a visitor from the
       "radish.org" domain, whose hostname is "jschmoe".   The server  is  for
       the  "example.org"  domain.    The  DHCP	 client	 indicates in the FQDN
       option that its FQDN is "jschmoe.radish.org.".	It also	indicates that
       it  wants  to update its	own A record.	The DHCP server	therefore does
       not attempt to set up an	A record for the client, but does set up a PTR
       record  for  the	 IP  address  that  it assigns the client, pointing at
       jschmoe.radish.org.   Once the DHCP client has an IP  address,  it  can
       update its own A	record,	assuming that the "radish.org" DNS server will
       allow it	to do so.

       If the server is	configured not to allow	 client	 updates,  or  if  the
       client doesn't want to do its own update, the server will simply	choose
       a name for the client from either the fqdn option (if present)  or  the
       hostname	 option	(if present).  It will use its own domain name for the
       client, just as in the ad-hoc update scheme.  It	will then update  both
       the A and PTR record, using the name that it chose for the client.   If
       the client sends	a fully-qualified domain name in the fqdn option,  the
       server  uses only the leftmost part of the domain name -	in the example
       above, "jschmoe"	instead	of "jschmoe.radish.org".

       Further,	if the ignore client-updates;  directive  is  used,  then  the
       server  will  in	addition send a	response in the	DHCP packet, using the
       FQDN Option, that implies to the	client that it should perform its  own
       updates	if it chooses to do so.	 With deny client-updates;, a response
       is sent which indicates the client may not perform updates.

       Also, if	the use-host-decl-names	configuration option is	enabled,  then
       the  host  declaration's	hostname will be used in place of the hostname
       option, and the same rules will apply as	described above.

       The other difference between the	ad-hoc scheme and the  interim	scheme
       is that with the	interim	scheme,	a method is used that allows more than
       one DHCP	server to update the DNS database without accidentally	delet-
       ing  A  records	that shouldn't be deleted nor failing to add A records
       that should be added.   The scheme works	as follows:

       When the	DHCP server issues a client a new lease,  it  creates  a  text
       string  that  is	an MD5 hash over the DHCP client's identification (see
       draft-ietf-dnsext-dhcid-rr-??.txt for details).	 The update adds an  A
       record  with  the name the server chose and a TXT record	containing the
       hashed identifier string	 (hashid).    If  this	update	succeeds,  the
       server is done.

       If  the update fails because the	A record already exists, then the DHCP
       server attempts to add the A record with	the  prerequisite  that	 there
       must be a TXT record in the same	name as	the new	A record, and that TXT
       record's	contents must be equal to hashid.   If this  update  succeeds,
       then  the  client  has its A record and PTR record.   If	it fails, then
       the name	the client has been assigned (or requested)  is	 in  use,  and
       can't  be  used by the client.	At this	point the DHCP server gives up
       trying to do a DNS update for the client	until the client chooses a new
       name.

       The  interim  DNS  update  scheme  is  called  interim for two reasons.
       First, it does not quite	follow the drafts.   The current  versions  of
       the  drafts call	for a new DHCID	RRtype,	but this is not	yet available.
       The interim DNS update scheme uses a TXT	record	instead.    Also,  the
       existing	ddns-resolution	draft calls for	the DHCP server	to put a DHCID
       RR on the PTR record, but the interim update method does	not  do	 this.
       It is our position that this is not useful, and we are working with the
       author in hopes of removing it from the next version of the  draft,  or
       better understanding why	it is considered useful.

       In  addition to these differences, the server also does not update very
       aggressively.  Because each DNS update involves a round trip to the DNS
       server,	there  is a cost associated with doing updates even if they do
       not actually modify the DNS  database.	 So  the  DHCP	server	tracks
       whether	or not it has updated the record in the	past (this information
       is stored on the	lease) and does	not attempt to update records that  it
       thinks it has already updated.

       This  can  lead	to cases where the DHCP	server adds a record, and then
       the record is deleted through some  other  mechanism,  but  the	server
       never  again  updates  the  DNS	because	 it thinks the data is already
       there.	In this	case the data can be removed from  the	lease  through
       operator	 intervention,	and  once  this	has been done, the DNS will be
       updated the next	time the client	renews.

DYNAMIC	DNS UPDATE SECURITY
       When you	set your DNS server up to allow	updates	from the DHCP  server,
       you  may	 be  exposing  it to unauthorized updates.  To avoid this, you
       should use TSIG signatures -  a	method	of  cryptographically  signing
       updates using a shared secret key.   As long as you protect the secrecy
       of this key, your updates should	also be	secure.	  Note,	however,  that
       the  DHCP  protocol  itself  provides no	security, and that clients can
       therefore provide information to	the DHCP server	which the DHCP	server
       will  then  use	in  its	updates, with the constraints described	previ-
       ously.

       The DNS server must be configured to allow updates for  any  zone  that
       the DHCP	server will be updating.  For example, let us say that clients
       in  the	sneedville.edu	domain	will  be  assigned  addresses  on  the
       10.10.17.0/24  subnet.	In  that case, you will	need a key declaration
       for the TSIG key	you will be using, and also two	 zone  declarations  -
       one  for	the zone containing A records that will	be updates and one for
       the zone	containing PTR records - for ISC BIND, something like this:

       key DHCP_UPDATER	{
	 algorithm HMAC-MD5.SIG-ALG.REG.INT;
	 secret	pRP5FapFoJ95JEL06sv4PQ==;
       };

       zone "example.org" {
	    type master;
	    file "example.org.db";
	    allow-update { key DHCP_UPDATER; };
       };

       zone "17.10.10.in-addr.arpa" {
	    type master;
	    file "10.10.17.db";
	    allow-update { key DHCP_UPDATER; };
       };

       You will	also have to configure your DHCP server	to do updates to these
       zones.	 To  do	 so,  you  need	 to  add  something  like this to your
       dhcpd.conf file:

       key DHCP_UPDATER	{
	 algorithm HMAC-MD5.SIG-ALG.REG.INT;
	 secret	pRP5FapFoJ95JEL06sv4PQ==;
       };

       zone EXAMPLE.ORG. {
	 primary 127.0.0.1;
	 key DHCP_UPDATER;
       }

       zone 17.127.10.in-addr.arpa. {
	 primary 127.0.0.1;
	 key DHCP_UPDATER;
       }

       The primary statement specifies the IP address of the name server whose
       zone information	is to be updated.

       Note that the zone declarations have to correspond to authority records
       in your name server - in	the above example, there must be an SOA	record
       for  "example.org." and for "17.10.10.in-addr.arpa.".   For example, if
       there were a subdomain "foo.example.org"	 with  no  separate  SOA,  you
       could not write a zone declaration for "foo.example.org."  Also keep in
       mind that zone names in your DHCP configuration should end  in  a  ".";
       this  is	 the  preferred	syntax.	 If you	do not end your	zone name in a
       ".", the	DHCP server will figure	it out.	 Also note that	 in  the  DHCP
       configuration,  zone  names  are	not encapsulated in quotes where there
       are in the DNS configuration.

