DHCP 4.3.1 Distribution Documentation Aug 4 14

AugusL-1-2014
!"#$ &'()'( *+,+-

lSC uPC Server
Page 1 of 56
1A8LL Cl CCn1Ln1S
Introduct|on ........................................................................................................................... 3
Setup ...................................................................................................................................... 3
Us|ng the DnC D|str|but|on ............................................................................................................. 4
llrewall 8ules ........................................................................................................................................ 4
arLlal Servers ....................................................................................................................................... 4
Llnux .................................................................................................................................................... 3
SCC ....................................................................................................................................................... 7
P-ux ................................................................................................................................................... 7
lree8Su ................................................................................................................................................ 7
Solarls ................................................................................................................................................... 7
Alx ........................................................................................................................................................ 9
MacCS x ............................................................................................................................................... 9
Cverv|ew of Server Cperat|on .............................................................................................. 10
In|t|a||z|ng the Lease Database ........................................................................................................ 11
Command L|ne ............................................................................................................................... 11
Command Llne CpLlons ...................................................................................................................... 11
Modlfylng defaulL flle locaLlons: ......................................................................................................... 12
Understand|ng DnCD Cperat|on ......................................................................................... 13
Dynam|c Address A||ocat|on ........................................................................................................... 13
I Address Conf||ct revent|on ........................................................................................................ 14
Conf|gur|ng dhcpd ................................................................................................................ 14
Lxamp|e Conf|gurat|on ................................................................................................................... 16
Address oo|s ................................................................................................................................. 19
Subnets .......................................................................................................................................... 20
Lease Lengths ................................................................................................................................. 20
8CC1 Support .............................................................................................................................. 21
Cpt|ons .......................................................................................................................................... 21
oo| Ut|||zat|on ............................................................................................................................... 22
C||ent C|ass|ng ................................................................................................................................ 22
Subclasses ........................................................................................................................................... 23
er-Class LlmlLs on uynamlc Address AllocaLlon ................................................................................ 24
Spawnlng Classes ................................................................................................................................ 24
Comblnlng MA1CP, MA1CP ll, and SAWn Wl1P ............................................................................. 23
Cond|t|ona| 8ehav|or ............................................................................................................ 2S
CondlLlonal 8ehavlor: ll ..................................................................................................................... 26
CondlLlonal 8ehavlor: SwlLch ............................................................................................................. 27
Understand|ng the Lease I||e ................................................................................................ 28
lSC uPC Server
Page 2 of 56
Common statements for Lease Dec|arat|ons ................................................................................... 28
uaLes ................................................................................................................................................... 28
Ceneral varlables ............................................................................................................................... 29
uunS varlables ................................................................................................................................... 29
LxecuLable SLaLemenLs ....................................................................................................................... 30
1he DnCv4 Lease Dec|arat|on ....................................................................................................... 30
1nL DnCv6 Lease (IA) Dec|arat|on ................................................................................................. 32
1nL Ia||over eer State Dec|arat|on ................................................................................................ 33
DnC Ia||over ....................................................................................................................... 33
lallover SLarLup .................................................................................................................................. 34
Conflgurlng lallover ........................................................................................................................... 34
Dynam|c DNS Updates .......................................................................................................... 40
1he unS updaLe Scheme .................................................................................................................... 40
uynamlc unS updaLe SecurlLy ........................................................................................................... 42
CMAI .................................................................................................................................. 44
1PL Lease Cb[ecL ................................................................................................................................ 44
1he PosL Cb[ecL .................................................................................................................................. 46
1he Croup Cb[ecL ............................................................................................................................... 47
1he ConLrol Cb[ecL ............................................................................................................................. 47
1he lallover-sLaLe Cb[ecL ................................................................................................................... 47
Supported DnC Cpt|ons ...................................................................................................... 49
neLWare? /lp CpLlon 1ype 63 Sub-CpLlon Codes .............................................................................. 34
uPC 8elay AgenL CpLlon 82 Sub-CpLlon Codes ................................................................................ 34
uPC Cablelabs CllenL ConflguraLlon CpLlon 122 Sub-CpLlon Codes ................................................ 34
V6 Cpt|ons ..................................................................................................................................... SS
lLLL 802.21 Servlce 1ype CpLlon 34 & 33 (MoS? uPCv6 Address and lCun Sub-CpLlons) ............ 36
n1 server CpLlon 36 sub opLlons ...................................................................................................... 36

lSC uPC Server
Page 3 of 56

ln18CuuC1lCn
1he documenLaLlon for dhcpd, Lhe lSC uPC server, has been assembled from Lhe varlous man pages lncluded ln
Lhe lSC uPC dlsLrlbuLlon and should noL be consldered comprehenslve. lnsLead, lL ls lnLended Lo serve as an
lnLroducLlon and overvlew of lSC uPC - speclflcally, Lhe process of seLLlng up a baslc uPC server. lor a compleLe
llsLlng of supporLed commands and varlables, please consulL Lhe man pages avallable once Lhe sofLware ls
lnsLalled. 1hls documenLaLlon assumes a baslc famlllarlLy wlLh neLworklng and unS.
lSC uPC was orlglnally wrlLLen by 1ed Lemon under a conLracL wlLh vlxle Labs wlLh Lhe goal of belng a compleLe
reference lmplemenLaLlon of Lhe uPC proLocol. lundlng for Lhls pro[ecL was provlded by lnLerneL SysLems
ConsorLlum. 1he flrsL release of Lhe lSC uPC dlsLrlbuLlon ln uecember 1997 lncluded [usL Lhe uPC server.
8elease 2 ln !une 1999 added a uPC cllenL and a 8CC1/uPC relay agenL. uPC 3 was released ln CcLober 2001
and lncluded uPC fallover supporL, CMAl, uynamlc unS, condlLlonal behavlour, cllenL classlng, and more.
verslon 3 of Lhe uPC server was funded by nomlnum, lnc. 1he 4.0 release ln uecember 2007 lnLroduced uPCv6
proLocol supporL for Lhe server and cllenL.
1hls ls lSC uPC 4.3.0. 1he ma[or Lheme for Lhls release ls "lpv6 upllfL", ln whlch we enhance Lhe v6 code Lo
supporL many of Lhe feaLures found ln Lhe v4 code. 1hese lnclude: supporL for v6, supporL for on_commlL,
on_explry and on_release ln v6, supporL for accesslng v6 relay opLlons and beLLer log messages for v6 addresses.
non v6 feaLures lnclude: supporL for Lhe sLandard uunS, beLLer CMAl class and sub-class supporL allowlng for
dynamlc addlLlon and removal of sub-classes, and supporL for uunS wlLhouL zone sLaLemenLs.
ln Lhls release, Lhe uPCv6 server should be fully funcLlonal on Llnux, Solarls, or any 8Su. 1he uPCv6 cllenL should
be slmllarly funcLlonal excepL on Solarls.
1hls verslon of Lhe uPCv4 server has been LesLed on Llnux, Solarls, and lree 8Su. lL may noL work on oLher
plaLforms.
lf you are runnlng Lhe uPC dlsLrlbuLlon on a machlne whlch ls a flrewall, or lf Lhere ls a flrewall beLween your
uPC server(s) and uPC cllenLs, please read Lhe secLlon on flrewalls whlch appears laLer ln Lhls documenL.
lf you wlsh Lo run Lhe uPC ulsLrlbuLlon on Llnux, please see Lhe Llnux-speclflc noLes laLer ln Lhls documenL. lf you
wlsh Lo run on an SCC release, please see Lhe SCC-speclflc noLes laLer ln Lhls documenL. ?ou parLlcularly need Lo
read Lhese noLes lf you lnLend Lo supporL Wlndows 93 cllenLs. lf you are runnlng P-ux or ulLrlx, please read Lhe
noLes for Lhose operaLlng sysLems below.
lf you sLarL dhcpd and geL a message, "no free bpf", LhaL means you need Lo conflgure Lhe 8erkeley ackeL lllLer
lnLo your operaLlng sysLem kernel. Cn neL8Su, lree8Su and 8Su/os, Lype ``man bpf'' for lnformaLlon. Cn ulglLal
unlx, Lype ``man pfllL''.
SL1u
1o download lSC uPC, please vlslL hLLp://www.lsc.org/downloads/
1o bulld Lhe uPC ulsLrlbuLlon, you musL flrsL unpack Lhe compressed Lar flle. ?ou can use Lhe Lar uLlllLy and Lhe
gzlp command - Lype someLhlng llke:
lSC uPC Server
Page 4 of 56
gunz|p dhcp-4.3.0.tar.gz tar xvf dhcp-4.3.0.tar

now, cd Lo Lhe dhcp-4.3.0 subdlrecLory LhaL you've [usL creaLed and conflgure Lhe source Lree by Lyplng:
.]conf|gure

lf Lhe conflgure uLlllLy can flgure ouL whaL sorL of sysLem you're runnlng on, lL wlll creaLe a cusLom Makeflle for you
for LhaL sysLem, oLherwlse, lL wlll complaln. lf lL can'L flgure ouL whaL sysLem you are uslng, LhaL sysLem ls noL
supporLed - you are on your own.
Several opLlons may be enabled or dlsabled vla Lhe conflgure command. ?ou can geL a llsL of Lhese by Lyplng:
.]conf|gure --he|p

Cnce you've run conflgure, [usL Lype make", and afLer a whlle you should have a dhcp server. lf you geL warnlngs,
lL's noL llkely Lo be a problem - Lhe uPC server complles compleLely warnlng-free on as many archlLecLures as we
can manage, buL Lhere are a few for whlch Lhls ls dlfflculL. lf you geL errors on a sysLem noL menLloned above, you
wlll need Lo do some programmlng or debugglng on your own Lo geL Lhe uPC ulsLrlbuLlon worklng.
Cnce you have successfully goLLen Lhe uPC ulsLrlbuLlon Lo bulld, you can lnsLall lL by Lyplng make lnsLall". lf you
already have an old verslon of Lhe uPC ulsLrlbuLlon lnsLalled, you may wanL Lo save lL before Lyplng make
lnsLall".
uSl nC 1PL uPC ul S18l 8u1l Cn
ll 8LWALL 8uLLS
lf you are runnlng Lhe uPC server or cllenL on a compuLer LhaL's also acLlng as a flrewall, you musL be sure Lo
allow uPC packeLs Lhrough Lhe flrewall. ln parLlcular, your flrewall rules _musL_ allow packeLs from l address
0.0.0.0 Lo l address 233.233.233.233 from uu porL 68 Lo uu porL 67 Lhrough. 1hey musL also allow packeLs
from your local flrewall's l address and uu porL 67 Lhrough Lo any address your uPC server mlghL serve on uu
porL 68. llnally, packeLs from relay agenLs on porL 67 Lo Lhe uPC server on porL 67, and vlce versa, musL be
permlLLed.
We have noLlced LhaL on some sysLems where we are uslng a packeL fllLer, lf you seL up a flrewall LhaL blocks uu
porL 67 and 68 enLlrely, packeLs senL Lhrough Lhe packeL fllLer wlll noL be blocked. Powever, unlcasL packeLs wlll be
blocked. 1hls can resulL ln sLrange behavlour, parLlcularly on uPC cllenLs, where Lhe lnlLlal packeL exchange ls
broadcasL, buL renewals are unlcasL - Lhe cllenL wlll appear Lo be unable Lo renew unLll lL sLarLs broadcasLlng lLs
renewals, and Lhen suddenly lL'll work. 1he flx ls Lo flx Lhe flrewall rules as descrlbed above.
A81l AL SL8vL8S
lf you have a server LhaL ls connecLed Lo Lwo neLworks, and you only wanL Lo provlde uPC servlce on one of Lhose
neLworks (e.g., you are uslng a cable modem and have seL up a nA1 rouLer), lf you don'L wrlLe any subneL
declaraLlon for Lhe neLwork you aren'L supporLlng, Lhe uPC server wlll lgnore lnpuL on LhaL neLwork lnLerface lf lL
can. lf lL can'L, lL wlll refuse Lo run - some operaLlng sysLems do noL have Lhe capablllLy of supporLlng uPC on
lSC uPC Server
Page 5 of 56
machlnes wlLh more Lhan one lnLerface, and lronlcally Lhls ls Lhe case even lf you don'L wanL Lo provlde uPC
servlce on one of Lhose lnLerfaces.
Ll nux
1here are Lhree blg Llnux lssues: Lhe all-ones broadcasL address, Llnux 2.1 lp_booLp_agenL enabllng, and
operaLlons wlLh more Lhan one neLwork lnLerface. 1here are also Lwo poLenLlal compllaLlon/runLlme problems for
Llnux 2.1/2.2: Lhe "SC_A11ACP_llL1L8 undeclared" problem and Lhe "proLocol noL conflgured" problem.
Llnux: 8C1CCCL nC1 CCnllCu8Lu
lf you geL Lhe followlng message, lL's because your kernel doesn'L have Lhe llnux packeLfllLer or raw packeL sockeL
conflgured:
Make sure CCNIIG_ACkL1 (acket socket) and CCNIIG_IIL1Lk (Socket I||ter|ng) are enab|ed |n your kerne|
conf|gurat|on

lf Lhls happens, you need Lo conflgure your Llnux kernel Lo supporL SockeL lllLerlng and Lhe ackeL sockeL, or Lo
selecL a kernel provlded by your Llnux dlsLrlbuLlon LhaL has Lhese enabled (vlrLually all modern ones do by defaulL).
Llnux: 88CAuCAS1
lf you are runnlng a recenL verslon of Llnux, Lhls won'L be a problem, buL on older verslons of Llnux (kernel verslons
prlor Lo 2.2), Lhere ls a poLenLlal problem wlLh Lhe broadcasL address belng senL lncorrecLly.
ln order for dhcpd Lo work correcLly wlLh plcky uPC cllenLs (e.g., Wlndows 93), lL musL be able Lo send packeLs
wlLh an l desLlnaLlon address of 233.233.233.233. unforLunaLely, Llnux changes an l desLlnaLlon of
233.233.233.233 lnLo Lhe local subneL broadcasL address (here, LhaL's 192.3.3.223).
1hls lsn'L generally a problem on Llnux 2.2 and laLer kernels, slnce we compleLely bypass Lhe Llnux l sLack, buL on
old verslons of Llnux 2.1 and all verslons of Llnux prlor Lo 2.1, lL ls a problem - plckler uPC cllenLs connecLed Lo Lhe
same neLwork as Lhe lSC uPC server or lSC relay agenL wlll noL see messages from Lhe uPC server. lL *ls*
posslble Lo run lnLo Lrouble wlLh Lhls on Llnux 2.2 and laLer lf you are runnlng a verslon of Lhe uPC server LhaL was
complled on a Llnux 2.0 sysLem, Lhough.
lL ls posslble Lo work around Lhls problem on some verslons of Llnux by creaLlng a hosL rouLe from your neLwork
lnLerface address Lo 233.233.233.233. 1he command you need Lo use Lo do Lhls on Llnux varles from verslon Lo
verslon. 1he easlesL verslon ls:
route add -host 2SS.2SS.2SS.2SS dev eth0

Cn some older Llnux sysLems, you wlll geL an error lf you Lry Lo do Lhls. Cn Lhose sysLems, Lry addlng Lhe followlng
enLry Lo your /eLc/hosLs flle:
2SS.2SS.2SS.2SS a||-ones

1hen, Lry:
lSC uPC Server
Page 6 of 56
route add -host a||-ones dev eth0

AnoLher rouLe LhaL has worked for some users ls:
route add -net 2SS.2SS.2SS.0 dev eth0

lf you are noL uslng eLh0 as your neLwork lnLerface, you should speclfy Lhe neLwork lnLerface you *are* uslng ln
your rouLe command.
Llnux: l 8CC1 ACLn1
Some verslons of Lhe Llnux 2.1 kernel apparenLly prevenL dhcpd from worklng unless you enable lL by dolng Lhe
followlng:
echo 1 >]proc]sys]net]|pv4]|p_bootp_agent

Llnux: MuL1lLL ln1L8lACLS
very old verslons of Lhe Llnux kernel do noL provlde a neLworklng Al LhaL allows dhcpd Lo operaLe correcLly lf Lhe
sysLem has more Lhan one broadcasL neLwork lnLerface. Powever, Llnux 2.0 kernels wlLh verslon numbers greaLer
Lhan or equal Lo 2.0.31 add an Al feaLure: Lhe SC_8lnu1CuLvlCL sockeL opLlon. lf SC_8lnu1CuLvlCL ls presenL,
lL ls posslble for dhcpd Lo operaLe on Llnux wlLh more Lhan one neLwork lnLerface. ln order Lo Lake advanLage of
Lhls, you musL be runnlng a 2.0.31 or greaLer kernel, and you musL have 2.0.31 or laLer sysLem headers lnsLalled
*before* you bulld Lhe uPC ulsLrlbuLlon.
We have heard reporLs LhaL you musL sLlll add rouLes Lo 233.233.233.233 ln order for Lhe all-ones broadcasL Lo
work, even on 2.0.31 kernels. ln facL, you now need Lo add a rouLe for each lnLerface. Popefully Lhe Llnux kernel
gurus wlll geL Lhls sLralghL evenLually.
Llnux 2.1 and laLer kernels do noL use SC_8lnu1CuLvlCL or requlre Lhe broadcasL address hack, buL do supporL
mulLlple lnLerfaces, uslng Lhe Llnux ackeL lllLer.
Llnux: CLnW81
uPC 4.1 has been LesLed on CpenWrL 7.09 and 8.09. ln keeplng wlLh sLandard pracLlce, cllenL/scrlpLs now
lncludes a dhcllenL-scrlpL flle for CpenWrL. Powever, Lhls ls noL sufflclenL by lLself Lo run dhcp on CpenWrL, a full
CpenWrL package for uPC ls avallable aL fLp://fLp.lsc.org/lsc/dhcp/dhcp-4.1.0-openwrL.Lar.gz
Llnux: 802.1C vLAn ln1L8lACLS
lf you're uslng 802.1q vlan lnLerfaces on Llnux, lL ls necessary Lo vconflg Lhe sublnLerface(s) Lo rewrlLe Lhe 802.1q
lnformaLlon ouL of packeLs recelved by Lhe dhcpd daemon vla Ll:
vconf|g set_f|ag eth1.S23 1 1

noLe LhaL Lhls may affecL Lhe performance of your sysLem, slnce Lhe Llnux kernel musL rewrlLe packeLs recelved vla
Lhls lnLerface. lor more lnformaLlon, consulL Lhe vconflg man pages.
lSC uPC Server
Page 7 of 56
SCC
lSC uPC wlll now work correcLly on newer verslons of SCC ouL of Lhe box (LesLed on CpenServer 3.03b, assumed
Lo work on unlxWare 7).
Clder verslons of SCC have Lhe same problem as Llnux (descrlbed earller). 1he Lhlng ls, SCC *really* doesn'L wanL
Lo leL you add a hosL rouLe Lo Lhe all-ones broadcasL address.
?ou can Lry Lhe followlng:
|fconf|g net0 xxx.xxx.xxx.xxx netmask 0xNNNNNNNN broadcast 2SS.2SS.2SS.2SS

lf Lhls doesn'L work, you can also Lry Lhe followlng sLrange hack:
|fconf|g net0 a||as 10.1.1.1 netmask 8.0.0.0

ApparenLly Lhls works because of an lnLeracLlon beLween SCC's supporL for neLwork classes and Lhe welrd
neLmask. 1he 10.* neLwork ls [usL a dummy LhaL can generally be assumed Lo be safe. uon'L ask why Lhls works.
!usL Lry lL. lf lL works for you, greaL.
P-ux
P-ux has Lhe same problem wlLh Lhe all-ones broadcasL address LhaL SCC and Llnux have. Cne user reporLed LhaL
addlng Lhe followlng Lo /eLc/rc.conflg.d/neLconf helped (you may have Lo modlfy Lhls Lo sulL your local
conflguraLlon):
IN1LkIACL_NAML[0]=|an0 I_ADDkLSS[0]=1.1.1.1 SU8NL1_MASk[0]=2SS.2SS.2SS.0
8kCADCAS1_ADDkLSS[0]="2SS.2SS.2SS.2SS" LANCCNIIG_AkGS[0]="ether" DnC_LNA8LL[0]=0
l8LL8Su
verslons of lree8Su prlor Lo 2.2 have a bug ln 8l supporL ln LhaL Lhe eLherneL drlver swaps Lhe eLherLype fleld ln
Lhe eLherneL header downsLream from 8l, whlch corrupLs Lhe ouLpuL packeL. lf you are runnlng a verslon of
lree8Su prlor Lo 2.2, and you flnd LhaL dhcpd can'L communlcaLe wlLh lLs cllenLs, you should #deflne
88CkLn_l8LL8Su_8l ln slLe.h and recomplle.
Modern verslons of lree8Su lnclude Lhe lSC uPC 3.0 cllenL as parL of Lhe base sysLem, and Lhe full dlsLrlbuLlon
(for Lhe uPC server and relay agenL) ls avallable from Lhe orLs CollecLlon ln /usr/porLs/neL/lsc-dhcp3, or as a
package on lree8Su lnsLallaLlon Cu8CMs.
SCLA8l S
1here are Lwo known lssues seen when complllng uslng Lhe Sun compller.
1he flrsL ls LhaL older Sun compllers generaLe an error on some of our uses of Lhe flexlble array opLlon. newer
verslons only generaLe a warnlng, whlch can be safely lgnored. lf you run lnLo Lhls error ("Lype of sLrucL member
"buf" can noL be derlved from sLrucLure wlLh flexlble array member"), upgrade your Lools Lo Cracle Solarls SLudlo
(prevlously Sun SLudlo) 12 or someLhlng newer.
lSC uPC Server
Page 8 of 56
1he second ls Lhe lnLeracLlon beLween Lhe conflgure scrlpL and Lhe makeflles for Lhe 8lnd llbrarles. CurrenLly we
don'L pass all envlronmenL varlables beLween Lhe uPC conflgure and Lhe 8lnd conflgure.
lf you aLLempL Lo speclfy Lhe compller you wlsh Lo use llke Lhls:
CC=]opt]SUNWspro]b|n]cc .]conf|gure

