Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:services:ddns:client [2023/02/27 14:51] – Added "Additional forum threads for configuration" account4538 | docs:guide-user:services:ddns:client [2024/10/05 13:46] – [dynu.com] andrewz | ||
|---|---|---|---|
| Line 32: | Line 32: | ||
| * Pick one from the list https:// | * Pick one from the list https:// | ||
| - | ^ // | + | ^ // |
| - | | [[http:// | + | | [[http:// |
| - | | [[http:// | + | | [[http://afraid.org/|afraid.org]] < |
| - | | [[http://dnsexit.com/|dnsexit.com]] | [[http://dnshome.de/|dnshome.de]] < | + | | all-inkl.com |
| - | | [[http://dnspark.com/|dnspark.com]] | [[http://do.de/|do.de]] < | + | | [[http://changeip.com/|changeip.com]] |
| - | | [[http://duiadns.net/|duiadns.net]] < | + | | [[http://cloudflare.com/|cloudflare.com]] <sup>2) 5) 6)</ |
| - | | dyns.net | dynsip.org | + | | [[http://core-networks.de/|core-networks.de]] < |
| - | | [[http://easydns.com/|easydns.com]] | [[http://editdns.net/|editdns.net]] | [[http://goip.de/|goip.de]] < | + | | [[http://ddnss.de/|ddnss.de]] < |
| - | | [[http://dns.he.net/|dns.he.net]] < | + | | ddo.jp |
| - | | [[http://myonlineportal.net/|myonlineportal.net]] < | + | | desec.io |
| - | | [[http://no-ip.com/|no-ip.com]] < | + | | [[http://dhis.org/|dhis.org]] < |
| - | | [[http://ovh.com/|ovh.com]] | [[http://regfish.de/|regfish.de]] < | + | | [[http://dnsdynamic.org/|dnsdynamic.org]] |
| - | | [[http://sitelutions.com/|sitelutions.com]] | [[http://spdyn.de/|spdyn.de]] < | + | | [[http://dnsexit.com/|dnsexit.com]] |
| - | | [[http://thatip.com/|thatip.com]] | [[http://twodns.de/|twodns.de]] | [[http://variomedia.de/|variomedia.de]] < | + | | [[http://dnshome.de/|dnshome.de]] < |
| - | | [[http://zoneedit.com/|zoneedit.com]] <sup>5)</ | + | | [[http://dnsmax.com/|dnsmax.com]] |
| + | | [[http://dnsomatic.com/|dnsomatic.com]] | ||
| - | - Requires additional package [[packages: | + | - Requires additional package [[packages: |
| - | - Needs additional package [[packages: | + | - Needs additional package [[packages: |
| - Directly updates a DNS server (Bind, PowerDNS, Knot) via nsupdate (RFC 2136). | - Directly updates a DNS server (Bind, PowerDNS, Knot) via nsupdate (RFC 2136). | ||
| - | - Needs additional package [[packages: | + | - Needs additional package [[packages: |
| - Requires SSL support. | - Requires SSL support. | ||
| - Supports IPv6. | - Supports IPv6. | ||
| Line 65: | Line 66: | ||
| - Press the button **Update Lists** to update internal lists of available packages. | - Press the button **Update Lists** to update internal lists of available packages. | ||
| - Install the packages [[packages: | - Install the packages [[packages: | ||
| - | - Install the packages [[packages: | + | - Install the packages [[packages: |
| - Install the provider specific packages '' | - Install the provider specific packages '' | ||
| - Refresh the page and navigate to **LuCI -> Services -> Dynamic DNS**. | - Refresh the page and navigate to **LuCI -> Services -> Dynamic DNS**. | ||
| Line 95: | Line 96: | ||
| ==== Web interface instructions ==== | ==== Web interface instructions ==== | ||
| The main settings you need to set: | The main settings you need to set: | ||
| - | | Service | + | | |
| - | | Lookup | + | | Lookup |
| - | | Host/Domain | Mostly | + | | |
| - | | Username | Username or other parameter | + | | |
| - | | Password | Password or other parameter | + | | |
