xref: /openbsd-src/usr.sbin/dhcpd/dhcpd.conf.5 (revision 2b0358df1d88d06ef4139321dd05bd5e05d91eaf) 
1.\"	$OpenBSD: dhcpd.conf.5,v 1.8 2009/02/01 10:48:57 sobrado Exp $
2.\"
3.\" Copyright (c) 1995, 1996, 1997, 1998, 1998, 1999
4.\" The Internet Software Consortium.    All rights reserved.
5.\"
6.\" Redistribution and use in source and binary forms, with or without
7.\" modification, are permitted provided that the following conditions
8.\" are met:
9.\"
10.\" 1. Redistributions of source code must retain the above copyright
11.\"    notice, this list of conditions and the following disclaimer.
12.\" 2. Redistributions in binary form must reproduce the above copyright
13.\"    notice, this list of conditions and the following disclaimer in the
14.\"    documentation and/or other materials provided with the distribution.
15.\" 3. Neither the name of The Internet Software Consortium nor the names
16.\"    of its contributors may be used to endorse or promote products derived
17.\"    from this software without specific prior written permission.
18.\"
19.\" THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND
20.\" CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21.\" INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
22.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
23.\" DISCLAIMED.  IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR
24.\" CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
25.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
26.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
27.\" USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
28.\" ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
30.\" OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31.\" SUCH DAMAGE.
32.\"
33.\" This software has been written for the Internet Software Consortium
34.\" by Ted Lemon <mellon@fugue.com> in cooperation with Vixie
35.\" Enterprises.  To learn more about the Internet Software Consortium,
36.\" see ``http://www.isc.org/isc''.  To learn more about Vixie
37.\" Enterprises, see ``http://www.vix.com''.
38.\"
39.Dd $Mdocdate: February 1 2009 $
40.Dt DHCPD.CONF 5
41.Os
42.Sh NAME
43.Nm dhcpd.conf
44.Nd dhcpd configuration file
45.Sh DESCRIPTION
46The
47.Nm
48file contains configuration information for
49.Xr dhcpd 8 ,
50the Internet Software Consortium DHCP Server.
51.Pp
52The
53.Nm
54file is a free-form ASCII text file.
55It is parsed by the recursive-descent parser built into
56.Xr dhcpd 8 .
57The file may contain extra tabs and newlines for formatting purposes.
58Keywords in the file are case-insensitive.
59Comments may be placed anywhere within the file (except within quotes).
60Comments begin with the
61.Sq #
62character and end at the end of the line.
63.Pp
64The file essentially consists of a list of statements.
65Statements fall into two broad categories \- parameters and declarations.
66.Pp
67Parameter statements say how to do something (e.g., how long a
68lease to offer), whether to do something (e.g., should
69.Xr dhcpd 8
70provide addresses to unknown clients), or what parameters to provide to the
71client (e.g., use gateway 220.177.244.7).
72.Pp
73Declarations are used to describe the topology of the
74network, to describe clients on the network, to provide addresses that
75can be assigned to clients, or to apply a group of parameters to a
76group of declarations.
77In any group of parameters and declarations, all parameters must be specified
78before any declarations which depend on those parameters may be specified.
79.Pp
80Declarations about network topology include the
81.Ic shared-network
82and the
83.Ic subnet
84declarations.
85If clients on a subnet are to be assigned addresses dynamically, a
86.Ic range
87declaration must appear within the
88.Ic subnet
89declaration.
90For clients with statically assigned addresses, or for installations where
91only known clients will be served, each such client must have a
92.Ic host
93declaration.
94If parameters are to be applied to a group of declarations which are not
95related strictly on a per-subnet basis, the
96.Ic group
97declaration can be used.
98.Pp
99For every subnet which will be served, and for every subnet
100to which the dhcp server is connected, there must be one
101.Ic subnet
102declaration, which tells
103.Xr dhcpd 8
104how to recognize that an address is on that subnet.
105A
106.Ic subnet
107declaration is required for each subnet even if no addresses will be
108dynamically allocated on that subnet.
109.Pp
110Some installations have physical networks on which more than one IP
111subnet operates.
112For example, if there is a site-wide requirement that 8-bit subnet masks
113be used, but a department with a single physical Ethernet network expands
114to the point where it has more than 254 nodes, it may be necessary to run
115two 8-bit subnets on the same Ethernet until such time as a new physical
116network can be added.