       You should choose your own secret key, of course.  The ISC BIND 8 and 9
       distributions  come  with  a  program for generating secret keys	called
       dnssec-keygen.  The version that	comes with BIND	9 is likely to produce
       a  substantially	more random key, so we recommend you use that one even
       if you are not using BIND 9 as your DNS server.	If you are using  BIND
       9's dnssec-keygen, the above key	would be created as follows:

	    dnssec-keygen -a HMAC-MD5 -b 128 -n	USER DHCP_UPDATER

       If  you	are  using the BIND 8 dnskeygen	program, the following command
       will generate a key as seen above:

	    dnskeygen -H 128 -u	-c -n DHCP_UPDATER

       You may wish to enable logging of DNS updates on	your DNS  server.   To
       do so, you might	write a	logging	statement like the following:

       logging {
	    channel update_debug {
		 file "/var/log/update-debug.log";
		 severity  debug 3;
		 print-category	yes;
		 print-severity	yes;
		 print-time	yes;
	    };
	    channel security_info    {
		 file "/var/log/named-auth.info";
		 severity  info;
		 print-category	yes;
		 print-severity	yes;
		 print-time	yes;
	    };

	    category update { update_debug; };
	    category security {	security_info; };
       };

       You  must  create  the  /var/log/named-auth.info	 and  /var/log/update-
       debug.log files before starting the name	server.	  For more information
       on configuring ISC BIND,	consult	the documentation that accompanies it.

REFERENCE: EVENTS
       There  are three	kinds of events	that can happen	regarding a lease, and
       it is possible to declare statements  that  occur  when	any  of	 these
       events happen.	These events are the commit event, when	the server has
       made a commitment of a certain lease to a client,  the  release	event,
       when  the  client  has released the server from its commitment, and the
       expiry event, when the commitment expires.

       To declare a set	of statements to execute when an  event	 happens,  you
       must  use the on	statement, followed by the name	of the event, followed
       by a series of statements to execute when the event  happens,  enclosed
       in  braces.    Events  are used to implement DNS	updates, so you	should
       not define your own event handlers if you are using  the	 built-in  DNS
       update mechanism.

       The  built-in  version  of the DNS update mechanism is in a text	string
       towards the top of server/dhcpd.c.   If you  want  to  use  events  for
       things  other than DNS updates, and you also want DNS updates, you will
       have to start out by copying this code into your	 dhcpd.conf  file  and
       modifying it.

REFERENCE: DECLARATIONS
       The include statement

	include	"filename";

       The  include statement is used to read in a named file, and process the
       contents	of that	file as	though it were entered in place	of the include
       statement.

       The shared-network statement

	shared-network name {
	  [ parameters ]
	  [ declarations ]
	}

       The  shared-network  statement  is  used	to inform the DHCP server that
       some IP subnets actually	share the same physical	network.  Any  subnets
       in  a  shared network should be declared	within a shared-network	state-
       ment.  Parameters specified in the  shared-network  statement  will  be
       used  when  booting clients on those subnets unless parameters provided
       at the subnet or	host level override them.  If any subnet in  a	shared
       network has addresses available for dynamic allocation, those addresses
       are collected into a common pool	for that shared	network	 and  assigned
       to  clients  as needed.	There is no way	to distinguish on which	subnet
       of a shared network a client should boot.

       Name should be the name of the shared network.	This name is used when
       printing	debugging messages, so it should be descriptive	for the	shared
       network.	  The name  may	 have  the  syntax  of	a  valid  domain  name
       (although  it  will  never be used as such), or it may be any arbitrary
       name, enclosed in quotes.

       The subnet statement

	subnet subnet-number netmask netmask {
	  [ parameters ]
	  [ declarations ]
	}

       The subnet statement is used to provide dhcpd with  enough  information
       to tell whether or not an IP address is on that subnet.	It may also be
       used  to	 provide  subnet-specific  parameters  and  to	specify	  what
       addresses  may be dynamically allocated to clients booting on that sub-
       net.   Such addresses are specified using the range declaration.

       The subnet-number should	be an IP address or domain name	which resolves
       to  the	subnet	number	of  the	 subnet	being described.   The netmask
       should be an IP address or domain name which  resolves  to  the	subnet
       mask  of	the subnet being described.   The subnet number, together with
       the netmask, are	sufficient to determine	whether	any given  IP  address
       is on the specified subnet.

       Although	 a  netmask must be given with every subnet declaration, it is
       recommended that	if there is any	variance in subnet masks at a site,  a
       subnet-mask  option statement be	used in	each subnet declaration	to set
       the desired subnet mask,	since any subnet-mask  option  statement  will
       override	the subnet mask	declared in the	subnet statement.

       The subnet6 statement

	subnet6	subnet6-number {
	  [ parameters ]
	  [ declarations ]
	}

       The  subnet6 statement is used to provide dhcpd with enough information
       to tell whether or not an IPv6 address is on that subnet6.  It may also
       be  used	 to  provide  subnet-specific  parameters  and to specify what
       addresses may be	dynamically allocated to clients booting on that  sub-
       net.

       The  subnet6-number  should be an IPv6 network identifier, specified as
       ip6-address/bits.

       The range statement

       range [ dynamic-bootp ] low-address [ high-address];

       For any subnet on which addresses will be assigned  dynamically,	 there
       must  be	 at least one range statement.	 The range statement gives the
       lowest and highest IP addresses in a range.   All IP addresses  in  the
       range should be in the subnet in	which the range	statement is declared.
       The dynamic-bootp flag may be specified if addresses in	the  specified
       range  may  be  dynamically  assigned  to BOOTP clients as well as DHCP
       clients.	  When specifying a single address, high-address can be	 omit-
       ted.

       The range6 statement

       range6 low-address high-address;
       range6 subnet6-number;
       range6 subnet6-number temporary;
       range6 address temporary;

       For  any	 IPv6 subnet6 on which addresses will be assigned dynamically,
       there must be at	least one range6 statement. The	range6	statement  can
       either  be  the	lowest	and highest IPv6 addresses in a	range6,	or use
       CIDR notation, specified	as ip6-address/bits. All IP addresses  in  the
       range6  should  be  in  the  subnet6  in	 which the range6 statement is
       declared.

       The temporay variant makes the prefix (by default on 64 bits) available
       for  temporary  (RFC  4941)  addresses. A new address per prefix	in the
       shared network is computed  at  each  request  with  an	IA_TA  option.
       Release and Confirm ignores temporary addresses.

       Any IPv6	addresses given	to hosts with fixed-address6 are excluded from
       the range6, as are IPv6 addresses on the	server itself.

       The prefix6 statement

       prefix6 low-address high-address	/ bits;

       The prefix6 is the range6 equivalent for	Prefix Delegation (RFC	3633).
       Prefixes	 of  bits  length  are	assigned between low-address and high-
       address.

       Any IPv6	prefixes given to static entries  (hosts)  with	 fixed-prefix6
       are excluded from the prefix6.

       This  statement is currently global but it should have a	shared-network
       scope.

       The host	statement

	host hostname {
	  [ parameters ]
	  [ declarations ]
	}

       The host	declaration provides a scope in	which to provide configuration
       information  about a specific client, and also provides a way to	assign
       a client	a fixed	address.  The host declaration provides	a way for  the
       DHCP  server  to	 identify  a  DHCP  or BOOTP client, and also a	way to
       assign the client a static IP address.

       If it is	desirable to be	able to	boot a DHCP or BOOTP  client  on  more
       than  one  subnet  with	fixed  addresses, more than one	address	may be
       specified in the	fixed-address  declaration,  or	 more  than  one  host
       statement may be	specified matching the same client.

       If  client-specific boot	parameters must	change based on	the network to
       which the client	is attached, then multiple host	declarations should be
       used.   The  host declarations will only	match a	client if one of their
       fixed-address statements	is viable on the subnet	 (or  shared  network)
       where  the  client  is attached.	 Conversely, for a host	declaration to
       match a client being allocated a	dynamic	address, it must not have  any
       fixed-address  statements.   You	 may  therefore	need a mixture of host
       declarations for	any given client...some	 having	 fixed-address	state-
       ments, others without.

       hostname	 should	 be a name identifying the host.  If a hostname	option
       is not specified	for the	host, hostname is used.

