Quick HOWTO : Ch19 : Dynamic DNS - Linux Home Networking

Page 1 of 7

DNS Tree Cisco Unified Computing See the delegation of you domain all Made to work better together. Find the way from the root-servers Out More & Win Digital Camera!
DNSTree.com www.Cisco.com/Indonesia

Free DNS & Dynamic DNS Globally Redundant, Instant Updates Windows & Unix Clients, Free & Easy
www.Sitelutions.com/

Forums | Corrections | About | (c) Peter Harrison

Search

Like

Quick HOWTO : Ch19 : Dynamic DNS

From Linux Home Networking

1Share
I passed the CCIE R&S Lab on my first attempt! Steve Clarkin - CCIE #25821
www.INE.com/CCIE

IP Access Control Single door PoE Controller Scale from one to hundreds of doors

Contents
1 Introduction 2 Dynamic DNS Preparation 2.1 Testing ISP Connectivity For Your Website 2.1.1 Setup 2.1.2 Testing From The Internet 2.1.3 Test Port Forwarding 2.2 Registering DDNS 2.3 Install a DDNS Client On Your Server 3 Dynamic DNS And NAT Router/Firewalls 4 DDNS Client Software - SOHO Router / Firewalls 5 DDNS Client Software - Linux DDclient 5.1 The /etc/ddclient.conf file 5.2 How to Get DDclient Started 5.3 Troubleshooting DDclient 5.4 Finding DDclient Help 5.5 Getting DDclient to Periodically Update 6 Testing Your Dynamic DNS 7 Conclusion

www.infinias.com

BolehVPN - Privacy & P2P Bypass ISP traffic P2P shaping Hide your IP, Surf Hulu/Pandora!
www.bolehvpn.net

Free Uptime Monitoring Monitor Your Uptime and Response Time for Free. No Installation!
www.Pingdom.com

whatismyipaddress.com

Ads by Google

Introduction
In many home networking environments, the DSL or cable modem IP address is provided by DHCP and therefore changes from time to time. This can cause problems with the DNS zone files explained in Chapter 18, "Configuring DNS," which assume the IP address of a server won't change continuously. It is for this reason that there are two broad types of DNS: Static DNS This is used when your ISP provides you with unchanging fixed or static Internet IP addresses. Your DNS server acts as the authoritative source of information for your my-site.com domain. You can consider static DNS as the "traditional" or "regular" form of DNS. Dynamic DNS (DDNS) Used when you get a changing dynamic Internet IP addresses via DHCP from your ISP. You will have to use the services of a third-party DNS provider to provide DNS information for your mysite.com domain. This chapter will explain the details of dynamic DNS configuration.

Other Linux Home Networking Topics Introduction to Networking Linux Networking Simple Network Troubleshooting Troubleshooting Linux with Syslog Installing Linux Software The Linux Boot Process Configuring the DHCP Server Linux Users and sudo Windows, Linux and Samba Sharing Resources with Samba Samba Security and Troubleshooting Linux Wireless Networking Linux Firewalls Using iptables Linux FTP Server Setup Telnet, TFTP and xinetd Secure Remote Logins and File Copying Configuring DNS Dynamic DNS The Apache Web Server Configuring Linux Mail Servers Monitoring Server Performance Advanced MRTG For Linux The NTP Server Network-Based Linux Installation Linux Software RAID Expanding Disk Capacity Managing Disk Usage with Quotas Remote Disk Access with NFS Configuring NIS Centralized Logins Using LDAP and RADIUS Controlling Web Access with Squid Modifying the Kernel to Improve Performance

Dynamic DNS Preparation

Unlike DSL, most cable modem providers may not allow you to host sites at home by blocking inbound HTTP (TCP port 80) and SMTP mail (TCP port 25) while allowing most other TCP traffic through. Many DDNS providers are aware of this and provide a redirect service to bypass the problem. Under the system, Web queries first hit their servers on the regular TCP ports and then these servers automatically redirect

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch19_:_Dynami... 4/5/2011

Quick HOWTO : Ch19 : Dynamic DNS - Linux Home Networking

Page 2 of 7

the Web clients to use the IP address of your server on a different TCP port. Although this works well, it has disadvantages. The cost of the service can make hosting with a $10 /month virtual hosting service look very attractive, and many search engines do not index redirected pages.

Basic MySQL Configuration

LHN Linux Forums - Latest Threads

Testing ISP Connectivity For Your Website

The very first thing you need to do is to determine whether your ISP allows inbound connections on your DSL or cable modem line. The easiest way to do this is to phone them and ask, but in some cases they'll say no when in fact the answer is yes. Here is how you can test it out for yourself.

Setup
You need to do some basic setup tests before testing can begin. 1. Configure and start Apache on your Linux web server as described in Chapter 20, "The Apache Web Server." 2. Connect your Linux server directly to your cable or DSL modem, and configure the Ethernet NIC for DHCP as described in Chapter 3, "Linux Networking.". 3. Make sure you can ping your default gateway. 4. Use the ipconfig command to determine the new IP address of your Web server. (This command is explained Chapter 3 also.). 5. From the Linux Web server itself, try to TELNET to this IP address on port 80 as explained in Chapter 4, "Simple Network Troubleshooting." If you can, then you most likely have Apache configured correctly

Testing From The Internet

You may be able to see web pages from the web server itself. Ask a friend somewhere else on the Internet to try to telnet to this IP address on port 80. If port 80 works, then ask the friend to point a Web browser to the IP address and see whether a valid Web page appears. If your Linux server will eventually be placed behind a firewall, then adjust your network topology accordingly and test port 80 port forwarding to your Web server. If the TELNET to port 80 fails, your ISP probably doesn't allow HTTP access to its networks. Configure your Web server to run on a different TCP port, preferably above 1024. The Apache httpd.conf file uses the listen directive to do this. Change it to your new value and restart httpd.
# httpd.conf listen directive, change "80" to some other value. Listen 80

Test again with telnet on this new port. If it works, try the web browser test too. If the test port is 1234, then use the following URL:
http://server-ip-address:1234

Note: If you are running iptables, remember to adjust the rules to match this new port, or stop iptables temporarily while doing this testing. If you can get a connection with correctly displayed pages on a non standard port then you can additionally sign up for a redirect service with your DDNS provider as explained earlier.

linux firewall, iptables forwarding problem (Redhat / Fedora) Hi, I am new to the linux, but I need to set up a simple firewall for the local network. I have Ubuntu kernel 2.6 installed, two NIC cards with a... Exim compilation with tls (Linux - General Topics) Hi friends can anyone help me with the configuration of tls with exim i want to run my smtp on a secure port (465) It would be great if any... Is a VPN connection possible with a shared server... (Linux - Hardware, Networking & Security) Hi, I live in a country with severe internet restrictions. I've been using witopia.com for my vpn connection. It's been a continual cat and mouse... SAMBA file sharing (Linux - Software, Applications & Programming) I'm currently working with my new samba server [samba2.domain.com] which I will use for file sharing and I have an existing samba/ldap... Problem with my USB modem (Linux General Topics) Hi all, I bought a new USB modem recently.It was containing drivers for both windows and linux(.deb).I installed it in windows and was... iRedmail server can't recieve mails but can send mail . (Linux - Software, Applications & Programming) please iredmail(centos) sever has being working for some time now, but now i can't receive but i can send mail. can some body help me to solve this. Routing Tor through hotspot - an anonymous wifi network at home! (Linux - Software, Applications & Programming) I have a Debian system with two wired NIC and one wireless. I had been using it as a firewall, NAT router and generally to run Snort for fun. I... NAS access via NFS - VPN and Intranet (Linux - Hardware, Networking & Security) Hi to whomever reading this, I've read the LHNchapter 29 but still don't get it. So maybe here is someone who can help me with my problem. I... Internal DDNS configuration. (Linux Hardware, Networking & Security) Hi Guys, I am trying to setup Automatic update of ip's and hostnames in my internal dns server, these Ips are provided by the linux router through... Problem with my virtual console (Linux General Topics) Hi all, I am facing this weird problem with my virtual console. I have ubuntu karmic.9.10. When i start my system, the gnome session... /dev/ttyS0: Device or resource busy (Linux Hardware, Networking & Security) hello to everybody I have Ubuntu Lucid 10.04 installed on my Desktop and I have a PCI serial card in my computer and it has only one serial port....

Test Port Forwarding

If your Linux server will eventually be placed behind a firewall, then adjust your network topology accordingly. Let Apache run on port 80, and test port forwarding from the nonstandard port to port 80 on your Web server from the Internet. One of the features of the curl troubleshooting utility is that it allows you download a Web page's HTML code to your screen without interpreting it. You can determine the external IP address of your router or firewall by logging onto your Linux Web server and issuing the curl command to query the DynDNS.org IP information server. In this case, you are interested in only the line that tells you what the server thinks your IP address is; use the grep command to extract just that part. In this example, the IP address is 24.4.97.110.
[root@bigboy tmp]# curl -s http://checkip.dyndns.org/ | grep -i address <html><head><title>Current IP Check</title></head><body>Current IP Address: 24.4.97.110</body></html> [root@bigboy tmp]#

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch19_:_Dynami... 4/5/2011

Quick HOWTO : Ch19 : Dynamic DNS - Linux Home Networking

Page 3 of 7

Registering DDNS
Once you have decided to go ahead with DDNS you'll need to choose between the broad categories of Dynamic DNS service. Free Dynamic DNS: Your website name will be a sub domain of the DDNS provider's domain. For example if the DDNS provider's domain is isp.net, then your site will become my-site.myisp.net. You can perform all the necessary steps on your DDNS service provider's Web site. Remember that this type of service may be undesirable for a company that wants to establish its own corporate identity. Another disadvantage is that you must rely on your DDNS provider staying in business or else you may lose your domain. When you own your own domain this worry largely goes away as you are fully in control of the DNS registration and renewal process. Another disadvantage is that you must rely on your DDNS provider staying in business or else you may lose your domain. When you own your own domain this worry largely goes away as you are fully in control of the DNS registration and renewal process. Paid Customized DNS: You can register the domain name of your choice and still host your website on a DHCP line. If you choose to create your own domain and use a paid DDNS service then you'll need to follow these steps: 1. Register your domains (such as my-site.com) with such companies as Verisign and RegisterFree. 2. Create an account with the DDNS provider and register your websites (sometimes called hosts) as part of your domain (as in www.my-site.com and mail.my-site.com) with them. Your DDNS registration process will provide you with a username and password which you'll need to use when configuring your DDNS client. 3. Update your domain information with your main DNS registrar (Verisign and RegisterFree) to tell them to direct queries to *.my-site.com to the DNS name servers of the DDNS provider. 4. Install a DDNS client on your web servers that continuously runs, only updating the DDNS provider's DNS servers with the most current DHCP IP address of the site whenever it detects a change. Note: You should also be prepared for slower response times for your home-based site than if you were using a static IP and a regular DNS service.

Install a DDNS Client On Your Server

All DDNS service providers require that you use a DDNS client on your web server that will periodically update the IP address information in your provider's DDNS record. The very popular one DDclient, for example, now comes in a RPM format.

Dynamic DNS And NAT Router/Firewalls

As discussed in Chapter 2, "Introduction to Networking," to conserve the limited number of IP addresses available for Internet purposes, most home router/firewalls use network address translation (NAT) to map a single, public, DHCP-obtained IP address to the many private IP addresses within your network. NAT can fool the operation of some DDNS client software. In these cases, the software can report only the true IP address of the Linux box's NIC interface. If the Linux box is being protected behind a NAT router/firewall, then the NIC reports in its data stream to the DDNS provider a private IP address that no one can reach directly via the Internet. The reported value is therefore invalid. Some DDNS providers use more intelligent clients, such as DDclient, that can be configured to let the DDNS provider record the public IP address from which the data stream is originating. Once this is done, you'll have to also configure your router/firewall to do port forwarding to make all HTTP traffic destined for the IP address of the router/firewall to be exclusively address translated using NAT and forwarded to a single server on your home network. If your firewall is Linux based, then the examples in Chapter 14, "Linux Firewalls Using iptables," will be helpful. Many Web-based small office/home office (SOHO) firewalls have easy interfaces to configure port forwarding, please refer to your manufacturer's manual on how to do this

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch19_:_Dynami... 4/5/2011

Quick HOWTO : Ch19 : Dynamic DNS - Linux Home Networking

Page 4 of 7

DDNS Client Software - SOHO Router / Firewalls

Most new SOHO router/firewalls have built in dynamic DNS clients for one or more of the major DDNS service providers. There is usually a Dynamic DNS web menu which will prompt for the name of the service provider and your DDNS username and password. With this support, there is no need to install software on your web server.

DDNS Client Software - Linux DDclient

One of the most commonly used clients is DDclient, which can overcome the NAT limitations of DDNS by actually logging into your SOHO firewall to determine the latest IP address information. Like most RedHat and Fedora Linux software products, DDclient is available in the RPM format. (If you need a refresher on RPMs, consult Chapter 6, "Installing Linux Software.") You can usually download the software from your DDNS provider, or you can find it at rpmfind.net. The RPM name usually starts with ddclient followed by a version number, as in ddclient-3.6.3-1.noarch.rpm.

The /etc/ddclient.conf file

The ddclient.conf file is usually installed completely commented out, but provides many configuration examples for the most popular DDNS providers. The most important general parameters to configure are: Username: Your DDNS account's login name Password: Your DDNS account's password Use: The method used to determine the IP address to advertise to the DDNS server Some important DDNS provider parameters are Server: The name of the DDNS provider's main DNS server Protocol: The methodology the DDNS client should use to communicate with the DDNS server Your domain: The domain to which your web server will belong You can use the ddclient command to determine the best use parameter to use in the ddclient.conf file. In this example, only the use=web option gives a valid Internet IP address and should be considered as a first option:
[root@bigboy tmp]# ddclient -daemon=0 -query use=if, if=lo address is 127.0.0.1 use=if, if=wlan0 address is 192.168.1.100 use=web, web=dyndns address is 97.158.253.26 [root@bigboy tmp]#

Take a look at a sample configuration. This example specifies a username of my-account-login-name and a password of my-account-password using the dyndns DDNS service provider's settings to track the Web site named mysite-example.dnsalias.com.
# General Parameter Section login=my-account-login-name password=my-account-password # DDNS Provider Parameters Section server=members.dyndns.org, protocol=dyndns2 mysite-example.dnsalias.com \ \

You can add one of the following use lines to the General Parameter Section near the top of the file to define the method that will be used to determine the correct IP address: Query A Well Known Internet Server: The web method queries two well known servers run by DynDNS.org and DNSpark to determine the public Internet IP address of the web server running the DDclient software. This method is the simplest as it requires no further information and handles NAT correctly.
use=web

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch19_:_Dynami... 4/5/2011

Quick HOWTO : Ch19 : Dynamic DNS - Linux Home Networking

Page 5 of 7

Use The IP Address Of A Specific Server NIC : You can also use this option which will query the IP address of the DDclient web server's NIC interface of your choice. This is probably most valuable for servers connected directly to the Internet, and not via NAT
use=if, if=eth0

Login To Your SOHO Firewall For Information: The ddclient.conf file has a list of use statements for various vendor's firewalls. If your model isn't listed, you can create your own parameters as outlined in the ddclient README file. This option is good for NAT environments where the "use=web" option isn't considered a good alternative. After editing your configuration file you'll have to start ddclient as shown in the next section.

How to Get DDclient Started

You can configure DDclient to start at boot time using the chkconfig command:
[root@bigboy tmp]# chkconfig ddclient on

You can start, stop, and restart DDclient after boot time using the DDclient initialization script as in:
[root@bigboy tmp]# service ddclient start [root@bigboy tmp]# service ddclient stop [root@bigboy tmp]# service ddclient restart

Remember to restart the ddclient process every time you make a change to the ddclient.conf file for the changes to take effect on the running process. You can test whether the ddclient process is running with the pgrep command, you should get a response of plain old process ID numbers:
[root@bigboy tmp]# pgrep ddclient

Troubleshooting DDclient
The ddclient -force command will give you an immediate status of whether ddclient has updated your DDNS service provider correctly.
[root@zippy tmp]# ddclient -force SUCCESS: updating test.homelinux.org: good: IP address set to 123.7.265.123 [root@zippy tmp]#

If this fails, use the output of your /var/log/messages file and use it to help you correct any possible configuration errors.

Finding DDclient Help

The DDclient read-me and ddclient.conf files are good sources of information for doing custom configurations and troubleshooting. You can find the read-me file by using DDclient RPMs or the locate command. Use the rpm command to get a list of installed DDclient files, one of which is the read-me file
[root@bigboy tmp]# rpm -ql ddclient ... /usr/doc/ddclient-3.6.3/README ... [root@bigboy tmp]#

Alternately, you can use the locate command to find all the DDclient files:
[root@bigboy tmp]# locate ddclient | grep READ /usr/doc/ddclient-3.6.3/README /usr/doc/ddclient-3.6.3/README.cisco [root@bigboy tmp]#

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch19_:_Dynami... 4/5/2011

Quick HOWTO : Ch19 : Dynamic DNS - Linux Home Networking

Page 6 of 7

If the command doesn't work, try updating your locate database with the locate -u command followed by the locate ddclient command once more:
[root@bigboy tmp]# locate -u

Getting DDclient to Periodically Update

Your DDNS service provider will typically force your entry to expire if it doesn't receive an update within a few months. The easiest way to solve this problem is to use the cron sample file that ddclient provides. Here's how to do it. 1. Use the rpm command to get a list of installed DDclient files, one of which is the cron file . [root@bigboy tmp]# rpm -ql ddclient | grep cron /usr/share/doc/ddclient-3.7.1/sample-etc_cron.d_ddclient [root@bigboy tmp]# 2. Copy the file to the /etc/cron.d directory.
[root@bigboy tmp]# cp /usr/share/doc/ddclient-3.7.1/sample-etc_cron.d_ddclient /etc/cron.d/ddclient.cron

3. Edit the file and uncomment the cron entries,

[root@bigboy tmp]# vi /etc/cron.d/ddclient.cron

4. Restart cron.
[root@bigboy tmp]# service crond restart

This simple modification will allow you to sleep at night without worrying whether ddclient is working correctly!

Testing Your Dynamic DNS

You can test your dynamic DNS by: Looking at the status page of your DNS provider and making sure the IP address that matches your www site is the same as your router/firewall's public IP address. Using the "host www.my-site.com" command from your Linux command prompt to determine whether you are getting a valid response. If you failed to add your host record, you will get an error message like:
[root@bigboy tmp]# host www.my-site.com Server: 127.0.0.1 Address: 127.0.0.1#53 ** server can't find www.my-site.com: NXDOMAIN

This error could be because your domain hasn't propagated fully throughout the Internet. You can test to make sure everything is okay by forcing NS lookup to query the name servers directly. The example below queries the miniDNS name server ns1.minidns.net:
[root@bigboy tmp]# host www.my-site.com ns1.minidns.net www.my-site.com has address 97.158.253.26 [root@bigboy tmp]#

Conclusion
Always remember that dynamic DNS works, but it is frequently unreliable as residential class broadband data circuits are not monitored, maintained, or managed as closely as business class lines. It is a good starting place to help you become familiar with Web hosting, but as your Web site becomes busier and more financially important to you, you may need to consider a regular data center far away from spilt coffee and the washing machine that always trips the circuit breakers. Retrieved from "http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch19_:_Dynamic_DNS"

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch19_:_Dynami... 4/5/2011

Quick HOWTO : Ch19 : Dynamic DNS - Linux Home Networking

Page 7 of 7

This page was last modified on 17 November 2010, at 06:30. Content is available under Attribution-NonCommercial-NoDerivs 2.5 .

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch19_:_Dynami... 4/5/2011