117In this case, the
118.Ic subnet
119declarations for these two networks may be enclosed in a
120.Ic shared-network
121declaration.
122.Pp
123Some sites may have departments which have clients on more than one
124subnet, but it may be desirable to offer those clients a uniform set
125of parameters which are different than what would be offered to
126clients from other departments on the same subnet.
127For clients which will be declared explicitly with
128.Ic host
129declarations, these declarations can be enclosed in a
130.Ic group
131declaration along with the parameters which are common to that department.
132For clients whose addresses will be dynamically assigned, there is currently no
133way to group parameter assignments other than by network topology.
134.Pp
135When a client is to be booted, its boot parameters are determined by
136first consulting that client's
137.Ic host
138declaration (if any), then consulting the
139.Ic group
140declaration (if any) which enclosed that
141.Ic host
142declaration, then consulting the
143.Ic subnet
144declaration for the subnet on which the client is booting, then consulting the
145.Ic shared-network
146declaration (if any) containing that subnet, and finally consulting the
147top-level parameters which may be specified outside of any declaration.
148.Pp
149When
150.Xr dhcpd 8
151tries to find a
152.Ic host
153declaration for a client, it first looks for a
154.Ic host
155declaration which has a
156.Ar fixed-address
157parameter which matches the subnet or shared network on which the client
158is booting.
159If it doesn't find any such entry, it then tries to find an entry which has no
160.Ar fixed-address
161parameter.
162If no such entry is found, then
163.Xr dhcpd 8
164acts as if there is no entry in the
165.Nm
166file for that client, even if there is an entry for that client on a
167different subnet or shared network.
168.Sh EXAMPLES
169A typical
170.Nm
171file will look something like this:
172.Pp
173Example 1
174.Bd -unfilled -offset indent
175.Ar global parameters...
176
177shared-network ISC-BIGGIE {
178.Ar \ \&\ \&shared-network-specific parameters...
179  subnet 204.254.239.0 netmask 255.255.255.224 {
180.Ar \ \&\ \&\ \&\ \&subnet-specific parameters...
181    range 204.254.239.10 204.254.239.30;
182  }
183  subnet 204.254.239.32 netmask 255.255.255.224 {
184.Ar \ \&\ \&\ \&\ \&subnet-specific parameters...
185    range 204.254.239.42 204.254.239.62;
186  }
187}
188
189subnet 204.254.239.64 netmask 255.255.255.224 {
190.Ar \ \&\ \&subnet-specific parameters...
191  range 204.254.239.74 204.254.239.94;
192}
193
194group {
195.Ar \ \&\ \&group-specific parameters...
196  host zappo.test.isc.org {
197.Ar \ \&\ \&\ \&\ \&host-specific parameters...
198  }
199  host beppo.test.isc.org {
200.Ar \ \&\ \&\ \&\ \&host-specific parameters...
201  }
202  host harpo.test.isc.org {
203.Ar \ \&\ \&\ \&\ \&host-specific parameters...
204  }
205}
206.Ed
207.Pp
208Notice that at the beginning of the file, there's a place
209for global parameters.
210These might be things like the organization's domain name,
211the addresses of the name servers
212(if they are common to the entire organization), and so on.
213So, for example:
214.Pp
215Example 2
216.Bd -literal -offset indent
217option domain-name \&"isc.org\&";
218option domain-name-servers ns1.isc.org, ns2.isc.org;
219.Ed
220.Pp
221As you can see in Example 2, it's legal to specify host addresses in
222parameters as domain names rather than as numeric IP addresses.
223If a given hostname resolves to more than one IP address (for example, if
224that host has two Ethernet interfaces), both addresses are supplied to
225the client.
226.Pp
227In Example 1, you can see that both the shared-network statement and
228the subnet statements can have parameters.
229Let us say that the shared network ISC-BIGGIE supports an entire department \-
230perhaps the accounting department.
231If accounting has its own domain, then a shared-network-specific parameter
232might be:
233.Pp
234.Dl option domain-name \&"accounting.isc.org\&";
235.Pp
236All subnet declarations appearing in the shared-network declaration
237would then have the domain-name option set to
238.Dq accounting.isc.org
239instead of just
240.Dq isc.org .
241.Pp
242The most obvious reason for having subnet-specific parameters as
243shown in Example 1 is that each subnet, of necessity, has its own router.