       Host declarations are matched to	actual DHCP or BOOTP clients by	match-
       ing the dhcp-client-identifier option specified in the host declaration
       to the one supplied by the client, or, if the host declaration  or  the
       client  does  not  provide a dhcp-client-identifier option, by matching
       the hardware parameter in the host declaration to the network  hardware
       address supplied	by the client.	 BOOTP clients do not normally provide
       a dhcp-client-identifier, so the	hardware address must be used for  all
       clients that may	boot using the BOOTP protocol.

       DHCPv6 servers can use the host-identifier option parameter in the host
       declaration, and	specify	any option with	 a  fixed  value  to  identify
       hosts.

       Please  be  aware  that	only the dhcp-client-identifier	option and the
       hardware	address	can be used to match a host declaration, or the	 host-
       identifier  option  parameter  for DHCPv6 servers.   For	example, it is
       not possible to match a host declaration	to a host-name option.	  This
       is  because  the	host-name option cannot	be guaranteed to be unique for
       any given client, whereas both the hardware  address  and  dhcp-client-
       identifier option are at	least theoretically guaranteed to be unique to
       a given client.

       The group statement

	group {
	  [ parameters ]
	  [ declarations ]
	}

       The group statement is used simply to apply one or more parameters to a
       group  of  declarations.	   It  can be used to group hosts, shared net-
       works, subnets, or even other groups.

REFERENCE: ALLOW AND DENY
       The allow and deny statements can be used to control  the  response  of
       the  DHCP server	to various sorts of requests.  The allow and deny key-
       words actually have different meanings depending	on the context.	 In  a
       pool  context,  these  keywords	can be used to set up access lists for
       address allocation pools.  In other contexts, the keywords simply  con-
       trol  general  server  behavior with respect to clients based on	scope.
       In a non-pool context, the ignore keyword can be	used in	place  of  the
       deny keyword to prevent logging of denied requests.

ALLOW DENY AND IGNORE IN SCOPE
       The following usages of allow and deny will work	in any scope, although
       it is not recommended that they be used in pool declarations.

       The unknown-clients keyword

	allow unknown-clients;
	deny unknown-clients;
	ignore unknown-clients;

       The unknown-clients flag	is used	to tell	dhcpd whether or not to	dynam-
       ically  assign  addresses to unknown clients.   Dynamic address assign-
       ment to unknown clients is allowed by default.  An  unknown  client  is
       simply a	client that has	no host	declaration.

       The  use	 of  this  option  is  now  deprecated.	  If you are trying to
       restrict	access on your network to known	clients, you should  use  deny
       unknown-clients;	 inside	 of  your address pool,	as described under the
       heading ALLOW AND DENY WITHIN POOL DECLARATIONS.

       The bootp keyword

	allow bootp;
	deny bootp;
	ignore bootp;

       The bootp flag is used to tell dhcpd whether or not to respond to bootp
       queries.	 Bootp queries are allowed by default.

       This  option  does  not	satisfy	 the requirement of failover peers for
       denying dynamic bootp clients.  The deny	dynamic	bootp clients;	option
       should be used instead. See the ALLOW AND DENY WITHIN POOL DECLARATIONS
       section of this man page	for more details.

       The booting keyword

	allow booting;
	deny booting;
	ignore booting;

       The booting flag	is used	to tell	dhcpd whether or  not  to  respond  to
       queries	from  a	particular client.  This keyword only has meaning when
       it appears in a host declaration.   By default, booting is allowed, but
       if it is	disabled for a particular client, then that client will	not be
       able to get an address from the DHCP server.

       The duplicates keyword

	allow duplicates;
	deny duplicates;

       Host declarations can match client messages based on  the  DHCP	Client
       Identifier  option  or  based on	the client's network hardware type and
       MAC address.   If the MAC address is used, the  host  declaration  will
       match  any  client  with	that MAC address - even	clients	with different
       client identifiers.   This doesn't normally  happen,  but  is  possible
       when  one computer has more than	one operating system installed on it -
       for example, Microsoft Windows and NetBSD or Linux.

       The duplicates flag tells the DHCP server that if a request is received
       from  a	client that matches the	MAC address of a host declaration, any
       other leases matching that MAC  address	should	be  discarded  by  the
       server,	even  if the UID is not	the same.   This is a violation	of the
       DHCP protocol, but can prevent clients whose client identifiers	change
       regularly  from	holding	 many  leases  at  the same time.  By default,
       duplicates are allowed.

       The declines keyword

	allow declines;
	deny declines;
	ignore declines;

       The DHCPDECLINE message is used by DHCP clients to  indicate  that  the
       lease the server	has offered is not valid.   When the server receives a
       DHCPDECLINE  for	 a  particular	address,  it  normally	abandons  that
       address,	 assuming that some unauthorized system	is using it.  Unfortu-
       nately, a malicious or buggy client can,	 using	DHCPDECLINE  messages,
       completely exhaust the DHCP server's allocation pool.   The server will
       reclaim these leases, but while the client is running through the pool,
       it  may	cause serious thrashing	in the DNS, and	it will	also cause the
       DHCP server to forget old DHCP client address allocations.

       The declines flag tells the DHCP	server whether or not to honor DHCPDE-
       CLINE messages.	 If it is set to deny or ignore	in a particular	scope,
       the DHCP	server will not	respond	to DHCPDECLINE messages.

       The client-updates keyword

	allow client-updates;
	deny client-updates;

       The client-updates flag tells the DHCP server whether or	not  to	 honor
       the  client's  intention	to do its own update of	its A record.  This is
       only relevant when doing	interim	DNS updates.   See  the	 documentation
       under the heading THE INTERIM DNS UPDATE	SCHEME for details.

       The leasequery keyword

	allow leasequery;
	deny leasequery;

       The leasequery flag tells the DHCP server whether or not	to answer DHC-
       PLEASEQUERY packets. The	answer to  a  DHCPLEASEQUERY  packet  includes
       information about a specific lease, such	as when	it was issued and when
       it will expire. By default, the server will not respond to these	 pack-
       ets.

ALLOW AND DENY WITHIN POOL DECLARATIONS
       The  uses  of the allow and deny	keywords shown in the previous section
       work pretty much	the same way whether the client	is sending a  DHCPDIS-
       COVER  or  a  DHCPREQUEST message - an address will be allocated	to the
       client (either the old address it's requesting, or a new	 address)  and
       then  that address will be tested to see	if it's	okay to	let the	client
       have it.	  If the client	requested it, and it's not  okay,  the	server
       will  send  a  DHCPNAK message.	 Otherwise, the	server will simply not
       respond to the client.	If it is okay  to  give	 the  address  to  the
       client, the server will send a DHCPACK message.

       The  primary  motivation	 behind	 pool  declarations is to have address
       allocation pools	whose allocation policies are  different.    A	client
       may be denied access to one pool, but allowed access to another pool on
       the same	network	segment.   In order for	this to	work,  access  control
       has  to be done during address allocation, not after address allocation
       is done.

       When a DHCPREQUEST message is processed,	address	allocation simply con-
       sists  of looking up the	address	the client is requesting and seeing if
       it's still available for	the client.  If	it is, then  the  DHCP	server
       checks  both  the  address  pool	permit lists and the relevant in-scope
       allow and deny statements to see	if it's	okay to	give the lease to  the
       client.	 In the	case of	a DHCPDISCOVER message,	the allocation process
       is done as described previously in the ADDRESS ALLOCATION section.

