Controlling DHCID Problems

Merton Campbell Crockett m.c.crockett at
Sun Nov 1 18:18:49 UTC 2009

One of our IT groups that is responsible for updating software on  
corporate laptops has been complaining about update failures involving  
laptops connected to the corporate VPN access points.

I did find a number of problems in their scripts and XML files that  
would cause update failures.  Most of these involved simple host names  
or truncated fully-qualified domain names that would result in DNS  
name resolution failures.

Looking into the problem further, I uncovered numerous DHCID errors  
being reported at sites that hosted corporate VPN access points.   
Sites that had Cisco VPN Concentrators deployed had the fewest  
problems.  Sites that had Cisco ASA devices deployed had significantly  
more errors being reported.

Is there a good way to get rid of "dangling" DHCID records?

Where a Cisco ASA device is used for a VPN access point, is there a  
way to force DHCP to delete all records in a zone file associated with  
a host?

Merton Campbell Crockett
m.c.crockett at

More information about the dhcp-users mailing list