ISC DHCP Server Configuration Parameters

Parameters defined in the configuration file are applied with respect to the declaration of topology in which they are defined. The scope can be global (server-level) subnet pool group or host. Global parameters appear at the beginning of the file before subnet pool group or host declarations. Examples of global declaration parameters include default and maximum lease times as well as option settings common to all hosts receiving addresses from the server. Other parameters such as always-broadcast yes should be defined within more limited scopes.

The following parameters are categorized based on applicability.

Global Parameters

These parameters are defined at the start of the dhcpd.conf file and apply to the server independent of scope.

  • authoritative; - this parameter indicates that the DHCP server is configured with accurate and authoritative network information in total if defined at the top of the configuration file or within the subnets it is declared. Thus if a client requests a lease for an address for which the server is authoritative yet the server has no record of it the server will respond with DHCPNAK indicating that the client should no longer use the address. This parameter was created to eliminate the issue of an inexperienced administrator turning on a DHCP server and NAK'ing legitimate clients; this would not happen unless the administrator defined the authoritative parameter in the configuration file. To explicitly denote non-authority within a scope use the not authoritative parameter. This parameter may be set per scope.
  • db-time-format (default | local); -this parameter defines the timestamp format for lease information written to persistent storage. The default format prints the timestamp in UTC format while the local format prints in "unix time" (system seconds since epoch) format.
  • dhcpv6-lease-file-name filename; - the specified filename is used to store leases when the server is operating in DHCPv6 mode. The default is DBDIR/dhcpd6.leases.
  • dhcpv6-pid-file-name filename; - the specified filename is used to store process information when the server is operating in DHCPv6 mode. The default is DBDIR/dhcpd6.pid.
  • lease-file-name name; - this parameter is defined at a global level and defines the file path of the lease file for the server. The default name is /var/lib/dhcpd/dhcpd.leases.
  • local-port port; - this parameter defines the port number on which the DHCP server will listen for DHCP messages. The default port is 67.
  • local-address address; - this parameter defines the IP address on which the DHCP server will listen for DHCP messages. The default is to listen on all IP addresses configured on the server. This option should only be used if all DHCP traffic is relayed to the server; i.e. no locally attached broadcast clients.
  • log-facility facility; - the logging facility may be set using this parameter. The default facility is daemon. Possible facility values may be limited by the operating system on which the server is running but generally includes auth authpriv cron daemon ftp kern local0 through local7 lpr mail mark news ntp security syslog user and uucp. Note that setting a value for this parameter may require a corresponding update to the syslog.conf file on the server.
  • omapi-port port; - this parameter defines the port number on which the DHCP server should listen for OMAPI (Object Management API) connections. The OMAPI protocol provides a means to monitor and modify the DHCP server state while it is running.
  • pid-file-name filename; - this global parameter enables setting of the DHCP server's process id filename. The default filename is /var/run/dhcpd.pid.
  • server-duid type; - the parameter configures the Device Unique Identifier (DUID) used for DHCPv6 transactions. The type field consists of the type definition parameter and type-specific value(s) as follows:
    • LLT [ hardware-type timestamp hardware-address ] - uses the link layer address plus timestamp DUID type. If parameters are not specified hardware address and type on which the DHCPv6 server is running is used. This is the default DUID type.
    • EN enterprise-number enterprise-identifier - specifies use of the Enterprise number DUID type using the parameters specified.
    • LL [ hardware-type hardware-address ] - uses the link layer address DUID type. If parameters are not specified hardware address and type on which the DHCPv6 server is running is used.