       When declaring permit lists for address allocation pools, the following
       syntaxes	are recognized following the allow or deny keywords:

	known-clients;

       If  specified, this statement either allows or prevents allocation from
       this pool to any	client that has	a host declaration (i.e.,  is  known).
       A  client  is known if it has a host declaration	in any scope, not just
       the current scope.

	unknown-clients;

       If specified, this statement either allows or prevents allocation  from
       this  pool  to  any  client  that has no	host declaration (i.e.,	is not
       known).

	members	of "class";

       If specified, this statement either allows or prevents allocation  from
       this pool to any	client that is a member	of the named class.

	dynamic	bootp clients;

       If  specified, this statement either allows or prevents allocation from
       this pool to any	bootp client.

	authenticated clients;

       If specified, this statement either allows or prevents allocation  from
       this  pool  to  any  client  that has been authenticated	using the DHCP
       authentication protocol.	  This is not yet supported.

	unauthenticated	clients;

       If specified, this statement either allows or prevents allocation  from
       this  pool to any client	that has not been authenticated	using the DHCP
       authentication protocol.	  This is not yet supported.

	all clients;

       If specified, this statement either allows or prevents allocation  from
       this  pool  to all clients.   This can be used when you want to write a
       pool declaration	for some reason, but hold it in	reserve, or  when  you
       want  to	 renumber  your	 network  quickly, and thus want the server to
       force all clients that have been	allocated addresses from this pool  to
       obtain new addresses immediately	when they next renew.

	after time;

       If  specified, this statement either allows or prevents allocation from
       this pool after a given date. This can be used when you	want  to  move
       clients	from one pool to another. The server adjusts the regular lease
       time so that the	latest expiry time is  at  the	given  time+min-lease-
       time.   A short min-lease-time enforces a step change, whereas a	longer
       min-lease-time allows for a gradual  change.   time  is	either	second
       since  epoch,  or  a  UTC  time string e.g.  4 2007/08/24 09:14:32 or a
       string with time	zone offset in	seconds	 e.g.  4  2007/08/24  11:14:32
       -7200

REFERENCE: PARAMETERS
       The adaptive-lease-time-threshold statement

	 adaptive-lease-time-threshold percentage;

	 When  the  number  of	allocated leases within	a pool rises above the
	 percentage given in this statement, the  DHCP	server	decreases  the
	 lease	length for new clients within this pool	to min-lease-time sec-
	 onds. Clients renewing	an already valid (long)	leases	get  at	 least
	 the  remaining	 time  from the	current	lease. Since the leases	expire
	 faster, the server may	either recover	more  quickly  or  avoid  pool
	 exhaustion  entirely.	Once the number	of allocated leases drop below
	 the threshold,	the server reverts back	to normal lease	times.	 Valid
	 percentages are between 1 and 99.

       The always-broadcast statement

	 always-broadcast flag;

	 The  DHCP  and	BOOTP protocols	both require DHCP and BOOTP clients to
	 set the broadcast bit in the flags field of the BOOTP message header.
	 Unfortunately,	some DHCP and BOOTP clients do not do this, and	there-
	 fore may not receive responses	 from  the  DHCP  server.    The  DHCP
	 server	 can  be  made to always broadcast its responses to clients by
	 setting this flag to 'on' for the  relevant  scope;  relevant	scopes
	 would	be inside a conditional	statement, as a	parameter for a	class,
	 or as a parameter for a host declaration.   To	avoid creating	excess
	 broadcast traffic on your network, we recommend that you restrict the
	 use of	this option to as few clients as possible.   For example,  the
	 Microsoft  DHCP  client is known not to have this problem, as are the
	 OpenTransport and ISC DHCP clients.

       The always-reply-rfc1048	statement

	 always-reply-rfc1048 flag;

	 Some BOOTP clients expect RFC1048-style responses, but	do not	follow
	 RFC1048  when sending their requests.	 You can tell that a client is
	 having	this problem if	it is not getting the options you have config-
	 ured  for  it	and  if	 you  see in the server	log the	message	"(non-
	 rfc1048)" printed with	each BOOTREQUEST that is logged.

	 If you	want to	send rfc1048 options to	such a client, you can set the
	 always-reply-rfc1048  option  in  that	client's host declaration, and
	 the DHCP server will respond with an  RFC-1048-style  vendor  options
	 field.	   This	 flag  can  be	set  in	any scope, and will affect all
	 clients covered by that scope.

       The authoritative statement

	 authoritative;

	 not authoritative;

	 The DHCP server will normally assume that the configuration  informa-
	 tion  about a given network segment is	not known to be	correct	and is
	 not authoritative.  This is so	that if	a naive	user installs  a  DHCP
	 server	 not fully understanding how to	configure it, it does not send
	 spurious DHCPNAK messages to clients  that  have  obtained  addresses
	 from a	legitimate DHCP	server on the network.

	 Network  administrators  setting  up  authoritative  DHCP servers for
	 their networks	should always write authoritative; at the top of their
	 configuration file to indicate	that the DHCP server should send DHCP-
	 NAK messages to misconfigured clients.	  If this is not done, clients
	 will  be  unable  to  get a correct IP	address	after changing subnets
	 until their old lease has expired, which  could  take	quite  a  long
	 time.

	 Usually,  writing  authoritative; at the top level of the file	should
	 be sufficient.	  However, if a	DHCP server is to be set up so that it
	 is aware of some networks for which it	is authoritative and some net-
	 works for which it is not, it may  be	more  appropriate  to  declare
	 authority on a	per-network-segment basis.

	 Note  that the	most specific scope for	which the concept of authority
	 makes any sense is the	physical network segment -  either  a  shared-
	 network  statement or a subnet	statement that is not contained	within
	 a shared-network statement.  It is not	meaningful to specify that the
	 server	is authoritative for some subnets within a shared network, but
	 not authoritative for others, nor is it meaningful  to	 specify  that
	 the  server  is authoritative for some	host declarations and not oth-
	 ers.

       The boot-unknown-clients	statement

	 boot-unknown-clients flag;

	 If the	boot-unknown-clients statement is present and has a  value  of
	 false	or  off,  then	clients	for which there	is no host declaration
	 will not be allowed to	obtain IP addresses.   If  this	 statement  is
	 not  present  or has a	value of true or on, then clients without host
	 declarations will be allowed to obtain	IP addresses, as long as those
	 addresses  are	 not  restricted  by  allow and	deny statements	within
	 their pool declarations.

       The db-time-format statement

	 db-time-format	[ default | local ] ;

	 The DHCP server software  outputs  several  timestamps	 when  writing
	 leases	 to  persistent	storage.  This configuration parameter selects
	 one of	two output formats.  The default format	prints the day,	 date,
	 and  time  in	UTC, while the local format prints the system seconds-
	 since-epoch, and helpfully provides the day and time  in  the	system
	 timezone  in  a comment.  The time formats are	described in detail in
	 the dhcpd.leases(5) manpage.

       The ddns-hostname statement

	 ddns-hostname name;

	 The name parameter should be the hostname that	will be	used  in  set-
	 ting  up  the	client's  A  and PTR records.	If no ddns-hostname is
	 specified in scope, then the server will derive the hostname automat-
	 ically,  using	 an  algorithm	that  varies for each of the different
	 update	methods.

       The ddns-domainname statement

	 ddns-domainname name;

	 The name parameter should be the domain name that will	be appended to
	 the client's hostname to form a fully-qualified domain-name (FQDN).

       The ddns-rev-domainname statement

	 ddns-rev-domainname  name;  The  name	parameter should be the	domain
	 name that will	be appended to the client's  reversed  IP  address  to
	 produce a name	for use	in the client's	PTR record.   By default, this
	 is "in-addr.arpa.", but the default can be overridden here.

