Mac OS X,  Mac Security,  Mass Deployment

Sticky DHCP Leases in Mac OS X

I did an article some time ago about how DHCP leases work. From that, I’ve gotten a number of questions about why, after you click on Renew DHCP Lease in the Network System Preference pane, you sometimes see the information until you get a new lease.

You can also reset the lease from the command line, which does not usually show you a new lease in the GUI immediately. To reset the DHCP lease from the command line, use ipconfig:

ipconfig set en0 BOOTP
ipconfig set en0 DHCP

If the information is displayed on the screen, then it has to be stored somewhere, right? When your system sends an acceptance for a lease, the leases are then stored in /var/db/dhcpclient/leases. These are stored in standard property list form using the interface, followed by the MAC address of the interface followed by .plist. For example, if your MAC address is en0-1,10:9a:cc:ab:5d:ac then the lease would cat as follows:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>IPAddress</key>
<string>192.168.210.94</string>
<key>LeaseLength</key>
<integer>86400</integer>
<key>LeaseStartDate</key>
<date>2011-05-31T15:36:59Z</date>
<key>PacketData</key>
<data>
AgEGAMHrfCMAAAAAAAAAAMCo0l4AAAAAAAAAABCa3atdrAAAAAAAAAAAAAD/AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjglNjNQEFNgTAqNIBAQT///8A
MwQAAVGANAEDAwTAqNIBBghEV02CRFdIgv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
</data>
<key>RouterHardwareAddress</key>
<data>
AAaxLwVA
</data>
<key>RouterIPAddress</key>
<string>192.168.210.1</string>
</dict>
</plist>

The keys in this file make it easier to script figuring out a few things about your active leases, such as when they’re going to expire, when the lease was accepted or even whether or not the system has a lease (especially when it shouldn’t have a lease). But they can cause misreporting. If the information seems “stuck” in the System Preferences pane you can then rm the dhcp lease file.

Note: If the RouterIPAddress cannot be reached, the lease will be delayed in processing, causing the lease to appear to take a long time to be obtained even though it’s looping to hopefully find a more appropriate lease with a RouterIPAddress that can be reached.

For anyone who uses a shell script to reset their IP address, I recommend using the following as the full script, rather than the two lines most commonly used (where $leasefile is the name of your lease file):

ipconfig set en0 BOOTP
ipconfig set en0 DHCP
rm /var/db/dhcpclient/leases/$leasefile

Being the nerd I am, I called mine ipcfg.exe and end with an echo of the IP:

ipconfig getifaddr en0

Finally, a very effective way I’ve seen people reset leases that are seriously stuck is to swap locations and then swap back. Let’s say your users generally use the “Automatic” location and you have one called “TEMP”. You can use the scselect command to see locations and switch between them. So to switch to TEMP, we would simply:

scselect TEMP

And then to select Automatic again:

scselect Automatic

Now be careful with this last little tidbit. As if you have TEMP and don’t have any interfaces active and are running remotely then you might have some walking (or driving) around to do…