244So for the first subnet, for example, there should be something like:
245.Pp
246.Dl option routers 204.254.239.1;
247.Pp
248Note that the address here is specified numerically.
249This is not required \- if you have a different domain name for each
250interface on your router, it's perfectly legitimate to use the domain name
251for that interface instead of the numeric address.
252However, in many cases there may be only one domain name for all of a router's
253IP addresses, and it would not be appropriate to use that name here.
254.Pp
255In Example 1 there is also a
256.Ic group
257statement, which provides common parameters for a set of three hosts \- zappo,
258beppo and harpo.
259As you can see, these hosts are all in the test.isc.org domain, so it
260might make sense for a group-specific parameter to override the domain
261name supplied to these hosts:
262.Pp
263.Dl option domain-name \&"test.isc.org\&";
264.Pp
265Also, given the domain they're in, these are probably test machines.
266If we wanted to test the DHCP leasing mechanism, we might set the
267lease timeout somewhat shorter than the default:
268.Bd -literal -offset indent
269max-lease-time 120;
270default-lease-time 120;
271.Ed
272.Pp
273You may have noticed that while some parameters start with the
274.Ic option
275keyword, some do not.
276Parameters starting with the
277.Ic option
278keyword correspond to actual DHCP options, while parameters that do not start
279with the option keyword either control the behaviour of the DHCP server
280(e.g., how long a lease
281.Xr dhcpd 8
282will give out), or specify client parameters that are not optional in the
283DHCP protocol (for example, server-name and filename).
284.Pp
285In Example 1, each host had
286.Ar host-specific parameters .
287These could include such things as the
288.Ic hostname
289option, the name of a file to download (the
290.Ar filename
291parameter) and the address of the server from which to download the file (the
292.Ar next-server
293parameter).
294In general, any parameter can appear anywhere that parameters are allowed,
295and will be applied according to the scope in which the parameter appears.
296.Pp
297Imagine that you have a site with a lot of NCD X-Terminals.
298These terminals come in a variety of models, and you want to specify the
299boot files for each model.
300One way to do this would be to have host declarations for each server
301and group them by model:
302.Bd -literal -offset indent
303group {
304  filename "Xncd19r";
305  next-server ncd-booter;
306
307  host ncd1 { hardware ethernet 0:c0:c3:49:2b:57; }
308  host ncd4 { hardware ethernet 0:c0:c3:80:fc:32; }
309  host ncd8 { hardware ethernet 0:c0:c3:22:46:81; }
310}
311
312group {
313  filename "Xncd19c";
314  next-server ncd-booter;
315
316  host ncd2 { hardware ethernet 0:c0:c3:88:2d:81; }
317  host ncd3 { hardware ethernet 0:c0:c3:00:14:11; }
318}
319
320group {
321  filename "XncdHMX";
322  next-server ncd-booter;
323
324  host ncd5 { hardware ethernet 0:c0:c3:11:90:23; }
325  host ncd6 { hardware ethernet 0:c0:c3:91:a7:8; }
326  host ncd7 { hardware ethernet 0:c0:c3:cc:a:8f; }
327}
328.Ed
329.Sh REFERENCE: DECLARATIONS
330The
331.Ic shared-network
332statement
333.Bd -unfilled -offset indent
334.Ic shared-network Ar name No {
335.Pf \ \&\ \& Op Ar parameters
336.Pf \ \&\ \& Op Ar declarations
337}
338.Ed
339.Pp
340The
341.Ic shared-network
342statement is used to inform the DHCP server that some IP subnets actually
343share the same physical network.
344Any subnets in a shared network should be declared within a
345.Ic shared-network
346statement.
347Parameters specified in the
348.Ic shared-network
349statement will be used when booting clients on those subnets unless
350parameters provided at the subnet or host level override them.
351If any subnet in a shared network has addresses available for dynamic
352allocation, those addresses are collected into a common pool for that
353shared network and assigned to clients as needed.
354There is no way to distinguish on which subnet of a shared network a
355client should boot.
356.Pp
357.Ar name
358should be the name of the shared network.
359This name is used when printing debugging messages, so it should be
360descriptive for the shared network.
361The name may have the syntax of a valid domain name
362(although it will never be used as such), or it may be any arbitrary
363name, enclosed in quotes.
