]>
Commit | Line | Data |
---|---|---|
08fe7cdb TL |
1 | .\" dhcpd.8 |
2 | .\" | |
88cd8aca | 3 | .\" Copyright (c) 2004-2006 by Internet Systems Consortium, Inc. ("ISC") |
98311e4b | 4 | .\" Copyright (c) 1996-2003 by Internet Software Consortium |
08fe7cdb | 5 | .\" |
98311e4b DH |
6 | .\" Permission to use, copy, modify, and distribute this software for any |
7 | .\" purpose with or without fee is hereby granted, provided that the above | |
8 | .\" copyright notice and this permission notice appear in all copies. | |
08fe7cdb | 9 | .\" |
98311e4b DH |
10 | .\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES |
11 | .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |
12 | .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR | |
13 | .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |
14 | .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
15 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT | |
16 | .\" OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |
08fe7cdb | 17 | .\" |
98311e4b DH |
18 | .\" Internet Systems Consortium, Inc. |
19 | .\" 950 Charter Street | |
20 | .\" Redwood City, CA 94063 | |
21 | .\" <info@isc.org> | |
22 | .\" http://www.isc.org/ | |
23 | .\" | |
24 | .\" This software has been written for Internet Systems Consortium | |
69c620f2 | 25 | .\" by Ted Lemon in cooperation with Vixie Enterprises and Nominum, Inc. |
98311e4b | 26 | .\" To learn more about Internet Systems Consortium, see |
69c620f2 TL |
27 | .\" ``http://www.isc.org/''. To learn more about Vixie Enterprises, |
28 | .\" see ``http://www.vix.com''. To learn more about Nominum, Inc., see | |
29 | .\" ``http://www.nominum.com''. | |
f49473ba | 30 | .\" |
88cd8aca | 31 | .\" $Id: dhcpd.8,v 1.23 2006/02/24 23:16:31 dhankins Exp $ |
f49473ba | 32 | .\" |
ee0cda4d TL |
33 | .TH dhcpd 8 |
34 | .SH NAME | |
5e6b52dc | 35 | dhcpd - Dynamic Host Configuration Protocol Server |
ee0cda4d TL |
36 | .SH SYNOPSIS |
37 | .B dhcpd | |
38 | [ | |
39 | .B -p | |
40 | .I port | |
41 | ] | |
d27562c7 TL |
42 | [ |
43 | .B -f | |
44 | ] | |
45 | [ | |
5e6b52dc TL |
46 | .B -d |
47 | ] | |
48 | [ | |
6edb572b TL |
49 | .B -q |
50 | ] | |
51 | [ | |
897065dc TL |
52 | .B -t |
53 | | | |
54 | .B -T | |
55 | ] | |
56 | [ | |
e2ac5814 TL |
57 | .B -cf |
58 | .I config-file | |
59 | ] | |
60 | [ | |
61 | .B -lf | |
62 | .I lease-file | |
63 | ] | |
64 | [ | |
88cd8aca DH |
65 | .B -pf |
66 | .I pid-file | |
67 | ] | |
68 | [ | |
51fe0cce TL |
69 | .B -tf |
70 | .I trace-output-file | |
71 | ] | |
72 | [ | |
73 | .B -play | |
74 | .I trace-playback-file | |
75 | ] | |
76 | [ | |
d27562c7 TL |
77 | .I if0 |
78 | [ | |
79 | .I ...ifN | |
80 | ] | |
81 | ] | |
ee0cda4d | 82 | .SH DESCRIPTION |
98311e4b | 83 | The Internet Systems Consortium DHCP Server, dhcpd, implements the |
5e6b52dc TL |
84 | Dynamic Host Configuration Protocol (DHCP) and the Internet Bootstrap |
85 | Protocol (BOOTP). DHCP allows hosts on a TCP/IP network to request | |
86 | and be assigned IP addresses, and also to discover information about | |
87 | the network to which they are attached. BOOTP provides similar | |
88 | functionality, with certain restrictions. | |
f21a7b4a TL |
89 | .SH CONTRIBUTIONS |
90 | .PP | |
46a65180 TL |
91 | This software is free software. At various times its development has |
92 | been underwritten by various organizations, including the ISC and | |
93 | Vixie Enterprises. The development of 3.0 has been funded almost | |
94 | entirely by Nominum, Inc. | |
95 | .PP | |
96 | At this point development is being shepherded by Ted Lemon, and hosted | |
97 | by the ISC, but the future of this project depends on you. If you | |
98 | have features you want, please consider implementing them. | |
ee0cda4d TL |
99 | .SH OPERATION |
100 | .PP | |
08fe7cdb TL |
101 | The DHCP protocol allows a host which is unknown to the network |
102 | administrator to be automatically assigned a new IP address out of a | |
103 | pool of IP addresses for its network. In order for this to work, the | |
104 | network administrator allocates address pools in each subnet and | |
ee0cda4d TL |
105 | enters them into the dhcpd.conf(5) file. |
106 | .PP | |
08fe7cdb | 107 | On startup, dhcpd reads the |
ee0cda4d | 108 | .IR dhcpd.conf |
5e6b52dc TL |
