| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision |
| docs:guide-user:services:ddns:client [2021/10/24 03:12] – [bind / nsupdate] add bind configuration jello | docs:guide-user:services:ddns:client [2024/10/05 13:46] – [dynu.com] andrewz |
|---|
| * [[https://www.google.com/search?q=dynamic+dns+provider+list]] | * [[https://www.google.com/search?q=dynamic+dns+provider+list]] |
| * [[http://www.opendirectoryproject.org/Computers/Internet/Protocols/DNS/Service_Providers/Dynamic_DNS]] | * [[http://www.opendirectoryproject.org/Computers/Internet/Protocols/DNS/Service_Providers/Dynamic_DNS]] |
| * [[https://dnslookup.me/dynamic-dns/]] | * Pick one from the list https://github.com/openwrt/packages/blob/master/net/ddns-scripts/files/usr/share/ddns/list |
| |
| ^ //ddns-scripts// support the following Dynamic DNS service providers out of the box: ^^^^ | ^ //ddns-scripts// support the following Dynamic DNS service providers out of the box: |||| | |
| | [[http://3322.org/|3322.org]] | [[http://afraid.org/|afraid.org]] <sup>6)</sup> | [[http://changeip.com/|changeip.com]] | [[http://cloudflare.com/|cloudflare.com]] <sup>2) 5) 6)</sup> | | | [[http://3322.org/|3322.org]] | [[http://dnspark.com/|dnspark.com]] | [[http://easydns.com/|easydns.com]] | [[http://mythic-beasts.com/|mythic-beasts.com]] <sup>6)</sup> | servercow.de | |
| | [[http://core-networks.de/|core-networks.de]] <sup>6)</sup> | [[http://ddnss.de/|ddnss.de]] <sup>6)</sup> | [[http://dhis.org/|dhis.org]] <sup>6)</sup> | [[http://dnsdynamic.org/|dnsdynamic.org]] | | | [[http://afraid.org/|afraid.org]] <sup>6)</sup> | dnsever.com | [[http://editdns.net/|editdns.net]] | [[http://namecheap.com/|namecheap.com]] | simply.com | |
| | [[http://dnsexit.com/|dnsexit.com]] | [[http://dnshome.de/|dnshome.de]] <sup>6)</sup> | [[http://dnsmax.com/|dnsmax.com]] | [[http://dnsomatic.com/|dnsomatic.com]] | | | all-inkl.com | [[http://do.de/|do.de]] <sup>6)</sup> | [[http://goip.de/|goip.de]] <sup>6)</sup> | [[http://nettica.com/|nettica.com]] | [[http://sitelutions.com/|sitelutions.com]] | |
| | [[http://dnspark.com/|dnspark.com]] | [[http://do.de/|do.de]] <sup>6)</sup> | [[http://dtdns.com/|dtdns.com]] | [[http://duckdns.org/|duckdns.org]] <sup>6)</sup> | | | [[http://changeip.com/|changeip.com]] | domopoli.de | [[http://domains.google.com/|google.com]] <sup>5) 6)</sup> | njal.la | [[http://spdyn.de/|spdyn.de]] <sup>6)</sup> (spdns.de) | |
| | [[http://duiadns.net/|duiadns.net]] <sup>6)</sup> | [[http://dy.fi/|dy.fi]] | [[http://dyndns.org/|dyndns.org]] <sup>6)</sup> (dyn.com) | [[http://dyndnss.net/|dyndnss.net]] | | | [[http://cloudflare.com/|cloudflare.com]] <sup>2) 5) 6)</sup> | [[http://dtdns.com/|dtdns.com]] | [[http://dns.he.net/|dns.he.net]] <sup>6)</sup> | now-dns.com | [[http://strato.com/|strato.com]] | |
| | dyns.net | dynsip.org | [[http://dynu.com/|dynu.com]] | [[http://dynv6.com/|dynv6.com]] <sup>6)</sup> | | | [[http://core-networks.de/|core-networks.de]] <sup>6)</sup> | [[http://duckdns.org/|duckdns.org]] <sup>6)</sup> | [[https://he.net|he.net]] | [[http://no-ip.com/|no-ip.com]] <sup>1)</sup> (noip.com) | [[http://system-ns.com/|system-ns.com]] | |
| | [[http://easydns.com/|easydns.com]] | [[http://editdns.net/|editdns.net]] | [[http://goip.de/|goip.de]] <sup>6)</sup> | [[http://domains.google.com/|google.com]] <sup>5) 6)</sup> | | | [[http://ddnss.de/|ddnss.de]] <sup>6)</sup> | [[http://duiadns.net/|duiadns.net]] <sup>6)</sup> | [[https://hosting.de|hosting.de]] | [[http://no-ip.pl/|no-ip.pl]] <sup>6)</sup> | [[http://thatip.com/|thatip.com]] | |
| | [[http://dns.he.net/|he.net]] <sup>6)</sup> | [[http://joker.com/|joker.com]] | [[http://loopia.se/|loopia.se]] <sup>6)</sup> ([[http://loopia.com/|loopia.com]]) | [[http://mydns.jp/|mydns.jp]] <sup>6)</sup> | | | ddo.jp | [[http://dy.fi/|dy.fi]] | infomaniak.com | [[http://nsupdate.info/|nsupdate.info]] <sup>6)</sup> | transip.nl | |