"make" may noL bulld Lhe 8lnd llbrarles wlLh LhaL compller.
ln order Lo use Lhe same compller for 8lnd and uPC we suggesL Lhe followlng commands:
CC=]opt]SUNWspro]b|n]cc .]conf|gure CC=]opt]SUNWspro]b|n]cc make
SCLA8lS 11
We have lnLegraLed a paLch from Cracle Lo use sockeLs lnsLead of uLl on Solarls 11. 1hls funcLlonallLy was wrlLLen
for use wlLh Solarls SLudlo 12.2 and requlres Lhe sysLem/header package.
8y defaulL Lhls code ls dlsabled ln order Lo mlnlmlze dlsrupLlons for currenL users. ln order Lo enable Lhls code you
wlll need Lo enable boLh uSL_SCCkL1S and uSL_v4_k1lnlC as parL of Lhe conflguraLlon sLep. 1he command llne
would be someLhlng llke:
.]conf|gure --enab|e-use-sockets --enab|e-|pv4-pkt|nfo

SCLA8lS 11 Anu A1l
We have reporLs LhaL A1l 0.13 and 0.16 do noL bulld on Solarls 11. 1he followlng changes Lo Lhe A1l source code
appear Lo flx Lhls lssue:
d|ff -ru atf-0.1S]atf-c]tp_test.c atf-0.1S-patched]atf-c]tp_test.c --- atf-0.1S]atf-c]tp_test.c 2011-12-06
06:31:11.000000000 +0100 +++ atf-0.1S-patched]atf-c]tp_test.c 2012-06-19 1S:S4:S7.000000000 +0200 QQ -
28,6 +28,7 QQ *]
#|nc|ude <str|ng.h> +#|nc|ude <std|o.h> #|nc|ude <un|std.h>
#|nc|ude <atf-c.h>
d|ff -ru atf-0.1S]atf-run]requ|rements.cpp atf-0.1S-patched]atf-run]requ|rements.cpp --- atf-0.1S]atf-
run]requ|rements.cpp 2012-01-13 20:44:2S.000000000 +0100 +++ atf-0.1S-patched]atf-run]requ|rements.cpp
2012-06-19 1S:41:S1.000000000 +0200 QQ -29,7 +29,7 QQ
extern "C" { #|nc|ude <sys]param.h> -#|nc|ude <sys]sysct|.h> +]]#|nc|ude <sys]sysct|.h> }
#|nc|ude <cerrno>

C1PL8 SCLA8lS l1LMS
Cne problem whlch has been observed and ls noL flxed ln Lhls paLchlevel has Lo do wlLh uslng uLl on Solarls
machlnes. 1he sympLom of Lhls problem ls LhaL Lhe uPC server never recelves any requesLs. 1hls has been
observed wlLh Solarls 2.6 and Solarls 7 on lnLel x86 sysLems, alLhough lL may occur wlLh oLher sysLems as well. lf
you encounLer Lhls sympLom, and you are runnlng Lhe uPC server on a machlne wlLh a slngle broadcasL neLwork
lnLerface, you may wlsh Lo edlL Lhe lncludes/slLe.h flle and uncommenL Lhe #deflne uSL_SCCkL1S llne. 1hen Lype
lSC uPC Server
Page 9 of 56
``make clean, make''. As an alLernaLlve workaround, lL has been reporLed LhaL runnlng 'snoop' wlll cause Lhe dhcp
server Lo sLarL recelvlng packeLs. So Lhe pracLlce reporLed Lo us ls Lo run snoop aL dhcpd sLarLup Llme, wlLh
argumenLs Lo cause lL Lo recelve one packeL and exlL.
snoop -c 1 udp port 67 > ]dev]nu|| &

1he uPC cllenL on Solarls wlll only work wlLh uLl. lf you run lL and lL [usL keeps saylng lL's sendlng uPC8LCuLS1
packeLs, buL never geLs a response, you may be havlng uLl Lrouble as descrlbed above. lf so, we have no soluLlon
Lo offer aL Lhls Llme, aslde from Lhe above workaround whlch should also work here. Also, because Solarls requlres
you Lo "plumb" an lnLerface before lL can be deLecLed by Lhe uPC cllenL, you musL elLher speclfy Lhe name(s) of
Lhe lnLerface(s) you wanL Lo conflgure on Lhe command llne, or musL plumb Lhe lnLerfaces prlor Lo lnvoklng Lhe
uPC cllenL. 1hls can be done wlLh ``lfconflg lface plumb'', where lface ls Lhe name of Lhe lnLerface (e.g., ``lfconflg
hme0 plumb'').
lL should be noLed LhaL Solarls verslons from 2.6 onward lnclude a uPC cllenL LhaL you can run wlLh
``/sbln/lfconflg lface dhcp sLarL'' raLher Lhan uslng Lhe lSC uPC cllenL, lncludlng uPCv6. ConsequenLly, we don'L
belleve Lhere ls a need for Lhe cllenL Lo run on Solarls, and have noL englneered Lhe needed uPCv6 modlflcaLlons
for Lhe dhcllenL-scrlpL. lf you feel Lhls ls ln error, or have a need, please conLacL us.
Al x
1he Alx supporL uses Lhe 8Su sockeL Al, whlch cannoL dlfferenLlaLe on whlch neLwork lnLerface a broadcasL
packeL was recelved, Lhus Lhe uPC server and relay wlll work only on a slngle lnLerface. (1hey do work on mulLl-
lnLerface machlnes lf conflgured Lo llsLen on only one of Lhe lnLerfaces.)
We have reporLs of Wlndows x cllenLs havlng dlfflculLy reLrlevlng addresses from a server runnlng on an Alx
machlne. 1hls lssue was Lraced Lo Lhe cllenL requlrlng messages be senL Lo Lhe all ones broadcasL address
(233.233.233.233) whlle Lhe Alx server was sendlng Lo 192.168.0.233.
?ou may be able Lo solve Lhls by lncludlng a relay beLween Lhe cllenL and server wlLh Lhe relay conflgured Lo use a
broadcasL of all-ones.
A second opLlon LhaL worked for Alx 3.1 buL doesn'L seem Lo work for Alx 3.3 was Lo: creaLe a hosL flle enLry for
all-ones (233.233.233.233) and Lhen add a rouLe: rouLe add -hosL all-ones -lnLerface <local-lp-address>
1he lSC uPC dlsLrlbuLlon does noL lnclude a dhcllenL-scrlpL for Alx-- Alx comes wlLh a uPC cllenL. ConLrlbuLlon of
a worklng dhcllenL-scrlpL for Alx would be welcome.
MACCS x
1he MacCS x sysLem uses a 1C/l sLack derlved from lree8Su wlLh a user-frlendly lnLerface named Lhe SysLem
ConflguraLlon lramework. As lL lncludes a bullLln uPCv4 cllenL (you are beLLer [usL uslng LhaL), Lhls LexL ls only
abouL Lhe uPCv6 cllenL (``dhcllenL -6 ...''). 1he unS conflguraLlon (domaln search llsL and name servers'
addresses) ls managed by a SysLem ConflguraLlon agenL, noL by /eLc/resolv.conf (whlch ls a llnk Lo
/var/run/resolv.conf, whlch lLself only reflecLs Lhe lnLernal sLaLe, Lhe SysLem ConflguraLlon framework's uynamlc
SLore).
lSC uPC Server
Page 10 of 56
1hls means LhaL modlfylng resolv.conf dlrecLly doesn'L have Lhe lnLended effecL, lnsLead Lhe macos scrlpL sample
creaLes lLs own resolv.conf.dhcllenL6 ln /var/run, and lnserLs Lhe conLenLs of Lhls flle lnLo Lhe uynamlc SLore.
When updaLlng Lhe address conflguraLlon Lhe SysLem ConflguraLlon framework expecLs Lhe preflx and a defaulL
rouLer along wlLh Lhe conflgured address. As Lhls exLra lnformaLlon ls noL avallable vla Lhe uPCv6 proLocol Lhe
SysLem ConflguraLlon framework lsn'L usable for address conflguraLlon, lnsLead lfconflg ls used dlrecLly.
noLe Lhe uynamlc SLore (from whlch /var/run/resolv.conf ls bullL) ls recompuLed from scraLch when Lhe currenL
locaLlon/seL ls changed. 8unnlng Lhe dhcllenL-scrlpL relnsLalls Lhe resolv.conf.dhcllenL6 conflguraLlon.

CvL8vlLW Cl SL8vL8 CL8A1lCn
1he uPC proLocol allows a hosL Lo conLacL a cenLral server whlch malnLalns a llsL of l addresses whlch may be
asslgned on one or more subneLs. A uPC cllenL may requesL an address from Lhls pool, and Lhen use lL on a
Lemporary basls for communlcaLlon on neLwork. 1he uPC proLocol also provldes a mechanlsm whereby a cllenL
can learn lmporLanL deLalls abouL Lhe neLwork Lo whlch lL ls aLLached, such as Lhe locaLlon of a defaulL rouLer, Lhe
locaLlon of a name server, and so on.
1here are Lwo verslons of Lhe uPC proLocol: uPCv4 and uPCv6. AL sLarLup Lhe cllenL may be sLarLed for one or
Lhe oLher vla Lhe -4 or -6 opLlons.
Cn sLarLup, dhcllenL reads Lhe dhcllenL.conf for conflguraLlon lnsLrucLlons. lL Lhen geLs a llsL of all Lhe neLwork
lnLerfaces LhaL are conflgured ln Lhe currenL sysLem. lor each lnLerface, lL aLLempLs Lo conflgure Lhe lnLerface uslng
Lhe uPC proLocol.
ln order Lo keep Lrack of leases across sysLem rebooLs and server resLarLs, dhcllenL keeps a llsL of leases lL has been
asslgned ln Lhe dhcllenL.leases flle. Cn sLarLup, afLer readlng Lhe dhcllenL.conf flle, dhcllenL reads Lhe
dhcllenL.leases flle Lo refresh lLs memory abouL whaL leases lL has been asslgned.
When a new lease ls acqulred, lL ls appended Lo Lhe end of Lhe dhcllenL.leases flle. ln order Lo prevenL Lhe flle from
becomlng arblLrarlly large, from Llme Lo Llme dhcllenL creaLes a new dhcllenL.leases flle from lLs ln-core lease
daLabase. 1he old verslon of Lhe dhcllenL.leases flle ls reLalned under Lhe name dhcllenL.leases~ unLll Lhe nexL Llme
dhcllenL rewrlLes Lhe daLabase.
Cld leases are kepL around ln case Lhe uPC server ls unavallable when dhcllenL ls flrsL lnvoked (generally durlng
Lhe lnlLlal sysLem booL process). ln LhaL evenL, old leases from Lhe dhcllenL.leases flle whlch have noL yeL explred
are LesLed, and lf Lhey are deLermlned Lo be valld, Lhey are used unLll elLher Lhey explre or Lhe uPC server
becomes avallable.
A moblle hosL whlch may someLlmes need Lo access a neLwork on whlch no uPC server exlsLs may be preloaded
wlLh a lease for a flxed address on LhaL neLwork. When all aLLempLs Lo conLacL a uPC server have falled, dhcllenL
wlll Lry Lo valldaLe Lhe sLaLlc lease, and lf lL succeeds, wlll use LhaL lease unLll lL ls resLarLed.
A moblle hosL may also Lravel Lo some neLworks on whlch uPC ls noL avallable buL 8CC1 ls. ln LhaL case, lL may
be advanLageous Lo arrange wlLh Lhe neLwork admlnlsLraLor for an enLry on Lhe 8CC1 daLabase, so LhaL Lhe hosL
can booL qulckly on LhaL neLwork raLher Lhan cycllng Lhrough Lhe llsL of old leases.
lSC uPC Server
Page 11 of 56
1hls server also provldes 8CC1 supporL. unllke uPC, Lhe 8CC1 proLocol does noL provlde a proLocol for
recoverlng dynamlcally asslgned addresses once Lhey are no longer needed. lL ls sLlll posslble Lo dynamlcally asslgn
addresses Lo 8CC1 cllenLs, buL some admlnlsLraLlve process for reclalmlng addresses ls requlred. 8y defaulL,
leases are granLed Lo 8CC1 cllenLs ln perpeLulLy, alLhough Lhe neLwork admlnlsLraLor may seL an earller cuLoff
daLe or a shorLer lease lengLh for 8CC1 leases lf LhaL makes sense.
8CC1 cllenLs may also be served ln Lhe old sLandard way, whlch ls Lo slmply provlde a declaraLlon ln Lhe
dhcpd.conf flle for each 8CC1 cllenL, permanenLly asslgnlng an address Lo each cllenL.
Whenever changes are made Lo Lhe dhcpd.conf flle, dhcpd musL be resLarLed. 1o resLarL dhcpd, send a SlC1L8M
(slgnal 13) Lo Lhe process lu conLalned ln kUNDIk]dhcpd.p|d , and Lhen re-lnvoke dhcpd. 8ecause Lhe uPC
server daLabase ls noL as llghLwelghL as a 8CC1 daLabase, dhcpd does noL auLomaLlcally resLarL lLself when lL sees
a change Lo Lhe dhcpd.conf flle.
l nl 1l ALl Zl nC 1PL LLASL uA1A8ASL
1he lnLerneL SysLems ConsorLlum uPC Server keeps a perslsLenL daLabase of leases LhaL lL has asslgned. 1hls
daLabase ls a free-form ASCll flle conLalnlng a serles of lease declaraLlons. Lvery Llme a lease ls acqulred, renewed
or released, lLs new value ls recorded aL Lhe end of Lhe lease flle. So lf more Lhan one declaraLlon appears for a
glven lease, Lhe lasL one ln Lhe flle ls Lhe currenL one.
When dhcpd ls flrsL lnsLalled, Lhere ls no lease daLabase. Powever, dhcpd requlres LhaL a lease daLabase be presenL
before lL wlll sLarL. 1o make Lhe lnlLlal lease daLabase, [usL creaLe an empLy flle called u8ul8/dhcpd.leases. ?ou can
do Lhls wlLh:
touch D8DIk]dhcpd.|eases
ln order Lo prevenL Lhe lease daLabase from growlng wlLhouL bound, Lhe flle ls rewrlLLen from Llme Lo Llme. llrsL, a
Lemporary lease daLabase ls creaLed and all known leases are dumped Lo lL. 1hen, Lhe old lease daLabase ls
renamed D8DIk]dhcpd.|eases~. llnally, Lhe newly wrlLLen lease daLabase ls moved lnLo place.
ln order Lo process boLh uPCv4 and uPCv6 messages you wlll need Lo run Lwo separaLe lnsLances of Lhe dhcpd
process. Lach of Lhese lnsLances wlll need lL's own lease flle. ?ou can use Lhe \I-|\opLlon on Lhe server's command
llne Lo speclfy a dlfferenL lease flle name for one or boLh servers.
CCMMAnu Ll nL
1he names of Lhe neLwork lnLerfaces on whlch dhcpd should llsLen for broadcasLs may be speclfled on Lhe
command llne. 1hls should be done on sysLems where dhcpd ls unable Lo ldenLlfy non-broadcasL lnLerfaces, buL
should noL be requlred on oLher sysLems. lf no lnLerface names are speclfled on Lhe command llne dhcpd wlll
ldenLlfy all neLwork lnLerfaces whlch are up, ellmlnaLlng non-broadcasL lnLerfaces lf posslble, and llsLen for uPC
broadcasLs on each lnLerface.
CCMMAnu Ll nL C1l CnS
-4 8un as a uPC server. 1hls ls Lhe defaulL and cannoL be comblned wlLh \-6
-6 8un as a uPCv6 server. 1hls cannoL be comblned wlLh -4.
lSC uPC Server
Page 12 of 56
-p \ !"#$ 1he udp porL number on whlch dhcpd should llsLen. lf unspeclfled dhcpd uses Lhe defaulL porL of
67. 1hls ls mosLly useful for debugglng purposes.
-s \ address Speclfy an address or hosL name Lo whlch dhcpd should send replles raLher Lhan Lhe broadcasL
address (233.233.233.233). 1hls opLlon ls only supporLed ln lv4.
-f lorce dhcpd Lo run as a foreground process lnsLead of as a daemon ln Lhe background. 1hls ls
useful when runnlng dhcpd under a debugger, or when runnlng lL ouL of lnlLLab on SysLem v sysLems.
-d Send log messages Lo Lhe sLandard error descrlpLor. 1hls can be useful for debugglng, and also aL
slLes where a compleLe log of all dhcp acLlvlLy musL be kepL buL syslogd ls noL rellable or oLherwlse cannoL be used.
normally, dhcpd wlll log all ouLpuL uslng Lhe syslog(3) funcLlon wlLh Lhe log faclllLy seL Lo LCC_uALMCn. noLe LhaL
\-d lmplles\-f (Lhe daemon wlll noL fork lLself lnLo Lhe background).
-q 8e quleL aL sLarLup. 1hls suppresses Lhe prlnLlng of Lhe enLlre copyrlghL message durlng sLarLup.
1hls mlghL be deslrable when sLarLlng dhcpd from a sysLem sLarLup scrlpL (e.g., /eLc/rc).
-t 1esL Lhe conflguraLlon flle. 1he server LesLs Lhe conflguraLlon flle for correcL synLax, buL wlll noL
aLLempL Lo perform any neLwork operaLlons. 1hls can be used Lo LesL a new conflguraLlon flle auLomaLlcally before
lnsLalllng lL.
-1 1esL Lhe lease flle. 1he server LesLs Lhe lease flle for correcL synLax, buL wlll noL aLLempL Lo
perform any neLwork operaLlons. 1hls can be used Lo LesL a new lease flle auLomaLlcally before lnsLalllng lL.
-tf \ $#%&'()*' Speclfy a flle lnLo whlch Lhe enLlre sLarLup sLaLe of Lhe server and all Lhe LransacLlons lL processes
are logged. 1hls can be useful ln submlLLlng bug reporLs - lf you are geLLlng a core dump every so ofLen, you can
sLarL Lhe server wlLh Lhe -tf opLlon and Lhen, when Lhe server dumps core, Lhe Lrace flle wlll conLaln all Lhe
LransacLlons LhaL led up Lo lL dumplng core, so LhaL Lhe problem can be easlly debugged wlLh -p|ay.
-p|ay \ !*%+()*'
Speclfy a flle from whlch Lhe enLlre sLarLup sLaLe of Lhe server and all Lhe LransacLlons lL processed are read. 1he -
p|ay opLlon musL be speclfled wlLh an alLernaLe lease flle, uslng Lhe -|f swlLch, so LhaL Lhe uPC server doesn'L wlpe
ouL your exlsLlng lease flle wlLh lLs LesL daLa. 1he uPC server wlll refuse Lo operaLe ln playback mode unless you
speclfy an alLernaLe lease flle.
--vers|on rlnL verslon number and exlL.
MCul l?l nC uLlAuL1 ll LL LCCA1l CnS:
1he followlng opLlons can be used Lo modlfy Lhe locaLlons dhcpd uses for lLs flles. 8ecause of Lhe lmporLance of
uslng Lhe same lease daLabase aL all Llmes when runnlng dhcpd ln producLlon, Lhese opLlons should be used only
for LesLlng lease flles or daLabase flles ln a non-producLlon envlronmenL.
-cf &",()-.()*' aLh Lo alLernaLe conflguraLlon flle.
-|f *'%/'.()*' aLh Lo alLernaLe lease flle.
-pf \ !)0.()*' aLh Lo alLernaLe pld flle.
--no-p|d CpLlon Lo dlsable wrlLlng pld flles. 8y defaulL Lhe program wlll wrlLe a pld flle. lf Lhe program ls
lnvoked wlLh Lhls opLlon lL wlll noL check for an exlsLlng server process.
lSC uPC Server
Page 13 of 56
unuL8S1AnulnC uPCu CL8A1lCn
1he ladder dlagram below ls a slmpllfled plcLure of Lhe uPCv4 lnlLlallzaLlon phase. lL ls slmpllfled because ln Lhls
dlagram, Lhe uPC cllenL ls on Lhe same neLwork segmenL as Lhe uPC server, whereas ln larger neLworks Lhere
would usually be a relay requlred Lo forward Lhe broadcasL messages on Lo Lhe uPC server on anoLher segmenL.
DnCv4 In|t|a||zat|on hase
uPC CllenL uPC Server
ulSCCvL8 (broadcasL)
CllL8
8LCuLS1 (broadcasL
ACknCWLLuCL