	 The reversed IP address to which this	domain	name  is  appended  is
	 always	 the  IP  address  of  the  client,  in	 dotted	quad notation,
	 reversed - for	example, if the	IP address assigned to the  client  is
	 10.17.92.74,  then  the  reversed  IP	address	is 74.92.17.10.	  So a
	 client	with that IP address would, by default,	be given a PTR	record
	 of 10.17.92.74.in-addr.arpa.

       The ddns-update-style parameter

	 ddns-update-style style;

	 The  style  parameter	must  be  one of ad-hoc, interim or none.  The
	 ddns-update-style statement is	only meaningful	in the outer  scope  -
	 it  is	 evaluated once	after reading the dhcpd.conf file, rather than
	 each time a client is assigned	an IP address, so there	is no  way  to
	 use different DNS update styles for different clients.	The default is
	 none.

       The ddns-updates	statement

	  ddns-updates flag;

	 The ddns-updates parameter controls whether or	not  the  server  will
	 attempt  to  do a DNS update when a lease is confirmed.   Set this to
	 off if	the server should not attempt to do updates within  a  certain
	 scope.	 The ddns-updates parameter is on by default.	To disable DNS
	 updates in all	scopes,	it is preferable to use	the  ddns-update-style
	 statement, setting the	style to none.

       The default-lease-time statement

	 default-lease-time time;

	 Time should be	the length in seconds that will	be assigned to a lease
	 if the	client requesting the lease does not ask for a specific	 expi-
	 ration	 time.	 This is used for both DHCPv4 and DHCPv6 leases	(it is
	 also known as the "valid lifetime" in DHCPv6).	 The default is	 43200
	 seconds.

       The delayed-ack and max-ack-delay statements

	 delayed-ack count; max-ack-delay microseconds;

	 Count should be an integer value from zero to 2^16-1, and defaults to
	 28.  The count	represents how many DHCPv4  replies  maximum  will  be
	 queued	 pending transmission until after a database commit event.  If
	 this number is	reached, a database commit event  (commonly  resulting
	 in  fsync() and representing a	performance penalty) will be made, and
	 the reply packets will	be transmitted in a  batch  afterwards.	  This
	 preserves  the	 RFC2131  direction  that  "stable storage" be updated
	 prior to replying to clients.	Should the  DHCPv4  sockets  "go  dry"
	 (select()  returns  immediately  with no read sockets), the commit is
	 made and any queued packets are transmitted.

	 Similarly, microseconds indicates how many microseconds are permitted
	 to  pass  inbetween queuing a packet pending an fsync,	and performing
	 the fsync.  Valid values range	from 0	to  2^32-1,  and  defaults  to
	 250,000 (1/4 of a second).

	 Please	 note  that  as	 delayed-ack  is  currently  experimental, the
	 delayed-ack feature is	not  compiled  in  by  default,	 but  must  be
	 enabled at compile time with './configure --enable-delayed-ack'.

       The do-forward-updates statement

	 do-forward-updates flag;

	 The  do-forward-updates  statement  instructs	the  DHCP server as to
	 whether it should attempt to update a DHCP client's A record when the
	 client	 acquires  or  renews  a lease.	  This statement has no	effect
	 unless	DNS updates  are  enabled  and	ddns-update-style  is  set  to
	 interim.    Forward  updates are enabled by default.	If this	state-
	 ment is used to disable forward updates, the DHCP server  will	 never
	 attempt  to  update the client's A record, and	will only ever attempt
	 to update the client's	PTR record if the client supplies an FQDN that
	 should	be placed in the PTR record using the fqdn option.  If forward
	 updates are enabled, the DHCP server will still honor the setting  of
	 the client-updates flag.

       The dynamic-bootp-lease-cutoff statement

	 dynamic-bootp-lease-cutoff date;

	 The dynamic-bootp-lease-cutoff	statement sets the ending time for all
	 leases	assigned dynamically to	BOOTP clients.	Because	BOOTP  clients
	 do  not  have	any  way of renewing leases, and don't know that their
	 leases	could expire, by default dhcpd assigns infinite	leases to  all
	 BOOTP	clients.  However, it may make sense in	some situations	to set
	 a cutoff date for all BOOTP leases - for example, the end of a	school
	 term, or the time at night when a facility is closed and all machines
	 are required to be powered off.

	 Date should be	the date on which all assigned BOOTP leases will  end.
	 The date is specified in the form:

				 W YYYY/MM/DD HH:MM:SS

	 W  is the day of the week expressed as	a number from zero (Sunday) to
	 six (Saturday).  YYYY is the year, including the century.  MM is  the
	 month	expressed  as  a  number  from	1 to 12.  DD is	the day	of the
	 month,	counting from 1.  HH is	the hour, from zero to 23.  MM is  the
	 minute	 and SS	is the second.	The time is always in Coordinated Uni-
	 versal	Time (UTC), not	local time.

       The dynamic-bootp-lease-length statement

	 dynamic-bootp-lease-length length;

	 The dynamic-bootp-lease-length	statement is used to set the length of
	 leases	dynamically assigned to	BOOTP clients.	 At some sites,	it may
	 be possible to	assume that a lease is no longer in use	if its	holder
	 has  not  used	BOOTP or DHCP to get its address within	a certain time
	 period.   The period is specified in length as	a number  of  seconds.
	 If  a client reboots using BOOTP during the timeout period, the lease
	 duration is reset to length, so a BOOTP client	that boots  frequently
	 enough	 will  never  lose its lease.  Needless	to say,	this parameter
	 should	be adjusted with extreme caution.

       The filename statement

	 filename "filename";

	 The filename statement	can be used to specify the name	of the initial
	 boot  file which is to	be loaded by a client.	The filename should be
	 a filename recognizable to whatever file transfer protocol the	client
	 can be	expected to use	to load	the file.

       The fixed-address declaration

	 fixed-address address [, address ... ];

	 The  fixed-address declaration	is used	to assign one or more fixed IP
	 addresses to a	client.	 It should only	appear in a host  declaration.
	 If  more than one address is supplied,	then when the client boots, it
	 will be assigned the address that corresponds to the network on which
	 it  is	booting.  If none of the addresses in the fixed-address	state-
	 ment are valid	for the	network	to which the client is connected, that
	 client	 will  not  match  the host declaration	containing that	fixed-
	 address declaration.  Each address in the  fixed-address  declaration
	 should	 be either an IP address or a domain name that resolves	to one
	 or more IP addresses.

       The fixed-address6 declaration

	 fixed-address6	ip6-address ;

	 The fixed-address6  declaration  is  used  to	assign	a  fixed  IPv6
	 addresses to a	client.	 It should only	appear in a host declaration.

       The get-lease-hostnames statement

	 get-lease-hostnames flag;

	 The  get-lease-hostnames  statement  is used to tell dhcpd whether or
	 not to	look up	the domain name	corresponding to  the  IP  address  of
	 each  address	in  the	 lease	pool and use that address for the DHCP
	 hostname option.  If flag is true, then this lookup is	done  for  all
	 addresses in the current scope.   By default, or if flag is false, no
	 lookups are done.

       The hardware statement

	 hardware hardware-type	hardware-address;

	 In order for a	BOOTP client to	be recognized,	its  network  hardware
	 address  must	be declared using a hardware clause in the host	state-
	 ment.	hardware-type must be the name of a physical  hardware	inter-
	 face  type.	Currently,  only the ethernet and token-ring types are
	 recognized, although support for a fddi hardware  type	 (and  others)
	 would	also  be  desirable.   The hardware-address should be a	set of
	 hexadecimal octets (numbers from 0 through ff)	separated  by  colons.
	 The hardware statement	may also be used for DHCP clients.