| | [[http://myonlineportal.net/|myonlineportal.net]] <sup>6)</sup> | [[http://mythic-beasts.com/|mythic-beasts.com]] <sup>6)</sup> | [[http://namecheap.com/|namecheap.com]] | [[http://nettica.com/|nettica.com]] | | | desec.io | dyndns.it | ipnodns.ru | [[http://nubem.com/|nubem.com]] | [[http://twodns.de/|twodns.de]] | |
| | [[http://no-ip.com/|no-ip.com]] <sup>1)</sup> (noip.com) | [[http://no-ip.pl/|no-ip.pl]] <sup>6)</sup> | [[http://nsupdate.info/|nsupdate.info]] <sup>6)</sup> | [[http://nubem.com/|nubem.com]] | | | [[http://dhis.org/|dhis.org]] <sup>6)</sup> | [[http://dyndns.org/|dyndns.org]] <sup>6)</sup> (dyn.com) | [[https://inwx.de|inwx.de]] | [[http://ovh.com/|ovh.com]] | udmedia.de | |
| | [[http://ovh.com/|ovh.com]] | [[http://regfish.de/|regfish.de]] <sup>6)</sup> | [[http://schokokeks.org/|schokokeks.org]] | [[http://selfhost.de/|selfhost.de]] | | | [[http://dnsdynamic.org/|dnsdynamic.org]] | [[http://dyndnss.net/|dyndnss.net]] | [[http://joker.com/|joker.com]] | opendns.com | [[http://variomedia.de/|variomedia.de]] <sup>6)</sup> | |
| | [[http://sitelutions.com/|sitelutions.com]] | [[http://spdyn.de/|spdyn.de]] <sup>6)</sup> (spdns.de) | [[http://strato.com/|strato.com]] | [[http://system-ns.com/|system-ns.com]] | | | [[http://dnsexit.com/|dnsexit.com]] | dyns.net | [[http://loopia.se/|loopia.se]] <sup>6)</sup> ([[http://loopia.com/|loopia.com]]) | oray.com | xlhost.de | |
| | [[http://thatip.com/|thatip.com]] | [[http://twodns.de/|twodns.de]] | [[http://variomedia.de/|variomedia.de]] <sup>6)</sup> | | | | [[http://dnshome.de/|dnshome.de]] <sup>6)</sup> | dynsip.org | moniker.com | [[http://regfish.de/|regfish.de]] <sup>6)</sup> | [[http://zoneedit.com/|zoneedit.com]] <sup>5)</sup> | |
| | [[http://zoneedit.com/|zoneedit.com]] <sup>5)</sup> | | | BIND nsupdate <sup>3) 4) 6)</sup> | | | [[http://dnsmax.com/|dnsmax.com]] | [[http://dynu.com/|dynu.com]] | [[http://mydns.jp/|mydns.jp]] <sup>6)</sup> | [[http://schokokeks.org/|schokokeks.org]] | BIND nsupdate <sup>3) 4) 6)</sup> | |
| | | [[http://dnsomatic.com/|dnsomatic.com]] | [[http://dynv6.com/|dynv6.com]] <sup>6)</sup> | [[http://myonlineportal.net/|myonlineportal.net]] <sup>6)</sup> | [[http://selfhost.de/|selfhost.de]] | | |
| |
| - Requires additional package [[packages:pkgdata:ddns-scripts_no-ip_com]] to be installed. | - Requires additional package [[packages:pkgdata:ddns-scripts-noip]] to be installed. |
| - Needs additional package [[packages:pkgdata:ddns-scripts_cloudflare.com-v4]] to be installed. | - Needs additional package [[packages:pkgdata:ddns-scripts-cloudflare]] to be installed. |
| - Directly updates a PowerDNS (or maybe bind server) via nsupdate. | - Directly updates a DNS server (Bind, PowerDNS, Knot) via nsupdate (RFC 2136). |
| - Needs additional package [[packages:pkgdata:ddns-scripts_nsupdate]] and [[packages:pkgdata:bind-client]] to be installed. | - Needs additional package [[packages:pkgdata:ddns-scripts-nsupdate]] and [[packages:pkgdata:bind-client]] to be installed. |
| - Requires SSL support. | - Requires SSL support. |
| - Supports IPv6. | - Supports IPv6. |
| - Press the button **Update Lists** to update internal lists of available packages. | - Press the button **Update Lists** to update internal lists of available packages. |
| - Install the packages [[packages:pkgdata:ddns-scripts]] and [[packages:pkgdata:luci-app-ddns]] to provide DDNS client service and web interface. | - Install the packages [[packages:pkgdata:ddns-scripts]] and [[packages:pkgdata:luci-app-ddns]] to provide DDNS client service and web interface. |
| - Install the packages [[packages:pkgdata:wget]] and [[packages:pkgdata:ca-certificates]], or [[packages:pkgdata:curl]] and [[packages:pkgdata:ca-bundle]] for SSL support. | - Install the packages [[packages:pkgdata:wget-ssl]] and [[packages:pkgdata:ca-certificates]], or [[packages:pkgdata:curl]] and [[packages:pkgdata:ca-bundle]] for SSL support. |
| - Install the provider specific packages ''ddns-scripts_*'' and LuCI language packages ''luci-i18n-ddns-*''. | - Install the provider specific packages ''ddns-scripts_*'' and LuCI language packages ''luci-i18n-ddns-*''. |
| - Refresh the page and navigate to **LuCI -> Services -> Dynamic DNS**. | - Refresh the page and navigate to **LuCI -> Services -> Dynamic DNS**. |
| ==== Web interface instructions ==== | ==== Web interface instructions ==== |
| The main settings you need to set: | The main settings you need to set: |
| | Service name | The DDNS service provider to use | | | DDNS Service provider | Service provider name as it is known to OpenWrt | |
| | Lookup Host | One of your [[wp>Fully_qualified_domain_name|FQDNs]] you want to update, used by //ddns-scripts// with nslookup to check if update has happened | | | Lookup Hostname | The [[wp>Fully_qualified_domain_name|FQDNs]] you want to update, script will make DNS queries against it to check if IP address update is needed | |
| | Host/Domain | Mostly same as lookup host, but can provide a list of hosts to be updated | | | Domain | Usually the same as Lookup Hostname, script will include this name into the update request sent to provider | |
| | Username | Username or other parameter to use as username (send urlencoded) | | | Username | Username or other parameter used for authentication in update request (will be sent URL-encoded) | |
| | Password | Password or other parameter to use as password (send urlencoded)\\ :!: Ensure this password does not have have ''$'' characters, as this breaks the script. | | | Password | Password or other parameter (like token) used for authentication in update request (will be sent URL-encoded)\\ :!: Ensure this password does not have have ''$'' characters, as this breaks the script. | |
| | Interface | Network name used by OpenWrt hotplug event system to start //ddns-scripts//, e.g. ''wan'', ''wan6'' | | | Interface | Network name used by OpenWrt hotplug event system to start //ddns-scripts//, e.g. ''wan'', ''wan6'' | |
| |
| * It is not allowed to use ''dash''-sign "-" inside configuration/section names. | * It is not allowed to use ''dash''-sign "-" inside configuration/section names. |
| | http://bot.whatismyipaddress.com/ | - | - | US | | | http://bot.whatismyipaddress.com/ | - | - | US | |
| | http://whatismyip.org/ | - | - | US | | | http://whatismyip.org/ | - | - | US | |
| | http://myexternalip.com/raw | - | - | DE | | | http://myexternalip.com/raw | - | - | DE |php |
| | http://wtfismyip.com/text | http://ipv4.wtfismyip.com/text | http://ipv6.wtfismyip.com/text | US | | | http://wtfismyip.com/text | http://ipv4.wtfismyip.com/text | http://ipv6.wtfismyip.com/text | US | |
| | http://domains.google.com/checkip | - | - | part of Google | | | http://domains.google.com/checkip | - | - | part of Google | |
| - Users reported timeout problems, use links in the line below (...:8245). | - Users reported timeout problems, use links in the line below (...:8245). |
| - Alias of *.dyndns.com. | - Alias of *.dyndns.com. |
| | |
| | ==== WAN IP via own PHP script ==== |
| | If you don't like to use one of the above you can write your own. Here is a sample script in PHP which can easily be deployed on any web hosting: |
| | |
| | <code> |
| | <!DOCTYPE html> |
| | <body> |
| | <?php |
| | echo $_SERVER['REMOTE_ADDR']; |
| | ?> |
| | </body> |
| | </html> |
| | </code> |
| |
| ==== Detecting WAN IP with script ==== | ==== Detecting WAN IP with script ==== |
| . /lib/functions/network.sh | . /lib/functions/network.sh |
| network_flush_cache | network_flush_cache |
| network_find_wan NET_IF | for IPV in 4 6 |
| network_find_wan6 NET_IF6 | do |
| network_get_ipaddr NET_ADDR "${NET_IF}" | eval network_find_wan${IPV%4} NET_IF |
| network_get_ipaddr6 NET_ADDR6 "${NET_IF6}" | eval network_get_ipaddr${IPV%4} NET_ADDR "${NET_IF}" |
| echo "${NET_ADDR}" | echo "${NET_ADDR}" |
| echo "${NET_ADDR6}" | done |
| EOF | EOF |
| chmod +x /etc/ddns/getwanip | chmod +x /etc/ddns/getwanip |
| === Web interface instructions === | === Web interface instructions === |
| To **check** running //ddns-scripts// processes from the menu go to **Status -> Processes**. | To **check** running //ddns-scripts// processes from the menu go to **Status -> Processes**. |