109 | file and stores a list of available addresses on each subnet in |
110 | memory. When a client requests an address using the DHCP protocol, | |
111 | dhcpd allocates an address for it. Each client is assigned a lease, | |
112 | which expires after an amount of time chosen by the administrator (by | |
113 | default, one day). Before leases expire, the clients to which leases | |
114 | are assigned are expected to renew them in order to continue to use | |
115 | the addresses. Once a lease has expired, the client to which that | |
116 | lease was assigned is no longer permitted to use the leased IP | |
117 | address. | |
ee0cda4d | 118 | .PP |
08fe7cdb | 119 | In order to keep track of leases across system reboots and server |
ee0cda4d TL |
120 | restarts, dhcpd keeps a list of leases it has assigned in the |
121 | dhcpd.leases(5) file. Before dhcpd grants a lease to a host, it | |
122 | records the lease in this file and makes sure that the contents of the | |
123 | file are flushed to disk. This ensures that even in the event of a | |
124 | system crash, dhcpd will not forget about a lease that it has | |
125 | assigned. On startup, after reading the dhcpd.conf file, dhcpd | |
126 | reads the dhcpd.leases file to refresh its memory about what leases | |
127 | have been assigned. | |
128 | .PP | |
129 | New leases are appended to the end of the dhcpd.leases | |
08fe7cdb | 130 | file. In order to prevent the file from becoming arbitrarily large, |
ee0cda4d TL |
131 | from time to time dhcpd creates a new dhcpd.leases file from its |
132 | in-core lease database. Once this file has been written to disk, the | |
133 | old file is renamed | |
134 | .IR dhcpd.leases~ , | |
135 | and the new file is renamed dhcpd.leases. If the system crashes in | |
136 | the middle of this process, whichever dhcpd.leases file remains will | |
137 | contain all the lease information, so there is no need for a special | |
138 | crash recovery process. | |
139 | .PP | |
5e6b52dc TL |
140 | BOOTP support is also provided by this server. Unlike DHCP, the BOOTP |
141 | protocol does not provide a protocol for recovering | |
142 | dynamically-assigned addresses once they are no longer needed. It is | |
143 | still possible to dynamically assign addresses to BOOTP clients, but | |
144 | some administrative process for reclaiming addresses is required. By | |
145 | default, leases are granted to BOOTP clients in perpetuity, although | |
146 | the network administrator may set an earlier cutoff date or a shorter | |
147 | lease length for BOOTP leases if that makes sense. | |
148 | .PP | |
149 | BOOTP clients may also be served in the old standard way, which is to | |
150 | simply provide a declaration in the dhcpd.conf file for each | |
151 | BOOTP client, permanently assigning an address to each client. | |
ee0cda4d TL |
152 | .PP |
153 | Whenever changes are made to the dhcpd.conf file, dhcpd must be | |
154 | restarted. To restart dhcpd, send a SIGTERM (signal 15) to the | |
155 | process ID contained in | |
5e6b52dc TL |
156 | .IR RUNDIR/dhcpd.pid , |
157 | and then re-invoke dhcpd. Because the DHCP server database is not as | |
158 | lightweight as a BOOTP database, dhcpd does not automatically restart | |
159 | itself when it sees a change to the dhcpd.conf file. | |
4e19a6df TL |
160 | .PP |
161 | Note: We get a lot of complaints about this. We realize that it would | |
162 | be nice if one could send a SIGHUP to the server and have it reload | |
163 | the database. This is not technically impossible, but it would | |
164 | require a great deal of work, our resources are extremely limited, and | |
165 | they can be better spent elsewhere. So please don't complain about | |
166 | this on the mailing list unless you're prepared to fund a project to | |
167 | implement this feature, or prepared to do it yourself. | |
d27562c7 TL |
168 | .SH COMMAND LINE |
169 | .PP | |
5e6b52dc TL |
170 | The names of the network interfaces on which dhcpd should listen for |
171 | broadcasts may be specified on the command line. This should be done | |
172 | on systems where dhcpd is unable to identify non-broadcast interfaces, | |
173 | but should not be required on other systems. If no interface names | |
174 | are specified on the command line dhcpd will identify all network | |
98311e4b | 175 | interfaces which are up, eliminating non-broadcast interfaces if |
5e6b52dc | 176 | possible, and listen for DHCP broadcasts on each interface. |
d27562c7 | 177 | .PP |
5e6b52dc TL |
178 | If dhcpd should listen on a port other than the standard (port 67), |
179 | the | |
d27562c7 | 180 | .B -p |
5e6b52dc TL |
181 | flag may used. It should be followed by the udp port number on which |
182 | dhcpd should listen. This is mostly useful for debugging purposes. | |
d27562c7 | 183 | .PP |
5e6b52dc TL |
184 | To run dhcpd as a foreground process, rather than allowing it to run |
185 | as a daemon in the background, the | |
d27562c7 | 186 | .B -f |
5e6b52dc TL |
187 | flag should be specified. This is useful when running dhcpd under a |
188 | debugger, or when running it out of inittab on System V systems. | |
189 | .PP | |
190 | To have dhcpd log to the standard error descriptor, specify the | |
191 | .B -d | |
192 | flag. This can be useful for debugging, and also at sites where a | |
193 | complete log of all dhcp activity must be kept but syslogd is not | |
194 | reliable or otherwise cannot be used. Normally, dhcpd will log all | |
195 | output using the syslog(3) function with the log facility set to | |
196 | LOG_DAEMON. | |
e2ac5814 TL |
197 | .PP |
198 | Dhcpd can be made to use an alternate configuration file with the | |
199 | .B -cf | |
88cd8aca | 200 | flag, an alternate lease file with the |
e2ac5814 | 201 | .B -lf |
88cd8aca DH |
202 | flag, or an alternate pid file with the |
203 | .B -pf | |
e2ac5814 TL |
204 | flag. Because of the importance of using the same lease database at |
205 | all times when running dhcpd in production, these options should be | |
206 | used \fBonly\fR for testing lease files or database files in a | |
207 | non-production environment. | |
6edb572b TL |
208 | .PP |
209 | When starting dhcpd up from a system startup script (e.g., /etc/rc), | |
210 | it may not be desirable to print out the entire copyright message on | |
211 | startup. To avoid printing this message, the | |
212 | .B -q | |
213 | flag may be specified. | |
897065dc TL |
214 | .PP |
215 | The DHCP server reads two files on startup: a configuration file, and | |
216 | a lease database. If the | |
217 | .B -t | |
218 | flag is specified, the server will simply test the configuration file | |
219 | for correct syntax, but will not attempt to perform any network | |
220 | operations. This can be used to test the a new configuration file | |
221 | automatically before installing it. | |
222 | .PP | |
223 | The | |
224 | .B -T | |
225 | flag can be used to test the lease database file in a similar way. | |
51fe0cce TL |
226 | .PP |
227 | The \fB-tf\fR and \fB-play\fR options allow you to specify a file into | |
228 | which the entire startup state of the server and all the transactions | |
229 | it processes are either logged or played back from. This can be | |
230 | useful in submitting bug reports - if you are getting a core dump | |
231 | every so often, you can start the server with the \fB-tf\fR option and | |
232 | then, when the server dumps core, the trace file will contain all the | |
233 | transactions that led up to it dumping core, so that the problem can | |
234 | be easily debugged with \fB-play\fR. | |
235 | .PP | |
236 | The \fB-play\fR option must be specified with an alternate lease file, | |
237 | using the \fB-lf\fR switch, so that the DHCP server doesn't wipe out | |
238 | your existing lease file with its test data. The DHCP server will | |
239 | refuse to operate in playback mode unless you specify an alternate | |
240 | lease file. | |
ee0cda4d | 241 | .SH CONFIGURATION |
98311e4b | 242 | The syntax of the dhcpd.conf(5) file is discussed separately. This |
ee0cda4d | 243 | section should be used as an overview of the configuration process, |
ba7ed239 | 244 | and the dhcpd.conf(5) documentation should be consulted for detailed |
ee0cda4d TL |
245 | reference information. |
246 | .PP | |
247 | .SH Subnets | |
248 | dhcpd needs to know the subnet numbers and netmasks of all subnets for | |
249 | which it will be providing service. In addition, in order to | |
250 | dynamically allocate addresses, it must be assigned one or more ranges | |
251 | of addresses on each subnet which it can in turn assign to client | |