       The host-identifier option statement

	 host-identifier option	option-name option-data;

	 This  identifies a DHCPv6 client in a host statement.	option-name is
	 any option, and option-data is	the value  for	the  option  that  the
	 client	will send. The option-data must	be a constant value.

       The infinite-is-reserved	statement

	 infinite-is-reserved flag;

	 ISC DHCP now supports 'reserved' leases.  See the section on RESERVED
	 LEASES	below.	If this	flag is	 on,  the  server  will	 automatically
	 reserve  leases  allocated  to	 clients  which	 requested an infinite
	 (0xffffffff) lease-time.

	 The default is	off.

       The lease-file-name statement

	 lease-file-name name;

	 Name should be	the  name  of  the  DHCP  server's  lease  file.    By
	 default,  this	is DBDIR/dhcpd.leases.	 This statement	must appear in
	 the outer scope of the	configuration file - if	 it  appears  in  some
	 other	scope,	it will	have no	effect.	 Furthermore, it has no	effect
	 if overridden by the -lf flag or the PATH_DHCPD_DB environment	 vari-
	 able.

       The limit-addrs-per-ia statement

	 limit-addrs-per-ia number;

	 By default, the DHCPv6	server will limit clients to one IAADDR	per IA
	 option, meaning one address.  If you wish to permit clients  to  hang
	 onto multiple addresses at a time, configure a	larger number here.

	 Note  that  there  is	no  present  method to configure the server to
	 forcibly configure the	client with one	IP address per each subnet  on
	 a shared network.  This is left to future work.

       The dhcpv6-lease-file-name statement

	 dhcpv6-lease-file-name	name;

	 Name  is  the name of the lease file to use if	and only if the	server
	 is running in DHCPv6 mode.  By	default, this is  DBDIR/dhcpd6.leases.
	 This  statement, like lease-file-name,	must appear in the outer scope
	 of the	configuration file.  It	has no effect if overridden by the -lf
	 flag  or  the	PATH_DHCPD6_DB environment variable.  If dhcpv6-lease-
	 file-name is not specified, but lease-file-name is, the latter	 value
	 will be used.

       The local-port statement

	 local-port port;

	 This  statement causes	the DHCP server	to listen for DHCP requests on
	 the UDP port specified	in port, rather	than on	port 67.

       The local-address statement

	 local-address address;

	 This statement	causes the DHCP	server to  listen  for	DHCP  requests
	 sent  to  the	specified  address,  rather  than requests sent	to all
	 addresses.  Since serving directly attached DHCP clients implies that
	 the  server must respond to requests sent to the all-ones IP address,
	 this option cannot be used if clients are on directly	attached  net-
	 works...it  is	 only  realistically  useful  for  a server whose only
	 clients are reached via unicasts, such	as via DHCP relay agents.

	 Note:	This statement is only effective if the	 server	 was  compiled
	 using	the USE_SOCKETS	#define	statement, which is default on a small
	 number	of operating systems, and must be explicitly  chosen  at  com-
	 pile-time for all others.  You	can be sure if your server is compiled
	 with USE_SOCKETS if you see lines of this format at startup:

	  Listening on Socket/eth0

	 Note also that	since this bind()s all DHCP sockets to	the  specified
	 address,  that	 only  one  address  may be supported in a daemon at a
	 given time.

       The log-facility	statement

	 log-facility facility;

	 This statement	causes the DHCP	server to do all of its	logging	on the
	 specified  log	 facility once the dhcpd.conf file has been read.   By
	 default the DHCP server logs to the daemon facility.	 Possible  log
	 facilities  include  auth,  authpriv,	cron,  daemon, ftp, kern, lpr,
	 mail, mark, news, ntp,	 security,  syslog,  user,  uucp,  and	local0
	 through  local7.    Not  all of these facilities are available	on all
	 systems, and there may	be other facilities available  on  other  sys-
	 tems.

	 In  addition  to setting this value, you may need to modify your sys-
	 log.conf file to configure logging of the DHCP	server.	  For example,
	 you might add a line like this:

	      local7.debug /var/log/dhcpd.log

	 The syntax of the syslog.conf file may	be different on	some operating
	 systems - consult the syslog.conf manual page to  be  sure.   To  get
	 syslog	 to  start  logging to the new file, you must first create the
	 file with correct ownership and permissions (usually, the same	 owner
	 and  permissions  of your /var/log/messages or	/usr/adm/messages file
	 should	be fine) and send a SIGHUP to syslogd.	Some  systems  support
	 log  rollover	using  a  shell	 script	or program called newsyslog or
	 logrotate, and	you may	be able	to configure this as well so that your
	 log file doesn't grow uncontrollably.

	 Because  the  log-facility  setting  is  controlled by	the dhcpd.conf
	 file, log messages printed  while  parsing  the  dhcpd.conf  file  or
	 before	parsing	it are logged to the default log facility.  To prevent
	 this, see the README file  included  with  this  distribution,	 which
	 describes  how	to change the default log facility.  When this parame-
	 ter is	used, the DHCP server prints its startup message a second time
	 after parsing the configuration file, so that the log will be as com-
	 plete as possible.

       The max-lease-time statement

	 max-lease-time	time;

	 Time should be	the maximum length in seconds that will	be assigned to
	 a  lease.   If	 not defined, the default maximum lease	time is	86400.
	 The only exception to this is that Dynamic BOOTP lease	lengths, which
	 are not specified by the client, are not limited by this maximum.

       The min-lease-time statement

	 min-lease-time	time;

	 Time should be	the minimum length in seconds that will	be assigned to
	 a lease.  The default is the minimum of  300  seconds	or  max-lease-
	 time.

       The min-secs statement

	 min-secs seconds;

	 Seconds  should be the	minimum	number of seconds since	a client began
	 trying	to acquire a new lease before the DHCP server will respond  to
	 its  request.	 The  number  of  seconds  is based on what the	client
	 reports, and the maximum value	that the client	can report is 255 sec-
	 onds.	 Generally, setting this to one	will result in the DHCP	server
	 not responding	to the client's	first request, but  always  responding
	 to its	second request.

	 This can be used to set up a secondary	DHCP server which never	offers
	 an address to a client	until the primary  server  has	been  given  a
	 chance	 to  do	 so.	If the primary server is down, the client will
	 bind to the secondary server, but  otherwise  clients	should	always
	 bind  to  the primary.	  Note that this does not, by itself, permit a
	 primary server	and a secondary	server to share	a pool of dynamically-
	 allocatable addresses.

       The next-server statement

	 next-server server-name;

	 The  next-server statement is used to specify the host	address	of the
	 server	from which the initial boot file (specified  in	 the  filename
	 statement)  is	 to  be	 loaded.    Server-name	should be a numeric IP
	 address or a domain name.

       The omapi-port statement

	 omapi-port port;

	 The omapi-port	statement causes the DHCP server to listen  for	 OMAPI
	 connections  on  the  specified port.	 This statement	is required to
	 enable	the OMAPI protocol, which is used to examine  and  modify  the
	 state of the DHCP server as it	is running.

       The one-lease-per-client	statement

	 one-lease-per-client flag;

	 If  this flag is enabled, whenever a client sends a DHCPREQUEST for a
	 particular lease, the server will automatically free any other	leases
	 the  client  holds.	This  presumes	that  when  the	client sends a
	 DHCPREQUEST, it has forgotten any lease not mentioned in the  DHCPRE-
	 QUEST	-  i.e., the client has	only a single network interface	and it
	 does not remember leases it's holding on networks to which it is  not
	 currently  attached.	Neither	of these assumptions are guaranteed or
	 provable, so we urge caution in the use of this statement.