| - | | Interface | Network name used by OpenWrt hotplug event system to start // | + | | Interface | Network name used by OpenWrt hotplug event system to start // |
| * It is not allowed to use '' | * It is not allowed to use '' | ||
| Line 278: | Line 279: | ||
| ==== WAN IP via own PHP script ==== | ==== WAN IP via own PHP script ==== | ||
| - | |||
| If you don't like to use one of the above you can write your own. Here is a sample script in PHP which can easily be deployed on any web hosting: | If you don't like to use one of the above you can write your own. Here is a sample script in PHP which can easily be deployed on any web hosting: | ||
| Line 290: | Line 290: | ||
| </ | </ | ||
| </ | </ | ||
| + | |||
| ==== Detecting WAN IP with script ==== | ==== Detecting WAN IP with script ==== | ||
| If your WAN interface has the IP you want to propagate, this approach has the advantage of not depending on external services or even a working DNS resolution. | If your WAN interface has the IP you want to propagate, this approach has the advantage of not depending on external services or even a working DNS resolution. | ||
| Line 300: | Line 301: | ||
| . / | . / | ||
| network_flush_cache | network_flush_cache | ||
| - | network_find_wan NET_IF | + | for IPV in 4 6 |
| - | network_find_wan6 NET_IF6 | + | do |
| - | network_get_ipaddr | + | eval network_find_wan${IPV%4} |
| - | network_get_ipaddr6 NET_ADDR6 | + | eval network_get_ipaddr${IPV%4} NET_ADDR |
| echo " | echo " | ||
| - | echo " | + | done |
| EOF | EOF | ||
| chmod +x / | chmod +x / | ||
| Line 566: | Line 567: | ||
| </ | </ | ||
| - | ==== bind / nsupdate ==== | ||
| - | Last updated: 2021-10-23 | ||
| - | |||
| - | If you have your own domain and are running bind as your primary DNS server, you can use the [[packages: | ||
| - | |||
| - | - Configure bind to accept DNS updates using TSIG. | ||
| - | - Configure OpenWRT to send DNS updates to bind when the IP changes. | ||
| - | |||
| - | In the below example, we will use the following parameters: | ||
| - | * Domain name: **example.org** | ||
| - | * DNS Server: **ns.example.org** | ||
| - | * Router hostname: **openwrt.example.org** | ||
| - | |||
| - | === Configure Bind === | ||
| - | The first step is to set up bind to allow updates to the '' | ||
| - | < | ||
| - | $ / | ||
| - | # To activate this key, place the following in named.conf, and | ||
| - | # in a separate keyfile on the system or systems from which nsupdate | ||
| - | # will be run: | ||
| - | key " | ||
| - | algorithm hmac-sha256; | ||
| - | secret " | ||
| - | }; | ||
| - | |||
| - | # Then, in the " | ||
| - | # name " | ||
| - | # like this one, adjusted as needed for your preferred permissions: | ||
| - | update-policy { | ||
| - | grant ddns-key.openwrt.example.org name openwrt.example.org ANY; | ||
| - | }; | ||
| - | |||
| - | # After the keyfile has been placed, the following command will | ||
| - | # execute nsupdate using this key: | ||
| - | nsupdate -k < | ||
| - | </ | ||
| - | |||
| - | The two important things to note for the second part of the setup, on openwrt, are: | ||
| - | - Key Name: **ddns-key.openwrt.example.org** | ||
| - | - Shared Secret (Base64 encoded): **B1m6Xb1ngrEeNFSExr8homgfzeN8kWIBkJpnoAHF5D8=** (yours will differ as it is randomly generated) | ||
| - | |||
| - | You then need to do as the comments in the output say and put both the '' | ||
| - | |||
| - | To test that bind is now properly configured you can run a test as follows: | ||
| - | < | ||
| - | $ nsupdate | ||
| - | server ns.example.org | ||
| - | key hmac-sha256: | ||
| - | update del openwrt.example.org A | ||
| - | update add openwrt.example.org 600 A 10.10.10.10 | ||
| - | show | ||
| - | send | ||
| - | answer | ||
| - | quit | ||
| - | $ dig @ns.example.org openwrt.example.org A | ||
| - | </ | ||
| - | |||
| - | You should see no errors, and the '' | ||
| - | |||
| - | See also: [[https:// | ||
| - | |||
| - | === OpenWRT === | ||
| - | == LuCI == | ||
| - | To configure DDNS using the LuCI WUI, you will need to install the [[packages: | ||
| - | * Lookup Hostname: **openwrt.example.org** | ||
| - | * DDNS Service provider: **bind-nsupdate** | ||
| - | * Domain: **openwrt.example.org** | ||
| - | * Username: **hmac-sha256: | ||
| - | * Password: **B1m6Xb1ngrEeNFSExr8homgfzeN8kWIBkJpnoAHF5D8=** | ||
| - | * DNS-Server (on the Advanced Settings tab): **ns.example.org** | ||
| - | |||
| - | Then click **Save**, followed by **Save & Apply**. | ||
| - | |||
| - | Congratulations, | ||
| - | |||
| - | == UCI == | ||
| - | If you are not using LuCI and want to configure manually, you will need to edit ''/ | ||
| - | <file [enable_line_numbers=" | ||
| - | config ddns ' | ||
| - | option ddns_dateformat '%F %R' | ||
| - | option ddns_loglines ' | ||
| - | option ddns_rundir '/ | ||
| - | option ddns_logdir '/ | ||
| - | |||
| - | config service ' | ||
| - | option enabled ' | ||
| - | option lookup_host ' | ||
| - | option use_ipv6 ' | ||
| - | option service_name ' | ||
| - | option domain ' | ||
| - | option ip_source ' | ||
| - | option ip_network ' | ||
| - | option interface ' | ||
| - | option dns_server ' | ||
| - | option use_syslog ' | ||
| - | option check_unit ' | ||
| - | option force_unit ' | ||
| - | option retry_unit ' | ||
| - | option username ' | ||
| - | option password ' | ||
| - | </ | ||
| - | You can then add another stanza for IPv6, by turning on '' | ||
| ==== cloudflare.com ==== | ==== cloudflare.com ==== | ||
| Last updated: 2022-09-11 | Last updated: 2022-09-11 | ||
| Line 749: | Line 648: | ||
| ==== duckdns.org ==== | ==== duckdns.org ==== | ||
| - | Last updated: | + | Last updated: |
| - | [[http:// | + | For detailed instructions, |
| - | FIXME | + | ==== dynu.com ==== |
| - | There is another [[docs:guide-user: | + | Last updated: 2024-10-05 |
| - | I take over the link during rewriting this wiki page. | + | |
| - | Inside LuCI web UI select **--custom--** and fill in the other options accordingly. | + | [[http:// |
| - | :!: Be sure you install ssl support. | + | |
| - | Additional use update_url | + | It works out of the box in the standard most common setup with a single user-defined // |
| + | |||
| + | In order to update v4 or v6 IP address for a // | ||
| < | < | ||
| - | update_url http: | + | service_name delete |
| - | domain [Your FQDN] | + | update_url api.dynu.com/nic/update?hostname=[DOMAIN]&alias=[PARAMENC]&myipv6=[IP]& |
| - | username [Your Host without | + | domain [your 3rd level domain, like "mydomain.example.com"] |
| - | password [Your token] | + | paramenc [your alias, like " |
| - | use_https 1 | + | username [dummy, not used, but Luci expects something |
| - | cacert [path to certificate file or directory] | + | password [your update token] |
| </ | </ | ||
| + | This will update IPv6 address for '' | ||
| + | |||
| + | The //update token// used as a password in both standard and custom configurations is an MD5/SHA256 hash of "IP Update Password" | ||
| + | |||
| + | The hash can be generated on their [[https:// | ||
| + | |||
| ==== freedns.afraid.org ==== | ==== freedns.afraid.org ==== | ||
| Line 857: | Line 762: | ||
| ==== he.net ==== | ==== he.net ==== | ||
| - | Last updated: | + | Last updated: |
| [[https:// | [[https:// | ||
| + | [[https:// | ||
| - | FIXME | + | Background (who they are): Hurricane Electric (referred to as HE.net below) |
| - | There is another | + | |
| - | I take over the link during rewriting | + | HE.net is a great option if you //already// have a domain (or sub-domain) you can point at their 5 nameservers (ns[1-5]/ |
| + | |||
| + | You can then opt for one of an A (for IPv4) record or an AAAA (for IPv6) record //under// that sub-domain, to be updated dynamically by the ddns-service. | ||
| + | |||
| + | If you don't have an HE.net account, you will need to [[https:// | ||
| + | |||
| + | If you don't already have a domain (or subdomain) pointing to HE.net: | ||
| + | * Go to the [[https:// | ||
| + | * Click on **Add a new domain** (on the left side-bar) | ||
| + | * Enter your domain or subdomain (that should //already// have pointed to their 5 nameservers), | ||
| + | * Next to the //new domain//, click the 2nd icon (the one that looks like classic-windows app + pencil icon) to **Edit** the records for that dns-zone. | ||
| + | * Click the **New A** button (for IPv4) or **New AAAA** button (for IPv6). | ||
| + | * For **Name**, enter only the part part before the first period in the FQDN (the part that goes //before// the domain or subdomain you pointed at HE's nameserver). | ||
| + | * **//MAKE SURE//** you click **Enable entry for dynamic dns** checkbox **ON** | ||
| + | * Click **Submit** | ||
| + | * Click the //icon that looks like a small two-arrows// | ||
| + | * In the popup **Dynamic DNS Record**, here you can either generate a key (up to 16 characters) or specify your own. **You will need this for the password in the example config below** | ||
| + | |||
| + | (src - above steps tested and based on [[https:// | ||
| + | |||
| + | *Note:* In order for a zone to be accepted for addition to HE.net' | ||
| + | |||
| + | Lastly, if you want to (it's optional) protect the update-requests that the ddns-service does, with TLS, you can see the [[client# | ||
| + | The following settings have been tested/ | ||
| + | |||
| + | In the below example config, the (sub-)domain pointing to HE.net nameservers is " | ||
| - | Use the following settings: | ||
| < | < | ||
| - | service_name he.net | + | # / |
| - | domain [Your FQDN] | + | config service ' |
| - | username [Your FQDN] | + | option |
| - | password [Your password] | + | |
| + | option | ||
| + | | ||
| + | option use_ipv6 ' | ||
| + | option | ||
| + | | ||
| + | option ip_source ' | ||
| + | option ip_network ' | ||
| + | option interface ' | ||
| + | option use_syslog ' | ||
| + | option check_unit ' | ||
| + | option force_unit ' | ||
| + | option retry_unit ' | ||
| </ | </ | ||
| + | |||
| + | More info about how this works underneath the covers: https:// | ||
| + | |||
| + | Note: There is another (older) doc here: [[docs: | ||
| + | |||
| ==== mythic-beasts.com ==== | ==== mythic-beasts.com ==== | ||
| Line 930: | Line 877: | ||
| ==== noip.com ==== | ==== noip.com ==== | ||
| - | Last updated: | + | Last updated: |
| - | [[http:// | + | [[http:// |
| - | :!: Install the [[packages: | + | :!: Install the [[packages: |
| - | The default is to use your '' | + | The default is to use '' |
| If you want to update multiple hosts inside one configuration/ | If you want to update multiple hosts inside one configuration/ | ||