dyndns changes

Discussion in 'Home Networking' started by Mike Scott, Jun 30, 2013.

  1. Mike Scott

    Mike Scott Guest

    I seem to have come unstuck in using dyndns. For some years, I've been
    using their free service to provide a target for my domain's MX record.
    They used to require the address to be updated monthly (or thereabouts)
    to keep it live; all worked well. Now they've changed the rules, and
    require that one log into the accounts area monthly instead. Tedious,
    and if I'm away when the 5-day warning appears, that would be just too bad.

    I have now registered with no-ip, who don't (yet) seem to have gone this
    route. Unfortunately, it seems my netgear router won't handle no-ip - it
    offers a choice of dyndns, and take it or leave it.

    I could run a no-ip client on the freebsd server I keep running 24/7,
    but as that's only on my LAN, it doesn't know my WAN address, and I
    can't see a reliable way for it to obtain this.

    The netgear dg384g doesn't seem to have a way to act as modem only
    (which is all I really need; the fbsd box acts as router and firewall).

    Short of buying a modem or paying dyndns significant dosh (I'd not mind
    a token amount), I seem stuck.

    Any thoughts please?
     
    Mike Scott, Jun 30, 2013
    #1
    1. Advertisements

  2. I'd go ahead and plug in the no-ip client on your server.

    If memory serves correctly the client at your end combined with the
    software at the no-ip end are able to determine the WAN IP address even
    if your server is behind a router thus making the ability to update the
    no-ip DNS servers possible with your current WAN IP.

    Other than the above I'd look into a cheap router that is on the dd-wrt
    approved list and upgrade it to use their firmware which should have
    more options than just dyndns.

    The approved list can be found at;
    http://www.dd-wrt.com/wiki/index.php/Supported_Devices

    Many times Linksys or other supposedly outdated routers can be had for
    next to nothing especially if you check the recycling shops or charities
    which accept electronics. If it is on the approved list you should be
    able to upgrade it to use dd-wrt which usually comes with a broader
    range of options.
     
    GlowingBlueMist, Jun 30, 2013
    #2
    1. Advertisements

  3. Mike Scott

    Bernard Peek Guest

    When the client contacts no-ip the request will be NATed by your router.
    This involves stripping out the private IP address and substituting its
    own external address. This and the name of your domain is all that no-ip
    needs to know,
     
    Bernard Peek, Jun 30, 2013
    #3
  4. Mike Scott

    Mike Scott Guest

    Yes, thanks (and to B.P.) for pointing out I'd missed this. It does of
    course work.

    OTOH, there's no ready way for hosts on the LAN to detect when the WAN
    address changes (although maybe I could write something nasty that
    inspected icmp packets). I assume that the 'noip2' program can detect
    when the host's NIC changes address, and force an update. That doesn't
    apply here. I doubt no-ip would be happy with frequent checks, and my
    email system (I run sendmail here, now using a dyndns name as the MX for
    my domain name) needs the DNS to be pretty well up-to-date, or I'll be
    losing emails.

    I'd wondered about this code; it's always seemed a bit fraught though.
    But I'll take another look; thanks for the reminder.
    That's actually where I got the netgear - charity shop. But not
    supported by ddwrt.
     
    Mike Scott, Jun 30, 2013
    #4
  5. Mike Scott

    Chris Davies Guest

    I doubt they'd even notice a regular and frequent DNS lookup amongst
    the rest of the traffic they're handling. One packet a minute...? JDI.

    Chris
     
    Chris Davies, Jul 1, 2013
    #5
  6. Mike Scott

    Mike Scott Guest

    Mmm. Maybe, maybe not. If I recall, I did upset the dyndns people in the
    early days with more or less that - their web software checked the
    request rate, and I'd got the client caching turned off in error.

    I had thought icmp would offer a usable route trace from a lightweight
    probe, but can't see how to make this happen. Certainly traceroute only
    gives the router's lan address.

    Nasty fallback option is a script to log into the router and ask it for
    the wan address, then run noip2 'single shot' as needed. Will work, but
    seems a heavyweight solution, but at least the client would be readily
    changeable.
     
    Mike Scott, Jul 1, 2013
    #6
  7. Mike Scott

    Tony Guest

    I use this,

    dig +short @resolver1.opendns.com myip.opendns.com

    every 2 minutes, and they don't seem to mind.

    --
    Tony Evans
    Saving trees and wasting electrons since 1993
    blog -> http://perceptionistruth.com/
    books -> http://www.bookthing.co.uk/
    [ anything below this line wasn't written by me ]
     
    Tony, Jul 1, 2013
    #7
  8. Mike Scott

    Chris Davies Guest

    That would have been for the update client, surely? It's far easier
    to check the current IP address via DNS. You can even go via Google's
    8.8.8.8 if you want to, as that seems to honour DNS TTLs pretty
    accurately.

