Through DDNS, the following DNS resource records can be updated for a host: • A resource record— Contains the hostname-to-address mapping (for example, to 220.127.116.11) • PTR resource record— Contains the address-to-hostname mapping (for example, 219.133.198.resolves to To use DDNS, you must configure either a DHCP client, a DHCP server, or both on the ASA.The DHCP mechanism is always used to send updates to a DNS server that is DDNS-capable.Firewall# show dhcpd state Context Configured as DHCP Server Interface outside, Configured for DHCP CLIENT Interface inside, Configured for DHCP SERVER Interface dmz, Not Configured for DHCP Interface management, Not Configured for DHCP Firewall# You can use the show ddns update method to see the configured method and the show ddns update interface command to see the DDNS method that is applied to each ASA interface.Finally, you can view debugging output by entering the debug ddns command.
Identify DNS servers that support DDNS: asa(config)# dns server-group Default DNS asa(config-dns-server-group)# dns name-server ip address [ip address2]...[ip address6] asa(config-dns-server-group)# exit You can enter up to six IP addresses of DDNS servers where the ASA can send dynamic updates. Enable DNS use on an interface: asa(config)# dns domain-lookup if name Identify the ASA interface that is closest to the DNS servers. You can add the both keyword to make it update both the A and PTR resource records. (Optional) Set the maximum update period: asa(DDNS-update-method)# interval maximum days hours minutes seconds By default, the ASA sends DDNS updates only as they occur, based on the activity of DHCP clients.
Because you can configure both DHCP client and DHCP server on a single ASA, you might become confused about what is actually configured and running on which interfaces.