DHCP Server-Client Communications Parameters

  • always-broadcast flag; - this parameter configures the DHCP server to always broadcast its responses to clients within the scope this parameter is defined. If flag = yes. This parameter is used for DHCP clients that cannot receive unicast IP packets until their respective IP protocol software has been configured yet do not set the broadcast bit within the Flags field of its DHCP message header.
  • always-reply-rfc1048 flag; - this parameter instructs the DHCP server to format options in RFC 1048 format if flag = yes within the scope that it is defined.
  • min-secs seconds; - this parameter dictates the minimum value of the secs field in the DHCP message header before the server will process the message. The secs field is the number of seconds that have elapsed since attempting to obtain or renew a lease as set by the client. Setting this parameter with seconds > 1 may be useful on a DHCP server acting as a backup for a primary in a split or overlapping scope configuration. This configuration would enable the primary server to shoulder the load but to have the backup server process the request if the primary is unavailable and the client reattempts its request with a higher secs value.
  • remote-port port; - this parameter enables override of the default port value of 68 on which outbound DHCP messages are sent to clients. This parameter is of limited utility as the server will use the port number specified in the local-port parameter when responding via relay agent unless the relay agent is addressed as 127.0.0.1 in which case this remote-port parameter will be used.
  • stash-agent-options flag; - when flag = true the DHCP server will store the DHCP relay agent information option values (option 82 and suboptions) from the client's DHCPREQUEST message. Since a DHCPRENEW message is unicast and not relayed this enables the DHCP server to retain the relay agent information option parameters associated with the client.

Client Handling Parameters

  • adaptive-lease-time-percentage percent; - this parameter added in DHCPD 4.2 configures the DHCP server to automatically decrease the lease time supplied to new clients to min-lease-time when the allocated leases as a percentage of pool capacity exceeds percent. Clients renewing leases when the server is in this state will be provided a lease time at least as long as the remaining lease time. This feature enables the server to more quickly expire and potentially recycle leases to handle high lease demand periods.
  • boot-unknown-clients flag; - this parameter governs whether a client which is not declared with a host declaration will be able to obtain an IP address. If flag = off or false then any client not having a host declaration will not be offered an IP address. If flag = on or true clients not having host declarations will be offered IP addresses.
  • default-lease-time time; - this parameter specifies the time in seconds to be provided to clients that do not request a specific time.
  • dynamic-bootp-lease-cutoff date; - this parameter specifies an expiration time for an otherwise infinite lease for bootp clients; e.g. at the end of the school year. The date value is specified as W YYYY/MM/DD HH:MM:SS where W is the day of the week specified as an integer from 0 (Sunday) to 6 (Saturday) YYYY is the year MM the month (01-12) DD the day (01-31) HH the hour (0-23) MM the minute (00-59) and SS the second (00-59).
  • dynamic-bootp-lease-length length; - this specifies the length in seconds of the bootp lease duration with the corresponding scope. While bootp does not provide a renew mechanism and offers infinite leases this parameters enables sharing of addresses in an environment with highly mobile bootp clients.
  • filename filename; - this parameter specifies a filename to populate the "filename" DHCP header field for the client of an initial boot file to be loaded by a client.
  • fixed-address address [ address'¦]; - this parameter defines a specific IP address for a given client. As such it may only be used within a host declaration. This provides a means to link a MAC address to a specific IP address e.g. for Manual DHCP clients. Multiple addresses may optionally be specified to accommodate mobile M-DHCP clients that may connect from multiple subnets. Note that an FQDN may also be specified instead of IP address within the address parameter.
  • fixed-address6 ipv6-address; - this parameter defines a specific ipv6-address to be assigned to a given client as identified within a host declaration statement block.
  • get-lease-hostnames flag; - if flag = true this parameter directs the DHCP server to lookup the hostname corresponding to the assigned IP address and set the resolved hostname in the DHCP hostname option (12). In this scenario the DNS reverse zone would have been pre-populated with hostnames corresponding to IP addresses corresponding to the scope on which this parameter is set (e.g. subnet). If flag = false no lookup is performed (default).
  • hardware hardware-type hardware-address; - this parameter defines the MAC type and address corresponding to a host declaration to define the matching bootp or M-DHCP client. The hardware-type is either ethernet or token-ring and the hardware-address is the corresponding hardware address specified in hexadecimal with each octet separated by colons (i.e. every two hexadecimal digits comprising an octet would be colon-separated).
  • host-identifier option option-name option data; - this parameter specifies which option with a DHCPv6 packet shall be used to identify a given host. This parameter is used within a host declaration to define the match criterion by option-name of specified option-value to associate the given host declaration with the client.
  • infinite-is-reserved flag; - when the flag is on this parameter is used to configure the server to consider clients requesting an infinite lease as 'reserved.' Reserved leases are equivalent to M-DHCP clients with infinite leases.
  • limit-addrs-per-ia number; - the number specified defines the number of IPv6 addresses that may be simultaneously leased to a given Identity Association (IA). The default is 1.
  • max-lease-time time; - this parameter dictates the maximum time value to be assigned for a lease in seconds. This parameter has no effect on dynamic bootp lease times which are not specified by the client.
  • min-lease-time time; - the minimum time value for a lease in seconds can be configured using this parameter.
  • next-server servername; - this parameter defines the server from which the client should obtain its bootfile as defined in the filename parameter statement described earlier in this section. The servername parameter may be a domain name or IP address.
  • one-lease-per-client flag; - when a client issues a DHCPREQUEST message to request an offered IP address the DHCP server will assign the requested address and any other leases associated with the client will be freed when flag = true. The default flag = false has no effect on existing client leases.
  • ping-check flag; - when flag = true the DHCP server will ping the address to be offered to a client before issuing the offer. If no response is received the offer is delivered; otherwise the address is abandoned and no response is sent to the client.
  • ping-timeout seconds; - the default timeout for the ping-check parameter is one second. An alternative timeout value may be specified using this parameter statement.
  • preferred-lifetime seconds; - this parameter defines the IPv6 address preferred lifetime to be provided clients in seconds.
  • server-identifier address; - this parameter specifies the IP address to be used in the server identifier option (54) and is equivalent to setting this option using the corresponding option statement.
  • server-name name; - the domain name of the DHCP server may be provided to the client by specifying this parameter.
  • site-option-space name; - this parameter enables definition of multiple option parameter interpretations (i.e. option spaces) typically for options in the range of 128-254 that are germane to this 'site' or scope. Since most of these high numbered options may be arbitrarily assigned this parameter enables local interpretation rules.
  • use-lease-addr-for-default-route flag; - this obscure parameter enables the setting of the routers option (default gateway) to the same IP address as that offered to the client when flag = true. This option was developed for early Windows 95 clients and is not recommended.
  • vendor-option-space name; - this parameter enables association of option parameters specified in this scope with those of the defined vendor option space name.