364.Pp
365The
366.Ic subnet
367statement
368.Bd -unfilled -offset indent
369.Ic subnet Ar subnet-number Ic netmask Ar netmask No {
370.Pf \ \&\ \& Op Ar parameters
371.Pf \ \&\ \& Op Ar declarations
372}
373.Ed
374.Pp
375The
376.Ic subnet
377statement is used to provide
378.Xr dhcpd 8
379with enough information to tell whether or not an IP address is on that subnet.
380It may also be used to provide subnet-specific parameters and to
381specify what addresses may be dynamically allocated to clients booting
382on that subnet.
383Such addresses are specified using the
384.Ic range
385declaration.
386.Pp
387The
388.Ar subnet-number
389should be an IP address or domain name which resolves to the subnet
390number of the subnet being described.
391The
392.Ar netmask
393should be an IP address or domain name which resolves to the subnet mask
394of the subnet being described.
395The subnet number, together with the netmask, are sufficient to determine
396whether any given IP address is on the specified subnet.
397.Pp
398Although a netmask must be given with every subnet declaration, it is
399recommended that if there is any variance in subnet masks at a site, a
400subnet-mask option statement be used in each subnet declaration to set
401the desired subnet mask, since any subnet-mask option statement will
402override the subnet mask declared in the subnet statement.
403.Pp
404The
405.Ic range
406statement
407.Pp
408.Xo
409.Ic range Op Ic dynamic-bootp
410.Ar low-address Oo Ar high-address Oc ;
411.Xc
412.Pp
413For any subnet on which addresses will be assigned dynamically, there
414must be at least one
415.Ic range
416statement.
417The range statement gives the lowest and highest IP addresses in a range.
418All IP addresses in the range should be in the subnet in which the
419.Ic range
420statement is declared.
421The
422.Ic dynamic-bootp
423flag may be specified if addresses in the specified range may be dynamically
424assigned to BOOTP clients as well as DHCP clients.
425When specifying a single address,
426.Ar high-address
427can be omitted.
428.Pp
429The
430.Ic host
431statement
432.Bd -unfilled -offset indent
433.Ic host Ar hostname No {
434.Pf \ \&\ \& Op Ar parameters
435.Pf \ \&\ \& Op Ar declarations
436}
437.Ed
438.Pp
439There must be at least one
440.Ic host
441statement for every BOOTP client that is to be served.
442.Ic host
443statements may also be specified for DHCP clients, although this is
444not required unless booting is only enabled for known hosts.
445.Pp
446If it is desirable to be able to boot a DHCP or BOOTP
447client on more than one subnet with fixed addresses, more than one
448address may be specified in the
449.Ar fixed-address
450parameter, or more than one
451.Ic host
452statement may be specified.
453.Pp
454If client-specific boot parameters must change based on the network
455to which the client is attached, then multiple
456.Ic host
457statements should be used.
458.Pp
459If a client is to be booted using a fixed address if it's
460possible, but should be allocated a dynamic address otherwise, then a
461.Ic host
462statement must be specified without a
463.Ar fixed-address
464clause.
465.Ar hostname
466should be a name identifying the host.
467If a
468.Ar hostname
469option is not specified for the host,
470.Ar hostname
471is used.
472.Pp
473.Ic host
474declarations are matched to actual DHCP or BOOTP clients by matching the
475.Ic dhcp-client-identifier
476option specified in the
477.Ic host
478declaration to the one supplied by the client, or, if the
479.Ic host
480declaration or the client does not provide a
481.Ic dhcp-client-identifier
482option, by matching the
483.Ar hardware
484parameter in the
485.Ic host
486declaration to the network hardware address supplied by the client.
487BOOTP clients do not normally provide a
488.Ar dhcp-client-identifier ,
489so the hardware address must be used for all clients that may boot using
490the BOOTP protocol.
491.Pp
492The
493.Ic group
494statement
495.Bd -unfilled -offset indent
496.Ic group No {
497.Pf \ \&\ \& Op Ar parameters
498.Pf \ \&\ \& Op Ar declarations
499}
500.Ed
501.Pp
502The
503.Ic group
504statement is used simply to apply one or more parameters to a group of
505declarations.
506It can be used to group hosts, shared networks, subnets, or even other groups.
507.Sh REFERENCE: ALLOW and DENY
508The
509.Ic allow
510and
511.Ic deny
512statements can be used to control the behaviour of
513.Xr dhcpd 8
514to various sorts of requests.