u?nAMl C Auu8LSS ALLCCA1l Cn
Address allocaLlon ls only done when a cllenL ls ln Lhe lnl1 sLaLe and has senL a uPCulSCCvL8 message. lf Lhe
cllenL Lhlnks lL has a valld lease and sends a uPC8LCuLS1 Lo lnlLlaLe or renew LhaL lease, Lhe server has only Lhree
cholces - lL can lgnore Lhe uPC8LCuLS1, send a uPCnAk Lo Lell Lhe cllenL lL should sLop uslng Lhe address, or
send a uPCACk, Lelllng Lhe cllenL Lo go ahead and use Lhe address for a whlle.
lf Lhe server flnds Lhe address Lhe cllenL ls requesLlng, and LhaL address ls avallable Lo Lhe cllenL, Lhe server wlll
send a uPCACk. lf Lhe address ls no longer avallable, or Lhe cllenL lsn'L permlLLed Lo have lL, Lhe server wlll send a
uPCnAk. lf Lhe server knows noLhlng abouL Lhe address, lL wlll remaln sllenL, unless Lhe address ls lncorrecL for
Lhe neLwork segmenL Lo whlch Lhe cllenL has been aLLached and Lhe server ls auLhorlLaLlve for LhaL neLwork
segmenL, ln whlch case Lhe server wlll send a uPCnAk even Lhough lL doesn'L know abouL Lhe address.
1here may be a hosL declaraLlon maLchlng Lhe cllenL's ldenLlflcaLlon. lf LhaL hosL declaraLlon conLalns a flxed-
address declaraLlon LhaL llsLs an l address LhaL ls valld for Lhe neLwork segmenL Lo whlch Lhe cllenL ls connecLed.
ln Lhls case, Lhe uPC server wlll never do dynamlc address allocaLlon. ln Lhls case, Lhe cllenL ls requlred Lo Lake
Lhe address speclfled ln Lhe hosL declaraLlon. lf Lhe cllenL sends a uPC8LCuLS1 for some oLher address, Lhe
server wlll respond wlLh a uPCnAk.
When Lhe uPC server allocaLes a new address for a cllenL (remember, Lhls only happens lf Lhe cllenL has senL a
uPCulSCCvL8), lL flrsL looks Lo see lf Lhe cllenL already has a valld lease on an l address, or lf Lhere ls an old l
address Lhe cllenL had before LhaL hasn'L yeL been reasslgned. ln LhaL case, Lhe server wlll Lake LhaL address and
check lL Lo see lf Lhe cllenL ls sLlll permlLLed Lo use lL. lf Lhe cllenL ls no longer permlLLed Lo use lL, Lhe lease ls freed
lf Lhe server LhoughL lL was sLlll ln use - Lhe facL LhaL Lhe cllenL has senL a uPCulSCCvL8 proves Lo Lhe server LhaL
Lhe cllenL ls no longer uslng Lhe lease.
lf no exlsLlng lease ls found, or lf Lhe cllenL ls forbldden Lo recelve Lhe exlsLlng lease, Lhen Lhe server wlll look ln Lhe
llsL of address pools for Lhe neLwork segmenL Lo whlch Lhe cllenL ls aLLached for a lease LhaL ls noL ln use and LhaL
lSC uPC Server
Page 14 of 56
Lhe cllenL ls permlLLed Lo have. lL looks Lhrough each pool declaraLlon ln sequence (all range declaraLlons LhaL
appear ouLslde of pool declaraLlons are grouped lnLo a slngle pool wlLh no permlL llsL). lf Lhe permlL llsL for Lhe pool
allows Lhe cllenL Lo be allocaLed an address from LhaL pool, Lhe pool ls examlned Lo see lf Lhere ls an address
avallable. lf so, Lhen Lhe cllenL ls LenLaLlvely asslgned LhaL address. CLherwlse, Lhe nexL pool ls LesLed. lf no
addresses are found LhaL can be asslgned Lo Lhe cllenL, no response ls senL Lo Lhe cllenL.
lf an address ls found LhaL Lhe cllenL ls permlLLed Lo have, and LhaL has never been asslgned Lo any cllenL before,
Lhe address ls lmmedlaLely allocaLed Lo Lhe cllenL. lf Lhe address ls avallable for allocaLlon buL has been prevlously
asslgned Lo a dlfferenL cllenL, Lhe server wlll keep looklng ln hopes of flndlng an address LhaL has never before
been asslgned Lo a cllenL.
1he uPC server generaLes Lhe llsL of avallable l addresses from a hash Lable. 1hls means LhaL Lhe addresses are
noL sorLed ln any parLlcular order, and so lL ls noL posslble Lo predlcL Lhe order ln whlch Lhe uPC server wlll
allocaLe l addresses. users of prevlous verslons of Lhe lSC uPC server may have become accusLomed Lo Lhe
uPC server allocaLlng l addresses ln ascendlng order, buL Lhls ls no longer posslble, and Lhere ls no way Lo
conflgure Lhls behavlor wlLh verslon 3 of Lhe lSC uPC server.
l Auu8LSS CCnlLl C1 8LvLn1l Cn
1he uPC server checks l addresses Lo see lf Lhey are ln use before allocaLlng Lhem Lo cllenLs. lL does Lhls by
sendlng an lCM Lcho requesL message Lo Lhe l address belng allocaLed. lf no lCM Lcho reply ls recelved wlLhln a
second, Lhe address ls assumed Lo be free. 1hls ls only done for leases LhaL have been speclfled ln range
sLaLemenLs, and only when Lhe lease ls LhoughL by Lhe uPC server Lo be free - l.e., Lhe uPC server or lLs fallover
peer has noL llsLed Lhe lease as ln use.
lf a response ls recelved Lo an lCM Lcho requesL, Lhe uPC server assumes LhaL Lhere ls a conflguraLlon error - Lhe
l address ls ln use by some hosL on Lhe neLwork LhaL ls noL a uPC cllenL. lL marks Lhe address as abandoned, and
wlll noL asslgn lL Lo cllenLs.
lf a uPC cllenL Lrles Lo geL an l address, buL none are avallable, buL Lhere are abandoned l addresses, Lhen Lhe
uPC server wlll aLLempL Lo reclalm an abandoned l address. lL marks one l address as free, and Lhen does Lhe
same lCM Lcho requesL check descrlbed prevlously. lf Lhere ls no answer Lo Lhe lCM Lcho requesL, Lhe address ls
asslgned Lo Lhe cllenL.
1he uPC server does noL cycle Lhrough abandoned l addresses lf Lhe flrsL l address lL Lrles Lo reclalm ls free.
8aLher, when Lhe nexL uPCulSCCvL8 comes ln from Lhe cllenL, lL wlll aLLempL a new allocaLlon uslng Lhe same
meLhod descrlbed here, and wlll Lyplcally Lry a new l address.

CCnllCu8lnC uPCu
1he dhcpd.conf flle conLalns conflguraLlon lnformaLlon for dhcpd, Lhe lnLerneL SysLems ConsorLlum uPC Server.
1he dhcpd.conf flle ls a free-form ASCll LexL flle. lL ls parsed by Lhe recurslve-descenL parser bullL lnLo dhcpd. 1he
flle may conLaln exLra Labs and newllnes for formaLLlng purposes. keywords ln Lhe flle are case-lnsenslLlve.
CommenLs may be placed anywhere wlLhln Lhe flle (excepL wlLhln quoLes). CommenLs begln wlLh Lhe # characLer
and end aL Lhe end of Lhe llne.
lSC uPC Server
Page 15 of 56
1he flle essenLlally conslsLs of a llsL of sLaLemenLs. SLaLemenLs fall lnLo Lwo broad caLegorles - parameLers and
declaraLlons.
arameLer sLaLemenLs elLher say how Lo do someLhlng (e.g., how long a lease Lo offer), wheLher Lo do someLhlng
(e.g., should dhcpd provlde addresses Lo unknown cllenLs), or whaL parameLers Lo provlde Lo Lhe cllenL (e.g., use
gaLeway 220.177.244.7).
ueclaraLlons are used Lo descrlbe Lhe Lopology of Lhe neLwork, Lo descrlbe cllenLs on Lhe neLwork, Lo provlde
addresses LhaL can be asslgned Lo cllenLs, or Lo apply a group of parameLers Lo a group of declaraLlons. ln any
group of parameLers and declaraLlons, all parameLers musL be speclfled before any declaraLlons whlch depend on
Lhose parameLers may be speclfled.
ueclaraLlons abouL neLwork Lopology lnclude Lhe shared-neLwork and Lhe subneL declaraLlons. lf cllenLs on a
subneL are Lo be asslgned addresses dynamlcally, a range declaraLlon musL appear wlLhln Lhe subneL declaraLlon.
lor cllenLs wlLh sLaLlcally asslgned addresses, or for lnsLallaLlons where only known cllenLs wlll be served, each
such cllenL musL have a hosL declaraLlon. lf parameLers are Lo be applled Lo a group of declaraLlons whlch are noL
relaLed sLrlcLly on a per-subneL basls, Lhe group declaraLlon can be used.
lor every subneL whlch wlll be served, and for every subneL Lo whlch Lhe dhcp server ls connecLed, Lhere musL be
one subneL declaraLlon, whlch Lells dhcpd how Lo recognlze LhaL an address ls on LhaL subneL. A subneL declaraLlon
ls requlred for each subneL even lf no addresses wlll be dynamlcally allocaLed on LhaL subneL.
Some lnsLallaLlons have physlcal neLworks on whlch more Lhan one l subneL operaLes. lor example, lf Lhere ls a
slLe-wlde requlremenL LhaL 8-blL subneL masks be used, buL a deparLmenL wlLh a slngle physlcal eLherneL neLwork
expands Lo Lhe polnL where lL has more Lhan 234 nodes, lL may be necessary Lo run Lwo 8-blL subneLs on Lhe same
eLherneL unLll such Llme as a new physlcal neLwork can be added. ln Lhls case, Lhe subneL declaraLlons for Lhese
Lwo neLworks musL be enclosed ln a shared-neLwork declaraLlon.
noLe LhaL even when Lhe shared-neLwork declaraLlon ls absenL, an empLy one ls creaLed by Lhe server Lo conLaln
Lhe subneL (and any scoped parameLers lncluded ln Lhe subneL). lor pracLlcal purposes, Lhls means LhaL "sLaLeless"
uPC cllenLs, whlch are noL Lled Lo addresses (and Lherefore subneLs) wlll recelve Lhe same conflguraLlon as
sLaLeful ones.
Some slLes may have deparLmenLs whlch have cllenLs on more Lhan one subneL, buL lL may be deslrable Lo offer
Lhose cllenLs a unlform seL of parameLers whlch are dlfferenL Lhan whaL would be offered Lo cllenLs from oLher
deparLmenLs on Lhe same subneL. lor cllenLs whlch wlll be declared expllclLly wlLh hosL declaraLlons, Lhese
declaraLlons can be enclosed ln a group declaraLlon along wlLh Lhe parameLers whlch are common Lo LhaL
deparLmenL. lor cllenLs whose addresses wlll be dynamlcally asslgned, class declaraLlons and condlLlonal
declaraLlons may be used Lo group parameLer asslgnmenLs based on lnformaLlon Lhe cllenL sends.
When a cllenL ls Lo be booLed, lLs booL parameLers are deLermlned by consulLlng LhaL cllenL's hosL declaraLlon (lf
any), and Lhen consulLlng any class declaraLlons maLchlng Lhe cllenL, followed by Lhe pool, subneL and shared-
neLwork declaraLlons for Lhe l address asslgned Lo Lhe cllenL. Lach of Lhese declaraLlons lLself appears wlLhln a
lexlcal scope, and all declaraLlons aL less speclflc lexlcal scopes are also consulLed for cllenL opLlon declaraLlons.
Scopes are never consldered Lwlce, and lf parameLers are declared ln more Lhan one scope, Lhe parameLer
declared ln Lhe mosL speclflc scope ls Lhe one LhaL ls used.
lSC uPC Server
Page 16 of 56
When dhcpd Lrles Lo flnd a hosL declaraLlon for a cllenL, lL flrsL looks for a hosL declaraLlon whlch has a flxed-
address declaraLlon LhaL llsLs an l address LhaL ls valld for Lhe subneL or shared neLwork on whlch Lhe cllenL ls
booLlng. lf lL doesn'L flnd any such enLry, lL Lrles Lo flnd an enLry whlch has no flxed-address declaraLlon.
LxAMLL CCnll Cu8A1l Cn
A Lyplcal dhcpd.conf flle wlll look someLhlng llke Lhls:
I|gure 1.

g|oba| parameters...
subnet 204.2S4.239.0 netmask 2SS.2SS.2SS.224 {
subnet-spec|f|c parameters...
range 204.2S4.239.10 204.2S4.239.30,
}

range 204.2S4.239.42 204.2S4.239.62,
}

range 204.2S4.239.74 204.2S4.239.94,
}

group {
group-spec|f|c parameters...
host zappo.test.|sc.org {
host-spec|f|c parameters...
}
host beppo.test.|sc.org {
}
host harpo.test.|sc.org {
}
}

lSC uPC Server
Page 17 of 56
noLlce LhaL aL Lhe beglnnlng of Lhe flle, Lhere's a place for global parameLers. 1hese mlghL be Lhlngs llke Lhe
organlzaLlon's domaln name, Lhe addresses of Lhe name servers (lf Lhey are common Lo Lhe enLlre organlzaLlon),
and so on. So, for example:
I|gure 2.
opt|on doma|n-name "|sc.org",
opt|on doma|n-name-servers ns1.|sc.org, ns2.|sc.org,

As you can see ln llgure 2, you can speclfy hosL addresses ln parameLers uslng Lhelr domaln names raLher Lhan
Lhelr numerlc l addresses. lf a glven hosLname resolves Lo more Lhan one l address (for example, lf LhaL hosL has
Lwo eLherneL lnLerfaces), Lhen where posslble, boLh addresses are supplled Lo Lhe cllenL.
1he mosL obvlous reason for havlng subneL-speclflc parameLers as shown ln llgure 1 ls LhaL each subneL, of
necesslLy, has lLs own rouLer. So for Lhe flrsL subneL, for example, Lhere should be someLhlng llke:
opt|on routers 204.2S4.239.1,

noLe LhaL Lhe address here ls speclfled numerlcally. 1hls ls noL requlred - lf you have a dlfferenL domaln name for
each lnLerface on your rouLer, lL's perfecLly leglLlmaLe Lo use Lhe domaln name for LhaL lnLerface lnsLead of Lhe
numerlc address. Powever, ln many cases Lhere may be only one domaln name for all of a rouLer's l addresses,
and lL would noL be approprlaLe Lo use LhaL name here.
ln llgure 1 Lhere ls also a group sLaLemenL, whlch provldes common parameLers for a seL of Lhree hosLs - zappo,
beppo and harpo. As you can see, Lhese hosLs are all ln Lhe LesL.lsc.org domaln, so lL mlghL make sense for a group-
speclflc parameLer Lo overrlde Lhe domaln name supplled Lo Lhese hosLs:
opt|on doma|n-name "test.|sc.org",

Also, glven Lhe domaln Lhey're ln, Lhese are probably LesL machlnes. lf we wanLed Lo LesL Lhe uPC leaslng
mechanlsm, we mlghL seL Lhe lease LlmeouL somewhaL shorLer Lhan Lhe defaulL:
max-|ease-t|me 120,
defau|t-|ease-t|me 120,

?ou may have noLlced LhaL whlle some parameLers sLarL wlLh Lhe opLlon keyword, some do noL. arameLers
sLarLlng wlLh Lhe opLlon keyword correspond Lo acLual uPC opLlons, whlle parameLers LhaL do noL sLarL wlLh Lhe
opLlon keyword elLher conLrol Lhe behavlor of Lhe uPC server (e.g., how long a lease dhcpd wlll glve ouL), or
speclfy cllenL parameLers LhaL are noL opLlonal ln Lhe uPC proLocol (for example, server-name and fllename).
ln llgure 1, each hosL had hosL-speclflc parameLers. 1hese could lnclude such Lhlngs as Lhe hosLname opLlon, Lhe
name of a flle Lo upload (Lhe fllename parameLer) and Lhe address of Lhe server from whlch Lo upload Lhe flle (Lhe
nexL-server parameLer). ln general, any parameLer can appear anywhere LhaL parameLers are allowed, and wlll be
applled accordlng Lo Lhe scope ln whlch Lhe parameLer appears.
lSC uPC Server
Page 18 of 56
lmaglne LhaL you have a slLe wlLh a loL of nCu x-1ermlnals. 1hese Lermlnals come ln a varleLy of models, and you
wanL Lo speclfy Lhe booL flles for each model. Cne way Lo do Lhls would be Lo have hosL declaraLlons for each
server and group Lhem by model:
group {
f||ename "kncd19r",
next-server ncd-booter,

host ncd1 { hardware ethernet 0:c0:c3:49:2b:S7, }
host ncd4 { hardware ethernet 0:c0:c3:80:fc:32, }
host ncd8 { hardware ethernet 0:c0:c3:22:46:81, }
}

group {
f||ename "kncd19c",

host ncd2 { hardware ethernet 0:c0:c3:88:2d:81, }
}

group {
f||ename "kncdnMk",

host ncd4 { hardware ethernet 0:c0:c3:91:a7:8, }
host ncd8 { hardware ethernet 0:c0:c3:cc:a:8f, }
}

Pere ls an addlLlonal example of a reasonably compleLe conflguraLlon flle:
I|gure 3.
range 239.2S2.197.10 239.2S2.197.2S0,
defau|t-|ease-t|me 600 max-|ease-t|me 7200,
opt|on subnet-mask 2SS.2SS.2SS.0,
opt|on broadcast-address 239.2S2.197.2SS,
lSC uPC Server
Page 19 of 56
opt|on doma|n-name-servers 239.2S2.197.2, 239.2S2.197.3,
}
Auu8LSS CCLS
1he pool and pool6 declaraLlons can be used Lo speclfy a pool of addresses LhaL wlll be LreaLed dlfferenLly Lhan
anoLher pool of addresses, even on Lhe same neLwork segmenL or subneL. lor example, you may wanL Lo provlde a
large seL of addresses LhaL can be asslgned Lo uPC cllenLs LhaL are reglsLered Lo your uPC server, whlle provldlng
a smaller seL of addresses, posslbly wlLh shorL lease Llmes, LhaL are avallable for unknown cllenLs. lf you have a
flrewall, you may be able Lo arrange for addresses from one pool Lo be allowed access Lo Lhe lnLerneL, whlle
addresses ln anoLher pool are noL, Lhus encouraglng users Lo reglsLer Lhelr uPC cllenLs. 1o do Lhls, you would seL
up a palr of pool declaraLlons:
subnet 10.0.0.0 netmask 2SS.2SS.2SS.0 {
opt|on routers 10.0.0.2S4,

# Unknown c||ents get th|s poo|.
poo| {
opt|on doma|n-name-servers bogus.examp|e.com,
max-|ease-t|me 300,
range 10.0.0.200 10.0.0.2S3,
a||ow unknown-c||ents,
}

# known c||ents get th|s poo|.
poo| {
opt|on doma|n-name-servers ns1.examp|e.com, ns2.examp|e.com,
max-|ease-t|me 28800,
range 10.0.0.S 10.0.0.199,
deny unknown-c||ents,
}
}
lL ls also posslble Lo seL up enLlrely dlfferenL subneLs for known and unknown cllenLs - address pools exlsL aL Lhe
level of shared neLworks, so address ranges wlLhln pool declaraLlons can be on dlfferenL subneLs.
As you can see ln Lhe precedlng example, pools can have permlL llsLs LhaL conLrol whlch cllenLs are allowed access
Lo Lhe pool and whlch aren'L. Lach enLry ln a pool's permlL llsL ls lnLroduced wlLh Lhe allow or deny keyword. lf a
pool has a permlL llsL, Lhen only Lhose cllenLs LhaL maLch speclflc enLrles on Lhe permlL llsL wlll be ellglble Lo be
asslgned addresses from Lhe pool. lf a pool has a deny llsL, Lhen only Lhose cllenLs LhaL do noL maLch any enLrles on
Lhe deny llsL wlll be ellglble. lf boLh permlL and deny llsLs exlsL for a pool, Lhen only cllenLs LhaL maLch Lhe permlL
llsL and do noL maLch Lhe deny llsL wlll be allowed access.
lSC uPC Server
Page 20 of 56
1he pool6 declaraLlon ls slmllar Lo Lhe pool declaraLlon. CurrenLly lL ls only allowed wlLhln a subneL6 declaraLlon,
and may noL be lncluded dlrecLly ln a shared neLwork declaraLlon. ln addlLlon Lo Lhe range6 sLaLemenL lL allows Lhe
preflx6 sLaLemenL Lo be lncluded. ?ou may lnclude range6 sLaLemenLs for boLh nA and 1A and preflx6 sLaLemenLs
ln a slngle pool6 sLaLemenL.
Su8nL1S
dhcpd needs Lo know Lhe subneL numbers and neLmasks of all subneLs for whlch lL wlll be provldlng servlce. ln
addlLlon, ln order Lo dynamlcally allocaLe addresses, lL musL be asslgned one or more ranges of addresses on each
subneL LhaL lL can ln Lurn asslgn Lo cllenL hosLs as Lhey booL. 1hus, a very slmple conflguraLlon provldlng uPC
supporL mlghL look llke Lhls:
range 239.2S2.197.10 239.2S2.197.2S0,
}

MulLlple address ranges may be speclfled llke Lhls:

range 239.2S2.197.10 239.2S2.197.107,
range 239.2S2.197.113 239.2S2.197.2S0,
}

lf a subneL wlll only be provlded wlLh 8CC1 servlce and no dynamlc address asslgnmenL, Lhe range clause can be
lefL ouL enLlrely, buL Lhe subneL sLaLemenL musL appear.
LLASL LLnC1PS
uPC leases can be asslgned almosL any lengLh from zero seconds Lo lnflnlLy. WhaL lease lengLh makes sense for
any glven subneL, or for any glven lnsLallaLlon, wlll vary dependlng on Lhe klnds of hosLs belng served.
lor example, ln an offlce envlronmenL where sysLems are added from Llme Lo Llme and removed from Llme Lo
Llme, buL move relaLlvely lnfrequenLly, lL mlghL make sense Lo allow lease Llmes of a monLh or more. ln a flnal LesL
envlronmenL on a manufacLurlng floor, lL may make more sense Lo asslgn a maxlmum lease lengLh of 30 mlnuLes -
enough Llme Lo go Lhrough a slmple LesL procedure on a neLwork appllance before packaglng lL up for dellvery.
lL ls posslble Lo speclfy Lwo lease lengLhs: Lhe defaulL lengLh LhaL wlll be asslgned lf a cllenL doesn'L ask for any
parLlcular lease lengLh, and a maxlmum lease lengLh. 1hese are speclfled as clauses Lo Lhe subneL command:

range 239.2S2.197.10 239.2S2.197.107,
defau|t-|ease-t|me 600,
lSC uPC Server
Page 21 of 56
}

1hls parLlcular subneL declaraLlon speclfles a defaulL lease Llme of 600 seconds (Len mlnuLes), and a maxlmum
lease Llme of 7200 seconds (Lwo hours). CLher common values would be 86400 (one day), 604800 (one week) and
2392000 (30 days).
Lach subneL need noL have Lhe same lease Llme - ln Lhe case of an offlce envlronmenL and a manufacLurlng
envlronmenL served by Lhe same uPC server, lL mlghL make sense Lo have wldely dlsparaLe values for defaulL and
maxlmum lease Llmes on each subneL.
8CC1 SuC81
Lach 8CC1 cllenL musL be expllclLly declared ln Lhe dhcpd.conf flle. A very baslc cllenL declaraLlon wlll speclfy Lhe
cllenL neLwork lnLerface's hardware address and Lhe l address Lo asslgn Lo LhaL cllenL. lf Lhe cllenL needs Lo be
able Lo load a booL flle from Lhe server, LhaL flle's name musL be speclfled. A slmple booLp cllenL declaraLlon mlghL
look llke Lhls:
host haagen {
hardware ethernet 08:00:2b:4c:S9:23,
f|xed-address 239.2S2.197.9,
f||ename "]tftpboot]haagen.boot",
}

C1l CnS
uPC (and also 8CC1 wlLh vendor LxLenslons) provlde a mechanlsm whereby Lhe server can provlde Lhe cllenL
wlLh lnformaLlon abouL how Lo conflgure lLs neLwork lnLerface (e.g., subneL mask), and also how Lhe cllenL can
access varlous neLwork servlces (e.g., unS, l rouLers, and so on).
1hese opLlons can be speclfled on a per-subneL basls, and, for 8CC1 cllenLs, also on a per-cllenL basls. ln Lhe
evenL LhaL a 8CC1 cllenL declaraLlon speclfles opLlons LhaL are also speclfled ln lLs subneL declaraLlon, Lhe opLlons
speclfled ln Lhe cllenL declaraLlon Lake precedence. A reasonably compleLe uPC conflguraLlon mlghL look
someLhlng llke Lhls:
range 239.2S2.197.10 239.2S2.197.2S0,
defau|t-|ease-t|me 600 max-|ease-t|me 7200,
opt|on subnet-mask 2SS.2SS.2SS.0,
opt|on broadcast-address 239.2S2.197.2SS,
opt|on doma|n-name-servers 239.2S2.197.2, 239.2S2.197.3,
}
lSC uPC Server
Page 22 of 56
A booLp hosL on LhaL subneL LhaL needs Lo be ln a dlfferenL domaln and use a dlfferenL name server mlghL be
declared as follows:
host haagen {
hardware ethernet 08:00:2b:4c:S9:23,
f|xed-address 239.2S2.197.9,
f||ename "]tftpboot]haagen.boot",
opt|on doma|n-name-servers 192.S.S.1,
opt|on doma|n-name "v|x.com",
}
A more compleLe descrlpLlon of Lhe dhcpd.conf flle synLax ls provlded ln dhcpd.conf(3).

CCL u1l Ll ZA1l Cn

log-threshold-high \percentage\
log-threshold-low \percentage\
1he |og-thresho|d-|ow and |og-thresho|d-h|gh sLaLemenLs are used Lo conLrol when a message ls ouLpuL abouL
pool usage. 1he value for boLh of Lhem ls Lhe percenLage of Lhe pool ln use. lf Lhe hlgh Lhreshold ls 0 or has noL
been speclfled, no messages wlll be produced. lf a hlgh Lhreshold ls glven, a message ls ouLpuL once Lhe pool
usage passes LhaL level. AfLer LhaL, no more messages wlll be ouLpuL unLll Lhe pool usage falls below Lhe low
Lhreshold. lf Lhe low Lhreshold ls noL glven, lL defaulLs Lo a value of zero. A speclal case occurs when Lhe low
Lhreshold ls seL Lo be hlgher Lhan Lhe hlgh Lhreshold. ln Lhls case, a message wlll be generaLed each Llme a lease ls
acknowledged when Lhe pool usage ls above Lhe hlgh Lhreshold.

CLl Ln1 CLASSl nC
CllenLs can be separaLed lnLo classes, and LreaLed dlfferenLly dependlng on whaL class Lhey are ln. 1hls separaLlon
can be done elLher wlLh a condlLlonal sLaLemenL, or wlLh a maLch sLaLemenL wlLhln Lhe class declaraLlon. lL ls
posslble Lo speclfy a llmlL on Lhe LoLal number of cllenLs wlLhln a parLlcular class or subclass LhaL may hold leases aL
one Llme, and lL ls posslble Lo speclfy auLomaLlc subclasslng based on Lhe conLenLs of Lhe cllenL packeL.
Classlng supporL for uPCv6 cllenLs was added ln 4.3.0. lL follows Lhe same rules as for uPCv4 excepL LhaL
supporL for bllllng classes has noL been added yeL.
1o add cllenLs Lo classes based on condlLlonal evaluaLlon, you can speclfy a maLchlng expresslon ln Lhe class
sLaLemenL:
c|ass "ras-c||ents" {
match |f substr|ng (opt|on dhcp-c||ent-|dent|f|er, 1, 3) = "kAS",
}
lSC uPC Server
Page 23 of 56
noLe LhaL wheLher you use maLchlng expresslons or add sLaLemenLs (or boLh) Lo classlfy cllenLs, you musL always
wrlLe a class declaraLlon for any class LhaL you use. lf Lhere wlll be no maLch sLaLemenL and no ln-scope sLaLemenLs
for a class, Lhe declaraLlon should look llke Lhls:
c|ass "ras-c||ents" {
}

Su8CLASSLS
ln addlLlon Lo classes, lL ls posslble Lo declare subclasses. A subclass ls a class wlLh Lhe same name as a regular
class, buL wlLh a speclflc submaLch expresslon whlch ls hashed for qulck maLchlng. 1hls ls essenLlally a speed hack -
Lhe maln dlfference beLween flve classes wlLh maLch expresslons and one class wlLh flve subclasses ls LhaL lL wlll be
qulcker Lo flnd Lhe subclasses. Subclasses work as follows:

c|ass "a||ocat|on-c|ass-1" {
match p|ck-f|rst-va|ue (opt|on dhcp-c||ent-|dent|f|er, hardware),
}

c|ass "a||ocat|on-c|ass-2" {
match p|ck-f|rst-va|ue (opt|on dhcp-c||ent-|dent|f|er, hardware),
}

subc|ass "a||ocat|on-c|ass-1" 1:8:0:2b:4c:39:ad,
subc|ass "a||ocat|on-c|ass-2" 1:8:0:2b:a9:cc:e3,
subc|ass "a||ocat|on-c|ass-1" 1:0:0:c4:aa:29:44,

subnet 10.0.0.0 netmask 2SS.2SS.2SS.0 {
poo| {
a||ow members of "a||ocat|on-c|ass-1",
range 10.0.0.11 10.0.0.S0,
}
poo| {
a||ow members of "a||ocat|on-c|ass-2",
range 10.0.0.S1 10.0.0.100,
}
}

1he daLa followlng Lhe class name ln Lhe subclass declaraLlon ls a consLanL value Lo use ln maLchlng Lhe maLch
expresslon for Lhe class. When class maLchlng ls done, Lhe server wlll evaluaLe Lhe maLch expresslon and Lhen look
lSC uPC Server
Page 24 of 56
Lhe resulL up ln Lhe hash Lable. lf lL flnds a maLch, Lhe cllenL ls consldered a member of boLh Lhe class and Lhe
subclass.
Subclasses can be declared wlLh or wlLhouL scope. ln Lhe above example, Lhe sole purpose of Lhe subclass ls Lo
allow some cllenLs access Lo one address pool, whlle oLher cllenLs are glven access Lo Lhe oLher pool, so Lhese
subclasses are declared wlLhouL scopes. lf parL of Lhe purpose of Lhe subclass were Lo deflne dlfferenL parameLer
values for some cllenLs, you mlghL wanL Lo declare some subclasses wlLh scopes.
ln Lhe above example, lf you had a slngle cllenL LhaL needed some conflguraLlon parameLers, whlle mosL dldn'L, you
mlghL wrlLe Lhe followlng subclass declaraLlon for LhaL cllenL:
subc|ass "a||ocat|on-c|ass-2" 1:08:00:2b:a1:11:31 {
opt|on root-path "samsara:]var]d|sk|ess]a|phapc",
f||ename "]tftpboot]netbsd.a|phapc-d|sk|ess",
}

ln Lhls example, we've used subclasslng as a way Lo conLrol address allocaLlon on a per-cllenL basls. Powever, lL's
also posslble Lo use subclasslng ln ways LhaL are noL speclflc Lo cllenLs - for example, Lo use Lhe value of Lhe
vendor-class-ldenLlfler opLlon Lo deLermlne whaL values Lo send ln Lhe vendor-encapsulaLed-opLlons opLlon. An
example of Lhls ls shown under Lhe vLnuC8 LnCASuLA1Lu C1lCnS head ln Lhe dhcp-opLlons(3) manual page.
L8-CLASS Ll Ml 1S Cn u?nAMl C Auu8LSS ALLCCA1l Cn
?ou may speclfy a llmlL Lo Lhe number of cllenLs ln a class LhaL can be asslgned leases. 1he effecL of Lhls wlll be Lo
make lL dlfflculL for a new cllenL ln a class Lo geL an address. Cnce a class wlLh such a llmlL has reached lLs llmlL, Lhe
only way a new cllenL ln LhaL class can geL a lease ls for an exlsLlng cllenL Lo rellnqulsh lLs lease, elLher by leLLlng lL
explre, or by sendlng a uPC8LLLASL packeL. Classes wlLh lease llmlLs are speclfled as follows:

c|ass "||m|ted-1" {
|ease ||m|t 4,
}

1hls wlll produce a class ln whlch a maxlmum of four members may hold a lease aL one Llme.
SAWnl nC CLASSLS
lL ls posslble Lo declare a spawnlng class. A spawnlng class ls a class LhaL auLomaLlcally produces subclasses based
on whaL Lhe cllenL sends. 1he reason LhaL spawnlng classes were creaLed was Lo make lL posslble Lo creaLe lease-
llmlLed classes on Lhe fly. 1he envlsloned appllcaLlon ls a cable-modem envlronmenL where Lhe lS wlshes Lo
provlde cllenLs aL a parLlcular slLe wlLh more Lhan one l address, buL does noL wlsh Lo provlde such cllenLs wlLh
Lhelr own subneL, nor glve Lhem an unllmlLed number of l addresses from Lhe neLwork segmenL Lo whlch Lhey are
connecLed.
lSC uPC Server
Page 25 of 56
Many cable modem head-end sysLems can be conflgured Lo add a 8elay AgenL lnformaLlon opLlon Lo uPC packeLs
when relaylng Lhem Lo Lhe uPC server. 1hese sysLems Lyplcally add a clrculL lu or remoLe lu opLlon LhaL unlquely
ldenLlfles Lhe cusLomer slLe. 1o Lake advanLage of Lhls, you can wrlLe a class declaraLlon as follows:
c|ass "customer" {
spawn w|th opt|on agent.c|rcu|t-|d,
|ease ||m|t 4,
}

now whenever a requesL comes ln from a cusLomer slLe, Lhe clrculL lu opLlon wlll be checked agalnsL Lhe classs
hash Lable. lf a subclass ls found LhaL maLches Lhe clrculL lu, Lhe cllenL wlll be classlfled ln LhaL subclass and LreaLed
accordlngly. lf no subclass ls found maLchlng Lhe clrculL lu, a new one wlll be creaLed and logged ln Lhe
dhcpd.leases flle, and Lhe cllenL wlll be classlfled ln Lhls new class. Cnce Lhe cllenL has been classlfled, lL wlll be
LreaLed accordlng Lo Lhe rules of Lhe class, lncludlng, ln Lhls case, belng sub[ecL Lo Lhe per-slLe llmlL of four leases.
1he use of Lhe subclass spawnlng mechanlsm ls noL resLrlcLed Lo relay agenL opLlons - Lhls parLlcular example ls
glven only because lL ls a falrly sLralghLforward one.
CCM8l nl nC MA1CP, MA1CP l l, Anu SAWn Wl 1P
ln some cases, lL may be useful Lo use one expresslon Lo asslgn a cllenL Lo a parLlcular class, and a second
expresslon Lo puL lL lnLo a subclass of LhaL class. 1hls can be done by comblnlng Lhe maLch lf and spawn wlLh
sLaLemenLs, or Lhe maLch lf and maLch sLaLemenLs. lor example:

c|ass "[r-cab|e-modems" {
match |f opt|on dhcp-vendor-|dent|f|er = "[rcm",
|ease ||m|t 4,
}

c|ass "dv-ds|-modems" {
match |f opt|on dhcp-vendor-|dent|f|er = "dvds|",
|ease ||m|t 16,
}

1hls allows you Lo have Lwo classes LhaL boLh have Lhe same spawn wlLh expresslon wlLhouL geLLlng Lhe cllenLs ln
Lhe Lwo classes confused wlLh each oLher.
CCnul1lCnAL 8LPAvlC8
lSC uPC Server
Page 26 of 56
1he lnLerneL SysLems ConsorLlum uPC cllenL and server boLh provlde Lhe ablllLy Lo perform condlLlonal behavlor
dependlng on Lhe conLenLs of packeLs Lhey recelve. 1he synLax for speclfylng Lhls condlLlonal behavlor ls
documenLed here.
CondlLlonal behavlor may be speclfled uslng Lhe |f sLaLemenL and Lhe e|se or e|s|f sLaLemenLs or Lhe sw|tch and
case sLaLemenLs.
A condlLlonal sLaLemenL can appear anywhere LhaL a regular sLaLemenL (e.g., an opLlon sLaLemenL) can appear, and
can enclose one or more such sLaLemenLs.
CCnul 1l CnAL 8LPAvl C8: l l
A Lyplcal condlLlonal lf sLaLemenL ln a server mlghL be:
|f opt|on dhcp-user-c|ass = "account|ng" {
opt|on doma|n-name "account|ng.examp|e.org",
opt|on doma|n-name-servers ns1.account|ng.examp|e.org,
ns2.account|ng.examp|e.org,
}
e|s|f opt|on dhcp-user-c|ass = "sa|es" {
opt|on doma|n-name "sa|es.examp|e.org",
opt|on doma|n-name-servers ns1.sa|es.examp|e.org,
ns2.sa|es.examp|e.org,
}
e|s|f opt|on dhcp-user-c|ass = "eng|neer|ng" {
opt|on doma|n-name "eng|neer|ng.examp|e.org",
opt|on doma|n-name-servers ns1.eng|neer|ng.examp|e.org,
ns2.eng|neer|ng.examp|e.org,
}
e|se {
max-|ease-t|me 600,
opt|on doma|n-name "m|sc.examp|e.org",
opt|on doma|n-name-servers ns1.m|sc.examp|e.org,
ns2.m|sc.examp|e.org,
}

lSC uPC Server
Page 27 of 56
Cn Lhe cllenL slde, an example of condlLlonal evaluaLlon mlghL be,
example.org fllLers unS aL lLs flrewall, so we have Lo use Lhelr unS
servers when we connecL Lo Lhelr neLwork. lf we are noL aL example.org, prefer our own unS server.
|f not opt|on doma|n-name = "examp|e.org" {
prepend doma|n-name-servers 127.0.0.1,
}
1he |f sLaLemenL and Lhe e|s|f conLlnuaLlon sLaLemenL boLh Lake boolean expresslons as Lhelr argumenLs. 1haL ls,
Lhey Lake expresslons LhaL, when evaluaLed, produce a boolean resulL. lf Lhe expresslon evaluaLes Lo Lrue, Lhen
Lhe sLaLemenLs enclosed ln braces followlng Lhe |f sLaLemenL are execuLed, and all subsequenL e|s|f and else
clauses are sklpped. CLherwlse, each subsequenL e|s|f clause's expresslon ls checked, unLll an e|s|f clause ls
encounLered whose LesL evaluaLes Lo Lrue. lf such a clause ls found, Lhe sLaLemenLs ln braces followlng lL are
execuLed, and Lhen any subsequenL e|s|f and else clauses are sklpped. lf all Lhe |f and e|s|f clauses are checked buL
none of Lhelr expresslons evaluaLe Lrue, Lhen lf Lhere ls an else clause, Lhe sLaLemenLs enclosed ln braces followlng
Lhe else are evaluaLed. 8oolean expresslons LhaL evaluaLe Lo null are LreaLed as false ln condlLlonals.

CCnul 1l CnAL 8LPAvl C8: SWl 1CP

1he above example can be rewrlLLen uslng a swlLch consLrucL as well.
sw|tch (opt|on dhcp-user-c|ass) {
case "account|ng":
opt|on doma|n-name "account|ng.examp|e.org",
opt|on doma|n-name-servers ns1.account|ng.examp|e.org, ns2.account|ng.examp|e.org,

case "sa|es":
opt|on doma|n-name "sa|es.examp|e.org",
opt|on doma|n-name-servers ns1.sa|es.examp|e.org,
ns2.sa|es.examp|e.org,
break,

case "eng|neer|ng":
opt|on doma|n-name "eng|neer|ng.examp|e.org",
opt|on doma|n-name-servers ns1.eng|neer|ng.examp|e.org,
ns2.eng|neer|ng.examp|e.org,
break,

lSC uPC Server
Page 28 of 56
defau|t:
max-|ease-t|me 600,
opt|on doma|n-name "m|sc.examp|e.org",
opt|on doma|n-name-servers ns1.m|sc.examp|e.org,
ns2.m|sc.examp|e.org,
break,
}

1he sw|tch sLaLemenL and Lhe case sLaLemenLs can boLh be daLa expresslons or numerlc expresslons. WlLhln a
swlLch sLaLemenL Lhey all musL be Lhe same Lype. 1he server evaluaLes Lhe expresslon from Lhe swlLch sLaLemenL
and Lhen lL evaluaLes Lhe expresslons from Lhe case sLaLemenLs unLll lL flnds a maLch.
lf lL flnds a maLch lL sLarLs execuLlng sLaLemenLs from LhaL case unLll Lhe nexL break sLaLemenL. lf lL doesn'L flnd a
maLch lL sLarLs from Lhe defaulL sLaLemenL and agaln proceeds Lo Lhe nexL break sLaLemenL. lf Lhere ls no maLch
and no defaulL lL does noLhlng.
See Lhe Man pages ln Lhe lnsLalled dhcp server for a llsL of supporLed 8oolean expresslons.
unuL8S1AnulnC 1PL LLASL llLL
Lease descrlpLlons are sLored ln a formaL LhaL ls parsed by Lhe same recurslve descenL parser used Lo read Lhe
dhcpd.conf(3) and dhcllenL.conf(3) flles. Lease flles can conLaln lease declaraLlons, and also group and subgroup
declaraLlons, hosL declaraLlons and fallover sLaLe declaraLlons. Croup, subgroup and hosL declaraLlons are used Lo
record ob[ecLs creaLed uslng Lhe CMAl proLocol.
1he lease flle ls a log-sLrucLured flle - whenever a lease changes, Lhe conLenLs of LhaL lease are wrlLLen Lo Lhe end
of Lhe flle. 1hls means LhaL lL ls enLlrely posslble and qulLe reasonable for Lhere Lo be Lwo or more declaraLlons of
Lhe same lease ln Lhe lease flle aL Lhe same Llme. ln LhaL case, Lhe lnsLance of LhaL parLlcular lease LhaL appears lasL
ln Lhe flle ls Lhe one LhaL ls ln effecL.
Croup, subgroup and hosL declaraLlons ln Lhe lease flle are handled ln Lhe same manner, excepL LhaL lf any of Lhese
ob[ecLs are deleLed, a rubouL ls wrlLLen Lo Lhe lease flle. 1hls ls [usL Lhe same declaraLlon, wlLh [ deleLed, } ln Lhe
scope of Lhe declaraLlon. When Lhe lease flle ls rewrlLLen, any such rubouLs LhaL can be ellmlnaLed are ellmlnaLed.
lL ls posslble Lo deleLe a declaraLlon ln Lhe dhcpd.conf flle, ln Lhls case, Lhe rubouL can never be ellmlnaLed from
Lhe dhcpd.leases flle.
CCMMCn S1A1LMLn1S lC8 LLASL uLCLA8A1l CnS
|ease |p-address { statements... }
Whlle Lhe lease flle formaLs for uPCv4 and uPCv6 are dlfferenL Lhey share many common sLaLemenLs and
sLrucLures. 1hls secLlon descrlbes Lhe common sLaLemenLs whlle Lhe succeedlng secLlons descrlbe Lhe proLocol
speclflc sLaLemenLs.
uA1LS
1he !"#$ ls speclfled ln Lwo ways, dependlng on Lhe conflguraLlon value for Lhe db-t|me-format parameLer. lf lL
was seL Lo defaulL, Lhen Lhe daLe flelds appear as follows:
lSC uPC Server
Page 29 of 56
weekday year]month]day hour:m|nute:second

1he weekday ls presenL Lo make lL easy for a human Lo Lell when a lease explres - lL's speclfled as a number from
zero Lo slx, wlLh zero belng Sunday. 1he day of week ls lgnored on lnpuL. 1he year ls speclfled wlLh Lhe cenLury, so
lL should generally be four dlglLs excepL for really long leases. 1he monLh ls speclfled as a number sLarLlng wlLh 1
for !anuary. 1he day of Lhe monLh ls llkewlse speclfled sLarLlng wlLh 1. 1he hour ls a number beLween 0 and 23, Lhe
mlnuLe a number beLween 0 and 39, and Lhe second also a number beLween 0 and 39.
Lease Llmes are speclfled ln unlversal CoordlnaLed 1lme (u1C), noL ln Lhe local Llme zone. 1here ls probably
nowhere ln Lhe world where Lhe Llmes recorded on a lease are always Lhe same as wall clock Llmes. Cn mosL unlx
machlnes, you can dlsplay Lhe currenL Llme ln u1C by Lyplng date -u.
lf Lhe db-t|me-format was conflgured Lo local, Lhen Lhe daLe flelds appear as follows:
epoch <seconds-s|nce-epoch>, # <day-name> <month-name> <day-number> <hours>:<m|nutes>:<seconds>
<year>

1he seconds-slnce-epoch ls as accordlng Lo Lhe sysLem's local clock (ofLen referred Lo as "unlx Llme").
1he # symbol supplles a commenL LhaL descrlbes whaL acLual Llme Lhls ls as accordlng Lo Lhe sysLem's
conflgured Llmezone, aL Lhe Llme Lhe value was wrlLLen. lL ls provlded only for human lnspecLlon.
lf a lease wlll never explre, daLe ls never lnsLead of an acLual daLe.
CLnL8AL vA8l A8LLS
As parL of Lhe processlng of a lease, lnformaLlon may be aLLached Lo Lhe lease sLrucLure, for example Lhe uunS
lnformaLlon or lf you speclfy a varlable ln your conflguraLlon flle. Some of Lhese, llke Lhe uunS lnformaLlon, have
speclflc descrlpLlons below. lor oLhers, such as any you mlghL deflne, a generlc llne of Lhe followlng wlll be
lncluded.
set var|ab|e = va|ue,
1he set sLaLemenL seLs Lhe value of a varlable on Lhe lease. lor general lnformaLlon on varlables, see
Lhe dhcp-eva|(S) manual page.
uunS vA8l A8LLS
1he 00,/.$'1$ and 00,/.02&)0 varlables
1hese varlables are used Lo record Lhe value of Lhe cllenL's ldenLlflcaLlon record when Lhe server has
updaLed Lhe unS for a parLlcular lease. 1he LexL record ls used wlLh Lhe lnLerlm uunS updaLe sLyle whlle
Lhe dhcld record ls used for Lhe sLandard uunS updaLe sLyle.
1he 00,/.(30.,%4' varlable
1he ddns-fwd-name varlable records Lhe value of Lhe name used ln updaLlng Lhe cllenL's A record lf a
uunS updaLe has been successfully done by Lhe server. 1he server may also have used Lhls name Lo
updaLe Lhe cllenL's 18 record.
lSC uPC Server
Page 30 of 56
1he 00,/.&*)',$.(60, varlable
lf Lhe server ls conflgured boLh Lo use Lhe lnLerlm or sLandard uunS updaLe sLyle, and Lo allow cllenLs Lo
updaLe Lhelr own IDNs, Lhen lf Lhe cllenL dld ln facL updaLe lLs own IDN, Lhen Lhe 00,/.&*)',$.
(60, varlable records Lhe name LhaL Lhe cllenL has lndlcaLed lL ls uslng. 1hls ls Lhe name LhaL Lhe server
wlll have used Lo updaLe Lhe cllenL's 18 record ln Lhls case.
1he 00,/.#'7.,%4' varlable
lf Lhe server successfully updaLes Lhe cllenL's 18 record, Lhls varlable wlll record Lhe name LhaL Lhe uPC
server used for Lhe 18 record. 1he name Lo whlch Lhe 18 record polnLs wlll be elLher Lhe 00,/.(30.
,%4' or Lhe 00,/.&*)',$.(60,.
LxLCu1A8LL S1A1LMLn1S
on events { statements... }
1he on sLaLemenL records a llsL of sLaLemenLs Lo execuLe lf a cerLaln evenL occurs. 1he posslble evenLs
LhaL can occur for an acLlve lease are release and explry. More Lhan one evenL can be speclfled - lf so, Lhe
evenLs are separaLed by '|' characLers.
bootp, reserved,
1hese Lwo sLaLemenLs are effecLlvely flags. lf presenL, Lhey lndlcaLe LhaL Lhe 8CC1 and 8LSL8vLu
fallover flags, respecLlvely, should be seL. 8CC1 and 8LSL8vLu dynamlc leases are LreaLed dlfferenLly
Lhan normal dynamlc leases, as Lhey may only be used by Lhe cllenL Lo whlch Lhey are currenLly allocaLed.
1PL uPCv4 LLASL uLCLA8A1l Cn
|ease |p-address { statements... }

Lach lease declaraLlon lncludes Lhe slngle l address LhaL has been leased Lo Lhe cllenL. 1he sLaLemenLs wlLhln Lhe
braces deflne Lhe duraLlon of Lhe lease and Lo whom lL ls asslgned.
starts 0%$',
ends 0%$',
tstp 0%$',
tsfp 0%$',
atsfp 0%$',
c|tt 0%$',

1he sLarL and end Llme of a lease are recorded uslng Lhe starts and ends sLaLemenLs. 1he tstp sLaLemenL ls
speclfled lf Lhe fallover proLocol ls belng used, and lndlcaLes whaL Llme Lhe peer has been Lold Lhe lease explres.
1he tsfp sLaLemenL ls also speclfled lf Lhe fallover proLocol ls belng used, and lndlcaLes Lhe lease explry Llme LhaL
Lhe peer has acknowledged. 1he atsfp sLaLemenL ls Lhe acLual Llme senL from Lhe fallover parLner.
1he c|tt sLaLemenL ls Lhe cllenL's lasL LransacLlon Llme. See Lhe descrlpLlon of daLes ln Lhe secLlon above on
common sLrucLures.
lSC uPC Server
Page 31 of 56
hardware hardware-type mac-address,
1he hardware sLaLemenL records Lhe MAC address of Lhe neLwork lnLerface on whlch Lhe lease wlll be
used. lL ls speclfled as a serles of hexadeclmal ocLeLs, separaLed by colons.
u|d c||ent-|dent|f|er,
1he u|d sLaLemenL records Lhe cllenL ldenLlfler used by Lhe cllenL Lo acqulre Lhe lease. CllenLs are noL
requlred Lo send cllenL ldenLlflers, and Lhls sLaLemenL only appears lf Lhe cllenL dld ln facL send one. CllenL
ldenLlflers are normally an A8 Lype (1 for eLherneL) followed by Lhe MAC address, [usL llke ln
Lhe hardware sLaLemenL8 but th|s |s not requ|red.
1he cllenL ldenLlfler ls recorded as a colon-separaLed hexadeclmal llsL or as a quoLed sLrlng. lf lL ls
recorded as a quoLed sLrlng and lL conLalns one or more non-prlnLable characLers, Lhose characLers are
represenLed as ocLal escapes - a backslash characLer followed by Lhree ocLal dlglLs.
c||ent-hostname 2"/$,%4',
MosL uPC cllenLs wlll send Lhelr hosLname ln Lhe %&'#()"*$ opLlon. lf a cllenL sends lLs hosLname ln Lhls
way, Lhe hosLname ls recorded on Lhe lease wlLh a c||ent-hostname sLaLemenL. 1hls ls noL requlred by Lhe
proLocol, however, so many speclallzed uPC cllenLs do noL send a hosL-name opLlon.
abandoned,
1he abandoned sLaLemenL lndlcaLes LhaL Lhe uPC server has abandoned Lhe lease. ln LhaL case,
Lhe abandoned sLaLemenL wlll be used Lo lndlcaLe LhaL Lhe lease should noL be reasslgned. lease see
Lhe dhcpd.conf(S) manual page for lnformaLlon abouL abandoned leases.
b|nd|ng state /$%$', next b|nd|ng state /$%$',
1he b|nd|ng state sLaLemenL declares Lhe lease's blndlng sLaLe. When Lhe uPC server ls noL conflgured Lo
use Lhe fallover proLocol, a lease's blndlng sLaLe wlll be elLher act|ve or free. 1he fallover proLocol adds
some addlLlonal LranslLlonal sLaLes, as well as Lhe backup sLaLe, whlch lndlcaLes LhaL Lhe lease ls avallable
for allocaLlon by Lhe fallover secondary.
1he next b|nd|ng state sLaLemenL lndlcaLes whaL sLaLe Lhe lease wlll move Lo when Lhe currenL sLaLe
explres. 1he Llme when Lhe currenL sLaLe explres ls speclfled ln Lhe ends sLaLemenL.
rew|nd state /$%$',
1hls sLaLemenL ls parL of an opLlmlzaLlon for use wlLh fallover. 1hls helps a server rewlnd a lease Lo Lhe
sLaLe mosL recenLly LransmlLLed Lo lLs peer.

opt|on agent.c|rcu|t-|d str|ng, opt|on agent.remote-|d str|ng,
1hese sLaLemenLs are used Lo record Lhe clrculL lu and remoLe lu opLlons senL by Lhe relay agenL, lf Lhe
relay agenL uses Lhe re|ay agent |nformat|on opt|on. 1hls allows Lhese opLlons Lo be used conslsLenLly ln
condlLlonal evaluaLlons even when Lhe cllenL ls conLacLlng Lhe server dlrecLly raLher Lhan Lhrough lLs relay
agenL.
1he 7',0"#.&*%//.)0',$)()'# varlable
1he server reLalns Lhe cllenL-supplled vendor Class ldenLlfler opLlon for lnformaLlonal purposes, and Lo
render Lhem ln uPCLLASLCuL8? responses.
lSC uPC Server
Page 32 of 56
bootp, reserved,
lf presenL, Lhey lndlcaLe LhaL Lhe 8CC1 and 8LSL8vLu fallover flags (respecLlvely) should be seL. 8CC1
and 8LSL8vLu dynamlc leases are LreaLed dlfferenLly Lhan normal dynamlc leases as Lhey may only be
used by Lhe cllenL Lo whlch Lhey are currenLly allocaLed.
AddlLlonal opLlons or execuLable sLaLemenLs may be lncluded, see Lhe descrlpLlon of Lhem ln Lhe secLlon on
common sLrucLures.
1PL uPCv6 LLASL (l A) uLCLA8A1l Cn
|a_ta IAID_DUID {statements... }
|a_na IAID_DUID {statements... }
|a_pd IAID_DUID {statements... }

Lach lease declaraLlon sLarLs wlLh a Lag lndlcaLlng Lhe Lype of Lhe lease. |a_ta ls for Lemporary addresses, |a_na ls
for non-Lemporary addresses and |a_pd ls for preflx delegaLlon. lollowlng Lhls Lag ls Lhe comblned lAlu and uulu
from Lhe cllenL for Lhls lease.
1he lAlu_uulu value ls recorded as a colon-separaLed hexadeclmal llsL or as a quoLed sLrlng. lf lL ls recorded as a
quoLed sLrlng and lL conLalns one or more non-prlnLable characLers, Lhose characLers are represenLed as ocLal
escapes - a backslash characLer followed by Lhree ocLal dlglLs.
c|tt date,
1he c|tt sLaLemenL ls Lhe cllenL's lasL LransacLlon Llme. See Lhe descrlpLlon of daLes ln Lhe secLlon on common
sLrucLures.
|aaddr )!79.%00#'// { /$%$'4',$/... }
|apref|x )!79.%00#'//]pref|x-|ength { /$%$'4',$/... }
WlLhln a glven lease Lhere can be mulLlple |aaddr and |apref|x sLaLemenLs. Lach wlll have elLher an lv6 address or
an lv6 preflx (an address and a preflx lengLh lndlcaLlng a Clu8 sLyle block of addresses). 1he followlng sLaLemenLs
may occur wlLhln each |aaddr or |apref|x.
b|nd|ng state /$%$';
1he b|nd|ng state sLaLemenL declares Lhe lease's blndlng sLaLe. ln uPCv6 you wlll normally see Lhls as %&$)7' or
'1!)#'0.
preferred-||fe *)('$)4',
1he lv6 preferred llfeLlme assoclaLed wlLh Lhls address, ln seconds.
max-||fe *)('$)4'
1he valld llfeLlme assoclaLed wlLh Lhls address, ln seconds.
ends 0%$'
1he end Llme of Lhe lease. See Lhe descrlpLlon of daLes ln Lhe secLlon on common sLrucLures.
lSC uPC Server
Page 33 of 56
AddlLlonal opLlons or execuLable sLaLemenLs may be lncluded. See Lhe descrlpLlon of Lhem ln Lhe secLlon on
common sLrucLures.
1PL lAl LCvL8 LL8 S1A1L uLCLA8A1l Cn
1he sLaLe of any fallover peerlng arrangemenLs ls also recorded ln Lhe lease flle, uslng Lhe fa||over peer sLaLemenL:
fa||over peer "name" state {
my state /$%$' at 0%$',
peer state /$%$' at 0%$',
}
1he sLaLes of Lhe peer named ,%4' ls belng recorded. 8oLh Lhe sLaLe of Lhe runnlng server (my state) and Lhe
oLher fallover parLner (peer state) are recorded. 1he followlng sLaLes are posslble: unknown-state, partner-
down, norma|, commun|cat|ons-|nterrupted, reso|ut|on-|nterrupted, potent|a|-conf||ct, recover, recover-done,
shutdown, paused and startup.

uPC lAlLCvL8
1hls verslon of Lhe lSC uPC server supporLs Lhe uPC fallover proLocol as documenLed ln drafL-leLf-dhc-fallover-
12.LxL. 1hls ls noL a flnal proLocol documenL, and we have noL done lnLeroperablllLy LesLlng wlLh oLher vendors'
lmplemenLaLlons of Lhls proLocol, so you musL noL assume LhaL Lhls lmplemenLaLlon conforms Lo Lhe sLandard. lf
you wlsh Lo use Lhe fallover proLocol, make sure LhaL boLh fallover peers are runnlng Lhe same verslon of Lhe lSC
uPC server.
1he fallover proLocol allows Lwo uPC servers (and no more Lhan Lwo) Lo share a common address pool. Lach
server wlll have abouL half of Lhe avallable l addresses ln Lhe pool aL any glven Llme for allocaLlon. lf one server
falls, Lhe oLher server wlll conLlnue Lo renew leases ouL of Lhe pool, and wlll allocaLe new addresses ouL of Lhe
roughly half of avallable addresses LhaL lL had when communlcaLlons wlLh Lhe oLher server were losL.
lL ls posslble durlng a prolonged fallure Lo Lell Lhe remalnlng server LhaL Lhe oLher server ls down, ln whlch case Lhe
remalnlng server wlll (over Llme) reclalm all Lhe addresses Lhe oLher server had avallable for allocaLlon, and begln
Lo reuse Lhem. 1hls ls called puLLlng Lhe server lnLo Lhe A81nL8-uCWn sLaLe.
?ou can puL Lhe server lnLo Lhe A81nL8-uCWn sLaLe elLher by uslng Lhe omshe|| (1) command or by sLopplng Lhe
server, edlLlng Lhe lasL fallover sLaLe declaraLlon ln Lhe lease flle, and resLarLlng Lhe server. lf you use Lhls lasL
meLhod, change Lhe "my sLaLe" llne Lo:
fa||over peer name state {
my state partner-down,.
peer state state at date,
}

lL ls only requlred Lo change "my sLaLe" as shown above.
lSC uPC Server
Page 34 of 56
When Lhe oLher server comes back onllne, lL should auLomaLlcally deLecL LhaL lL has been offllne and requesL a
compleLe updaLe from Lhe server LhaL was runnlng ln Lhe A81nL8-uCWn sLaLe, and Lhen boLh servers wlll
resume processlng LogeLher.
lL ls posslble Lo geL lnLo a dangerous slLuaLlon: lf you puL one server lnLo Lhe A81nL8-uCWn sLaLe, and Lhen
*LhaL* server goes down, and Lhe oLher server comes back up, Lhe oLher server wlll noL know LhaL Lhe flrsL server
was ln Lhe A81nL8-uCWn sLaLe, and may lssue addresses prevlously lssued by Lhe oLher server Lo dlfferenL
cllenLs, resulLlng ln l address confllcLs. 8efore puLLlng a server lnLo A81nL8-uCWn sLaLe, Lherefore,
make ',-$ LhaL Lhe oLher server wlll noL resLarL auLomaLlcally.
1he fallover proLocol deflnes a prlmary server role and a secondary server role. 1here are some dlfferences ln how
prlmarles and secondarles acL, buL mosL of Lhe dlfferences slmply have Lo do wlLh provldlng a way for each peer Lo
behave ln Lhe opposlLe way from Lhe oLher. So one server musL be conflgured as prlmary, and Lhe oLher musL be
conflgured as secondary, and lL doesn'L maLLer Loo much whlch one ls whlch.

lAl LCvL8 S1A81u
When a server sLarLs LhaL has noL prevlously communlcaLed wlLh lLs fallover peer, lL musL esLabllsh
communlcaLlons wlLh lLs fallover peer and synchronlze wlLh lL before lL can serve cllenLs. 1hls can happen elLher
because you have [usL conflgured your uPC servers Lo perform fallover for Lhe flrsL Llme, or because one of your
fallover servers has falled caLasLrophlcally and losL lLs daLabase.
1he lnlLlal recovery process ls deslgned Lo ensure LhaL when one fallover peer loses lLs daLabase and Lhen
resynchronlzes, any leases LhaL Lhe falled server gave ouL before lL falled wlll be honored. When Lhe falled server
sLarLs up, lL noLlces LhaL lL has no saved fallover sLaLe, and aLLempLs Lo conLacL lLs peer.
When lL has esLabllshed conLacL, lL asks Lhe peer for a compleLe copy lLs peer's lease daLabase. 1he peer Lhen
sends lLs compleLe daLabase, and sends a message lndlcaLlng LhaL lL ls done. 1he falled server Lhen walLs unLll
MCL1 has passed, and once MCL1 has passed boLh servers make Lhe LranslLlon back lnLo normal operaLlon. 1hls
walLlng perlod ensures LhaL any leases Lhe falled server may have glven ouL whlle ouL of conLacL wlLh lLs parLner
wlll have explred.
Whlle Lhe falled server ls recoverlng, lLs parLner remalns ln Lhe parLner-down sLaLe, whlch means LhaL lL ls servlng
all cllenLs. 1he falled server provldes no servlce aL all Lo uPC cllenLs unLll lL has made Lhe LranslLlon lnLo normal
operaLlon.
ln Lhe case where boLh servers deLecL LhaL Lhey have never before communlcaLed wlLh Lhelr parLner, Lhey boLh
come up ln Lhls recovery sLaLe and follow Lhe procedure we have [usL descrlbed. ln Lhls case, no servlce wlll be
provlded Lo uPC cllenLs unLll MCL1 has explred.

