DHCP Server

A DHCP server provides IP addresses and other network configuration to computers and devices on your network.

When first connecting to the network, a client devices tries to discover a DHCP server. The assigned IP address can be taken from a defined range (a 'dynamic' pool) or can be statically assigned according to the client's unique MAC address.
Note: Make sure that any IP used for a static fixed lease does not come from the 'dynamic' pool of IP addresses.

DHCP usually provides much more configuration than just an IP address. It can include information such as a gateway IP, DNS and NTP servers.

Example configuration

In this example we will configure a standard IPFire installation to serve an internal network (Green).

Start Address / End Address

The first two fields are the start and end address of the dynamic IP address range. With the current implementation this range must fit into a /16 net (netmask

In this example the DHCP server provides IP addresses to This means clients will be randomly assigned an IP in this range if they use DHCP.

Deny known clients:

Enable this if you want to prevent any defined and enabled fixed lease clients from getting a dynamic lease from the selected interface. When you enable this box you must have a defined dynamic range for that interface otherwise you will get an error message.

Default lease time

Next the lease duration is set. The lease duration is the amount of time, in minutes, that IPFire waits before releasing a previously assigned IP address which is no longer in use. An active DHCP client will attempt to refresh its connection in half of this time.

Domain Name suffix

The Domain Name Suffix is simply the name of the network workgroup or domain.

Primary DNS / Secondary DNS

Primary DNS. Specifies what the DHCP server should tell its clients to use for their Primary DNS server. As ipfire runs a DNS proxy you will usually want the Primary DNS server set to IPFire's Green IP address. Otherwise, if you have your own DNS server then specify it here.

Secondary DNS (optional). You can optionally specify a second DNS server which will be used if the primary is unavailable. This could be another DNS server on your network or that of your ISP.
A list of free non-compromised DNS server can be found here.

Primary NTP server / Secondary NTP server

The DHCP server can optionally specify up to two NTP server addresses for time synchronization.

Primary NTP Server (optional). If you are using IPFire as an NTP Server, or want to pass the address of another NTP Server to devices on your network, you can put its IP address in this field. The DHCP server will pass this address to all clients when they get their network parameters.

Secondary NTP Server (optional). If you have a second NTP Server address, put it in this field. The DHCP server will pass this address to all clients when they get their network parameters.

Primary WINS server address / Secondary WINS server address

WINS is a historic name resolution service for Microsoft's NetBIOS network protocol. If it is still in use in your network you can optionally configure up to two addresses for WINS servers.

next-server / filename

The fields next-server and filename are used to allow un-configured systems, or diskless workstations, to boot an Operating System from the network using bootp or PXE (see RFC2131).

DNS Update

This section can be used to configure DNS Update, a feature which allows DHCP clients to update their own DNS entries. If a DHCP client changes IP address, it can notify IPFire of that change so host name resolution will still work.

Additional DHCP options

This section allows additional options for DHCP to be configured.

  • DHCP can be set to listen on a specific interface, typically the Green interface or use a global scope.
  • The button "List options" shows a lot of additional options which can be set.

The Web Proxy Auto-Discovery Protocol can be configured here, if needed.

Current fixed leases

IPFire supports the configuration of fixed, or static, IP address leases for specific clients. When configured the unique MAC address of a network card is used to identify a particular client and offer them a specific IP address each time.

All clients not listed in this section will be given an address from the 'dynamic' range set above.

MAC Address

The unique hardware (MAC) address of a client's network card.

IP address

A unique IP address to reserve for a client.
Note: This IP address must not be in the 'dynamic' range set above.


The remark field is used to comment an entry in this configuration page.

Note! The IPFire's DNS server automatically adds the first word in the remark field as a host name entry for the IP address configured in this section.

Current dynamic leases

In this last section, dynamic leases are listed with the associated MAC addresses and expiration time. Clients that already have a "MAC assigned" address (fixed leases) and clients with a static IP address (manually set) will not be listed.

The "Add" button will add the client definition (MAC address) to the set of fixed leases. This definition should be edited to assign an IP address not in the dynamic address pool.

Specify settings

Changes on the WebUI DHCP settings will be save on /var/ipfire/dhcp/dhcpd.conf

Default settings:

deny bootp; #default
ddns-update-style none;

include "/var/ipfire/dhcp/dhcpd.conf.local";

To add specific options e.g. change router ip. Create dhcp entry under /var/ipfire/dhcp/dhcpd.conf.local.


subnet netmask #GREEN
      option subnet-mask;
      option domain-name "int.company.com";
      option routers;
      option domain-name-servers;
      default-lease-time 600;
      max-lease-time 1200;
Edit Page ‐ Yes, you can edit!

Older Revisions • September 22 at 2:34 pm • Jon