515.Pp
516The
517.Ar unknown-clients
518keyword
519.Bd -literal -offset indent
520allow unknown-clients;
521deny unknown-clients;
522.Ed
523.Pp
524The
525.Ar unknown-clients
526flag is used to tell
527.Xr dhcpd 8
528whether or not to dynamically assign addresses to unknown clients.
529Dynamic address assignment to unknown clients is allowed by default.
530.Pp
531The
532.Ar bootp
533keyword
534.Bd -literal -offset indent
535allow bootp;
536deny bootp;
537.Ed
538.Pp
539The
540.Ar bootp
541flag is used to tell
542.Xr dhcpd 8
543whether or not to respond to bootp queries.
544Bootp queries are allowed by default.
545.Pp
546The
547.Ar booting
548keyword
549.Bd -literal -offset indent
550allow booting;
551deny booting;
552.Ed
553.Pp
554The
555.Ar booting
556flag is used to tell
557.Xr dhcpd 8
558whether or not to respond to queries from a particular client.
559This keyword only has meaning when it appears in a host declaration.
560By default, booting is allowed, but if it is disabled for a particular client,
561then that client will not be able to get an address from the DHCP server.
562.Sh REFERENCE: PARAMETERS
563The
564.Ic default-lease-time
565statement
566.Pp
567.D1 Ic default-lease-time Ar time ;
568.Pp
569.Ar time
570should be the length in seconds that will be assigned to a lease if
571the client requesting the lease does not ask for a specific expiration time.
572.Pp
573The
574.Ic max-lease-time
575statement
576.Pp
577.D1 Ic max-lease-time Ar time ;
578.Pp
579.Ar time
580should be the maximum length in seconds that will be assigned to a
581lease if the client requesting the lease asks for a specific expiration time.
582.Pp
583The
584.Ic hardware
585statement
586.Pp
587.D1 Ic hardware Ar hardware-type hardware-address ;
588.Pp
589In order for a BOOTP client to be recognized, its network hardware
590address must be declared using a
591.Ic hardware
592clause in the
593.Ic host
594statement.
595.Ar hardware-type
596must be the name of a physical hardware interface type.
597Currently, only the
598.Ar ethernet
599and
600.Ar token-ring
601types are recognized, although support for an
602.Ar fddi
603hardware type (and others) would also be desirable.
604The
605.Ar hardware-address
606should be a set of hexadecimal octets (numbers from 0 through ff)
607separated by colons.
608The
609.Ic hardware
610statement may also be used for DHCP clients.
611.Pp
612The
613.Ic filename
614statement
615.Pp
616.D1 Ic filename Ar \&"filename\&" ;
617.Pp
618The
619.Ic filename
620statement can be used to specify the name of the initial boot file which
621is to be loaded by a client.
622The
623.Ar filename
624should be a filename recognizable to whatever file transfer protocol
625the client can be expected to use to load the file.
626.Pp
627The
628.Ic server-name
629statement
630.Pp
631.D1 Ic server-name Ar \&"name\&" ;
632.Pp
633The
634.Ic server-name
635statement can be used to inform the client of the name of the server
636from which it is booting.
637.Ar name
638should be the name that will be provided to the client.
639.Pp
640The
641.Ic next-server
642statement
643.Pp
644.D1 Ic next-server Ar server-name ;
645.Pp
646The
647.Ic next-server
648statement is used to specify the host address of
649the server from which the initial boot file (specified in the
650.Ic filename
651statement) is to be loaded.
652.Ar server-name
653should be a numeric IP address or a domain name.
654If no
655.Ic next-server
656parameter applies to a given client, the DHCP server's IP address is used.
657.Pp
658The
659.Ic fixed-address
660statement
661.Pp
662.Xo
663.Ic \	\&fixed-address Ar address
664.Op , Ar address ... ;
665.Xc
666.Pp
667The
668.Ic fixed-address
669statement is used to assign one or more fixed IP addresses to a client.
670It should only appear in a
671.Ic host
672declaration.
673If more than one address is supplied, then when the client boots, it will be
674assigned the address which corresponds to the network on which it is booting.
675If none of the addresses in the
676.Ic fixed-address
677statement are on the network on which the client is booting, that client will
678not match the
679.Ic host
680declaration containing that
681.Ic fixed-address
682statement.