CCnll Cu8l nC lAl LCvL8
ln order Lo conflgure fallover, you need Lo wrlLe a peer declaraLlon LhaL conflgures Lhe fallover proLocol, and you
need Lo wrlLe peer references ln each pool declaraLlon for whlch you wanL Lo do fallover. ?ou do noL have Lo do
fallover for all pools on a glven neLwork segmenL. ?ou musL noL Lell one server lL's dolng fallover on a parLlcular
lSC uPC Server
Page 35 of 56
address pool and Lell Lhe oLher lL ls noL. ?ou musL noL have any common address pools on whlch you are noL dolng
fallover. A pool declaraLlon LhaL uLlllzes fallover would look llke Lhls:
poo| {
fa||over peer "foo",
poo| spec|f|c parameters
},

1he server currenLly does very llLLle sanlLy checklng, so lf you conflgure lL wrong, lL wlll [usL fall ln odd ways. l would
recommend Lherefore LhaL you elLher do fallover or don'L do fallover, buL don'L do any mlxed pools. Also, use Lhe
same masLer conflguraLlon flle for boLh servers, and have a separaLe flle LhaL conLalns Lhe peer declaraLlon and
lncludes Lhe masLer flle. 1hls wlll help you Lo avold conflguraLlon mlsmaLches. As our lmplemenLaLlon evolves, Lhls
wlll become less of a problem. A baslc sample dhcpd.conf flle for a prlmary server mlghL look llke Lhls:

fa||over peer "foo" {
pr|mary,
address anthrax.rc.v|x.com,
port S19,
peer address trantor.rc.v|x.com,
peer port S20,
max-response-de|ay 60,
max-unacked-updates 10,
mc|t 3600,
sp||t 128,
|oad ba|ance max seconds 3,
}

|nc|ude "]etc]dhcpd.master",

1he sLaLemenLs ln Lhe peer declaraLlon are as follows:
1he prlmary and secondary sLaLemenLs:
[ pr|mary | secondary ],
1hls deLermlnes wheLher Lhe server ls prlmary or secondary, as descrlbed earller under uPC lAlLCvL8.
1he address sLaLemenL:
address %00#'//,
lSC uPC Server
Page 36 of 56
1he address sLaLemenL declares Lhe l address or unS name on whlch Lhe server should llsLen for
connecLlons from lLs fallover peer, and also Lhe value Lo use for Lhe uPC lallover roLocol server
ldenLlfler. 8ecause Lhls value ls used as an ldenLlfler, lL may noL be omlLLed.
1he peer address sLaLemenL:
peer address address,

1he peer address sLaLemenL declares Lhe l address or unS name Lo whlch Lhe server should connecL Lo
reach lLs fallover peer for fallover messages.
1he porL sLaLemenL:
port !"#$.,:4;'#,
1he port sLaLemenL declares Lhe 1C porL on whlch Lhe server should llsLen for connecLlons from lLs
fallover peer. 1hls sLaLemenL may be omlLLed, ln whlch case Lhe lAnA asslgned porL number 647 wlll be
used by defaulL.
1he peer porL sLaLemenL:
peer port port-number,
1he peer port sLaLemenL declares Lhe 1C porL Lo whlch Lhe server should connecL Lo reach lLs fallover
peer for fallover messages. 1hls sLaLemenL may be omlLLed, ln whlch case Lhe lAnA asslgned porL number
647 wlll be used by defaulL.
1he max-response-delay sLaLemenL:
max-response-de|ay seconds,
1he max-response-de|ay sLaLemenL Lells Lhe uPC server how many seconds may pass wlLhouL recelvlng
a message from lLs fallover peer before lL assumes LhaL connecLlon has falled. 1hls number should be
small enough LhaL a LranslenL neLwork fallure LhaL breaks Lhe connecLlon wlll noL resulL ln Lhe servers
belng ouL of communlcaLlon for a long Llme, buL large enough LhaL Lhe server lsn'L consLanLly maklng and
breaklng connecLlons. 1hls parameLer musL be speclfled.
1he max-unacked-updaLes sLaLemenL:
max-unacked-updates count,
1he max-unacked-updates sLaLemenL Lells Lhe remoLe uPC server how many 8nuuu messages lL can
send before lL recelves a 8nuACk from Lhe local sysLem. We don'L have enough operaLlonal experlence Lo
say whaL a good value for Lhls ls, buL 10 seems Lo work. 1hls parameLer musL be speclfled.
1he mclL sLaLemenL:
mc|t seconds,
1he mc|t sLaLemenL deflnes Lhe Maxlmum CllenL Lead 1lme. lL musL be speclfled on Lhe prlmary, and may
noL be speclfled on Lhe secondary. 1hls ls Lhe lengLh of Llme for whlch a lease may be renewed by elLher
fallover peer wlLhouL conLacLlng Lhe oLher. 1he longer you seL Lhls, Lhe longer lL wlll Lake for Lhe runnlng
server Lo recover l addresses afLer movlng lnLo A81nL8-uCWn sLaLe. 1he shorLer you seL lL, Lhe more
lSC uPC Server
Page 37 of 56
load your servers wlll experlence when Lhey are noL communlcaLlng. A value of someLhlng llke 3600 ls
probably reasonable, buL agaln bear ln mlnd LhaL we have no real operaLlonal experlence wlLh Lhls.
1he spllL sLaLemenL:
sp||t index,
1he spllL sLaLemenL speclfles Lhe spllL beLween Lhe prlmary and secondary for Lhe purposes of load
balanclng. Whenever a cllenL makes a uPC requesL, Lhe uPC server runs a hash on Lhe cllenL
ldenLlflcaLlon, resulLlng ln value from 0 Lo 233. 1hls ls used as an lndex lnLo a 236 blL fleld. lf Lhe blL aL LhaL
lndex ls seL, Lhe prlmary ls responslble. lf Lhe blL aL LhaL lndex ls noL seL, Lhe secondary ls responslble.
1he sp||tvalue deLermlnes how many of Lhe leadlng blLs are seL Lo one. So, ln pracLlce, hlgher spllL values
wlll cause Lhe prlmary Lo serve more cllenLs Lhan Lhe secondary. Lower spllL values, Lhe converse. Legal
values are beLween 0 and 233, of whlch Lhe mosL reasonable ls 128.
1he hba sLaLemenL:
hba &"*",./'!%#%$'0.2'1.*)/$,
1he hba sLaLemenL speclfles Lhe spllL beLween Lhe prlmary and secondary as a blLmap raLher Lhan a
cuLoff, whlch LheoreLlcally allows for flner-gralned conLrol. ln pracLlce, Lhere ls probably no need for such
flne-gralned conLrol, however. An example hba sLaLemenL:
hba ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00,
1hls ls equlvalenL Lo a sp||t 128, sLaLemenL, and ldenLlcal. 1he followlng Lwo examples are also equlvalenL
Lo a sp||t of 128, buL are noL ldenLlcal:
hba aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:
aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa,

hba SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:
SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:SS:SS,
1hey are equlvalenL, because half Lhe blLs are seL Lo 0, half are seL Lo 1 (0xa and 0x3 are 1010 and 0101
blnary respecLlvely) and consequenLly Lhls would roughly dlvlde Lhe cllenLs equally beLween Lhe servers.
1hey are noL ldenLlcal, because Lhe acLual peers Lhls would load balance Lo each server are dlfferenL for
each example.
?ou musL only have sp||t or hba deflned, never boLh. lor mosL cases, Lhe flne-gralned conLrol
LhaL hba offers lsn'L necessary, and sp||t should be used.
1he load balance max seconds sLaLemenL:
|oad ba|ance max seconds /'&",0/,

1hls sLaLemenL allows you Lo conflgure a cuLoff afLer whlch load balanclng ls dlsabled. 1he cuLoff ls based
on Lhe number of seconds slnce Lhe cllenL senL lLs flrsL uPCulSCCvL8 or uPC8LCuLS1 message, and
only works wlLh cllenLs LhaL correcLly lmplemenL Lhe '$.' fleld - forLunaLely mosL cllenLs do. We
lSC uPC Server
Page 38 of 56
recommend seLLlng Lhls Lo someLhlng llke 3 or 3. 1he effecL of Lhls ls LhaL lf one of Lhe fallover peers geLs
lnLo a sLaLe where lL ls respondlng Lo fallover messages buL noL respondlng Lo some cllenL requesLs, Lhe
oLher fallover peer wlll Lake over lLs cllenL load auLomaLlcally as Lhe cllenLs reLry.
1he auLo-parLner-down sLaLemenL
auto-partner-down /'&",0/,

1hls sLaLemenL lnsLrucLs Lhe server Lo lnlLlaLe a Llmed delay upon enLerlng Lhe communlcaLlons-
lnLerrupLed sLaLe (any slLuaLlon of belng ouL-of-conLacL wlLh Lhe remoLe fallover peer). AL Lhe concluslon
of Lhe Llmer, Lhe server wlll auLomaLlcally enLer Lhe parLner-down sLaLe. 1hls permlLs Lhe server Lo
allocaLe leases from Lhe parLner's free lease pool afLer an S1CS+MCL1 Llmer explres, whlch can be
dangerous lf Lhe parLner ls ln facL operaLlng aL Lhe Llme (Lhe Lwo servers wlll glve confllcLlng blndlngs).
1hlnk very carefully before enabllng Lhls feaLure. 1he parLner-down and communlcaLlons-lnLerrupLed
sLaLes are lnLenLlonally segregaLed because Lhere do exlsL slLuaLlons where a fallover server can fall Lo
communlcaLe wlLh lLs peer, buL sLlll has Lhe ablllLy Lo recelve and reply Lo requesLs from uPC cllenLs. ln
general, Lhls feaLure should only be used ln Lhose deploymenLs where Lhe fallover servers are dlrecLly
connecLed Lo one anoLher, such as by a dedlcaLed hardwlred llnk ("a hearLbeaL cable").
A zero value dlsables Lhe auLo-parLner-down feaLure (also Lhe defaulL), and any poslLlve value lndlcaLes
Lhe Llme ln seconds Lo walL before auLomaLlcally enLerlng parLner-down.
1he lallover pool balance sLaLemenLs.
max-|ease-m|sba|ance !'#&',$%-',
max-|ease-ownersh|p !'#&',$%-',
m|n-ba|ance /'&",0/,
max-ba|ance /'&",0/,

1hls verslon of Lhe uPC Server evaluaLes pool balance on a schedule, raLher Lhan on demand as leases
are allocaLed. 1he laLLer approach proved Lo be sllghLly klunky when pool mlsbalanced reach LoLal
saLuraLlon (em when any server ran ouL of leases Lo asslgn, lL also losL lLs ablllLy Lo noLlce lL had run dry.
ln order Lo undersLand pool balance, some elemenLs of lLs operaLlon flrsL need Lo be deflned. llrsL, Lhere
are free and backup leases. 8oLh of Lhese are referred Lo as free sLaLe leases. free and backup are
Lhe free sLaLes for Lhe purpose of Lhls documenL. 1he dlfference ls LhaL only Lhe prlmary may allocaLe
from free leases unless under speclal clrcumsLances, and only Lhe secondary may allocaLe backup
leases.
When pool balance ls performed, Lhe only plauslble expecLaLlon ls Lo provlde a 30/30 spllL of Lhe free
sLaLe leases beLween Lhe Lwo servers. 1hls ls because no one can predlcL whlch server wlll fall, regardless
of Lhe relaLlve load placed upon Lhe Lwo servers, so glvlng each server half Lhe leases glves boLh servers
Lhe same amounL of fallure endurance. 1herefore, Lhere ls no way Lo conflgure any dlfferenL behavlour,
ouLslde of some very small wlndows we wlll descrlbe shorLly.
lSC uPC Server
Page 39 of 56
1he flrsL Lhlng calculaLed on any pool balance run ls a value referred Lo as lLs, or "Leases 1o Send". 1hls,
slmply, ls Lhe dlfference ln Lhe counL of free and backup leases, dlvlded by Lwo. lor Lhe secondary, lL ls Lhe
dlfference ln Lhe backup and free leases, dlvlded by Lwo. 1he resulLlng value ls slgned: lf lL ls poslLlve, Lhe
local server ls expecLed Lo hand ouL leases Lo reLaln a 30/30 balance. lf lL ls negaLlve, Lhe remoLe server
would need Lo send leases Lo balance Lhe pool. Cnce Lhe lLs value reaches zero, Lhe pool ls perfecLly
balanced (glve or Lake one lease ln Lhe case of an odd number of LoLal free sLaLe leases).
1he currenL approach ls sLlll someLhlng of a hybrld of Lhe old approach, marked by Lhe presence of
Lhe max-|ease-m|sba|ance sLaLemenL. 1hls parameLer conflgures whaL used Lo be a 10 flxed value ln
prevlous verslons: lf lLs ls less Lhan free+backup * max-|ease-m|sba|ance percenL, Lhen Lhe server wlll sklp
balanclng a glven pool (lL won'L boLher movlng any leases, even lf some leases "should" be moved). 1he
meanlng of Lhls value ls also somewhaL overloaded, however, ln LhaL lL also governs Lhe esLlmaLlon of
when Lo aLLempL Lo balance Lhe pool (whlch may Lhen also be sklpped over). 1he oldesL leases ln Lhe free
and backup sLaLes are examlned. 1he Llme Lhey have reslded ln Lhelr respecLlve queues ls used as an
esLlmaLe Lo lndlcaLe how much Llme lL ls probable lL would Lake before Lhe leases aL Lhe Lop of Lhe llsL
would be consumed (and Lhus, how long lL would Lake Lo use all leases ln LhaL sLaLe). 1hls percenLage ls
dlrecLly mulLlplled by Lhls Llme, and flL lnLo Lhe schedule lf lL falls wlLhln Lhe m|n-ba|ance and max-
ba|ance conflgured values. 1he scheduled pool check Llme ls only moved ln a downwards dlrecLlon, lL ls
never lncreased. LasLly, lf Lhe lLs ls more Lhan double Lhls number ln Lhe negaLlve dlrecLlon, Lhe local
server wlll panlc and LransmlL a lallover proLocol CCL8LC message, ln Lhe hopes LhaL Lhe remoLe
sysLem wlll be woken up lnLo acLlon.
Cnce Lhe lLs value exceeds Lhe max-|ease-m|sba|ance percenLage of LoLal free sLaLe leases as descrlbed
above, leases are moved Lo Lhe remoLe server. 1hls ls done ln Lwo passes.
ln Lhe flrsL pass, only leases whose mosL recenL bound cllenL would have been served by Lhe remoLe
server - accordlng Lo Lhe Load 8alance AlgorlLhm (see above sp||t and hba conflguraLlon sLaLemenLs) - are
glven away Lo Lhe peer. 1hls flrsL pass wlll happlly conLlnue Lo glve away leases, decremenLlng Lhe lLs
value by one for each, unLll Lhe lLs value has reached Lhe negaLlve of Lhe LoLal number of leases mulLlplled
by Lhe max-|ease-ownersh|p percenLage. So lL ls Lhrough Lhls value LhaL you can permlL a small
mlsbalance of Lhe lease pools - for Lhe purpose of glvlng Lhe peer more Lhan a 30/30 share of leases ln Lhe
hopes LhaL Lhelr cllenLs mlghL some day reLurn and be allocaLed by Lhe peer (operaLlng normally). 1hls
process ls referred Lo as MAC Address AfflnlLy, buL Lhls ls somewhaL mlsnamed: lL applles equally Lo
uPC CllenL ldenLlfler opLlons. noLe also LhaL afflnlLy ls applled Lo leases when Lhey enLer Lhe sLaLe free
from explred or released. ln Lhls case also, leases wlll noL be moved from free Lo backup lf Lhe
secondary already has more Lhan lLs share.
1he second pass ls only enLered lnLo lf Lhe flrsL pass falls Lo reduce Lhe lLs underneaLh Lhe LoLal number of
free sLaLe leases mulLlplled by Lhe max-|ease-ownersh|p percenLage. ln Lhls pass, Lhe oldesL leases are
glven over Lo Lhe peer wlLhouL second LhoughL abouL Lhe Load 8alance AlgorlLhm, and Lhls conLlnues unLll
Lhe lLs falls under Lhls value. ln Lhls way, Lhe local server wlll also happlly keep a small percenLage of Lhe
leases LhaL would normally load balance Lo lLself.
So, Lhe max-|ease-m|sba|ance value acLs as a behavloural gaLe. Smaller values wlll cause more leases Lo
LranslLlon sLaLes Lo balance Lhe pools over Llme, hlgher values wlll decrease Lhe amounL of change (buL
may lead Lo pool sLarvaLlon lf Lhere's a run on leases).
lSC uPC Server
Page 40 of 56
1he max-|ease-ownersh|p value permlLs a small (percenLage) skew ln Lhe lease balance of a percenLage of
Lhe LoLal number of free sLaLe leases.
llnally, Lhe m|n-ba|ance and max-ba|ance make cerLaln LhaL a scheduled rebalance evenL happens wlLhln
a reasonable Llmeframe (noL Lo be Lhrown off by, for example, a 7 year old free lease).
lauslble values for Lhe percenLages lle beLween 0 and 100, lncluslve, buL values over 30 are
lndlsLlngulshable from one anoLher (once lLs exceeds 30 of Lhe free sLaLe leases, one server musL
Lherefore have 100 of Lhe leases ln lLs respecLlve free sLaLe). lL ls recommended Lo selecL a max-|ease-
ownersh|p value LhaL ls lower Lhan Lhe value selecLed for Lhe max-|ease-m|sba|ance value. max-|ease-
ownersh|pdefaulLs Lo 10, and max-|ease-m|sba|ance defaulLs Lo 13.
lauslble values for Lhe m|n-ba|ance and max-ba|ance Llmes also range from 0 Lo (2^32)-1 (or Lhe llmlL of
your local Llme_L value), buL defaulL Lo values 60 and 3600 respecLlvely (Lo place balance evenLs beLween
1 mlnuLe and 1 hour).
u?nAMlC unS uuA1LS
1he uPC server has Lhe ablllLy Lo dynamlcally updaLe Lhe uomaln name SysLem. WlLhln Lhe conflguraLlon flles,
you can deflne how you wanL Lhe uomaln name SysLem Lo be updaLed. 1hese updaLes are 8lC 2136 compllanL so
any unS server supporLlng 8lC 2136 should be able Lo accepL updaLes from Lhe uPC server.
1here are Lwo unS schemes lmplemenLed. 1he lnLerlm opLlon ls based on drafL revlslons of Lhe uunS documenLs
whlle Lhe sLandard opLlon ls based on Lhe 8lCs for uPC-unS lnLeracLlon and uPClus. A Lhlrd opLlon, ad-hoc, was
deprecaLed and has now been removed from Lhe code base. 1he uPC server musL be conflgured Lo use one of
Lhe Lwo currenLly-supporLed meLhods, or noL Lo do unS updaLes.
new lnsLallaLlons should use Lhe sLandard opLlon. Clder lnsLallaLlons may wanL Lo conLlnue uslng Lhe lnLerlm
opLlon for backwards compaLlblllLy wlLh Lhe unS daLabase unLll Lhe daLabase can be updaLed. 1hls can be done
wlLh Lhe ddns-updaLe-sLyle conflguraLlon parameLer.
1PL unS uuA1L SCPLML