252 | hosts as they boot. Thus, a very simple configuration providing DHCP | |
08fe7cdb TL |
253 | support might look like this: |
254 | .nf | |
255 | .sp 1 | |
5e6b52dc | 256 | subnet 239.252.197.0 netmask 255.255.255.0 { |
08fe7cdb | 257 | range 239.252.197.10 239.252.197.250; |
98311e4b | 258 | } |
08fe7cdb | 259 | .fi |
ee0cda4d | 260 | .PP |
08fe7cdb TL |
261 | Multiple address ranges may be specified like this: |
262 | .nf | |
263 | .sp 1 | |
5e6b52dc TL |
264 | subnet 239.252.197.0 netmask 255.255.255.0 { |
265 | range 239.252.197.10 239.252.197.107; | |
08fe7cdb | 266 | range 239.252.197.113 239.252.197.250; |
5e6b52dc | 267 | } |
08fe7cdb | 268 | .fi |
ee0cda4d | 269 | .PP |
08fe7cdb TL |
270 | If a subnet will only be provided with BOOTP service and no dynamic |
271 | address assignment, the range clause can be left out entirely, but the | |
272 | subnet statement must appear. | |
ee0cda4d TL |
273 | .PP |
274 | .SH Lease Lengths | |
08fe7cdb TL |
275 | DHCP leases can be assigned almost any length from zero seconds to |
276 | infinity. What lease length makes sense for any given subnet, or for | |
277 | any given installation, will vary depending on the kinds of hosts | |
278 | being served. | |
ee0cda4d | 279 | .PP |
08fe7cdb TL |
280 | For example, in an office environment where systems are added from |
281 | time to time and removed from time to time, but move relatively | |
282 | infrequently, it might make sense to allow lease times of a month of | |
283 | more. In a final test environment on a manufacturing floor, it may | |
284 | make more sense to assign a maximum lease length of 30 minutes - | |
285 | enough time to go through a simple test procedure on a network | |
286 | appliance before packaging it up for delivery. | |
ee0cda4d | 287 | .PP |
08fe7cdb TL |
288 | It is possible to specify two lease lengths: the default length that |
289 | will be assigned if a client doesn't ask for any particular lease | |
290 | length, and a maximum lease length. These are specified as clauses | |
291 | to the subnet command: | |
292 | .nf | |
293 | .sp 1 | |
5e6b52dc TL |
294 | subnet 239.252.197.0 netmask 255.255.255.0 { |
295 | range 239.252.197.10 239.252.197.107; | |
296 | default-lease-time 600; | |
08fe7cdb | 297 | max-lease-time 7200; |
98311e4b | 298 | } |
08fe7cdb | 299 | .fi |
ee0cda4d | 300 | .PP |
08fe7cdb TL |
301 | This particular subnet declaration specifies a default lease time of |
302 | 600 seconds (ten minutes), and a maximum lease time of 7200 seconds | |
303 | (two hours). Other common values would be 86400 (one day), 604800 | |
304 | (one week) and 2592000 (30 days). | |
ee0cda4d | 305 | .PP |
08fe7cdb TL |
306 | Each subnet need not have the same lease\(emin the case of an office |
307 | environment and a manufacturing environment served by the same DHCP | |
308 | server, it might make sense to have widely disparate values for | |
309 | default and maximum lease times on each subnet. | |
ee0cda4d TL |
310 | .SH BOOTP Support |
311 | Each BOOTP client must be explicitly declared in the dhcpd.conf | |
08fe7cdb TL |
312 | file. A very basic client declaration will specify the client |
313 | network interface's hardware address and the IP address to assign to | |
314 | that client. If the client needs to be able to load a boot file from | |
315 | the server, that file's name must be specified. A simple bootp | |
316 | client declaration might look like this: | |
317 | .nf | |
318 | .sp 1 | |
fc5aedc9 TL |
319 | host haagen { |
320 | hardware ethernet 08:00:2b:4c:59:23; | |
5e6b52dc | 321 | fixed-address 239.252.197.9; |
08fe7cdb | 322 | filename "/tftpboot/haagen.boot"; |
5e6b52dc | 323 | } |
08fe7cdb | 324 | .fi |
ee0cda4d | 325 | .SH Options |
08fe7cdb TL |
326 | DHCP (and also BOOTP with Vendor Extensions) provide a mechanism |
327 | whereby the server can provide the client with information about how | |
328 | to configure its network interface (e.g., subnet mask), and also how | |
329 | the client can access various network services (e.g., DNS, IP routers, | |
330 | and so on). | |
ee0cda4d | 331 | .PP |
08fe7cdb TL |
332 | These options can be specified on a per-subnet basis, and, for BOOTP |
333 | clients, also on a per-client basis. In the event that a BOOTP | |