683Each
684.Ar address
685should be either an IP address or a domain name which resolves to one
686or more IP addresses.
687.Pp
688Clients with fixed addresses are not assigned DHCP leases,
689and may therefore not be used with the
690.Fl ACL
691table options of
692.Xr dhcpd 8 .
693.Pp
694The
695.Ic dynamic-bootp-lease-cutoff
696statement
697.Pp
698.D1 Ic dynamic-bootp-lease-cutoff Ar date ;
699.Pp
700The
701.Ic dynamic-bootp-lease-cutoff
702statement sets the ending time for all leases assigned dynamically to
703BOOTP clients.
704Because BOOTP clients do not have any way of renewing leases,
705and don't know that their leases could expire, by default
706.Xr dhcpd 8
707assigns infinite leases to all BOOTP clients.
708However, it may make sense in some situations to set a cutoff date for all
709BOOTP leases \- for example, the end of a school term,
710or the time at night when a facility is closed and all
711machines are required to be powered off.
712.Pp
713.Ar date
714should be the date on which all assigned BOOTP leases will end.
715The date is specified in the form:
716.Pp
717.Dl W YYYY/MM/DD HH:MM:SS
718.Pp
719W is the day of the week expressed as a number from zero (Sunday)
720to six (Saturday).
721YYYY is the year, including the century.
722MM is the month expressed as a number from 1 to 12.
723DD is the day of the month, counting from 1.
724HH is the hour, from zero to 23.
725MM is the minute and SS is the second.
726The time is always in Coordinated Universal Time (UTC), not local time.
727.Pp
728The
729.Ic dynamic-bootp-lease-length
730statement
731.Pp
732.D1 Ic dynamic-bootp-lease-length Ar length ;
733.Pp
734The
735.Ic dynamic-bootp-lease-length
736statement is used to set the length of leases dynamically assigned to
737BOOTP clients.
738At some sites, it may be possible to assume that a lease is no longer in
739use if its holder has not used BOOTP or DHCP to get its address within
740a certain time period.
741The period is specified in
742.Ar length
743as a number of seconds.
744If a client reboots using BOOTP during the timeout period, the lease
745duration is reset to
746.Ar length ,
747so a BOOTP client that boots frequently enough will never lose its lease.
748Needless to say, this parameter should be adjusted with extreme caution.
749.Pp
750The
751.Ic get-lease-hostnames
752statement
753.Pp
754.D1 Ic get-lease-hostnames Ar flag ;
755.Pp
756The
757.Ic get-lease-hostnames
758statement is used to tell
759.Xr dhcpd 8
760whether or not to look up the domain name corresponding to the IP address of
761each address in the lease pool and use that address for the DHCP
762.Ic hostname
763option.
764If
765.Ar flag
766is true, then this lookup is done for all addresses in the current scope.
767By default, or if
768.Ar flag
769is false, no lookups are done.
770.Pp
771The
772.Ic use-host-decl-names
773statement
774.Pp
775.D1 Ic use-host-decl-names Ar flag ;
776.Pp
777If the
778.Ic use-host-decl-names
779parameter is true in a given scope, then for every host declaration within
780that scope, the name provided for the host declaration will be supplied to
781the client as its hostname.
782So, for example,
783.Bd -literal -offset indent
784group {
785  use-host-decl-names on;
786
787  host joe {
788    hardware ethernet 08:00:2b:4c:29:32;
789    fixed-address joe.fugue.com;
790  }
791}
792.Ed
793.Pp
794is equivalent to
795.Bd -literal -offset indent
796host joe {
797  hardware ethernet 08:00:2b:4c:29:32;
798  fixed-address joe.fugue.com;
799  option host-name "joe";
800}
801.Ed
802.Pp
803An
804.Ic option host-name
805statement within a host declaration will override the use of the name
806in the host declaration.
807.Pp
808The
809.Ic authoritative
810statement
811.Pp
812.D1 Ic authoritative ;
813.Pp
814.D1 Ic not authoritative ;
815.Pp
816The DHCP server will normally assume that the configuration
817information about a given network segment is known to be correct and
818is authoritative.
819So if a client requests an IP address on a given network segment that the
820server knows is not valid for that segment, the server will respond with a
821DHCPNAK message, causing the client to forget its IP address and try to get
822a new one.