       The pid-file-name statement

	 pid-file-name name;

	 Name should be	the name of the	DHCP server's process ID file.	  This
	 is  the file in which the DHCP	server's process ID is stored when the
	 server	starts.	  By default, this  is	RUNDIR/dhcpd.pid.    Like  the
	 lease-file-name  statement,  this  statement must appear in the outer
	 scope of the configuration file.  It has no effect if	overridden  by
	 the -pf flag or the PATH_DHCPD_PID environment	variable.

	 The dhcpv6-pid-file-name statement

	    dhcpv6-pid-file-name name;

	    Name  is the name of the pid file to use if	and only if the	server
	    is running in DHCPv6 mode.	By default, this is  DBDIR/dhcpd6.pid.
	    This statement, like pid-file-name,	must appear in the outer scope
	    of the configuration file.	It has no effect if overridden by  the
	    -pf	  flag	 or  the  PATH_DHCPD6_PID  environment	variable.   If
	    dhcpv6-pid-file-name is not	specified, but pid-file-name  is,  the
	    latter value will be used.

	 The ping-check	statement

	    ping-check flag;

	    When  the  DHCP server is considering dynamically allocating an IP
	    address to a client, it first sends	an ICMP	Echo request (a	 ping)
	    to	the address being assigned.   It waits for a second, and if no
	    ICMP Echo response has been	heard, it assigns the address.	 If  a
	    response is	heard, the lease is abandoned, and the server does not
	    respond to the client.

	    This ping check introduces a default one-second delay in  respond-
	    ing	 to  DHCPDISCOVER  messages,  which  can be a problem for some
	    clients.   The default delay of one	second may be configured using
	    the	 ping-timeout parameter.  The ping-check configuration parame-
	    ter	can be used to control checking	- if its value	is  false,  no
	    ping check is done.

	 The ping-timeout statement

	    ping-timeout seconds;

	    If	the DHCP server	determined it should send an ICMP echo request
	    (a ping) because the ping-check statement  is  true,  ping-timeout
	    allows  you	 to  configure how many	seconds	the DHCP server	should
	    wait for an	ICMP Echo response  to	be  heard,  if	no  ICMP  Echo
	    response  has been received	before the timeout expires, it assigns
	    the	address.  If a response	is heard, the lease is abandoned,  and
	    the	 server	 does  not respond to the client.  If no value is set,
	    ping-timeout defaults to 1 second.

	 The preferred-lifetime	statement

	    preferred-lifetime seconds;

	    IPv6 addresses have	'valid'	and 'preferred'	lifetimes.  The	 valid
	    lifetime  determines  at what point	at lease might be said to have
	    expired, and is no longer useable.	A  preferred  lifetime	is  an
	    advisory  condition	 to  help applications move off	of the address
	    and	onto currently valid addresses (should there still be any open
	    TCP	sockets	or similar).

	    The	preferred lifetime defaults to the renew+rebind	timers,	or 3/4
	    the	default	lease time if none were	specified.

	 The remote-port statement

	    remote-port	port;

	    This statement causes the DHCP server to transmit  DHCP  responses
	    to	DHCP  clients upon the UDP port	specified in port, rather than
	    on port 68.	 In the	event that the UDP response is transmitted  to
	    a  DHCP Relay, the server generally	uses the local-port configura-
	    tion value.	 Should	the DHCP  Relay	 happen	 to  be	 addressed  as
	    127.0.0.1,	however, the DHCP Server transmits its response	to the
	    remote-port	configuration value.  This is  generally  only	useful
	    for	 testing  purposes, and	this configuration value should	gener-
	    ally not be	used.

	 The server-identifier statement

	    server-identifier hostname;

	    The	server-identifier statement can	be used	to  define  the	 value
	    that  is  sent  in	the  DHCP Server Identifier option for a given
	    scope.   The value specified must be an IP address	for  the  DHCP
	    server,  and must be reachable by all clients served by a particu-
	    lar	scope.

	    The	use of the server-identifier statement is  not	recommended  -
	    the	 only  reason  to  use	it  is to force	a value	other than the
	    default value to be	sent on	 occasions  where  the	default	 value
	    would  be  incorrect.    The default value is the first IP address
	    associated with  the  physical  network  interface	on  which  the
	    request arrived.

	    The	 usual	case where the server-identifier statement needs to be
	    sent is when a physical interface has more than  one  IP  address,
	    and	 the  one  being sent by default isn't appropriate for some or
	    all	clients	served by that interface.  Another common case is when
	    an	alias  is  defined  for	 the purpose of	having a consistent IP
	    address for	the DHCP server, and it	is desired  that  the  clients
	    use	this IP	address	when contacting	the server.

	    Supplying a	value for the dhcp-server-identifier option is equiva-
	    lent to using the server-identifier	statement.

	 The server-duid statement

	    server-duid	LLT [ hardware-type timestamp hardware-address ] ;

	    server-duid	EN enterprise-number enterprise-identifier ;

	    server-duid	LL [ hardware-type hardware-address ] ;

	    The	server-duid statement configures the server DUID. You may pick
	    either  LLT	(link local address plus time),	EN (enterprise), or LL
	    (link local).

	    If you choose LLT or LL, you may specify the exact contents	of the
	    DUID.   Otherwise the server will generate a DUID of the specified
	    type.

	    If you choose EN, you must include the enterprise number  and  the
	    enterprise-identifier.

	    The	default	server-duid type is LLT.

	 The server-name statement

	    server-name	name ;

	    The	 server-name statement can be used to inform the client	of the
	    name of the	server from which it is	booting.   Name	should be  the
	    name that will be provided to the client.

	 The site-option-space statement

	    site-option-space name ;

	    The	site-option-space statement can	be used	to determine from what
	    option space site-local options will be taken.   This can be  used
	    in	much the same way as the vendor-option-space statement.	 Site-
	    local options in DHCP are those options whose  numeric  codes  are
	    greater  than  224.	  These	options	are intended for site-specific
	    uses, but are frequently used by vendors of	embedded hardware that
	    contains  DHCP  clients.   Because site-specific options are allo-
	    cated on an	ad hoc basis, it is quite possible that	 one  vendor's
	    DHCP  client  might	use the	same option code that another vendor's
	    client  uses,  for	different  purposes.	The  site-option-space
	    option  can	 be  used  to  assign a	different set of site-specific
	    options for	each such vendor, using	 conditional  evaluation  (see
	    dhcp-eval (5) for details).

	 The stash-agent-options statement

	    stash-agent-options	flag;

	    If	the  stash-agent-options parameter is true for a given client,
	    the	server will record the relay agent  information	 options  sent
	    during  the	 client's  initial DHCPREQUEST message when the	client
	    was	in the SELECTING state and behave  as  if  those  options  are
	    included in	all subsequent DHCPREQUEST messages sent in the	RENEW-
	    ING	state.	 This works around a problem with relay	agent informa-
	    tion options, which	is that	they usually not appear	in DHCPREQUEST
	    messages sent by the client	in the RENEWING	 state,	 because  such
	    messages are unicast directly to the server	and not	sent through a
	    relay agent.

	 The update-conflict-detection statement

	    update-conflict-detection flag;

	    If the update-conflict-detection parameter	is  true,  the	server
	    will  perform  standard  DHCID  multiple-client, one-name conflict
	    detection.	If the parameter has been set false, the  server  will
	    skip this check and	instead	simply tear down any previous bindings
	    to install the new binding without question.  The default is true.

	 The update-optimization statement

	    update-optimization	flag;

	    If the update-optimization parameter is false for a	given  client,
	    the	server will attempt a DNS update for that client each time the
	    client renews its lease, rather than  only	attempting  an	update
	    when it appears to be necessary.   This will allow the DNS to heal
	    from database inconsistencies more easily, but the	cost  is  that
	    the	 DHCP  server  must  do	 many more DNS updates.	  We recommend
	    leaving this option	enabled, which is the  default.	  This	option
	    only  affects  the	behavior of the	interim	DNS update scheme, and
	    has	no effect on the ad-hoc	DNS update scheme.   If	this parameter
	    is	not  specified,	 or  is	true, the DHCP server will only	update
	    when the client information	changes, the client gets  a  different
	    lease, or the client's lease expires.

	 The update-static-leases statement

	    update-static-leases flag;

	    The	 update-static-leases flag, if enabled,	causes the DHCP	server
	    to do DNS updates for clients even	if  those  clients  are	 being
	    assigned  their  IP	address	using a	fixed-address statement	- that
	    is,	the client is being given a static assignment.	 This can only
	    work  with	the interim DNS	update scheme.	 It is not recommended
	    because the	DHCP server has	no way to tell	that  the  update  has
	    been done, and therefore will not delete the record	when it	is not
	    in use.   Also, the	server must attempt the	update each  time  the
	    client  renews  its	 lease,	which could have a significant perfor-
	    mance impact in environments that place heavy demands on the  DHCP
	    server.

	 The use-host-decl-names statement

	    use-host-decl-names	flag;

	    If	the  use-host-decl-names  parameter  is	true in	a given	scope,
	    then for every host	declaration within that	scope, the  name  pro-
	    vided  for	the host declaration will be supplied to the client as
	    its	hostname.   So,	for example,

		group {
		  use-host-decl-names on;

		  host joe {
		    hardware ethernet 08:00:2b:4c:29:32;
		    fixed-address joe.fugue.com;
		  }
		}

	    is equivalent to

		  host joe {
		    hardware ethernet 08:00:2b:4c:29:32;
		    fixed-address joe.fugue.com;
		    option host-name "joe";
		  }

	    An option host-name	statement within a host	declaration will over-
	    ride the use of the	name in	the host declaration.

	    It	should	be noted here that most	DHCP clients completely	ignore
	    the	host-name option sent by the DHCP server, and there is no  way
	    to configure them not to do	this.	So you generally have a	choice
	    of either not having any hostname to  client  IP  address  mapping
	    that  the  client  will  recognize,	 or doing DNS updates.	 It is
	    beyond the scope of	this document to describe  how	to  make  this
	    determination.

	 The use-lease-addr-for-default-route statement

	    use-lease-addr-for-default-route flag;

	    If	the  use-lease-addr-for-default-route  parameter  is true in a
	    given scope, then instead of sending the value  specified  in  the
	    routers option (or sending no value	at all), the IP	address	of the
	    lease being	assigned is sent  to  the  client.    This  supposedly
	    causes  Win95  machines  to	ARP for	all IP addresses, which	can be
	    helpful if your router is configured for proxy ARP.	  The  use  of
	    this  feature  is  not recommended,	because	it won't work for many
	    DHCP clients.

	 The vendor-option-space statement

	    vendor-option-space	string;

	    The	vendor-option-space  parameter	determines  from  what	option
	    space  vendor  options  are	taken.	 The use of this configuration
	    parameter is illustrated in	the dhcp-options(5)  manual  page,  in
	    the	VENDOR ENCAPSULATED OPTIONS section.

SETTING	PARAMETER VALUES USING EXPRESSIONS
       Sometimes  it's	helpful	 to  be	able to	set the	value of a DHCP	server
       parameter based on some value that the client has sent.	 To  do	 this,
       you  can	 use  expression  evaluation.	 The  dhcp-eval(5) manual page
       describes how to	write expressions.   To	assign the result of an	evalu-
       ation to	an option, define the option as	follows:

	 my-parameter =	expression ;

       For example:

	 ddns-hostname = binary-to-ascii (16, 8, "-",
					  substring (hardware, 1, 6));

RESERVED LEASES
       It's  often  useful to allocate a single	address	to a single client, in
       approximate perpetuity.	Host  statements  with	fixed-address  clauses
       exist  to  a  certain  extent  to  serve	this purpose, but because host
       statements are intended to  approximate	'static	 configuration',  they
       suffer from not being referenced	in a littany of	other Server Services,
       such as dynamic DNS, failover, 'on events' and so forth.

       If a standard dynamic lease, as from any	 range	statement,  is	marked
       'reserved', then	the server will	only allocate this lease to the	client
       it is identified	by (be that by client identifier or hardware address).

       In practice, this means that the	lease follows the normal state engine,
       enters  ACTIVE  state  when  the	 client	is bound to it,	expires, or is
       released, and any events	or services that would	normally  be  supplied
       during  these  events are processed normally, as	with any other dynamic
       lease.  The only	difference is that  failover  servers  treat  reserved
       leases  as  special  when  they	enter the FREE or BACKUP states	- each
       server applies the lease	into the state it may allocate from - and  the
       leases  are  not	 placed	 on the	queue for allocation to	other clients.
       Instead they may	only be	'found'	by client  identity.   The  result  is
       that the	lease is only offered to the returning client.

       Care  should  probably  be taken	to ensure that the client only has one
       lease within a given subnet that	it is identified by.

       Leases may be set 'reserved'  either  through  OMAPI,  or  through  the
       'infinite-is-reserved'  configuration  option (if this is applicable to
       your environment	and mixture of clients).

       It should also be noted that leases marked 'reserved'  are  effectively
       treated the same	as leases marked 'bootp'.

REFERENCE: OPTION STATEMENTS
       DHCP  option  statements	 are  documented in the	dhcp-options(5)	manual
       page.

REFERENCE: EXPRESSIONS
       Expressions used	in DHCP	option statements and elsewhere	are documented
       in the dhcp-eval(5) manual page.

SEE ALSO
       dhcpd(8),   dhcpd.leases(5),  dhcp-options(5),  dhcp-eval(5),  RFC2132,
       RFC2131.

AUTHOR
       dhcpd.conf(5) was written by Ted	Lemon  under  a	 contract  with	 Vixie
       Labs.	Funding	for this project was provided by Internet Systems Con-
       sortium.	 Information about Internet Systems Consortium can be found at
       https://www.isc.org.

								 dhcpd.conf(5)

NAME | DESCRIPTION | EXAMPLES | ADDRESS POOLS | DYNAMIC ADDRESS ALLOCATION | IP ADDRESS CONFLICT PREVENTION | DHCP FAILOVER | FAILOVER STARTUP | CONFIGURING FAILOVER | CLIENT CLASSING | SUBCLASSES | PER-CLASS LIMITS ON DYNAMIC ADDRESS ALLOCATION | SPAWNING CLASSES | COMBINING MATCH, MATCH IF AND SPAWN WITH | DYNAMIC DNS UPDATES | THE AD-HOC DNS UPDATE SCHEME | THE INTERIM DNS UPDATE SCHEME | DYNAMIC DNS UPDATE SECURITY | REFERENCE: EVENTS | REFERENCE: DECLARATIONS | REFERENCE: ALLOW AND DENY | ALLOW DENY AND IGNORE IN SCOPE | ALLOW AND DENY WITHIN POOL DECLARATIONS | REFERENCE: PARAMETERS | SETTING PARAMETER VALUES USING EXPRESSIONS | RESERVED LEASES | REFERENCE: OPTION STATEMENTS | REFERENCE: EXPRESSIONS | SEE ALSO | AUTHOR

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=dhcpd.conf&sektion=5&manpath=FreeBSD+8.2-RELEASE+and+Ports>

home | help