Default variables¶

Sections

APT packages
isc-dhcp-server defaults
DHCP server configuration
iPXE support
DHCP server configuration scopes
Configuration for other roles

APT packages ¶

dhcpd__base_packages¶

List of base packages to install for DHCP server support.

dhcpd__base_packages: [ 'isc-dhcp-server' ]

dhcpd__packages¶

List of additional packages to install with this role.

dhcpd__packages: []

isc-dhcp-server defaults ¶

dhcpd__options¶

Additional options to start the dhcpd processes with. See https://manpages.debian.org/dhcpd.8

dhcpd__options: ''

dhcpd__interfacesv4¶

List of network interfaces to serve DHCPv4 requests on.

dhcpd__interfacesv4: [ '{{ ansible_local.ifupdown.external_interface
                           if ansible_local.ifupdown.external_interface|d()
                           else ansible_default_ipv4.interface }}' ]

dhcpd__interfacesv6¶

List of network interfaces to serve DHCPv6 requests on.

dhcpd__interfacesv6: '{{ dhcpd__interfacesv4
                         if ansible_default_ipv6.address|d()
                         else [] }}'

The length in seconds that will be assigned to a lease if the client requesting the lease does not ask for a specific expiration time. This is used for both DHCPv4 and DHCPv6 leases (it is also known as the "valid lifetime" in DHCPv6).

dhcpd__default_lease_time: '{{ 60 * 60 * 12 }}'

dhcpd__max_lease_time¶

The maximum length in seconds that will be assigned to a lease.

dhcpd__max_lease_time: '{{ 60 * 60 * 24 }}'

dhcpd__preferred_lifetime¶

The preferred lifetime of assigned IPv6 addresses in seconds. An IPv6 address becomes deprecated when the preferred lifetime expires, causing the OS to no longer use it for new outbound connections.

dhcpd__preferred_lifetime: '{{ (dhcpd__default_lease_time|float * (5/8))|int }}'

dhcpd__dhcpv6_set_tee_times¶

Set T1 (renew) and T2 (rebind) to the values recommended in RFC 3315. See https://tools.ietf.org/html/rfc3315#section-22.4

dhcpd__dhcpv6_set_tee_times: True

dhcpd__update_static_leases¶

Whether to perform DNS updates for clients with static assignments.

dhcpd__update_static_leases: False

dhcpd__domain_name¶

Domain name to advertise to DHCPv4 clients.

dhcpd__domain_name: '{{ ansible_domain }}'

dhcpd__domain_search¶

List of search domains to advertise to DHCPv4 and DHCPv6 clients.

dhcpd__domain_search: '{{ ansible_dns.search|d([]) }}'

dhcpd__domain_servers¶

List of IP addresses to advertise as recursive DNS servers. IPv4 addresses will only be advertised to DHCPv4 clients, while IPv6 addresses will only be advertised to DHCPv6 clients.

dhcpd__name_servers: '{{ ansible_local.resolvconf.upstream_nameservers
                         if (ansible_local.resolvconf.upstream_nameservers|d())
                         else (ansible_dns.nameservers
                               if ("127.0.0.1" not in ansible_dns.nameservers)
                               else []) }}'

dhcpd__global_options_map¶

Additional options to add to the global configuration. This parameter accepts two dictionaries with keys 'DHCPv4' and 'DHCPv6', for each protocol respectively. The values can be strings or YAML text blocks.

dhcpd__global_options_map:
  'DHCPv4': ''
  'DHCPv6': ''

iPXE support ¶

dhcpd__ipxe¶

Add iPXE-specific options to ISC DHCP server configuration.

dhcpd__ipxe: False

dhcpd__ipxe_dhcp_space¶

Add DHCP options iPXE namespace in dhcpd.conf required to support iPXE-specific DHCP options in the DHCP server configuration.

dhcpd__ipxe_dhcp_space: True

dhcpd__ipxe_tftp_server¶

IPv4 address of the TFTP server that contains the boot files.

dhcpd__ipxe_tftp_server: '{{ ansible_default_ipv4.address }}'

dhcpd__ipxe_chain_filename¶

Initial file sent to hosts which requested a PXE boot, used to chain-load the iPXE boot loader.

dhcpd__ipxe_chain_filename: 'undionly.kpxe'

dhcpd__ipxe_efi_chain_filename¶

Initial file sent to hosts using EFI which requested a PXE boot, used to chain-load the iPXE boot loader.