    #!/bin/sh
    #
    MY_DOMAIN=whatever.example.net
    host "$MY_DOMAIN" | awk '/address/ {print $NF; exit}'

    Oh, I think I see. You want to tell your No-IP updater program that the
    IP address has changed? I don't think you need to do that - the update
    client offered by No-IP seems already to include this feature. See
    http://www.noip.com/downloads.php?page=linux

    Chris
     
    Chris Davies, Jul 1, 2013
    #8
  9. On 2013.06.30 15:50:21,
    the amazing <> declared:

    This is an easy way to get your WAN IP from Dyn:

    #!/bin/sh
    IP=$(curl http://checkip.dyndns.com 2>/dev/null)
    IP=${IP##*Address: }
    IP=${IP%%<*}
    echo $IP

    <snip!>
     
    Nollaig MacKenzie, Jul 2, 2013
    #9
  10. Mike Scott

    Mike Scott Guest

    I think we're at cross-purposes here. (My fault, as others are making a
    similar comment).

    I don't have an issue resolving a dynamic domain name. It's what dns is
    for. The problem is that if BT changes my ip address, that won't match
    the domain name. AIUI if the client software runs on the machine whose
    interface is allocated that number, then the client can be notified by
    the kernel when that ip changes, and can then contact the dynamic dns
    server to get the name updated only when needed.

    In my case, the active client runs on the router and won't talk to
    no-ip. My freebsd box's interface is a LAN segment, and the box isn't
    aware(*) of changes on the WAN side of the router. One solution is
    simply to run a client on the fbsd box every minute - which would upset
    the good people at the server end for making unnecessary accesses.


    (*) I have now cobbled together a perl script that reads the router's
    status page once a minute, checks whether the address has changed, and
    runs the noip2 client only if necessary. The side effect is I can't log
    into the router any more - the script needs to log in to get the info
    and there's no logout, just a timeout: accessing from another lan
    address fails. Also, it doubles the delay in getting the dns updated -
    up to a minute for my code to react, then a minute for the dns ttl to
    expire.

    That's right - except I can only run the noip2 client on the LAN, so it
    cannot tell when the WAN ip changes - which is where the problem lies.



    BTW, I've been trying to create a dnsdynamic account too, but the
    account creation seems to mess up. Are they still operational? They use
    ddclient, which seems able to do its own checks on at least some
    routers, which is at least tidier, and must be better tested than my own
    code!!


    Oh, and does anyone know if tp-link modem/routers are "OK"? They seem
    very cheap, and I suspect from the manual's pictures they support no-ip
    (but can anyone confirm this please? The doc's aren't explicit.) reviews
    seem mixed.


    Thanks all.
     
    Mike Scott, Jul 2, 2013
    #10
  11. Mike Scott

    Chris Davies Guest

    The noip2 client manages this for you. (It's the "update" parameter -
    in minutes.)

    Chris
     
    Chris Davies, Jul 2, 2013
    #11
  12. Mike Scott

    Chris Davies Guest

    curl http://checkip.dyndns.com
    <html><head><title>Current IP Check</title></head><body>Current IP Address: 192.168.1.5</body></html>

    Hmmm
    Chris
     
    Chris Davies, Jul 2, 2013
    #12
  13. Mike Scott

    Mike Scott Guest

    (depending on your shell, of course.)
    mike@spock:~$ curl http://checkip.dyndns.com
    <html><head><title>Current IP Check</title></head><body>Current IP
    Address: 86.147.66.192</body></html>

    That from a machine on my lan.
     
    Mike Scott, Jul 2, 2013
    #13
  14. Mike Scott

    Mike Scott Guest


    Presumably by asking a web site somewhere, as does ddclient. (The noip2
    help info is a tad cryptic I feel). But either will have a delay of up
    to the polling time period. Then add in the TTL of the DNS entries, and
    it starts to build up.

    OTOH, the software I used to run when I had a cable modem connected
    straight to my freebsd box had hooks into the OS somehow - it did
    nothing until the OS notified it the IP address had changed. No polling,
    and just the TTL to wait.


    I've managed now to register with dnsdynamic as well as no-ip; I've
    ordered a cheap tp-link router that apparently offers a bridging mode as
    well as (AFAICT) supporting no-ip. Assuming it actually works, I can try
    bridge plus a fbsd client; or drop back to using it as a router. Either
    way, I'll keep /both/ the ddns names active in case either supplier
    pulls the same stunt that dyndns has.

    Thanks toi all for comments; I'll followup with comments when the
    tp-link has arrived in a few days.
     