823.Pp
824If a DHCP server is being configured by somebody who is not the
825network administrator and who therefore does not wish to assert this
826level of authority, then the statement
827.Dq not authoritative
828should be written in the appropriate scope in the configuration file.
829.Pp
830Usually, writing
831.Em not authoritative;
832at the top level of the file should be sufficient.
833However, if a DHCP server is to be set up so that it is aware of some
834networks for which it is authoritative and some networks for which it is not,
835it may be more appropriate to declare authority on a per-network-segment basis.
836.Pp
837Note that the most specific scope for which the concept of authority
838makes any sense is the physical network segment \- either a
839shared-network statement or a subnet statement that is not contained
840within a shared-network statement.
841It is not meaningful to specify that the server is authoritative for some
842subnets within a shared network, but not authoritative for others,
843nor is it meaningful to specify that the server is authoritative for some
844host declarations and not others.
845.Pp
846The
847.Ic use-lease-addr-for-default-route
848statement
849.Pp
850.D1 Ic use-lease-addr-for-default-route Ar flag ;
851.Pp
852If the
853.Ic use-lease-addr-for-default-route
854parameter is true in a given scope, then instead of sending the value
855specified in the routers option (or sending no value at all),
856the IP address of the lease being assigned is sent to the client.
857This supposedly causes Win95 machines to ARP for all IP addresses,
858which can be helpful if your router is configured for proxy ARP.
859.Pp
860If
861.Ic use-lease-addr-for-default-route
862is enabled and an option routers statement are both in scope,
863the routers option will be preferred.
864The rationale for this is that in situations where you want to use
865this feature, you probably want it enabled for a whole bunch of
866Windows 95 machines, and you want to override it for a few other machines.
867Unfortunately, if the opposite happens to be true for your
868site, you are probably better off not trying to use this flag.
869.Pp
870The
871.Ic always-reply-rfc1048
872statement
873.Pp
874.D1 Ic always-reply-rfc1048 Ar flag ;
875.Pp
876Some BOOTP clients expect RFC 1048-style responses, but do not follow
877RFC 1048 when sending their requests.
878You can tell that a client is having this problem if it is not getting
879the options you have configured for it and if you see in the server log
880the message
881.Dq (non-rfc1048)
882printed with each BOOTREQUEST that is logged.
883.Pp
884If you want to send RFC 1048 options to such a client, you can set the
885.Ic always-reply-rfc1048
886option in that client's host declaration, and the DHCP server will
887respond with an RFC 1048-style vendor options field.
888This flag can be set in any scope, and will affect all clients covered
889by that scope.
890.Pp
891The
892.Ic server-identifier
893statement
894.Pp
895.D1 Ic server-identifier Ar hostname ;
896.Pp
897The
898.Ic server-identifier
899statement can be used to define the value that is sent in the
900DHCP Server Identifier option for a given scope.
901The value specified
902.Em must
903be an IP address for the DHCP server, and must be reachable by all
904clients served by a particular scope.
905.Pp
906The use of the server-identifier statement is not recommended \- the only
907reason to use it is to force a value other than the default value to be
908sent on occasions where the default value would be incorrect.
909The default value is the first IP address associated with the physical
910network interface on which the request arrived.
911.Pp
912The usual case where the
913.Ic server-identifier
914statement needs to be sent is when a physical interface has more than one
915IP address, and the one being sent by default isn't appropriate for some
916or all clients served by that interface.
917Another common case is when an alias is defined for the purpose of
918having a consistent IP address for the DHCP server, and it is desired
919that the clients use this IP address when contacting the server.
920.Pp
921Supplying a value for the
922.Ic dhcp-server-identifier
923option is equivalent to using the
924.Ic server-identifier
925statement.
926.Sh REFERENCE: OPTION STATEMENTS
927DHCP option statements are documented in the
928.Xr dhcp-options 5
929manual page.
930.Sh SEE ALSO
931.Xr dhcp-options 5 ,
932.Xr dhcpd.leases 5 ,
933.Xr dhcpd 8
934.Pp
935RFC 2132, RFC 2131.
936.Sh AUTHORS
937.An -nosplit
938.Xr dhcpd 8
939was written by
940.An Ted Lemon Aq mellon@vix.com
941under a contract with Vixie Labs.
942.Pp
943The current implementation was reworked by
944.An Henning Brauer Aq henning@openbsd.org .
945