334 | client declaration specifies options that are also specified in its | |
335 | subnet declaration, the options specified in the client declaration | |
98311e4b | 336 | take precedence. A reasonably complete DHCP configuration might |
08fe7cdb TL |
337 | look something like this: |
338 | .nf | |
339 | .sp 1 | |
5e6b52dc TL |
340 | subnet 239.252.197.0 netmask 255.255.255.0 { |
341 | range 239.252.197.10 239.252.197.250; | |
342 | default-lease-time 600 max-lease-time 7200; | |
343 | option subnet-mask 255.255.255.0; | |
344 | option broadcast-address 239.252.197.255; | |
345 | option routers 239.252.197.1; | |
346 | option domain-name-servers 239.252.197.2, 239.252.197.3; | |
08fe7cdb | 347 | option domain-name "isc.org"; |
5e6b52dc | 348 | } |
08fe7cdb | 349 | .fi |
ee0cda4d | 350 | .PP |
08fe7cdb TL |
351 | A bootp host on that subnet that needs to be in a different domain and |
352 | use a different name server might be declared as follows: | |
353 | .nf | |
354 | .sp 1 | |
ba7ed239 TL |
355 | host haagen { |
356 | hardware ethernet 08:00:2b:4c:59:23; | |
5e6b52dc TL |
357 | fixed-address 239.252.197.9; |
358 | filename "/tftpboot/haagen.boot"; | |
359 | option domain-name-servers 192.5.5.1; | |
08fe7cdb | 360 | option domain-name "vix.com"; |
5e6b52dc | 361 | } |
08fe7cdb | 362 | .fi |
ee0cda4d | 363 | .PP |
5e6b52dc TL |
364 | A more complete description of the dhcpd.conf file syntax is provided |
365 | in dhcpd.conf(5). | |
90e0ef94 TL |
366 | .SH OMAPI |
367 | The DHCP server provides the capability to modify some of its | |
368 | configuration while it is running, without stopping it, modifying its | |
369 | database files, and restarting it. This capability is currently | |
370 | provided using OMAPI - an API for manipulating remote objects. OMAPI | |
371 | clients connect to the server using TCP/IP, authenticate, and can then | |
372 | examine the server's current status and make changes to it. | |
373 | .PP | |
374 | Rather than implementing the underlying OMAPI protocol directly, user | |
375 | programs should use the dhcpctl API or OMAPI itself. Dhcpctl is a | |
376 | wrapper that handles some of the housekeeping chores that OMAPI does | |
377 | not do automatically. Dhcpctl and OMAPI are documented in \fBdhcpctl(3)\fR | |
378 | and \fBomapi(3)\fR. | |
379 | .PP | |
380 | OMAPI exports objects, which can then be examined and modified. The | |
381 | DHCP server exports the following objects: lease, host, | |
382 | failover-state and group. Each object has a number of methods that | |
383 | are provided: lookup, create, and destroy. In addition, it is | |
384 | possible to look at attributes that are stored on objects, and in some | |
385 | cases to modify those attributes. | |
386 | .SH THE LEASE OBJECT | |
387 | Leases can't currently be created or destroyed, but they can be looked | |
388 | up to examine and modify their state. | |
389 | .PP | |
390 | Leases have the following attributes: | |
391 | .PP | |
392 | .B state \fIinteger\fR lookup, examine | |
393 | .RS 0.5i | |
394 | .nf | |
395 | 1 = free | |
396 | 2 = active | |
397 | 3 = expired | |
398 | 4 = released | |
399 | 5 = abandoned | |
400 | 6 = reset | |
401 | 7 = backup | |
402 | 8 = reserved | |
403 | 9 = bootp | |
404 | .fi | |
405 | .RE | |
406 | .PP | |
407 | .B ip-address \fIdata\fR lookup, examine | |
408 | .RS 0.5i | |
409 | The IP address of the lease. | |
410 | .RE | |
411 | .PP | |
412 | .B dhcp-client-identifier \fIdata\fR lookup, examine, update | |
413 | .RS 0.5i | |
414 | The | |
415 | client identifier that the client used when it acquired the lease. | |
416 | Not all clients send client identifiers, so this may be empty. | |
417 | .RE | |
418 | .PP | |
419 | .B client-hostname \fIdata\fR examine, update | |
420 | .RS 0.5i | |
421 | The value the client sent in the host-name option. | |
422 | .RE | |
423 | .PP | |
424 | .B host \fIhandle\fR examine | |
425 | .RS 0.5i | |
426 | the host declaration associated with this lease, if any. | |
427 | .RE | |
428 | .PP | |
429 | .B subnet \fIhandle\fR examine | |
430 | .RS 0.5i | |
431 | the subnet object associated with this lease (the subnet object is not | |
432 | currently supported). | |
433 | .RE | |
434 | .PP | |
435 | .B pool \fIhandle\fR examine | |
436 | .RS 0.5i | |