    Mike Scott, Jul 2, 2013
    #14
  15. Yes - sorry, fingers faster than brain.
    My lan is 192.168.0.(whatever), and I get:

    $ curl http://checkip.dyndns.com 2>/dev/null
    <html><head><title>Current IP Check</title>
    </head><body>Current IP Address: 184.151.153.216</body></html>

    Wonder if it matters that I pay Bell Canada to have an external IP?
    Clearly there's more to this than I know.
     
    Nollaig MacKenzie, Jul 3, 2013
    #15
  16. Mike Scott

    PeeGee Guest

    Don't know if this is any help, but the following are the parameters
    from a Thomson TG585 "ini" file

    name=dyndns server=members.dyndns.org port=www-http request=/nic/update
    updateinterval=2097120 retryinterval=30 max_retry=3

    name=No-IP server=dynupdate.no-ip.com port=www-http
    request=/ducupdate.php updateinterval=86400 retryinterval=30 max_retry=3

    A simple save/restore of the configuration with an edit to change the
    data may work - no guarantees, though!

    --
    PeeGee

    "Nothing should be able to load itself onto a computer without the
    knowledge or consent of the computer user. Software should also be able
    to be removed from a computer easily."
    Peter Cullen, Microsoft Chief Privacy Strategist (Computing 18 Aug 05)
     
    PeeGee, Jul 3, 2013
    #16
  17. Mike Scott

    Chris Davies Guest


    Further investigation suggests that the remote server uses the
    X-Forwarded-For header inserted by my local squid proxy in preference
    to the real IP address.

    $ http_proxy= curl -s http://checkip.dyndns.com | tr -dc '[0-9.]'; echo
    188.222.203.136
    $ curl -s http://checkip.dyndns.com | tr -dc '[0-9.]'; echo
    192.168.130.5

    And potentially more scarily,

    curl -H 'X-Forwarded-For: 86.147.66.192' -s http://checkip.dyndns.com
    <html><head><title>Current IP Check</title></head><body>Current IP Address: 86.147.66.192</body></html>


    I have recently discovered a number of web forums doing this, too,
    which means I get automatically and immediatedly banned for using an
    "invalid" IP address. Even before logging in. Sigh.

    I wonder how many websites use IP-based "security"...?

    Chris
     
    Chris Davies, Jul 3, 2013
    #17
  18. Mike Scott

    Mike Scott Guest

    On 03/07/13 09:06, PeeGee wrote:
    .....
    Nice thought, thanks. Checking a config file for the netgear reveals:

    #< Dynnamic DNS >
    # 0:eek:ff 1:eek:n
    [130001]"Use a Dynamic DNS Service"=1
    [130002]"Host Name"=XXXXXXX
    [130003]"User Name"=XXXXXXX
    [130004]"Password"=XXXXXXX
    # 0:eek:ff 1:eek:n
    [130005]"Use Wildcards"=0


    I love the mis-spelling! But it clearly has no notion of different
    providers, in spite of the drop-down box with its one entry.

    Ah well.

    As noted elsewhere in this thread, I've ordered a really cheap tp-link
    (td-8616) and will see how well this works. It seems to support no-ip;
    if not, I'll use it as a cheap modem (if it syncs up at a decent speed.
    I've noticed since changing to BT, my netgear now syncs at 14Mb instead
    of 12Mb. Interesting, given the copper is the same.)
     
    Mike Scott, Jul 4, 2013
    #18
  19. Mike Scott

    PeeGee Guest

    The TP-Link units support no-ip and the 8616 (like the 8816 I have)
    supports bridge mode as well (if you need it). Annoyingly, there is no
    user configured option and the config file is binary, so changing the
    dyndns parameters to the dns-o-matic set is not an option (which I did
    with the Thomson 585).

    --
    PeeGee

    "Nothing should be able to load itself onto a computer without the
    knowledge or consent of the computer user. Software should also be able
    to be removed from a computer easily."
    Peter Cullen, Microsoft Chief Privacy Strategist (Computing 18 Aug 05)
     
    PeeGee, Jul 4, 2013
    #19
  20. Mike Scott

    Mike Scott Guest

    On 04/07/13 09:08, PeeGee wrote:
    .....
    A final note. Mea culpa, the model number is td-8816 not as I wrote
    (brain fever - I did the same in the amazon review).

    IT nearly worked - just dropped the line every few hours for no good
    reason (the netgear works fine). So back it's gone. (The web setup pages
    were slow, slow, slow, too. STB something to do with an unreachable time
    server; but IMBW) On the plus side, their support people do respond to
    emails, but couldn't offer any useful help.

    Meanwhile, I've found that ddclient supports no-ip, and can be set to
    get the address from my netgear (unlike noip2), so the netgear is
    reinstated. What a waste of effort.

    But thanks to all for comments.
     
    Mike Scott, Jul 13, 2013
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.