DHCP Client and Server: Document Revision 2.7 (Mon Apr 18 22:24:18 GMT 2005)
DHCP Client and Server: Document Revision 2.7 (Mon Apr 18 22:24:18 GMT 2005)
DHCP Client and Server: Document Revision 2.7 (Mon Apr 18 22:24:18 GMT 2005)
Table of Contents
Table of Contents
Summary
Quick Setup Guide
Specifications
Description
Additional Documents
DHCP Client Setup
Description
Property Description
Command Description
Notes
Example
DHCP Server Setup
Description
Property Description
Notes
Example
Store Leases on Disk
Description
Property Description
DHCP Networks
Property Description
Notes
DHCP Server Leases
Description
Property Description
Command Description
Notes
Example
DHCP Alert
Description
Property Description
Notes
DHCP Option
Description
Property Description
Notes
Example
DHCP Relay
Description
Property Description
Page 1 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
Notes
Example
Question&Answer-Based Setup
Command Description
Notes
Example
Dynamic Addressing, using DHCP-Relay
IP Address assignment, using FreeRADIUS Server
General Information
Summary
! "#$ %
& '
%
%
"( )*+*
,
-
•
./01 &1
• #
&
!/
'
! "#$ $%
$ $% !
• $%
&$'
1.
%
/ip pool add name=dhcp-pool ranges=172.16.0.10-172.16.0.20
2. /
172.16.0.0/12
172.16.0.1
-
/ip dhcp-server network add address=172.16.0.0/12 gateway=172.16.0.1
3. (
1
'-
/ip dhcp-server add interface=wlan1 address-pool=dhcp-pool
• $%
&
'1
'
1. /
-
/ip dhcp-client add interface=wlan1 use-peer-dns=yes \
add-default-route=yes disabled=no
Page 2 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
[admin@Server] ip dhcp-client> print detail
Flags: X - disabled, I - invalid
0 interface=wlan1 add-default-route=yes use-peer-dns=yes status=bound
address=172.16.0.20/12 gateway=172.16.0.1 dhcp-server=192.168.0.1
primary-dns=159.148.147.194 expires-after=2d23:58:52
[admin@Server] ip dhcp-client>
Specifications
Packages required: dhcp
License required: level1
Home menu level: /ip dhcp-client, /ip dhcp-server, /ip dhcp-relay
Standards and Technologies: DHCP
Description
% '
'
3
45 %1
&
3
46 %
''
%
0.0.0.0
7
255.255.255.255 8
Additional Documents
Description
Property Description
address (IP address | netmask) - IP address and netmask, which is assigned to DHCP Client from
the Server
add-default-route (yes | no; default: yes) - whether to add the default route to the gateway
specified by the DHCP server
Page 3 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
client-id (text) - corresponds to the settings suggested by the network administrator or ISP.
Commonly it is set to the client's MAC address, but it may as well be any test string
dhcp-server (IP address) - IP address of the DHCP Server
enabled (yes | no; default: no) - whether the DHCP client is enabled
expires-after (time) - time, which is assigned by the DHCP Server, after which the lease expires
gateway (IP address) - IP address of the gateway which is assigned by DHCP Server
host-name (text) - the host name of the client as sent to a DHCP server
interface (name) - any Ethernet-like interface (this includes wireless and EoIP tunnels) on which
the DHCP Client searches the DHCP Server
primary-dns (IP address) - IP address of the primary DNS server, assigned by the DHCP Server
secondary-dns (IP address) - IP address of the secondary DNS server, assigned by DHCP Server
primary-ntp - IP address of the primary NTP server, assigned by the DHCP Server
secondary-ntp - IP address of the secondary NTP server, assigned by the DHCP Server
status (bound | error | rebinding... | renewing... | requesting... | searching... | stopped) - shows the
status of DHCP Client
use-peer-dns (yes | no; default: yes) - whether to accept the DNS settings advertized by DHCP
server (they will be ovverriden in /ip dns submenu)
use-peer-ntp (yes | no; default: yes) - whether to accept the NTP settings advertized by DHCP
server (they will override the settings put in the /system ntp client submenu)
Command Description
release - release current binding and restart DHCP client
renew - renew current leases. If the renew operation was not successful, client tries to reinitialize
lease (i.e. it starts lease request procedure (rebind) as if it had not received an IP address yet)
Notes
host-name %% %1 < %'
=
client-id %% %1 < !/ %'
=
Example
ether1
-
/ip dhcp-client add interface=ether1 disabled=no
[admin@MikroTik] ip dhcp-client> print detail
Flags: X - disabled, I - invalid
0 interface=ether1 add-default-route=no use-peer-dns=no status=bound
Page 4 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
address=192.168.25.100/24 dhcp-server=10.10.10.1 expires-after=2d21:25:12
[admin@MikroTik] ip dhcp-client>
Description
%% ' ' ; & ! "#$
' 1 %
%
'<
%
/&"=-
• NAS-Identifier - router identity
• NAS-IP-Address - IP address of the router itself
• NAS-Port - unique session ID
• NAS-Port-Type - Ethernet
• Calling-Station-Id - client identifier (active-client-id)
• Framed-IP-Address - IP address of the client (active-address)
• Called-Station-Id - name of DHCP server
• User-Name - MAC address of the client (active-mac-address)
• Password - ""
/&/%-
• Framed-IP-Address - IP address that will be assigned to client
• Framed-Pool - ip pool from which to assign ip address to client
• Rate-Limit - Datarate limitation for DHCP clients. Format is: rx-rate[/tx-rate]
[rx-burst-rate[/tx-burst-rate] [rx-burst-threshold[/tx-burst-threshold]
[rx-burst-time[/tx-burst-time][priority] [rx-rate-min[/tx-rate-min]]]]. All rates should be
numbers with optional 'k' (1,000s) or 'M' (1,000,000s). If tx-rate is not specified, rx-rate is as
tx-rate too. Same goes for tx-burst-rate and tx-burst-threshold and tx-burst-time. If both
rx-burst-threshold and tx-burst-threshold are not specified (but burst-rate is specified), rx-rate
and tx-rate are used as burst thresholds. If both rx-burst-time and tx-burst-time are not
specified, 1s is used as default. Priority takes values 1..8, where 1 implies the highest priority,
but 8 - the lowest. If rx-rate-min and tx-rate-min are not specified rx-rate and tx-rate values are
used. The rx-rate-min and tx-rate-min values can not exceed rx-rate and tx-rate values.
• Ascend-Data-Rate - tx/rx data rate limitation if multiple attributes are provided, first limits tx
data rate, second - rx data rate. If used together with Ascend-Xmit-Rate, specifies rx rate. 0 if
Page 5 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
unlimited
• Ascend-Xmit-Rate - tx data rate limitation. It may be used to specify tx limit only instead of
sending two sequental Ascend-Data-Rate attributes (in that case Ascend-Data-Rate will specify
the receive rate). 0 if unlimited
• Session-Timeout - max lease time (lease-time)
Property Description
add-arp (yes | no; default: no) - whether to add dynamic ARP entry:
• no - either ARP mode should be enabled on that interface or static ARP entries should be
administratively defined in /ip arp submenu
address-pool (name | static-only; default: static-only) - IP pool, from which to take IP addresses
for clients
• static-only - allow only the clients that have a static lease (i.e. no dynamic addresses will be
given to clients, only the ones added in lease submenu)
always-broadcast (yes | no; default: no) - always send replies as broadcasts
authoritative (after-10sec-delay | after-2sec-delay | no | yes; default: after-2sec-delay) - whether
the DHCP server is the only one DHCP server for the network
• after-10sec-delay - to clients request for an address, dhcp server will wait 10 seconds and if
there is another request from the client after this period of time, then dhcp server will offer the
address to the client or will send DHCPNAK, if the requested address is not available from this
server
• after-2sec-delay - to clients request for an address, dhcp server will wait 2 seconds and if there
is another request from the client after this period of time, then dhcp server will offer the
address to the client or will send DHCPNAK, if the requested address is not available from this
server
• no - dhcp server ignores clients requests for addresses that are not available from this server
• yes - to clients request for an address that is not available from this server, dhcp server will send
negative acknowledgment (DHCPNAK)
bootp-support (none | static | dynamic; default: static) - support for BOOTP clients
• none - do not respond to BOOTP requests
• static - offer only static leases to BOOTP clients
• dynamic - offer static and dynamic leases for BOOTP clients
delay-threshold (time; default: none) - if secs field in DHCP packet is smaller than
delay-threshold, then this packet is ignored
• none - there is no threshold (all DHCP packets are processed)
interface (name) - Ethernet-like interface name
lease-time (time; default: 72h) - the time that a client may use an address. The client will try to
renew this address after a half of this time and will request a new address after time limit expires
name (name) - reference name
ntp-server (text) - the DHCP client will use these as the default NTP servers. Two
comma-separated NTP servers can be specified to be used by DHCP client as primary and
secondary NTP servers
Page 6 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
relay (IP address; default: 0.0.0.0) - the IP address of the relay this DHCP server should process
requests from:
• 0.0.0.0 - the DHCP server will be used only for direct requests from clients (no DHCP really
allowed)
• 255.255.255.255 - the DHCP server should be used for any incomming request from a DHCP
relay except for those, which are processed by another DHCP server that exists in the /ip
dhcp-server submenu
src-address (IP address; default: 0.0.0.0) - the address which the DHCP client must send requests
to in order to renew an IP address lease. If there is only one static address on the DHCP server
interface and the source-address is left as 0.0.0.0, then the static address will be used. If there are
multiple addresses on the interface, an address in the same subnet as the range of given addresses
should be used
use-radius (yes | no; default: no) - whether to use RADIUS server for dynamic leases
Notes
relay %%
'
0.0.0.0
'
%
=
Example
'
ether11
dhcp-clients
% ) -
/ip dhcp-server add name=dhcp-office disabled=no address-pool=dhcp-clients \
interface=ether1 lease-time=2h
[admin@MikroTik] ip dhcp-server> print
Flags: X - disabled, I - invalid
# NAME INTERFACE RELAY ADDRESS-POOL LEASE-TIME ADD-ARP
0 dhcp-office ether1 dhcp-clients 02:00:00
[admin@MikroTik] ip dhcp-server>
Description
.
'
1 %%
% %%
'1 '
% ( %1 '
?
1
' store-leases-disk
' 1
'
% @1
(
Page 7 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
% '
'1
1
'
%
% '
' %
1
%
%
=
Property Description
store-leases-disk (time-interval | immediately | never; default: 5min) - how frequently lease
changes should be stored on disk
DHCP Networks
Home menu level: /ip dhcp-server network
Property Description
address (IP address | netmask) - the network DHCP server(s) will lend addresses from
boot-file-name (text) - Boot file name
dhcp-option (text) - add additional DHCP options from /ip dhcp-server option list. You cannot
redefine parameters which are already defined in this submenu:
• Subnet-Mask (code 1) - netmask
• Router (code 3) - gateway
• Domain-Server (code 6) - dns-server
• Domain-Name (code 15) - domain
• NETBIOS-Name-Server - wins-server
dns-server (text) - the DHCP client will use these as the default DNS servers. Two
comma-separated DNS servers can be specified to be used by DHCP client as primary and
secondary DNS servers
domain (text) - the DHCP client will use this as the 'DNS domain' setting for the network adapter
gateway (IP address; default: 0.0.0.0) - the default gateway to be used by DHCP clients
netmask (integer: 0..32; default: 0) - the actual network mask to be used by DHCP client
• 0 - netmask from network address is to be used
next-server (IP address) - IP address of next server to use in bootstrap
wins-server (text) - the Windows DHCP client will use these as the default WINS servers. Two
comma-separated WINS servers can be specified to be used by DHCP client as primary and
secondary WINS servers
Notes
address
%
'
'
%
netmask %%
Page 8 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
Description
'
'<
8
!/
%
,
1
-
/
9
'1
% @ busy
=
Property Description
active-address (read-only: IP address) - actual IP address for this lease
active-client-id (read-only: text) - actual client-id of the client
active-mac-address (read-only: MAC address) - actual MAC address of the client
active-server (read-only: ) - actual dhcp server, which serves this client
address (IP address) - specify ip address (or ip pool) for static lease
• 0.0.0.0 - use pool from server
agent-circuit-id (read-only: text) - circuit ID of DHCP relay agent
agent-remote-id (read-only: text) - Remote ID, set by DHCP relay agent
block-access (yes | no; default: no) - block access for this client (drop packets from this client)
client-id (text; default: "") - if specified, must match DHCP 'client identifier' option of the request
expires-after (read-only: time) - time until lease expires
host-name (read-only: text) - shows host name option from last received DHCP request
lease-time (time; default: 0s) - time that the client may use an address
• 0s - lease will never expire
mac-address (MAC address; default: 00:00:00:00:00:00) - if specified, must match MAC address
of the client
Page 9 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
radius (read-only: yes | no) - shows, whether this dynamic lease is authenticated by RADIUS or
not
rate-limit (read-only: text; default: "") - sets rate limit for active lease. Format is: rx-rate[/tx-rate]
[rx-burst-rate[/tx-burst-rate] [rx-burst-threshold[/tx-burst-threshold]
[rx-burst-time[/tx-burst-time]]]]. All rates should be numbers with optional 'k' (1,000s) or 'M'
(1,000,000s). If tx-rate is not specified, rx-rate is as tx-rate too. Same goes for tx-burst-rate and
tx-burst-threshold and tx-burst-time. If both rx-burst-threshold and tx-burst-threshold are not
specified (but burst-rate is specified), rx-rate and tx-rate is used as burst thresholds. If both
rx-burst-time and tx-burst-time are not specified, 1s is used as default.
rx-rate (integer; default: 0) - maximal receive bitrate to the client (for users it is upload bitrate))
• 0 - no limitation
server (read-only: name) - server name which serves this client
status (read-only: waiting | testing | authorizing | busy | offered | bound) - lease status:
• waiting - not used static lease
• testing - testing whether this address is used or not (only for dynamic leases) by pinging it with
timeout of 0.5s
• authorizing - waiting for response from radius server
• busy - this address is assigned statically to a client or already exists in the network, so it can not
be leased
• offered - server has offered this lease to a client, but did not receive confirmation from the
client
• bound - server has received client's confirmation that it accepts offered address, it is using it
now and will free the address not later, than the lease time will be over
tx-rate (integer; default: 0) - maximal transmit bitrate to the client (for users it is download bitrate))
• 0 - no limitation
Command Description
check-status - Check status of a given busy dynamic lease, and free it in case of no response
make-static - convert a dynamic lease to static one
Notes
rate-limit %1 % = %
%
/%
=
&%
% '
1
%
%
'
&1
%&
;'
lease print 1
'
mac-address ' ' C 8 % !/
Page 10 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
Example
DHCP Alert
Home menu level: /ip dhcp-server alert
Description
'
%%
1
/
%
1 % '
' %
' 1 -
[admin@MikroTik] ip dhcp-server alert>/log print
00:34:23 dhcp,critical,error,warning,info,debug dhcp alert on Public:
discovered unknown dhcp server, mac 00:02:29:60:36:E7, ip 10.5.8.236
[admin@MikroTik] ip dhcp-server alert>
/
%
1 %
'
%
1 % ' %
&
% ' =
Property Description
alert-timeout (none | time; default: none) - time, after which alert will be forgotten. If after that
time the same server will be detected, new alert will be generated
• none - infinite time
interface (name) - interface, on which to run rogue DHCP server finder
invalid-server (read-only: text) - list of MAC addresses of detected unknown DHCP servers.
Server is removed from this list after alert-timeout
on-alert (text) - script to run, when an unknown DHCP server is detected
valid-server (text) - list of MAC addresses of valid DHCP servers
Notes
/ - /ip dhcp-server alert reset-alert
Page 11 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
<interface>
01 &
1
/system logging action add target=email
DHCP Option
Home menu level: /ip dhcp-server option
Description
9 %
#%
1 %
%
$'
Property Description
code (integer: 1..254) - dhcp option code. All codes are available at
http://www.iana.org/assignments/bootp-dhcp-parameters
name (name) - descriptive name of the option
value (text) - parameter's value in form of a string. If the string begins with "0x", it is assumed as a
hexadecimal value
Notes
Example
/ % Option-Hostname 12 ' Host-A-
0
' %
Host-A
=
Page 12 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
DHCP Relay
Home menu level: /ip dhcp-relay
Description
" > %2 '
=
'
Property Description
dhcp-server (text) - list of DHCP servers' IP addresses which should the DHCP requests be
forwarded to
delay-threshold (time; default: none) - if secs field in DHCP packet is smaller than
delay-threshold, then this packet is ignored
interface (name) - interface name the DHCP relay will be working on
local-address (IP address; default: 0.0.0.0) - the unique IP address of this DHCP relay needed for
DHCP server to distinguish relays:
• 0.0.0.0 - the IP address will be chosen automatically
name (name) - descriptive name for relay
Notes
%
'
%&' 1 >
'
Example
relay
ether1
' = 10.0.0.1
'-
Question&Answer-Based Setup
Command name: /ip dhcp-server setup
Questions
addresses to give out (text) - the pool of IP addresses DHCP server should lease to the clients
dhcp address space (IP address | netmask; default: 192.168.0.0/24) - network the DHCP server
will lease to the clients
Page 13 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
dhcp relay (IP address; default: 0.0.0.0) - the IP address of the DHCP relay between the DHCP
server and the DHCP clients
dhcp server interface (name) - interface to run DHCP server on
dns servers (IP address) - IP address of the appropriate DNS server to be propagated to the DHCP
clients
gateway (IP address; default: 0.0.0.0) - the default gateway of the leased network
lease time (time; default: 3d) - the time the lease will be valid
Notes
%
%' =
1 '
=
$ =
%%
2%1
<<
'
Example
'
ether1
*A A A ) *A A A )BE
10.0.0.0/24
10.0.0.1
159.148.60.2 0$ ' + -
? '-
Page 14 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
Application Examples
DHCP-Server-
[admin@DHCP-Server] ip address> print
Page 15 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 192.168.0.1/24 192.168.0.0 192.168.0.255 To-DHCP-Relay
1 10.1.0.2/24 10.1.0.0 10.1.0.255 Public
[admin@DHCP-Server] ip address>
DHCP-Relay-
[admin@DHCP-Relay] ip address> print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 192.168.0.1/24 192.168.0.0 192.168.0.255 To-DHCP-Server
1 192.168.1.1/24 192.168.1.0 192.168.1.255 Local1
2 192.168.2.1/24 192.168.2.0 192.168.2.255 Local2
[admin@DHCP-Relay] ip address>
% )
$'
DHCP-Server ) % (
192.168.1.0/24
192.168.2.0-
/ip pool add name=Local1-Pool ranges=192.168.1.11-192.168.1.100
/ip pool add name=Local1-Pool ranges=192.168.2.11-192.168.2.100
$'-
/ip dhcp-server add interface=To-DHCP-Relay relay=192.168.1.1 \
address-pool=Local1-Pool name=DHCP-1 disabled=no
/ip dhcp-server add interface=To-DHCP-Relay relay=192.168.2.1 \
address-pool=Local2-Pool name=DHCP-2 disabled=no
Page 16 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
IP Address assignment, using FreeRADIUS Server
9 ' ("/3$ F % -
-
00:0B:6B:31:02:4B Auth-Type := Local, Password == ""
Framed-IP-Address = 192.168.0.55
client 172.16.0.1 {
secret = MySecret
shortname = Server
}
$%
$'-
Page 17 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
2. /
'-
/ip dhcp-server add address-pool=Radius-Clients use-radius=yes interface=Local \
disabled=no
3.
-
/ip dhcp-server network add address=192.168.0.0/24 gateway=192.168.0.1 \
dns-server=159.148.147.194,159.148.60.20
Page 18 of 18
Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.