DHCID messages

Thomas Markwalder tmark at isc.org
Wed Aug 15 10:54:05 UTC 2018


If you turn off conflict detection, then different clients attempting to 
use the same FQDN can overwrite each other's DNS entries. Whether or not 
you view that as a risk is up to you.

For DHCPv4 the DHCID is constructed from the client identifier option if 
the client sends it, the MAC address otherwise. If your client always 
sends the same client identifier regardless of the network it is on, 
then the server should be able to update DNS entries for it as it roams 
between networks and do so with conflict detection enabled.


Thomas Markwalder
ISC Software Engineering

On 08/14/2018 05:12 PM, Leroy Tennison wrote:
> I am getting a number of messages about "Forward map from <DNS name> to <IP adress> FAILED: Has an address record but no DHCID, not mine.  In the logs I'm seeing these messages prior to this:
> "updating zone '<DNS zone for above name>/IN': update unsuccessful: <DNS name>: 'name not in use' prerequisite not satisfied (YXDOMAIN)" - using named-compilezone with -j I'm seeing that both an A and TXT record exist (we are using  interim as the ddns-update-style).
> and
> "updating zone '<DNS zone for above name>/IN': update unsuccessful: <DNS name>/TXT: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)".
> As best as I can tell, what is happening is the client is moving from a wired connection to a WiFi connection (for meetings) or vice versa.  Initially I was looking for a way to make the MAC address rather than the system name the unique identifier for the system then I came across the update-conflict-detection parameter.
> Am I understanding the description correctly, if this parameter is set to off and the client "changes MAC addresses" (due to a switch to/from WiFi) then the dhcp server will remove the previous DDNS entry and replace it with the current one?  Are there disadvantages to doing this?
> If that isn't the way to handle this situation, how can I make the MAC address (rather than the system name) the unique identifier for DDNS?
> Thanks for your help.
> Join us
> at the 2018 Momentum User Conference!
> Register
> here
> Leroy Tennison
> Network Information/Cyber Security Specialist
> E: leroy at datavoiceint.com
> 2220 Bush Dr
> McKinney, Texas
> 75070
> www.datavoiceint.com
> TThis message has been sent on behalf
> of a company that is part of the Harris Operating Group of
> Constellation Software Inc. These companies are listed
> here
> .
> If you prefer not to be contacted by Harris
> Operating Group
> please notify us
> .
> This message is intended exclusively for the
> individual or entity to which it is addressed. This communication
> may contain information that is proprietary, privileged or
> confidential or otherwise legally exempt from disclosure. If you are
> not the named addressee, you are not authorized to read, print,
> retain, copy or disseminate this message or any part of it. If you
> have received this message in error, please notify the sender
> immediately by e-mail and delete all copies of the
> message.
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users

More information about the dhcp-users mailing list