dhcpd__ipxe_efi_chain_filename: 'ipxe.efi'

dhcpd__ipxe_filename¶

File sent to hosts booted with iPXE, by default this loads the standard menu file.

dhcpd__ipxe_filename: 'menu.ipxe'

dhcpd__ipxe_options¶

Additional DHCP options in YAML text block format, added to the iPXE section of the configuration file.

dhcpd__ipxe_options: ''

DHCP server configuration scopes ¶

dhcpd__classes¶

List of host classes with custom options for each class. See dhcpd__classes for details.

dhcpd__classes: []

dhcpd__failovers¶

List of DHCPv4 failover configuration blocks. See dhcpd__failovers for details.

dhcpd__failovers: []

dhcpd__groups¶

List of grouped configuration scopes. See dhcpd__groups for details.

dhcpd__groups: []

dhcpd__hosts¶

Global list of static hosts. See dhcpd__hosts for details.

dhcpd__hosts: []

dhcpd__keys¶

List of DNS update keys. See dhcpd__keys for details.

dhcpd__keys: []

dhcpd__shared_networks¶

List of shared networks to service with this DHCP server. See dhcpd__shared_networks for details.

dhcpd__shared_networks: []

dhcpd__subnets¶

List of subnets that are not part of a shared network, but are instead defined on a global level. See dhcpd__subnets for details.

dhcpd__subnets: '{{ dhcpd__default_subnets }}'

dhcpd__default_subnets¶

The default subnets as detected by this role. Dynamic lease assignment will not work until you configure subnets with valid address ranges.

dhcpd__default_subnets:

  - comment: 'Autodetected IPv4 subnet'
    subnet: '{{ ansible_default_ipv4.network
                + "/" + ansible_default_ipv4.netmask }}'
    routers: '{{ [ ansible_default_ipv4.gateway ]
                 if ansible_default_ipv4.gateway|d()
                 else [] }}'

  - comment: 'Autodetected IPv6 subnet'
    subnet: '{{ ansible_default_ipv6.address|d()
                + "/" + ansible_default_ipv6.prefix|d() }}'
    state: '{{ "present" if ansible_default_ipv6.address|d() else "absent" }}'

dhcpd__zones¶

List of DNS zones to update. See dhcpd__zones for details.

dhcpd__zones: []

Configuration for other roles ¶

dhcpd__etc_services__dependent_list¶

Configuration for the debops.etc_services Ansible role.

dhcpd__etc_services__dependent_list:

  - name: 'dhcp-failover'
    port: '647'
    protocols: [ 'tcp', 'udp' ]
    comment: 'Added by debops.dhcpd Ansible role'

dhcpd__ferm__dependent_rules¶

Configuration for the debops.ferm Ansible role.

dhcpd__ferm__dependent_rules:

  # Firewall rules are not needed for DHCPv4 because it uses raw sockets (see
  # https://kb.isc.org/docs/aa-00378). DHCPv6 doesn't use raw sockets so both
  # server and client need open ports in their firewalls.
  - name: 'accept_dhcpv6_server'
    by_role: 'debops.dhcpd'
    type: 'accept'
    interface: '{{ dhcpd__interfacesv6 }}'
    protocol: 'udp'
    dport: [ 'dhcpv6-server' ]
    rule_state: '{{ "present" if dhcpd__interfacesv6 else "absent" }}'

  # The DHCPv4 failover port.
  - name: 'accept_dhcp_failover'
    by_role: 'debops.dhcpd'
    type: 'accept'
    saddr: '{{ (dhcpd__failovers|map(attribute="primary")|list
                + dhcpd__failovers|map(attribute="secondary")|list)
               if dhcpd__failovers
               else omit }}'
    protocol: 'tcp'
    dport: [ 'dhcp-failover' ]
    rule_state: '{{ "present" if dhcpd__failovers else "absent" }}'

Default variables¶

APT packages¶

isc-dhcp-server defaults¶

DHCP server configuration¶

iPXE support¶

DHCP server configuration scopes¶

Configuration for other roles¶

APT packages ¶

isc-dhcp-server defaults ¶

DHCP server configuration ¶

iPXE support ¶

DHCP server configuration scopes ¶

Configuration for other roles ¶