DNS Update Parameters

  • ddns-hostname name; - this parameter defines the hostname (name parameter) associated with the client scope in question. This would generally be defined within a host declaration to pre-define the hostname of a client regardless of its hostname or FQDN option settings.
  • ddns-domainname name; - this parameter defines the domain name (name parameter) to which clients' hostnames will be pre-pended to form the client's FQDN for update processing.
  • ddns-rev-domainname name; - this defines the reverse domain which should be appended to the assigned (and reversed) IP address. The default is 'in-addr.arpa.'.
  • ddns-update-style style; - this parameter dictates whether dynamic updates should be sent to a DNS server. The values of the style parameter are none (no updates) or interim (per the process described previously)[1]. Note that this setting applies to all clients assigned addresses from the server; no scoping of this parameter is enforced.
  • ddns-updates flag; - this parameter dictates whether a DDNS update will be performed within a given scope. If flag = on updates will be performed (default); if flag = off updates will not be performed. To turn off updates for the server use ddns-update-style none; but to turn off for selective scopes use ddns-update-style interim; globally and ddns-updates off; within the respective scopes.
  • do-forward-updates flag; - this parameter is used in the case when DDNS updates are enabled using the interim style globally but forward (A record) updates are to be disabled for particular scopes. Given its applicability only when ddns-updates on; and ddns-update-style interim; are specified flag = on has no real meaning while flag = off turns off A record updating within the scope its defined. Reverse updates are not impacted by this parameter.
  • update-conflict-detection flag; - if the flag is true the server will perform DDNS update using the DHCID process; otherwise the server will perform the update without pre-requisite processing.
  • update-optimization flag; - when flag = true (default) the DHCP server will only update DNS upon lease assignment change or expiration. When flag = false the DHCP server will update DNS at these times and also whenever a client renews its lease.
  • update-static-leases flag; - when flag = true the DHCP server will perform a DNS update for clients specified with a fixed-address statement. ISC recommends using the default flag = false (or omitting the statement altogether) since the DHCP server will update DNS upon each renewal and it will not know when to update upon lease expiration to delete the corresponding resource records.
  • use-host-decl-names flag; - when flag = on then the name used in each host declaration within this scope will be used as the hostname option (12) for the host. This saves having to specify the host-name option within each host declaration by using the name declared in the host name { '¦ } statement.


[1] As mentioned in a prior footnote the value of ad-hoc is no longer valid as this update method has been deprecated.