1he lnLerlm and sLandard unS updaLe schemes operaLe mosLly accordlng Lo work from Lhe lL1l. 1he lnLerlm
verslon was based on Lhe drafLs ln progress aL Lhe Llme whlle Lhe sLandard ls based on Lhe compleLed 8lCs. 1he
sLandard 8lCs are:
8lC 4701 (updaLed by 8l3494)
8lC 4702
8lC 4703
1he baslc framework for Lhe Lwo schemes ls slmllar wlLh Lhe maln maLerlal dlfference belng LhaL a uPClu 88 ls
used ln Lhe sLandard verslon whlle Lhe lnLerlm verslons uses a 1x1 88. 1he formaL of Lhe 1x1 record bears a
resemblance Lo Lhe uPClu 88 buL lL ls noL equlvalenL (Mu3 vs SPA2, fleld lengLh dlfferences eLc).
lSC uPC Server
Page 41 of 56
ln Lhese Lwo schemes Lhe uPC server does noL necessarlly always updaLe boLh Lhe A and Lhe 18 records. 1he
IDN opLlon lncludes a flag whlch, when senL by Lhe cllenL, lndlcaLes LhaL Lhe cllenL wlshes Lo updaLe lLs own A
record. ln LhaL case, Lhe server can be conflgured elLher Lo honor Lhe cllenLs lnLenLlons or lgnore Lhem. 1hls ls
done wlLh Lhe sLaLemenL allow cllenL-updaLes/ or Lhe sLaLemenL lgnore cllenL-updaLes,. 8y defaulL, cllenL updaLes
are allowed.
lf Lhe server ls conflgured Lo allow cllenL updaLes, Lhen lf Lhe cllenL sends a fully-quallfled domaln name ln Lhe
IDN opLlon, Lhe server wlll use LhaL name Lhe cllenL senL ln Lhe IDN opLlon Lo updaLe Lhe 18 record. lor
example, leL us say LhaL Lhe cllenL ls a vlslLor from Lhe "radlsh.org" domaln, whose hosLname ls "[schmoe". 1he
server ls for Lhe "example.org" domaln. 1he uPC cllenL lndlcaLes ln Lhe IDN opLlon LhaL lLs IDN ls
"[schmoe.radlsh.org.". lL also lndlcaLes LhaL lL wanLs Lo updaLe lLs own A record. 1he uPC server Lherefore does
noL aLLempL Lo seL up an A record for Lhe cllenL, buL does seL up a 18 record for Lhe l address LhaL lL asslgns Lhe
cllenL, polnLlng aL [schmoe.radlsh.org. Cnce Lhe uPC cllenL has an l address, lL can updaLe lLs own A record,
assumlng LhaL Lhe "radlsh.org" unS server wlll allow lL Lo do so.
lf Lhe server ls conflgured noL Lo allow cllenL updaLes, or lf Lhe cllenL doesnL wanL Lo do lLs own updaLe, Lhe server
wlll slmply choose a name for Lhe cllenL from elLher Lhe fqdn opLlon (lf presenL) or Lhe hosLname opLlon (lf
presenL). lL wlll use lLs own domaln name for Lhe cllenL. lL wlll Lhen updaLe boLh Lhe A and 18 record, uslng Lhe
name LhaL lL chose for Lhe cllenL. lf Lhe cllenL sends a fully-quallfled domaln name ln Lhe fqdn opLlon, Lhe server
uses only Lhe lefLmosL parL of Lhe domaln name - ln Lhe example above, "[schmoe" lnsLead of
"[schmoe.radlsh.org".
lf Lhe defaulLs for chooslng Lhe hosL name are noL approprlaLe you can wrlLe your own sLaLemenL Lo seL Lhe ddns-
hosLname varlable as you wlsh. lurLher, lf Lhe lgnore cllenL-updaLes, dlrecLlve ls used, Lhen Lhe server wlll ln
addlLlon send a response ln Lhe uPC packeL, uslng Lhe lCun CpLlon, LhaL lmplles Lo Lhe cllenL LhaL lL should
perform lLs own updaLes lf lL chooses Lo do so. WlLh deny cllenL-updaLes, a response ls senL whlch lndlcaLes Lhe
cllenL may noL perform updaLes.
8oLh Lhe sLandard and lnLerlm opLlons also lnclude a meLhod Lo allow more Lhan one uPC server Lo updaLe Lhe
unS daLabase wlLhouL accldenLally deleLlng A records LhaL shouldnL be deleLed nor falllng Lo add A records LhaL
should be added. lor Lhe sLandard opLlon Lhe meLhod works as follows:
When Lhe uPC server lssues a cllenL a new lease, lL creaLes a LexL sLrlng LhaL ls an SPA hash over Lhe uPC cllenLs
ldenLlflcaLlon (see 8lCs 4701 & 4702 for deLalls). 1he updaLe aLLempLs Lo add an A record wlLh Lhe name Lhe server
chose and a uPClu record conLalnlng Lhe hashed ldenLlfler sLrlng (hashld). lf Lhls updaLe succeeds, Lhe server ls
done.
lf Lhe updaLe falls because Lhe A record already exlsLs, Lhen Lhe uPC server aLLempLs Lo add Lhe A record wlLh Lhe
prerequlslLe LhaL Lhere musL be a uPClu record ln Lhe same name as Lhe new A record, and LhaL uPClu records
conLenLs musL be equal Lo hashld. lf Lhls updaLe succeeds, Lhen Lhe cllenL has lLs A record and 18 record. lf lL falls,
Lhen Lhe name Lhe cllenL has been asslgned (or requesLed) ls ln use, and canL be used by Lhe cllenL. AL Lhls polnL
Lhe uPC server glves up Lrylng Lo do a unS updaLe for Lhe cllenL unLll Lhe cllenL chooses a new name.
1he server also does noL updaLe very aggresslvely. 8ecause each unS updaLe lnvolves a round Lrlp Lo Lhe unS
server, Lhere ls a cosL assoclaLed wlLh dolng updaLes even lf Lhey do noL acLually modlfy Lhe unS daLabase. So Lhe
uPC server Lracks wheLher or noL lL has updaLed Lhe record ln Lhe pasL (Lhls lnformaLlon ls sLored on Lhe lease)
and does noL aLLempL Lo updaLe records LhaL lL Lhlnks lL has already updaLed.
lSC uPC Server
Page 42 of 56
1hls can lead Lo cases where Lhe uPC server adds a record, and Lhen Lhe record ls deleLed Lhrough some oLher
mechanlsm, buL Lhe server never agaln updaLes Lhe unS because lL Lhlnks Lhe daLa ls already Lhere. ln Lhls case Lhe
daLa can be removed from Lhe lease Lhrough operaLor lnLervenLlon, and once Lhls has been done, Lhe unS wlll be
updaLed Lhe nexL Llme Lhe cllenL renews.
1he lnLerlm unS updaLe scheme was wrlLLen before Lhe 8lCs were flnallzed and does noL qulLe follow Lhem. 1he
8lCs call for a new uPClu 88Lype whlle he lnLerlm unS updaLe scheme uses a 1x1 record. ln addlLlon Lhe ddns-
resoluLlon drafL called for Lhe uPC server Lo puL a uPClu 88 on Lhe 18 record, buL Lhe lnLerlm updaLe meLhod
does noL do Lhls. ln Lhe flnal 8lC Lhls requlremenL was relaxed such LhaL a server may add a uPClu 88 Lo Lhe 18
record.
u?nAMl C unS uuA1L SLCu8l 1?
When you seL your unS server up Lo allow updaLes from Lhe uPC server, you may be exposlng lL Lo unauLhorlzed
updaLes. 1o avold Lhls, you should use 1SlC slgnaLures - a meLhod of crypLographlcally slgnlng updaLes uslng a
shared secreL key. As long as you proLecL Lhe secrecy of Lhls key, your updaLes should also be secure. noLe,
however, LhaL Lhe uPC proLocol lLself provldes no securlLy, and LhaL cllenLs can Lherefore provlde lnformaLlon Lo
Lhe uPC server whlch Lhe uPC server wlll Lhen use ln lLs updaLes, wlLh Lhe consLralnLs descrlbed prevlously.
1he unS server musL be conflgured Lo allow updaLes for any zone LhaL Lhe uPC server wlll be updaLlng. lor
example, leL us say LhaL cllenLs ln Lhe sneedvllle.edu domaln wlll be asslgned addresses on Lhe 10.10.17.0/24
subneL. ln LhaL case, you wlll need a key declaraLlon for Lhe 1SlC key you wlll be uslng, and also Lwo zone
declaraLlons - one for Lhe zone conLalnlng A records LhaL wlll be updaLes and one for Lhe zone conLalnlng 18
records - for lSC 8lnu, someLhlng llke Lhls:
key DnC_UDA1Lk {
a|gor|thm nMAC-MDS.SIG-ALG.kLG.IN1,
secret pkSIapIoI9SILL06sv4==,
},

zone "examp|e.org" {
type master,
f||e "examp|e.org.db",
a||ow-update { key DnC_UDA1Lk, },
},

zone "17.10.10.|n-addr.arpa" {
type master,
f||e "10.10.17.db",
a||ow-update { key DnC_UDA1Lk, },
},

lSC uPC Server
Page 43 of 56
?ou wlll also have Lo conflgure your uPC server Lo do updaLes Lo Lhese zones. 1o do so, you need Lo add
someLhlng llke Lhls Lo your dhcpd.conf flle:
key DnC_UDA1Lk {
a|gor|thm nMAC-MDS.SIG-ALG.kLG.IN1,
secret pkSIapIoI9SILL06sv4==,
},

zone LkAMLL.CkG. {
pr|mary 127.0.0.1,
key DnC_UDA1Lk,
}

zone 17.127.10.|n-addr.arpa. {
pr|mary 127.0.0.1,
key DnC_UDA1Lk,
}

1he prlmary sLaLemenL speclfles Lhe l address of Lhe name server whose zone lnformaLlon ls Lo be updaLed. ln
addlLlon Lo Lhe prlmary sLaLemenL Lhere are also Lhe prlmary6 , secondary and secondary6 sLaLemenLs.
1he prlmary6 sLaLemenL speclfles an lv6 address for Lhe name server. 1he secondarles provlde for addlLlonal
addresses for name servers Lo be used lf Lhe prlmary does noL respond. 1he number of name servers Lhe uunS
code wlll aLLempL Lo use before glvlng up ls llmlLed and ls currenLly seL Lo Lhree.
noLe LhaL Lhe zone declaraLlons have Lo correspond Lo auLhorlLy records ln your name server - ln Lhe above
example, Lhere musL be an SCA record for "example.org." and for "17.10.10.ln-addr.arpa.". lor example, lf Lhere
were a subdomaln "foo.example.org" wlLh no separaLe SCA, you could noL wrlLe a zone declaraLlon for
"foo.example.org." Also keep ln mlnd LhaL zone names ln your uPC conflguraLlon should end ln a ".", Lhls ls Lhe
preferred synLax. lf you do noL end your zone name ln a ".", Lhe uPC server wlll flgure lL ouL. Also noLe LhaL ln Lhe
uPC conflguraLlon, zone names are noL encapsulaLed ln quoLes where Lhere are ln Lhe unS conflguraLlon.
?ou should choose your own secreL key, of course. 1he lSC 8lnu 9 dlsLrlbuLlon comes wlLh a program for
generaLlng secreL keys called dnssec-keygen. lf you are uslng 8lnu 9s dnssec-keygen, Lhe above key would be
creaLed as follows:
dnssec-keygen -a nMAC-MDS -b 128 -n USLk DnC_UDA1Lk

?ou may wlsh Lo enable logglng of unS updaLes on your unS server. 1o do so, you mlghL wrlLe a logglng sLaLemenL
llke Lhe followlng:
|ogg|ng {
channe| update_debug {
lSC uPC Server
Page 44 of 56
f||e "]var]|og]update-debug.|og",
sever|ty debug 3,
pr|nt-category yes,
pr|nt-sever|ty yes,
pr|nt-t|me yes,
},
channe| secur|ty_|nfo {
f||e "]var]|og]named-auth.|nfo",
sever|ty |nfo,
pr|nt-category yes,
pr|nt-sever|ty yes,
pr|nt-t|me yes,
},

category update { update_debug, },
category secur|ty { secur|ty_|nfo, },
},

?ou musL creaLe Lhe /var/log/named-auLh.lnfo and /var/log/updaLe-debug.log flles before sLarLlng Lhe name
server. lor more lnformaLlon on conflgurlng lSC 8lnu, consulL Lhe documenLaLlon LhaL accompanles lL.

CMAl
1he uPC server provldes Lhe capablllLy Lo modlfy some of lLs conflguraLlon whlle lL ls runnlng, wlLhouL sLopplng lL,
modlfylng lLs daLabase flles, and resLarLlng lL. 1hls capablllLy ls currenLly provlded uslng CMAl - an Al for
manlpulaLlng remoLe ob[ecLs. CMAl cllenLs connecL Lo Lhe server uslng 1C/l, auLhenLlcaLe, and can Lhen
examlne Lhe server's currenL sLaLus and make changes Lo lL.
8aLher Lhan lmplemenLlng Lhe underlylng CMAl proLocol dlrecLly, user programs should use Lhe dhcpcLl Al or
CMAl lLself. uhcpcLl ls a wrapper LhaL handles some of Lhe housekeeplng chores LhaL CMAl does noL do
auLomaLlcally. uhcpcLl and CMAl are documenLed ln Lhe man pages 02&!&$* and "4%!)<=).
CMAl exporLs ob[ecLs, whlch can Lhen be examlned and modlfled. 1he uPC server exporLs Lhe followlng
ob[ecLs: lease, hosL, fallover-sLaLe and group. Lach ob[ecL has a number of meLhods LhaL are provlded: lookup,
creaLe, and desLroy. ln addlLlon, lL ls posslble Lo look aL aLLrlbuLes LhaL are sLored on ob[ecLs, and ln some cases Lo
modlfy Lhose aLLrlbuLes.
1PL LLASL C8!LC1
Leases can'L currenLly be creaLed or desLroyed, buL Lhey can be looked up Lo examlne and modlfy Lhelr sLaLe.
lSC uPC Server
Page 45 of 56
Leases have Lhe followlng aLLrlbuLes:
state ),$'-'# |ookup, exam|ne
0)#$1$- values:
1 = free
2 = acLlve
3 = explred
4 = released
3 = abandoned
6 = reseL
7 = backup
8 = reserved
9 = booLp
|p-address 0%$% |ookup, exam|ne
Lhe l address of Lhe lease.
dhcp-c||ent-|dent|f|er 0%$% |ookup, exam|ne, update
Lhe cllenL ldenLlfler LhaL Lhe cllenL used when lL acqulred Lhe lease. noL all cllenLs send cllenL ldenLlflers, so Lhls
may be empLy.
c||ent-hostname 0%$% exam|ne, update
Lhe value Lhe cllenL senL ln Lhe hosL-name opLlon.
host 2%,0*' exam|ne
Lhe hosL declaraLlon assoclaLed wlLh Lhls lease, lf any.
subnet 2%,0*' exam|ne
Lhe subneL ob[ecL assoclaLed wlLh Lhls lease (Lhe subneL ob[ecL ls noL currenLly supporLed).
poo| 2%,0*' exam|ne
Lhe pool ob[ecL assoclaLed wlLh Lhls lease (Lhe pool ob[ecL ls noL currenLly supporLed).
bllllng-class %")!2$ examlne
Lhe handle Lo Lhe class Lo whlch Lhls lease ls currenLly bllled, lf any (Lhe class ob[ecL ls noL currenLly supporLed).
hardware-address 0%$% exam|ne, update
Lhe hardware address (chaddr) fleld senL by Lhe cllenL when lL acqulred lLs lease.
hardware-type ),$'-'# exam|ne, update
lSC uPC Server
Page 46 of 56
Lhe Lype of Lhe neLwork lnLerface LhaL Lhe cllenL reporLed when lL acqulred lLs lease.
ends $)4' exam|ne
Lhe Llme when Lhe lease's currenL sLaLe ends, as undersLood by Lhe cllenL.
tstp $)4' exam|ne
Lhe Llme when Lhe lease's currenL sLaLe ends, as undersLood by Lhe server.
tsfp $)4' exam|ne
Lhe ad[usLed Llme when Lhe lease's currenL sLaLe ends, as undersLood by Lhe fallover peer (lf Lhere ls no fallover
peer, Lhls value ls undeflned). Cenerally Lhls value ls only ad[usLed for explred, released, or reseL leases whlle Lhe
server ls operaLlng ln parLner-down sLaLe, and oLherwlse ls slmply Lhe value supplled by Lhe peer.
atsfp $)4' exam|ne
Lhe acLual Lsfp value senL from Lhe peer. 1hls value ls forgoLLen when a lease blndlng sLaLe change ls made, Lo
faclllLaLe reLransmlsslon loglc.
c|tt $)4' exam|ne
1he Llme of Lhe lasL LransacLlon wlLh Lhe cllenL on Lhls lease.
1PL PCS1 C8!LC1
PosLs can be creaLed, desLroyed, looked up, examlned and modlfled. lf a hosL declaraLlon ls creaLed or deleLed
uslng CMAl, LhaL lnformaLlon wlll be recorded ln Lhe dhcpd.leases flle. lL ls permlsslble Lo deleLe hosL
declaraLlons LhaL are declared ln Lhe dhcpd.conf flle.
PosLs have Lhe followlng aLLrlbuLes:
name 0%$% |ookup, exam|ne, mod|fy
Lhe name of Lhe hosL declaraLlon. 1hls name musL be unlque among all hosL declaraLlons.
group 2%,0*' exam|ne, mod|fy
Lhe named group assoclaLed wlLh Lhe hosL declaraLlon, lf Lhere ls one.
hardware-address 0%$% |ookup, exam|ne, mod|fy
Lhe llnk-layer address LhaL wlll be used Lo maLch Lhe cllenL, lf any. Cnly valld lf hardware-Lype ls also presenL.
hardware-type ),$'-'# |ookup, exam|ne, mod|fy
Lhe Lype of Lhe neLwork lnLerface LhaL wlll be used Lo maLch Lhe cllenL, lf any. Cnly valld lf hardware-address ls
also presenL.
dhcp-c||ent-|dent|f|er 0%$% |ookup, exam|ne, mod|fy
Lhe dhcp-cllenL-ldenLlfler opLlon LhaL wlll be used Lo maLch Lhe cllenL, lf any.
|p-address 0%$% exam|ne, mod|fy
lSC uPC Server
Page 47 of 56
a flxed l address whlch ls reserved for a uPC cllenL LhaL maLches Lhls hosL declaraLlon. 1he l address wlll only
be asslgned Lo Lhe cllenL lf lL ls valld for Lhe neLwork segmenL Lo whlch Lhe cllenL ls connecLed.
statements 0%$% mod|fy
a llsL of sLaLemenLs ln Lhe formaL of Lhe dhcpd.conf flle LhaL wlll be execuLed whenever a message from Lhe cllenL
ls belng processed.
known ),$'-'# exam|ne, mod|fy
lf nonzero, lndlcaLes LhaL a cllenL maLchlng Lhls hosL declaraLlon wlll be LreaLed as 3)&4) ln pool permlL llsLs. lf
zero, Lhe cllenL wlll noL be LreaLed as known.
1PL C8Cu C8!LC1
named groups can be creaLed, desLroyed, looked up, examlned and modlfled. lf a group declaraLlon ls creaLed or
deleLed uslng CMAl, LhaL lnformaLlon wlll be recorded ln Lhe dhcpd.leases flle. lL ls permlsslble Lo deleLe group
declaraLlons LhaL are declared ln Lhe dhcpd.conf flle.
named groups currenLly can only be assoclaLed wlLh hosLs - Lhls allows one seL of sLaLemenLs Lo be efflclenLly
aLLached Lo more Lhan one hosL declaraLlon.
Croups have Lhe followlng aLLrlbuLes:
name 0%$%
Lhe name of Lhe group. All groups LhaL are creaLed uslng CMAl musL have names, and Lhe names musL be unlque
among all groups.
sLaLemenLs !"#"
a llsL of sLaLemenLs ln Lhe formaL of Lhe dhcpd.conf flle LhaL wlll be execuLed whenever a message from a cllenL
whose hosL declaraLlon references Lhls group ls processed.
1PL CCn18CL C8!LC1
1he conLrol ob[ecL allows you Lo shuL Lhe server down. lf Lhe server ls dolng fallover wlLh anoLher peer, lL wlll
make a clean LranslLlon lnLo Lhe shuLdown sLaLe and noLlfy lLs peer, so LhaL Lhe peer can go lnLo parLner down, and
Lhen record Lhe "recover" sLaLe ln Lhe lease flle so LhaL when Lhe server ls resLarLed, lL wlll auLomaLlcally
resynchronlze wlLh lLs peer.
Cn shuLdown Lhe server wlll also aLLempL Lo cleanly shuL down all CMAl connecLlons. lf Lhese connecLlons do noL
go down cleanly afLer flve seconds, Lhey are shuL down preempLlvely. lL can Lake as much as 23 seconds from Lhe
beglnnlng of Lhe shuLdown process Lo Lhe Llme LhaL Lhe server acLually exlLs.
1o shuL Lhe server down, open lLs conLrol ob[ecL and seL Lhe sLaLe aLLrlbuLe Lo 2.
1PL lAl LCvL8-S1A1L C8!LC1
1he fallover-sLaLe ob[ecL ls Lhe ob[ecL LhaL Lracks Lhe sLaLe of Lhe fallover proLocol as lL ls belng managed for a
glven fallover peer. 1he fallover ob[ecL has Lhe followlng aLLrlbuLes (please see Lhe man pages dhcpd.conf (3) for
explanaLlons abouL whaL Lhese aLLrlbuLes mean):
lSC uPC Server
Page 48 of 56
name 0%$% exam|ne
lndlcaLes Lhe name of Lhe fallover peer relaLlonshlp, as descrlbed ln Lhe server's dhcpd.conf flle.
partner-address 0%$% exam|ne
lndlcaLes Lhe fallover parLner's l address.
|oca|-address 0%$% exam|ne
lndlcaLes Lhe l address LhaL ls belng used by Lhe uPC server for Lhls fallover palr.
partner-port 0%$% exam|ne
lndlcaLes Lhe 1C porL on whlch Lhe fallover parLner ls llsLenlng for fallover proLocol connecLlons.
|oca|-port 0%$% exam|ne
lndlcaLes Lhe 1C porL on whlch Lhe uPC server ls llsLenlng for fallover proLocol connecLlons for Lhls fallover palr.
max-outstand|ng-updates ),$'-'# exam|ne
lndlcaLes Lhe number of updaLes LhaL can be ouLsLandlng and unacknowledged aL any glven Llme, ln Lhls fallover
relaLlonshlp.
mc|t ),$'-'# exam|ne
lndlcaLes Lhe maxlmum cllenL lead Llme ln Lhls fallover relaLlonshlp.
|oad-ba|ance-max-secs ),$'-'# exam|ne
lndlcaLes Lhe maxlmum value for Lhe secs fleld ln a cllenL requesL before load balanclng ls bypassed.
|oad-ba|ance-hba 0%$% exam|ne
lndlcaLes Lhe load balanclng hash buckeL array for Lhls fallover relaLlonshlp.
|oca|-state ),$'-'# exam|ne, mod|fy
lndlcaLes Lhe presenL sLaLe of Lhe uPC server ln Lhls fallover relaLlonshlp. osslble values for sLaLe are:
1 - sLarLup
2 - normal
3 - communlcaLlons lnLerrupLed
4 - parLner down
3 - poLenLlal confllcL
6 - recover
7 - paused
8 - shuLdown
9 - recover done
lSC uPC Server
Page 49 of 56
10 - resoluLlon lnLerrupLed
11 - confllcL done
234 - recover walL
(noLe LhaL some of Lhe above values have changed slnce uPC 3.0.x.) ln general lL ls noL a good ldea Lo make
changes Lo Lhls sLaLe. Powever, ln Lhe case LhaL Lhe fallover parLner ls known Lo be down, lL can be useful Lo seL
Lhe uPC server's fallover sLaLe Lo parLner down. AL Lhls polnL Lhe uPC server wlll Lake over servlce of Lhe
fallover parLner's leases as soon as posslble, and wlll glve ouL normal leases, noL leases LhaL are resLrlcLed by MCL1.
lf you do puL Lhe uPC server lnLo Lhe parLner-down when Lhe oLher uPC server ls noL ln Lhe parLner-down sLaLe,
buL ls noL reachable, l address asslgnmenL confllcLs are posslble, even llkely. Cnce a server has been puL lnLo
parLner-down mode, lLs fallover parLner musL noL be broughL back onllne unLll communlcaLlon ls posslble beLween
Lhe Lwo servers.
partner-state ),$'-'# exam|ne
lndlcaLes Lhe presenL sLaLe of Lhe fallover parLner.
|oca|-stos ),$'-'# exam|ne
lndlcaLes Lhe Llme aL whlch Lhe uPC server enLered lLs presenL sLaLe ln Lhls fallover relaLlonshlp.
partner-stos ),$'-'# exam|ne
lndlcaLes Lhe Llme aL whlch Lhe fallover parLner enLered lLs presenL sLaLe.
h|erarchy ),$'-'# exam|ne
lndlcaLes wheLher Lhe uPC server ls prlmary (0) or secondary (1) ln Lhls fallover relaLlonshlp.
|ast-packet-sent ),$'-'# exam|ne
lndlcaLes Lhe Llme aL whlch Lhe mosL recenL fallover packeL was senL by Lhls uPC server Lo lLs fallover parLner.
|ast-t|mestamp-rece|ved ),$'-'# exam|ne
lndlcaLes Lhe LlmesLamp LhaL was on Lhe fallover message mosL recenLly recelved from Lhe fallover parLner.
skew ),$'-'# exam|ne
lndlcaLes Lhe skew beLween Lhe fallover parLner's clock and Lhls uPC server's clock
max-response-de|ay ),$'-'# exam|ne
lndlcaLes Lhe Llme ln seconds afLer whlch, lf no message ls recelved from Lhe fallover parLner, Lhe parLner ls
assumed Lo be ouL of communlcaLlon.
cur-unacked-updates ),$'-'# exam|ne
lndlcaLes Lhe number of updaLe messages LhaL have been recelved from Lhe fallover parLner buL noL yeL processed.