| Look for something like ''/bin/sh /usr/lib/ddns/dynamic_dns_updater.sh **myddns** 0''. | Look for something like ''/bin/sh /usr/lib/ddns/dynamic_dns_updater.sh -v 0 -S **myddns** %%--%% start''. |
| |
| To **stop** a desired process press the **Terminate** or **Kill** button. | To **stop** a desired process press the **Terminate** or **Kill** button. |
| |
| <code bash> | <code bash> |
| /usr/lib/ddns/dynamic_dns_updater.sh myddns 0 & | /usr/lib/ddns/dynamic_dns_updater.sh -S myddns start & |
| </code> | </code> |
| | Note that verbosity can also be increased, which is very useful for debugging when creating your own ddns client scripts. e.g. |
| | <code bash> |
| | /usr/lib/ddns/dynamic_dns_updater.sh -S myddns -v1 start |
| | </code> |
| | see ''/usr/lib/ddns/dynamic_dns_updater.sh -h'' for more details |
| |
| To **start** all //ddns-scripts// configurations configured for one interface (the interface name from /etc/config/network, usually 'wan'): | To **stop** one configuration/section you need to find it's PID and kill it manually e.g. |
| <code bash> | <code bash> |
| sh /usr/lib/ddns/dynamic_dns_functions.sh # note the leading period followed by a space | pgrep -f -a dynamic |
| start_daemon_for_all_ddns_sections wan | kill <pid of matching dynamic_dns_updater.sh process> |
| </code> | </code> |
| |
| To **stop** one configuration/section you need to list running ddns processes with: | |
| |
| | To **start** all //ddns-scripts// configurations configured for a given interface e.g. ''wan'' |
| <code bash> | <code bash> |
| killall dynamic_dns_updater.sh | /usr/lib/ddns/dynamic_dns_updater.sh -n wan start |
| pgrep -f -a dynamic | </code> |
| pkill dynamic | |
| | **All** configured ddns services in ''/etc/config/ddns'' can of can be stopped,started,restarted and reloaded accordingly with the service command e.g. |
| | <code> |
| | service ddns restart |
| </code> | </code> |
| |
| </code> | </code> |
| |
| ==== bind / nsupdate ==== | ==== cloudflare.com ==== |
| Last updated: 2021-10-23 | Last updated: 2022-09-11 |
| |
| If you have your own domain and are running bind as your primary DNS server, you can use the [[packages:pkgdata:ddns-scripts-nsupdate]] package to update bind. There are two parts: | [[https://www.cloudflare.com/|Homepage]] |
| |
| - Configure bind to accept DNS updates using TSIG. | As of OpenWrt version 22.03.0, //ddns-scripts// supports the use of [[https://blog.cloudflare.com/api-tokens-general-availability/|API tokens]]. |
| - Configure OpenWRT to send DNS updates to bind when the IP changes. | API Tokens provide a new way to authenticate with the Cloudflare API. |
| |
| In the below example, we will use the following parameters: | [[https://dash.cloudflare.com/profile/api-tokens|Create Custom Token]] by following the [[https://developers.cloudflare.com/api/tokens/create/|Creating API tokens guide]]. make sure to add "Zone DNS Edit" Permission to your custom token. |
| * Domain name: ''example.org'' | You can also "include Specific zone" under Zone Resources. |
| * DNS Server: ''ns.example.org'' | These allow for scoped and permissioned access to resources and use the RFC compliant [[rfc>6750#section-2.1|Authorization Bearer Token Header]]. |
| * Router hostname: ''openwrt.example.org'' | For more information on Token vs Key see the [[https://api.cloudflare.com/#getting-started-requests|Cloudflare v4 API]] documentation. |
| |
| |
| === Configure Bind === | |
| |
| The first step is to set up bind to allow updates to the ''A'' (IPv4) and ''AAAA'' (IPv6) records for ''openwrt.example.org''. To do this, log onto your DNS server and run ''/usr/sbin/ddns-confgen -s openwrt.example.org''. This will generate the key and shared secret that will be used to update DNS. You should see output similar to the following: | |
| <code> | <code> |
| $ /usr/sbin/ddns-confgen -s openwrt.example.org | service_name cloudflare.com-v4 |
| # To activate this key, place the following in named.conf, and | domain [Your domain, here: example.com] |
| # in a separate keyfile on the system or systems from which nsupdate | username Bearer |
| # will be run: | password [Your API token] |
| key "ddns-key.openwrt.example.org" { | |
| algorithm hmac-sha256; | |
| secret "B1m6Xb1ngrEeNFSExr8homgfzeN8kWIBkJpnoAHF5D8="; | |
| }; | |
| | |
| # Then, in the "zone" statement for the zone containing the | |
| # name "openwrt.example.org", place an "update-policy" statement | |
| # like this one, adjusted as needed for your preferred permissions: | |
| update-policy { | |
| grant ddns-key.openwrt.example.org name openwrt.example.org ANY; | |
| }; | |
| | |
| # After the keyfile has been placed, the following command will | |
| # execute nsupdate using this key: | |
| nsupdate -k <keyfile> | |
| </code> | </code> |
| |
| The two important things to note for the second part of the setup, on openwrt, are: | |
| - Key Name: ''ddns-key.openwrt.example.org'' | |
| - Shared Secret (Base64 encoded): ''B1m6Xb1ngrEeNFSExr8homgfzeN8kWIBkJpnoAHF5D8='' (yours will differ as it is randomly generated) | |
| |
| You then need to do as the comments in the output say and put both the ''key'' block and the ''update-policy'' block in the proper places within your bind configuration file (generally ''/etc/bind/named.conf.local'' or ''/etc/bind/named.conf'') and reload/restart bind. | |
| |
| To test that bind is now properly configured you can run a test as follows: | |
| <code> | |
| $ nsupdate | |
| server ns.example.org | |
| key ddns-key.openwrt.example.org B1m6Xb1ngrEeNFSExr8homgfzeN8kWIBkJpnoAHF5D8= | |
| update del openwrt.example.org A | |
| update add 600 A 10.10.10.10 | |
| show | |
| send | |
| answer | |
| quit | |
| $ dig @ns.example.org openwrt.example.org A | |
| </code> | |
| |
| You should see no errors, and the ''10.10.10.10'' IPv4 address returned for ''openwrt.example.org''. If so, you are ready to move on to the next step which is to configure DDNS on OpenWRT to send updates to bind. | |
| |
| See also: [[https://bind9.readthedocs.io/en/latest/advanced.html#tsig|BIND 9 Administrator Reference Manual]] | |
| |
| ==== cloudflare.com ==== | |
| Last updated: 2020-08-31 | |
| |
| [[https://www.cloudflare.com/|Homepage]] | |
| |
| To use subdomains (CNAME or A records), use the format below when filling your credentials: | To use subdomains (CNAME or A records), use the format below when filling your credentials: |
| * If using Cloudflare's "Subdomain Support", your zone may already be "foo.example.com", so if the DDNS hostname is "bar.foo.example.com" the domain field would be "bar@foo.example.com" | * If using Cloudflare's "Subdomain Support", your zone may already be "foo.example.com", so if the DDNS hostname is "bar.foo.example.com" the domain field would be "bar@foo.example.com" |
| |
| The version of //ddns-scripts// in the master branch of the packages feed supports the use of [[https://blog.cloudflare.com/api-tokens-general-availability/|API tokens]]. | |
| API Tokens provide a new way to authenticate with the Cloudflare API. | |
| They allow for scoped and permissioned access to resources and use the RFC compliant [[rfc>6750#section-2.1|Authorization Bearer Token Header]]. | |
| For more information on Token vs Key see the [[https://api.cloudflare.com/#getting-started-requests|Cloudflare v4 API]] documentation. | |
| |
| <code> | |
| service_name cloudflare.com-v4 | |
| domain [Your domain, here: example.com] | |
| username Bearer | |
| password [Your API token] | |
| </code> | |
| |
| ==== dnsomatic.com ==== | ==== dnsomatic.com ==== |
| [[https://www.dnsomatic.com/|From dns-o-matic homepage]] -- [[https://www.dnsomatic.com/wiki/|Documentation]] | [[https://www.dnsomatic.com/|From dns-o-matic homepage]] -- [[https://www.dnsomatic.com/wiki/|Documentation]] |
| |
| You need to change your OpenDNS password to one that doesn't contain HTML special characters [[https://support.opendns.com/hc/en-us/community/posts/360055742852-dns-o-matic-username-password-|On dnsomatic username and password]] | DNS-O-Matic authentication is integrated with OpenDNS, so your DNS-O-Matic credentials are the same as your OpenDNS ones. You need to change your OpenDNS password to one that doesn't contain HTML special characters [[https://support.opendns.com/hc/en-us/community/posts/360055742852-dns-o-matic-username-password-|On dnsomatic username and password]] |
| |
| If you would like to make sure your SSL connection is verified, then [[:docs:guide-user:services:ddns:client#ssl_support|install the CA certificates]] | If you would like to make sure your SSL connection is verified, then [[:docs:guide-user:services:ddns:client#ssl_support|install the CA certificates]] |
| and set the path to **/etc/ssl/certs/QuoVadis_Root_CA_2.crt** //(Path to CA-Certificate in the LuCI or **option 'cacert' '/etc/ssl/certs/QuoVadis_Root_CA_2.crt'** when configuring by command line.)// | and set the path to **/etc/ssl/certs** //(Path to CA-Certificate in the LuCI or **option 'cacert' '/etc/ssl/certs'** when configuring by command line.)// |
| |
| To update all services registered with DNS-O-Matic in one configuration/section use the following settings in /etc/config/ddns: | To update all services registered with DNS-O-Matic in one configuration/section use the following settings in /etc/config/ddns: |
| # /etc/config/ddns | # /etc/config/ddns |
| config service 'DNSoMATIC' | config service 'DNSoMATIC' |
| option lookup_host 'anotherddns.com' # It must be a FQDN that is active on dns-o-matic dashboard to be refreshed by it | option lookup_host 'anotherddns.com' # It must be a FQDN that is active on dns-o-matic dashboard to be refreshed by it. if using openDNS, use myip.opendns.com |
| option interface 'wan' # Set it to the network interface to be monitored on changes | option interface 'wan' # Set it to the network interface to be monitored on changes |
| option ip_source 'web' | option ip_source 'web' |
| option ip_url 'http://checkip.amazonaws.com/' | option ip_url 'http://checkip.amazonaws.com/' # does not appear to be used, at least by the LUCI interface |
| option use_https '1' | option use_https '1' |
| | option cacert '/etc/ssl/certs' |
| option service_name 'dnsomatic.com' | option service_name 'dnsomatic.com' |
| option domain 'all.dnsomatic.com' # It will instruct dns-o-matic to update all services set on its dashboard | option domain 'all.dnsomatic.com' # It will instruct dns-o-matic to update all services set on its dashboard |
| uci set ddns.dnsomatic.interface='wan' ##Change it to yours | uci set ddns.dnsomatic.interface='wan' ##Change it to yours |
| uci set ddns.dnsomatic.ip_source='web' | uci set ddns.dnsomatic.ip_source='web' |
| uci set ddns.dnsomatic.ip_url='http://checkip.amazonaws.com/' | uci set ddns.dnsomatic.ip_url='http://checkip.amazonaws.com/' ## not mandatory |
| uci set ddns.dnsomatic.use_https='1' | uci set ddns.dnsomatic.use_https='1' |
| uci set ddns.dnsomatic.service_name='dnsomatic.com' | uci set ddns.dnsomatic.service_name='dnsomatic.com' |
| |
| ==== duckdns.org ==== | ==== duckdns.org ==== |
| Last updated: 2015-07-14 | Last updated: 2024-01-02 |
| |
| [[http://www.duckdns.org/|Homepage]] -- [[http://www.duckdns.org/install.jsp|Installation instructions]] -- [[http://www.duckdns.org/faqs.jsp|FAQ]] | For detailed instructions, see [[docs:guide-user:services:ddns:duckdns|DuckDNS DDNS Client]]. |
| |
| FIXME | ==== dynu.com ==== |
| There is another [[docs:guide-user:services:ddns:duckdns|description]] here. | Last updated: 2024-10-05 |
| I take over the link during rewriting this wiki page. | |
| | [[http://dynu.com/ | Homepage]] -- [[https://www.dynu.com/DynamicDNS/IP-Update-Protocol | IP Update Protocol]] |
| |
| Inside LuCI web UI select **--custom--** and fill in the other options accordingly. | It works out of the box in the standard most common setup with a single user-defined //hostname// and a domain selected from what is offered by this provider. |
| :!: Be sure you install ssl support. | |
| |
| Additional use update_url and settings from below: | In order to update v4 or v6 IP address for a //subdomain// that they call [[https://www.dynu.com/Resources/Tutorials/DynamicDNS/Advancedfeatures/Aliases | alias]] the following custom configuration can be used: |
| |
| <code> | <code> |
| update_url http://www.duckdns.org/update?domains=[USERNAME]&token=[PASSWORD]&ip=[IP] | service_name delete / --custom-- |
| domain [Your FQDN] | update_url api.dynu.com/nic/update?hostname=[DOMAIN]&alias=[PARAMENC]&myipv6=[IP]&password=[PASSWORD] |
| username [Your Host without ".duckdns.org"] | domain [your 3rd level domain, like "mydomain.example.com"] |
| password [Your token] | paramenc [your alias, like "myhost"] |
| use_https 1 | username [dummy, not used, but Luci expects something to be set] |
| cacert [path to certificate file or directory] | password [your update token] |
| </code> | </code> |
| | This will update IPv6 address for ''myhost.mydomain.example.com'' |
| | |
| | The //update token// used as a password in both standard and custom configurations is an MD5/SHA256 hash of "IP Update Password" that is set in Control Panel /[[https://www.dynu.com/en-US/ControlPanel/ManageCredentials | Manage Credentials]] |
| | |
| | The hash can be generated on their [[https://www.dynu.com/NetworkTools/Hash | web site]] or locally by the user. |
| | |
| |
| ==== freedns.afraid.org ==== | ==== freedns.afraid.org ==== |
| |
| ==== he.net ==== | ==== he.net ==== |
| Last updated: 2015-07-15 | Last updated: 2023-10-05 |
| |
| [[https://dns.he.net/|Homepage]] | [[https://dns.he.net/|Homepage]] |
| | [[https://dns.he.net/docs.html|Details about their free dynamic DNS service]] |
| |
| FIXME | Background (who they are): Hurricane Electric (referred to as HE.net below) is one of the //original// supporters/pushers of the IPv6 internet (and also provide a [[https://tunnelbroker.net/|free tunnel broker]] if you want IPv6 connectivity but your ISP is in the stone-ages), and HE.net also run major internet backbones. |
| There is another [[docs:guide-user:services:ddns:hurricaneelectricfreedns|description]] here. | |
| I take over the link during rewriting this wiki page. | HE.net is a great option if you //already// have a domain (or sub-domain) you can point at their 5 nameservers (ns[1-5]/dot/he.net). This will need to be done **before** you can setup the zone (your domain or subdomain) up. |
| | |
| | You can then opt for one of an A (for IPv4) record or an AAAA (for IPv6) record //under// that sub-domain, to be updated dynamically by the ddns-service. Security of this ability is provided via a 16-character api-access-key they can generate for you (or you can specify your own). |
| | |
| | If you don't have an HE.net account, you will need to [[https://ipv6.he.net/certification/register.php|open a free account]] |
| | |
| | If you don't already have a domain (or subdomain) pointing to HE.net: |
| | * Go to the [[https://dns.he.net/|DNS management page]]. |
| | * Click on **Add a new domain** (on the left side-bar) |
| | * Enter your domain or subdomain (that should //already// have pointed to their 5 nameservers), and click the green **Add domain!** button (the page may take a few seconds to respond, do not click multiple times) |
| | * Next to the //new domain//, click the 2nd icon (the one that looks like classic-windows app + pencil icon) to **Edit** the records for that dns-zone. |
| | * Click the **New A** button (for IPv4) or **New AAAA** button (for IPv6). |
| | * For **Name**, enter only the part part before the first period in the FQDN (the part that goes //before// the domain or subdomain you pointed at HE's nameserver). |
| | * **//MAKE SURE//** you click **Enable entry for dynamic dns** checkbox **ON** |
| | * Click **Submit** |
| | * Click the //icon that looks like a small two-arrows// in a circle (pointing to each other) in the **DDNS** column. |
| | * In the popup **Dynamic DNS Record**, here you can either generate a key (up to 16 characters) or specify your own. **You will need this for the password in the example config below** |
| | |
| | (src - above steps tested and based on [[https://networkingnotesblog.wordpress.com/2015/10/15/using-dynamic-dns-server-with-he-net/|this blog]]). |
| | |
| | *Note:* In order for a zone to be accepted for addition to HE.net's DNS-manager, it **must** //already// be configured to point to ns1.he.net / ns2.he.net / ns3.he.net / ns4.he.net / ns5.he.net. Adding the domain or subdomain to HE.net will fail w/ an error otherwise. Note: I don't know if they check for all five nameservers, but may as well just add all 5 NS records to your domain (with the registrar you setup the domain) or if a sub-domain (at your existing host. |
| | |
| | Lastly, if you want to (it's optional) protect the update-requests that the ddns-service does, with TLS, you can see the [[client#ssl_support1|above section on SSL]]. |
| | The following settings have been tested/worked: |
| | |
| | In the below example config, the (sub-)domain pointing to HE.net nameservers is "zone.domain.tld", and the A record is "addr-a-record" (thus the full dynamic hostname will be addr-a-record.zone.domain.tld). |
| |
| Use the following settings: | |
| <code> | <code> |
| service_name he.net | # /etc/config/ddns |
| domain [Your FQDN] | config service 'dns_he_net' |
| username [Your FQDN] | option service_name 'he.net' |
| password [Your password] | option enabled '1' |
| | option domain 'addr-a-record.your.domain.tld' # this is the A or AAAA record you created and set up a DynDNS Key for |
| | option lookup_host 'addr-a-record.your.domain.tld' # same as above - script queries this to see if it's outdated and needs to be updated |
| | option use_ipv6 '0' # whether to update your AAAA record (by default: A record) |
| | option username 'your.domain.tld' # this is not your HE.net username, but your zone (zone.domain.tld) delegated to HE.net nameservers |
| | option password 'XXXXXXXXXXXXXXXX' # this part is the generated Key for the DynDNS function |
| | option ip_source 'network' |
| | option ip_network 'wan' |
| | option interface 'wan' |
| | option use_syslog '2' |
| | option check_unit 'minutes' |
| | option force_unit 'minutes' |
| | option retry_unit 'seconds' |
| </code> | </code> |
| | |
| | More info about how this works underneath the covers: https://dns.he.net/docs.html |
| | |
| | Note: There is another (older) doc here: [[docs:guide-user:services:ddns:hurricaneelectricfreedns|doc here]]. |
| | |
| |
| ==== mythic-beasts.com ==== | ==== mythic-beasts.com ==== |
| |
| ==== noip.com ==== | ==== noip.com ==== |
| Last updated: 2015-07-21 | Last updated: 2024-10-03 |
| |
| [[http://www.noip.com/|Homepage]] -- [[http://www.noip.com/support/|SupportCenter]] | [[http://www.noip.com/ | Homepage]] -- [[http://www.noip.com/support/ | SupportCenter]] -- [[https://www.noip.com/integrate/request/ | Dynamic DNS API]] |
| |
| :!: Install the [[packages:pkgdata:ddns-scripts_no-ip_com]] package. | :!: Install the [[packages:pkgdata:ddns-scripts-noip]] package. |
| |
| The default is to use your ''username'' and ''password'' as normal inside //ddns-scripts// together with ''service_name no-ip.com'' or ''noip.com''. | The default is to use ''username'' and ''password'' as normal inside //ddns-scripts// together with ''service_name no-ip.com''. |
| |
| If you want to update multiple hosts inside one configuration/section you need the following settings: | If you want to update multiple hosts inside one configuration/section you need the following settings: |
| |
| Instead of using a web service, that has the risk of being eventually offline, to detect the public IP, you can detect the [[client#Detecting WAN public IP by script|WAN public IP by this script]]. | Instead of using a web service, that has the risk of being eventually offline, to detect the public IP, you can detect the [[client#Detecting WAN public IP by script|WAN public IP by this script]]. |
| | |
| | ===== Additional forum threads for configuration ===== |
| | |
| | https://forum.openwrt.org/t/enabling-dynamic-dns-is-too-convoluted-difficult/152939 |
| |