437 | the pool object associted with this lease (the pool object is not | |
438 | currently supported). | |
439 | .RE | |
440 | .PP | |
441 | .B billing-class \fIhandle\fR examine | |
442 | .RS 0.5i | |
443 | the handle to the class to which this lease is currently billed, if | |
444 | any (the class object is not currently supported). | |
445 | .RE | |
446 | .PP | |
447 | .B hardware-address \fIdata\fR examine, update | |
448 | .RS 0.5i | |
449 | the hardware address (chaddr) field sent by the client when it | |
450 | acquired its lease. | |
451 | .RE | |
452 | .PP | |
453 | .B hardware-type \fIinteger\fR examine, update | |
454 | .RS 0.5i | |
455 | the type of the network interface that the client reported when it | |
456 | acquired its lease. | |
457 | .RE | |
458 | .PP | |
459 | .B ends \fItime\fR examine | |
460 | .RS 0.5i | |
461 | the time when the lease's current state ends, as understood by the | |
462 | client. | |
463 | .RE | |
464 | .PP | |
465 | .B tstp \fItime\fR examine | |
466 | .RS 0.5i | |
467 | the time when the lease's current state ends, as understood by the | |
468 | server. | |
469 | .RE | |
470 | .B tsfp \fItime\fR examine | |
471 | .RS 0.5i | |
88cd8aca DH |
472 | the adjusted time when the lease's current state ends, as understood by |
473 | the failover peer (if there is no failover peer, this value is | |
474 | undefined). Generally this value is only adjusted for expired, released, | |
475 | or reset leases while the server is operating in partner-down state, and | |
476 | otherwise is simply the value supplied by the peer. | |
477 | .RE | |
478 | .B atsfp \fItime\fR examine | |
479 | .RS 0.5i | |
480 | the actual tsfp value sent from the peer. This value is forgotten when a | |
481 | lease binding state change is made, to facillitate retransmission logic. | |
90e0ef94 TL |
482 | .RE |
483 | .PP | |
484 | .B cltt \fItime\fR examine | |
485 | .RS 0.5i | |
486 | The time of the last transaction with the client on this lease. | |
487 | .RE | |
488 | .SH THE HOST OBJECT | |
489 | Hosts can be created, destroyed, looked up, examined and modified. | |
490 | If a host declaration is created or deleted using OMAPI, that | |
491 | information will be recorded in the dhcpd.leases file. It is | |
492 | permissible to delete host declarations that are declared in the | |
493 | dhcpd.conf file. | |
494 | .PP | |
495 | Hosts have the following attributes: | |
496 | .PP | |
497 | .B name \fIdata\fR lookup, examine, modify | |
498 | .RS 0.5i | |
499 | the name of the host declaration. This name must be unique among all | |
500 | host declarations. | |
501 | .RE | |
502 | .PP | |
503 | .B group \fIhandle\fR examine, modify | |
504 | .RS 0.5i | |
505 | the named group associated with the host declaration, if there is one. | |
506 | .RE | |
507 | .PP | |
508 | .B hardware-address \fIdata\fR lookup, examine, modify | |
509 | .RS 0.5i | |
510 | the link-layer address that will be used to match the client, if any. | |
511 | Only valid if hardware-type is also present. | |
512 | .RE | |
513 | .PP | |
514 | .B hardware-type \fIinteger\fR lookup, examine, modify | |
515 | .RS 0.5i | |
516 | the type of the network interface that will be used to match the | |
517 | client, if any. Only valid if hardware-address is also present. | |
518 | .RE | |
519 | .PP | |
520 | .B dhcp-client-identifier \fIdata\fR lookup, examine, modify | |
521 | .RS 0.5i | |
522 | the dhcp-client-identifier option that will be used to match the | |
523 | client, if any. | |
524 | .RE | |
525 | .PP | |
526 | .B ip-address \fIdata\fR examine, modify | |
527 | .RS 0.5i | |
528 | a fixed IP address which is reserved for a DHCP client that matches | |
529 | this host declaration. The IP address will only be assigned to the | |
530 | client if it is valid for the network segment to which the client is | |
531 | connected. | |
532 | .RE | |
533 | .PP | |
534 | .B statements \fIdata\fR modify | |
535 | .RS 0.5i | |
536 | a list of statements in the format of the dhcpd.conf file that will be | |
537 | executed whenever a message from the client is being processed. | |
538 | .RE | |
539 | .PP | |
540 | .B known \fIinteger\fR examine, modify | |
541 | .RS 0.5i | |
542 | if nonzero, indicates that a client matching this host declaration | |
543 | will be treated as \fIknown\fR in pool permit lists. If zero, the | |
544 | client will not be treated as known. | |
545 | .RE | |
546 | .SH THE GROUP OBJECT | |
547 | Named groups can be created, destroyed, looked up, examined and | |
548 | modified. If a group declaration is created or deleted using OMAPI, | |
549 | that information will be recorded in the dhcpd.leases file. It is | |
550 | permissible to delete group declarations that are declared in the | |
551 | dhcpd.conf file. | |
552 | .PP | |
553 | Named groups currently can only be associated with | |
554 | hosts - this allows one set of statements to be efficiently attached | |
555 | to more than one host declaration. | |
556 | .PP | |
557 | Groups have the following attributes: | |
558 | .PP | |
559 | .B name \fIdata\fR | |
560 | .RS 0.5i | |
561 | the name of the group. All groups that are created using OMAPI must | |
562 | have names, and the names must be unique among all groups. | |
563 | .RE | |
564 | .PP | |
565 | .B statements \fIdata\fR | |
566 | .RS 0.5i | |
567 | a list of statements in the format of the dhcpd.conf file that will be | |
568 | executed whenever a message from a client whose host declaration | |
569 | references this group is processed. | |
570 | .RE | |
d758ad8c TL |
571 | .SH THE CONTROL OBJECT |
572 | The control object allows you to shut the server down. If the server | |
573 | is doing failover with another peer, it will make a clean transition | |
574 | into the shutdown state and notify its peer, so that the peer can go | |
575 | into partner down, and then record the "recover" state in the lease | |
576 | file so that when the server is restarted, it will automatically | |
577 | resynchronize with its peer. | |
578 | .PP | |
579 | On shutdown the server will also attempt to cleanly shut down all | |
580 | OMAPI connections. If these connections do not go down cleanly after | |
581 | five seconds, they are shut down pre-emptively. It can take as much | |
582 | as 25 seconds from the beginning of the shutdown process to the time | |
583 | that the server actually exits. | |
584 | .PP | |
585 | To shut the server down, open its control object and set the state | |
586 | attribute to 2. | |
0db87765 TL |
587 | .SH THE FAILOVER-STATE OBJECT |
588 | The failover-state object is the object that tracks the state of the | |
589 | failover protocol as it is being managed for a given failover peer. | |
590 | The failover object has the following attributes (please see | |
591 | .B dhcpd.conf (5) | |
592 | for explanations about what these attributes mean): | |
593 | .PP | |
594 | .B name \fIdata\fR examine | |
595 | .RS 0.5i | |
596 | Indicates the name of the failover peer relationship, as described in | |
597 | the server's \fBdhcpd.conf\fR file. | |
598 | .RE | |
599 | .PP | |
600 | .B partner-address \fIdata\fR examine | |
601 | .RS 0.5i | |
602 | Indicates the failover partner's IP address. | |
603 | .RE | |
604 | .PP | |
605 | .B local-address \fIdata\fR examine | |
606 | .RS 0.5i | |
607 | Indicates the IP address that is being used by the DHCP server for | |
608 | this failover pair. | |
609 | .RE | |
610 | .PP | |
611 | .B partner-port \fIdata\fR examine | |
612 | .RS 0.5i | |
613 | Indicates the TCP port on which the failover partner is listening for | |
614 | failover protocol connections. | |
615 | .RE | |
616 | .PP | |
617 | .B local-port \fIdata\fR examine | |
618 | .RS 0.5i | |
619 | Indicates the TCP port on which the DHCP server is listening for | |
620 | failover protocol connections for this failover pair. | |
621 | .RE | |
622 | .PP | |
623 | .B max-outstanding-updates \fIinteger\fR examine | |
624 | .RS 0.5i | |
625 | Indicates the number of updates that can be outstanding and | |
626 | unacknowledged at any given time, in this failover relationship. | |
627 | .RE | |
628 | .PP | |
629 | .B mclt \fIinteger\fR examine | |
630 | .RS 0.5i | |
631 | Indicates the maximum client lead time in this failover relationship. | |
632 | .RE | |
633 | .PP | |
634 | .B load-balance-max-secs \fIinteger\fR examine | |
635 | .RS 0.5i | |
636 | Indicates the maximum value for the secs field in a client request | |
637 | before load balancing is bypassed. | |
638 | .RE | |
639 | .PP | |
640 | .B load-balance-hba \fIdata\fR examine | |
641 | .RS 0.5i | |
642 | Indicates the load balancing hash bucket array for this failover | |
643 | relationship. | |
644 | .RE | |
645 | .PP | |
646 | .B local-state \fIinteger\fR examine, modify | |
647 | .RS 0.5i | |
648 | Indicates the present state of the DHCP server in this failover | |
649 | relationship. Possible values for state are: | |
650 | .RE | |
651 | .RS 1i | |
652 | .PP | |
653 | .nf | |
654 | 1 - partner down | |
655 | 2 - normal | |
656 | 3 - communications interrupted | |
657 | 4 - resolution interrupted | |
658 | 5 - potential conflict | |
659 | 6 - recover | |
660 | 7 - recover done | |
661 | 8 - shutdown | |
662 | 9 - paused | |
663 | 10 - startup | |
664 | 11 - recover wait | |
665 | .fi | |
666 | .RE | |
667 | .PP | |
668 | .RS 0.5i | |
669 | In general it is not a good idea to make changes to this state. | |
670 | However, in the case that the failover partner is known to be down, it | |
671 | can be useful to set the DHCP server's failover state to partner | |
672 | down. At this point the DHCP server will take over service of the | |
673 | failover partner's leases as soon as possible, and will give out | |
674 | normal leases, not leases that are restricted by MCLT. If you do put | |
675 | the DHCP server into the partner-down when the other DHCP server is | |
676 | not in the partner-down state, but is not reachable, IP address | |
677 | assignment conflicts are possible, even likely. Once a server has | |
678 | been put into partner-down mode, its failover partner must not be | |
679 | brought back online until communication is possible between the two | |
680 | servers. | |
681 | .RE | |
682 | .PP | |
683 | .B partner-state \fIinteger\fR examine | |
684 | .RS 0.5i | |
685 | Indicates the present state of the failover partner. | |
686 | .RE | |
687 | .PP | |
688 | .B local-stos \fIinteger\fR examine | |
689 | .RS 0.5i | |
690 | Indicates the time at which the DHCP server entered its present state | |
691 | in this failover relationship. | |
692 | .RE | |
693 | .PP | |
694 | .B partner-stos \fIinteger\fR examine | |
695 | .RS 0.5i | |
696 | Indicates the time at which the failover partner entered its present state. | |
697 | .RE | |
698 | .PP | |
699 | .B hierarchy \fIinteger\fR examine | |
700 | .RS 0.5i | |
701 | Indicates whether the DHCP server is primary (0) or secondary (1) in | |
702 | this failover relationship. | |
703 | .RE | |
704 | .PP | |
705 | .B last-packet-sent \fIinteger\fR examine | |
706 | .RS 0.5i | |
707 | Indicates the time at which the most recent failover packet was sent | |
708 | by this DHCP server to its failover partner. | |
709 | .RE | |
710 | .PP | |
711 | .B last-timestamp-received \fIinteger\fR examine | |
712 | .RS 0.5i | |
713 | Indicates the timestamp that was on the failover message most recently | |
714 | received from the failover partner. | |
715 | .RE | |
716 | .PP | |
717 | .B skew \fIinteger\fR examine | |
718 | .RS 0.5i | |
719 | Indicates the skew between the failover partner's clock and this DHCP | |
720 | server's clock | |
721 | .RE | |
722 | .PP | |
723 | .B max-response-delay \fIinteger\fR examine | |
724 | .RS 0.5i | |
725 | Indicates the time in seconds after which, if no message is received | |
726 | from the failover partner, the partner is assumed to be out of | |
727 | communication. | |
728 | .RE | |
729 | .PP | |
730 | .B cur-unacked-updates \fIinteger\fR examine | |
731 | .RS 0.5i | |
732 | Indicates the number of update messages that have been received from | |
733 | the failover partner but not yet processed. | |
734 | .RE | |
ee0cda4d TL |
735 | .SH FILES |
736 | .B ETCDIR/dhcpd.conf, DBDIR/dhcpd.leases, RUNDIR/dhcpd.pid, | |
737 | .B DBDIR/dhcpd.leases~. | |
738 | .SH SEE ALSO | |
66b01364 | 739 | dhclient(8), dhcrelay(8), dhcpd.conf(5), dhcpd.leases(5) |
ee0cda4d TL |
740 | .SH AUTHOR |
741 | .B dhcpd(8) | |
90e0ef94 | 742 | was originally written by Ted Lemon under a contract with Vixie Labs. |
98311e4b | 743 | Funding for this project was provided by Internet Systems |
90e0ef94 | 744 | Consortium. Version 3 of the DHCP server was funded by Nominum, Inc. |
98311e4b DH |
745 | Information about Internet Systems Consortium is available at |
746 | .B http://www.isc.org/\fR. | |
747 | Information about Nominum can be found at \fBhttp://www.nominum.com/\fR. |