SuC81Lu uPC C1lCnS
lSC uPC Server
Page 50 of 56
This is the list of options defined for v4. Defined indicates that we have included a definition for it in our code to
allow a user to access it via name. Supported indicates we have included code to make use of the option within our
code, normally this will be in the server.
Num Name Doc Def|ned Supported Notes
0 ad 8lC2132 ?es nA
1 SubneL Mask 8lC2132 ?es nA
2 1lme CffseL 8lC2132 ?es nA
3 8ouLer 8lC2132 ?es nA
4 1lme Server 8lC2132 ?es nA
S name Server 8lC2132 ?es nA
6 uomaln Server 8lC2132 ?es nA
7 Log Server 8lC2132 ?es nA
8 CuoLes Server 8lC2132 ?es nA
9 L8 Server 8lC2132 ?es nA
10 lmpress Server 8lC2132 ?es nA
11 8L Server 8lC2132 ?es nA
12 PosLname 8lC2132 ?es nA
13 8ooL llle Slze 8lC2132 ?es nA
14 MerlL uump llle 8lC2132 ?es nA
1S uomaln name 8lC2132 ?es nA
16 Swap Server 8lC2132 ?es nA
17 8ooL aLh 8lC2132 ?es nA
18 LxLenslon llle 8lC2132 ?es nA
19 lorward Cn/Cff 8lC2132 ?es nA
20 Src8Le? Cn/Cff 8lC2132 ?es nA
21 ollcy lllLer 8lC2132 ?es nA
22 Max uC Assembly 8lC2132 ?es nA
23 uefaulL l 11L 8lC2132 ?es nA
24 M1u 1lmeouL 8lC2132 ?es nA
2S M1u laLeau 8lC2132 ?es nA
26 M1u lnLerface 8lC2132 ?es nA
27 M1u SubneL 8lC2132 ?es nA
28 8roadcasL Address 8lC2132 ?es nA
29 Mask ulscovery 8lC2132 ?es nA
30 Mask Suppller 8lC2132 ?es nA
31 8ouLer ulscovery 8lC2132 ?es nA
32 8ouLer 8equesL 8lC2132 ?es nA
33 SLaLlc 8ouLe 8lC2132 ?es nA
34 1ralllers 8lC2132 ?es nA
3S A8 1lmeouL 8lC2132 ?es nA
36 LLherneL 8lC2132 ?es nA
37 uefaulL 1C 11L 8lC2132 ?es nA
38 keepallve 1lme 8lC2132 ?es nA
39 keepallve uaLa 8lC2132 ?es nA
40 nlS uomaln 8lC2132 ?es nA
41 nlS Servers 8lC2132 ?es nA
42 n1 Servers 8lC2132 ?es nA
43 vendor Speclflc 8lC2132 ?es nA
44 nL18lCS name Srv 8lC2132 ?es nA
4S nL18lCS ulsL Srv 8lC2132 ?es nA
46 nL18lCS node 1ype 8lC2132 ?es nA
lSC uPC Server
Page 51 of 56
47 nL18lCS Scope 8lC2132 ?es nA
48 x Wlndow lonL 8lC2132 ?es nA
49 x Wlndow Manager 8lC2132 ?es nA
S0 Address 8equesL 8lC2132 ?es nA
S1 Address 1lme 8lC2132 ?es nA
S2 Cverload 8lC2132 ?es nA
S3 uPC Msg 1ype 8lC2132 ?es nA
S4 uPC Server lu 8lC2132 ?es nA
SS arameLer LlsL 8lC2132 ?es nA
S6 uPC Message 8lC2132 ?es nA
S7 uPC Max Msg Slze 8lC2132 ?es nA
S8 8enewal 1lme 8lC2132 ?es nA
S9 8eblndlng 1lme 8lC2132 ?es nA
60 Class lu 8lC2132 ?es nA
61 CllenL lu 8lC2132 ?es nA
62 neLWarel? uomaln 8lC2132 ?es nA
63 neLWarel? CpLlon 8lC2132 ?es nA See sub opLlons below
64 nlS-uomaln-name 8lC2132 ?es nA
6S nlS-Server-Addr 8lC2132 ?es nA
66 Server-name 8lC2132 ?es nA
67 8ooLflle-name 8lC2132 ?es nA
68 Pome-AgenL-Addrs 8lC2132 ?es nA
69 SM1 Server 8lC2132 ?es nA
70 C3 Server 8lC2132 ?es nA
71 nn1 Server 8lC2132 ?es nA
72 WWW Server 8lC2132 ?es nA
73 llnger Server 8lC2132 ?es nA
74 l8C Server 8lC2132 ?es nA
7S SLreeL1alk? Server 8lC2132 ?es nA
76 S1uA Server 8lC2132 ?es nA
77 user Class 8lC3004 ?es nA
78 ulrecLory AgenL 8lC2610 ?es nA
79 Servlce Scope 8lC2610 ?es nA
80 8apld CommlL 8lC4039 nA nA
81 CllenL lCun 8lC4702 ?es nA
82 8elay AgenL
lnformaLlon
8lC3046 ?es nA See sub opLlons below
83 lSnS 8lC4174 no nA
84 unasslgned nA
8S nuS Servers 8lC2241 ?es nA
86 nuS 1ree name 8lC2241 ?es nA
87 nuS ConLexL 8lC2241 ?es nA
88 8CMCS ConLroller
uomaln name LlsL
8lC4280 ?es nA
89 8CMCS ConLroller
lv4 Address CpLlon
8lC4280 ?es nA
90 AuLhenLlcaLlon 8lC3118 no nA
91 CllenL LasL
1ransacLlon 1lme
8lC4388 ?es nA
92 AssoclaLed lp 8lC4388 ?es nA
93 CllenL SysLem 8lC4378 no nA
94 CllenL nul 8lC4378 no nA
lSC uPC Server
Page 52 of 56
9S LuA 8lC3679 no nA
96 unasslgned nA
97 uulu/Culu 8lC4378 no nA
98 user AuLh 8lC2483 ?es nA
99 CLCCCnl_ClvlC 8lC4776 no nA
100 Code 8lC4833 no nA
101 1Code 8lC4833 no nA
102 -
111
unasslgned
112 neLlnfo Address 8lC3679 ?es nA
113 neLlnfo 1ag 8lC3679 ?es nA
114 u8L 8lC3679 ?es nA
11S unasslgned
116 AuLo Conflg 8lC2363 no nA
117 name Servlce Search 8lC2937 no nA
118 SubneL SelecLlon
CpLlon
8lC3011 ?es nA
119 uomaln Search 8lC3397 ?es nA
120 Sl Servers uPC
CpLlon
8lC3361 no nA
121 classless SLaLlc 8ouLe
CpLlon
8lC3442 no nA
122 CCC 8lC3493 no nA See sub opLlons below
123 CeoConf? 8lC6223 no nA
124 v-l vendor Class 8lC3923 ?es nA
12S v-l vendor Speclflc
lnformaLlon
8lC3923 ?es nA
126 -
127
unasslgned
128 xL - undeflned
vendor speclflc
8lC4378 no nA lAnA also has several oLher lLems llsLed on
Lhls opLlon: eLherbooL slgnaLure, uCCSlS
"full securlLy" server l address and 1l1
server lp address.
129 xL - undeflned
vendor speclflc
Lhls opLlon: call server lp address
130 xL - undeflned
vendor speclflc
Lhls opLlon: eLherneL lnLerface,
dlscrlmlnaLlon sLrlng
131 xL - undeflned
vendor speclflc
Lhls opLlon: 8emoLe sLaLlsLlcs server l
address
132 xL - undeflned
vendor speclflc
Lhls opLlon: lLLL 802.1C vLAn lu
133 xL - undeflned
vendor speclflc
Lhls opLlon: lLLL 802.1u/p Layer 2 prlorlLy
134 xL - undeflned
vendor speclflc
Lhls opLlon: ulffserv Code olnL for vCl
13S xL - undeflned
vendor speclflc
Lhls opLlon: P11 proxy for phone speclflc
apps
136 ana AgenL 8lC3192 no nA
137 v4 LosL 8lC3223 no nA
lSC uPC Server
Page 53 of 56
138 Capwap AC v4 8lC3417 nos nA
139 lv4 Address MCS 8lC3678 no nA
140 lv4 lCun MCS 8lC3678 no nA
141 Sl uA ConflguraLlon
Servlce uomalns
8lC6011 no nA
142 lv4 Address AnuSl 8lC6133 no nA
143 lv6 Address AnuSl 8lC6133 no nA
144 CeoLoc? 8lC6223 no nA
14S lorce 8enew nonce
Capable
8lC6704 no nA
146 8unSS SelecLlon 8lC6731 no nA
147 -
149
unasslgned
1S0 1l1 Server Address 8lC3839 no nA lAnA also has several oLher lLems llsLed on
Lhls opLlon: LLherbooL, C8u8 conflguraLlon
paLh name
1S1 sLaLus code bulk lease
query
no nA
1S2 base Llme bulk lease
query
no nA
1S3 sLarL Llme of sLaLe bulk lease
query
no nA
1S4 query sLarL Llme bulk lease
query
no nA
1SS query end Llme bulk lease
query
no nA
1S6 dhcp sLaLe bulk lease
query
no nA
1S7 daLa source bulk lease
query
no nA
1S8 -
174
unasslgned
17S LLherbooL no nA
176 lp 1elephone no nA
177 LLherbooL no nA
178 -
207
unasslgned
208 xL Llnux Maglc 8lC3071 no nA lAnA noLes as deprecaLed
209 ConflguraLlon llle 8lC3071 no nA
210 aLh reflx 8lC3071 no nA
211 8ebooL 1lme 8lC3071 no nA
212 68u 8lC3969 no nA
213 v4 Access uomaln 8lC3986 no nA
214 -
219
unasslgned
220 SubneL AllocaLlon 8lC6636 no nA
221 vlrLual SubneL
SelecLlon
8lC6607 no nA
222 -
223
unasslgned
224 -
2S4
8eserved - prlvaLe
use

lSC uPC Server
Page 54 of 56
2SS Lnd 8lC2132 ?es nA
nL1WA8L? /l C1l Cn 1?L 63 Su8-C1l Cn CCuLS
1 nWl_uCLS_nC1_LxlS1 8lC2242 ?es nA
2 nWl_LxlS1_ln_l1lCnS_A8LA 8lC2242 ?es nA
3 nWl_LxlS1_ln_SnAML_llLL 8lC2242 ?es nA
4 nWl_LSl1_8u1_1CC_8lC 8lC2242 ?es nA
S nSC_88CAuCAS1 8lC2242 ?es nA
6 8LlL88Lu_uSS 8lC2242 ?es nA
7 nLA8LS1_nWl_SL8vL8 8lC2242 ?es nA
8 Au1C8L18lLS 8lC2242 ?es nA
9 Au1C8L18?_SLCS 8lC2242 ?es nA
10 nWl_1_1 8lC2242 ?es nA
11 8lMA8?_uSS 8lC2242 ?es nA
uPC 8LLA? ACLn1 C1l Cn 82 Su8-C1l Cn CCuLS
1 AgenL ClrculL lu 8lC3046 ?es nA
2 AgenL 8emoLe lu 8lC3046 ?es nA
3 AgenL lu nA ?es nA We deflne Lhls as agenL ld, lAnA noLes
lL has mulLlple usages
4 uCCSlS uevlce Class 8lC3236 ?es nA
S Llnk SelecLlon 8lC3327 ?es nA
6 Subscrlber lu 8lC3993 no nA
7 8AuluS ALLrlbuLes 8lC4014 no nA
8 AuLhenLlcaLlon 8lC4030 no nA
9 vendor Speclflc lnformaLlon 8lC4243 no nA
10 8elay AgenL llags 8lC3010 no nA
11 Server ldenLlfler Cverrlde 8lC3107 no nA
1S1 uPCv4 vlrLual SubneL
SelecLlon
8lC6607 no nA
1S2 uPCv4 vlrLual SubneL
SelecLlon ConLrol
8lC6607 no nA
uPC CA8LLLA8S CLl Ln1 CCnll Cu8A1l Cn C1l Cn 122 Su8-C1l Cn CCuLS
1 1S's rlmary uPC Server Address 8lC3493 no nA nA
2 1S's Secondary uPC Server Address 8lC3493 no nA nA
3 1S's rovlslonlng Server Address 8lC3493 no nA nA
4 1S's AS-8LC/AS-8L 8ackoff and 8eLry 8lC3493 no nA nA
S 1S's A-8LC/A-8L 8ackoff and 8eLry 8lC3493 no nA nA
6 1S's kerberos 8ealm name 8lC3493 no nA nA
7 1S's 1lckeL CranLlng Server uLlllzaLlon 8lC3493 no nA nA
8 1S's rovlslonlng 1lmer value 8lC3493 no nA nA
9 1S's SecurlLy 1lckeL ConLrol 8lC3493 no nA nA
10 1S's kuC Server Address 8lC3634 no nA nA

lSC uPC Server
Page 55 of 56
v6 C1l CnS
1hls ls Lhe llsL of opLlons deflned for v6. ueflned lndlcaLes LhaL we have lncluded a deflnlLlon for lL ln our code Lo
allow a user Lo access lL vla name. SupporLed lndlcaLes we have lncluded code Lo make use of Lhe opLlon wlLhln our
code, normally Lhls wlll be ln Lhe server.
0 8eserved nA nA nA nA
1 CllenL lu 8lC3313 ?es nA nA
2 Server lu 8lC3313 ?es nA nA
3 lA nA 8lC3313 ?es nA nA
4 lA 1A 8lC3313 ?es nA nA
S lAAuu8 8lC3313 ?es nA nA
6 C8C 8lC3313 ?es nA nA
7 reference 8lC3313 ?es nA nA
8 Llapsed 1lme 8lC3313 ?es nA nA
9 8elay Message 8lC3313 ?es nA nA
10 unasslgned nA nA nA nA
11 AuLh 8lC3313 no nA nA no sulLable aLoms
12 unlcasL 8lC3313 ?es nA nA
13 SLaLus Code 8lC3313 ?es nA nA
14 8apld CommlL 8lC3313 ?es nA nA
1S user Class 8lC3313 no nA nA no sulLable aLoms
16 vendor Class 8lC3313 no nA nA no sulLable aLoms
17 vedor CpLlons 8lC3313 ?es nA nA
18 lnLerface lu 8lC3313 ?es nA nA
19 8econflgure Message 8lC3313 ?es nA nA
20 8econflgure AccepL 8lC3313 ?es nA nA
21 Sl Server names 8lC3319 ?es nA nA
22 Sl Server Addresse 8lC3319 ?es nA nA
23 unS Servers 8lC3646 ?es nA nA
24 uomaln LlsL 8lC3646 ?es nA nA
2S lA u 8lC3633 ?es nA nA
26 lA8Lllx 8lC3633 ?es nA nA
27 nlS Servers 8lC3898 ?es nA nA
28 nlS Servers 8lC3898 ?es nA nA
29 nlS uomaln name 8lC3898 ?es nA nA
30 nlS uomaln name 8lC3898 ?es nA nA
31 Sn1 Servers 8lC4073 ?es nA nA
32 lnformaLlon 8efresh 1lme 8lC4242 ?es nA nA
33 8CMCS Server u 8lC4280 ?es nA nA
34 8CMCS Server A 8lC4280 ?es nA nA
3S unasslgned 8lC4280 nA nA nA
36 CLCCCnl Clvlc 8lC4776 lf 0 nA nA
37 8emoLe lu 8lC4649 ?es nA nA
38 Subscrlber lu 8lC4380 ?es nA nA
39 CllenL lCun 8lC4704 ?es nA nA
40 AnA AgenL 8lC3192 lf 0 nA nA
41 new oslx 1lmezone 8lC4833 lf 0 nA nA
42 new 1Zu8 1lmezone 8lC4833 lf 0 nA nA
43 L8C 8lC4994 lf 0 nA nA
44 LC Cuery 8lC3007 ?es nA nA
lSC uPC Server
Page 56 of 56
4S CllenL uaLa 8lC3007 ?es nA nA
46 CL1 1lme 8lC3007 ?es nA nA
47 LC 8elay uaLa 8lC3007 ?es nA nA
48 LC CllenL Llnk 8lC3007 ?es nA nA
49 MlS6 Pnlul 8lC6610 no nA nA
S0 Ml86 vulnl 8lC6610 no nA nA
S1 v6 LosL 8lC3223 no nA nA
S2 CAWA AC v6 8lC3417 no nA nA
S3 8elay lu 8lC3460 no nA nA
S4 lv6 Address MoS? 8lC3678 no nA nA
SS lv6 lCun MoS? 8lC3678 no nA nA
S6 n1 Server 8lC3908 no nA nA
S7 v6 Access uomaln 8lC3986 no nA nA
S8 Sl uA CS LlsL 8lC6011 no nA nA
S9 8ooLflle u8L 8lC3970 no nA nA
60 8ooLflle arameLers 8lC3970 no nA nA
61 CllenL Arch 1ype 8lC3970 no nA nA
62 nll 8lC3970 no nA nA
63 Ceo LocaLlon 8lC6223 no nA nA
64 Al18 name 8lC6334 no nA nA
6S L8 Local uomaln name 8lC 6440 no nA nA
66 8SCC 8lC6422 no nA nA
67 u Lxclude 8lC6603 no nA nA
68 vSS 8lC 6607 no nA nA
69 Ml6 lulnl 8lC6610 no nA nA
70 Ml6 uulnl 8lC6610 no nA nA
71 Ml6 Pn 8lC6610 no nA nA
72 Ml6 PAA 8lC6610 no nA nA
73 Ml6 PAl 8lC6610 no nA nA
74 8unSS SelecLlon 8lC6731 no nA nA
7S k88 rlnclpal name 8lC6784 no nA nA
76 k88 8ealm name 8lC6784 no nA nA
77 k88 uefaulL 8ealm name 8lC6784 no nA nA
78 k88 kuC 8lC6784 no nA nA
l LLL 802. 21 SL8vl CL 1?L C1l Cn 34 & 33 (MCS? uPCv6 Auu8LSS Anu lCun Su8-C1l CnS)
Num Name Doc Def|ned Supported
0 8eserved 8lC3678 no nA
1 lS 8lC3678 no nA
2 CS 8lC3678 no nA
3 LS 8lC3678 no nA
6SS3S 8eserved 8lC3678 no nA
n1 SL8vL8 C1l Cn 36 Su8 C1l CnS
Num Name Doc Def|ned Supported
1 n1 Server Address 8lC3908 no nA
2 n1 MulLlcasL Address 8lC3908 no nA
3 n1 Server lCun 8lC3908 no nA

DHCP 4.3.1 Distribution Documentation Aug 4 14

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

DHCP 4.3.1 Distribution Documentation Aug 4 14

Uploaded by

Copyright:

Available Formats

AugusL-1-2014

!"#$ &'()'( *+,+-

You might also like