Native Dynamic DNS

    Sometimes it is necessary to register the DNS for a computer with a dynamic IP address. A simple way to do this is with services of the dyndns type described in a recent topic. We bind a domain and a dynamic IP . Sometimes this approach works quite poorly.

    For example, in my situation, the provider sometimeschanges my public IP address. This sometimes happens usually every few months. In addition, my home computer reboots extremely rarely. During this time, the dyndns service that I used earlier managed to send me inactive notifications a couple of times in order to disable the "unused" account. Switching to a manually assigned DNS zone also fails, because sometimes the address does change. And usually you will find out about it when you need access to your home computer here and now.

    To implement the described method, you will need a server on the Internet with a DNS bind server on it. And also the domain zone, the subdomain of which we will allocate for our computer. The option of connecting a Linux computer to a Linux server is described. To use other operating systems, you will need to read the manuals and modify some steps.

    1. We have installed bind9 server with the domain
    2. Create a zone here the servers and are the DNS servers for our zone, - the address of our home computer 3. generate keys on the client: 4. Create a file with a key on the server: In this case, a symmetric key is used, which is unsafe: if someone has access to the file with keys on your server, he can use your key to change the data for your zone. In this case, you can use an asymmetric key. We set permissions to the file with the keys: 5. add our zone to named.conf:

    $ORIGIN .
    $TTL 10 ; 10 seconds IN SOA (
    18 ; serial
    10800 ; refresh (3 hours)
    3600 ; retry (1 hour)
    604800 ; expire (1 week)
    10 ; minimum (10 seconds)
    $TTL 3600 ; 1 hour
    MX 10

    client# cd /etc/namedb/keys
    client# dnssec-keygen -b 512 -a HMAC-MD5 -v 2 -n HOST

    server# cd /var/named/chroot/etc
    server# vim keys.conf :

    key {
    algorithm "HMAC-MD5";
    secret "omr5O5so/tZB5XeGuBBf42rrRJRQZB8I9f+uIIxxei8qm7AVgNBprxtcU+FQMzBvU/Y+nyM2xbs/C8kF3eJQUA==";

    server# chmod 640 keys.conf
    server# chown root:named keys.conf

    include "/etc/keys.conf"
    zone "" {
    type master;
    file "zones/";

    A parameter is specified here that allows updating zone data. In general, after reading the manuals, you can find the options for this parameter that allow updating only one record in the zone for a given key. That is, you can have a zone with client1, client2, etc. subdomains registered in it which will be authorized with keys key1, key2, etc.

    6. Restart the DNS server:
    server# /etc/init.d/named reload

    7. Create a script on the client that will update the zone data: At the beginning of the script, the corresponding parameters are described: interface, server and zone names, file location with the key. 8. It remains only to configure autorun / automatic change of address when changing DNS. We will do this using a script for NetworkManager: create the file /etc/NetworkManager/dispatcher.d/

    new_ip_address=`ifconfig $IFACE | grep "inet addr:" | awk '{print $2}' | awk -F ":" '{print $2}'`
    new_ip_address=${new_ip_address/ /}

    nsupdate -v -k $KEYFILE << EOF
    server $SERVER
    zone $ZONE
    update delete $HOSTNAME A
    update add $HOSTNAME $TTL A $new_ip_address



    if [ "x$state" == "xup" ] ; then
    elif [ "x$state" == "xdown" ]; then

    Make it executable and owned by the root user.


    Upd: If it doesn’t work, we check (install) the named permissions on the server to write to the folder in which the
    named file will create the file

    The following materials are used:
    http: / /,_dynamic_DNS admin / nsupdate.html
    The above key is taken from the same place.

    Also popular now: