Dynamic IP servers

From

Revision as of 19:34, 7 February 2012 by Perspectoff (Talk | contribs)
(diff) ← Older revision | Current revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Contents

Dynamic IP servers

I used to like the DynDNS service because they are one of the oldest (and in the past had completely free services available). Although these examples use this service, there are other services that can be used with similar setups (and some are still completely free).

Single URL and a DynDNS-capable router

My router happens to have a built-in updater for DynDNS (and for TZO). In the DDNS section of the router configuration, I can set the name of a single URL I have registered with DynDNS (or TZO), along with the username and password I have previously set up at DynDNS.com. The router does the rest automatically for me. If you are using a single URL and have a similar router capability, then this will be the easiest setup by far. First register for a username (with password) at DynDNS (or TZO) and set the URL name there that the server on your host will use. Then input the information into your router's configuration page. The router will do the rest.

Multiple URLs

I use multiple URLs because I run multiple webservers from my host computer. However, the router I currently use only allows me to update one of the URLs. I therefore need an updater program in order to update all of the URLs at the same time.

ddclient

ddclient is a perl-based client that updates the DynDNS (or other dynamic IP DNS service) database to keep track of your host computer's changing dynamic IP address. DynDNS is a public DNS server, and will match your URL name to whichever (current) dynamic IP address that the ddclient sends to DynDNS. Setup will be easiest if you register for a username/password at DynDNS.com (or other dynamic IP DNS service) and set up your desired URLs there, first. Then install the updater client program:

sudo apt-get install ddclient
If this is the first time you have installed ddclient, you will be prompted for the URL(s) you registered with DynDNS.com (or other dynamic IP DNS service). You will also be prompted for the username/password your registered with DynDNS.com. Lastly, you will be asked which ethernet port your primarily use to connect to the Internet (eth0 for wired, wlan0 for wireless, usually).

The system will function with no further setup if you input the variables correctly. See this DynDNS page for instructions on additional customizations available for use with DynDNS.

  • If you have an old OS version, only the ddclient v. 3.8.0 or earlier may be available. Version 3.8.1 or later worked better for me, so I recommend obtaining a more recent Debian package:
  • ddclient can be made to push update settings from the command line:
sudo ddclient --force

Edit ddclient configuration

  • Edit the ddclient configuration file (use kate instead of nano in Kubuntu, or gedit instead of nano in Ubuntu):
sudo nano /etc/ddclient.conf
  • To set the number of seconds between updates, I add the line
daemon=3600
My dynamic IP only changes rarely, so I only check it hourly (3600 seconds in an hour).
  • To use secure SSL communications, I add the line
ssl=yes
  • To use the DynDNS checkip service (which will autodetect your current IP address), I add the line
use=web, web=checkip.dyndns.com/, web-skip='IP Address'
  • An alternative is
use=web, web=checkip.amazonaws.com

My configuration file now looks like:

# Configuration file for ddclient generated by debconf
#
# /etc/ddclient.conf
#
# Check the current IP address. Either check the eth0 port for its current IP address (can't be used on a LAN),
# or use the DynDNS IP checking service.
daemon=3600
pid=/var/run/ddclient.pid
#use=if, if=eth0
use=web, web=checkip.dyndns.com/, web-skip='IP Address'
# or use the alternative
#use=web, web=checkip.amazonaws.com
#
# Login and change the values at the DynDNS site, using SSL.
protocol=dyndns2
ssl=yes
server=members.dyndns.org
login=myDynDNSusername
password='myDynDNSuserpassword'
mysite_1.dynds.org, mysite_2.dyndns.org, mysite_3.dyndns.org
# Some providers require single word subhost names
#mysite_1, mysite_2, mysite_3
Note that the password must be enclosed in quotation marks, e.g 'myDynDNSuserpassword' , and the subhosts in the last line must be separated by commas.
  • Some DNS providers require single words for the subhost names.
  • Ensure that the configuration is working:
sudo ddclient -daemon=0 -debug -verbose -noquiet
  • Note that you can add additional services and/or domain names to be updated simply by adding an additional block to the configuration file (appropriate for the service). Here is an example (see below for references to additional examples).
protocol=otherDDNSservice
server=whatever.ddnsservice.org
login=MyOtherDDNSserviceusername
password='MyOtherDDNSservicepassword'
mysite4.dnsservice.org, mysite5.dnsservice.org
# Some providers require single word subhost names
#mysite4, mysite5
  • Restart the ddclient service after editing configuration files:
sudo /etc/init.d/ddclient restart
or, in some newer OS versions:
sudo service ddclient restart
Run ddclient using cron

Cron is the automatic task scheduler for Linux systems. Although ddclient runs as a daemon, for various reasons I have found it necessary to force an update at least once a day. This can be done as a daily scheduled task, using cron. See here for a full description of cron and its options or Ubuntu Community Help.

  • Edit the crontab with administrative (root) privileges:
sudo crontab -e
  • Add the line:
45 04 * * * /etc/init.d/ddclient --force
This will run ddclient and force an update daily at 0400 (actually at 04:45).
  • I also happen to like to reboot the machine weekly on Tuesday (day 2 of the week) nights at 1:30 am, so I add the line:
30 01 * * 2 reboot
Clearly this is a personal preference and is optional.

Other DDNS services

  • Using ddclient with Namecheap can be quirky. I needed ddclient v. 3.8.1 or later (see above). Subhost names (in both the Namecheap settings and the ddclient subhost list) must be single words (e.g. mysubhost). The ddclient did not successfully update subhosts with the same name (e.g. www or mail or @) in multiple domains in Namecheap.
  • The easiest solution is to dynamically update (using ddclient) the "www" field for one domain only (e.g myhost1.me). For all the other domains, use a "CNAME redirect" to point to the www.myhost1.me. address of the single domain whose "www" field updates dynamically. CNAME redirections change only the destination IP address; the URLs (of the referring subdomains) are kept the same.
  • Another alternative is to use unique subdomain names and then forward the www entry (using a "URL forward") in the Namecheap settings for one host to a subdomain (e.g. the subhost main in the Namecheap settings, which would correspond of a "URL forward" to http://main.myhost1.me for the first host's www entry) and forward the www entry in the Namecheap settings for the second host to a different subdomain (e.g. the subhost home in the Namecheap settings, which would correspond of a "URL forward" to http://home.myhost2.me for the second host's www entry). This changes the URL to the subdomain's URL, so your server must be able to handle the new URL (through virtual host files/redirects or .htaccess files). This entails a bit more effort than with the first solution.
  • Note: It is tempting to try to forward the "www" field of a domain to a dynamically-updating subhost field, but Namecheap does not allow CNAME redirection to a subhost in the same domain.
  • It is then easiest to redirect the @ field's setting (in Namecheap) to the www field setting (using a "URL redirect" to http://www.myhost1.me). This changes the URL http://myhost1.me to http://www.myhost1.me while redirecting it, for example.
  • An alternative is, in the @ field setting, to use a CNAME redirection, e.g. to www.myhost1.me., which will preserve the http://myhost1.me URL while redirecting to the IP address specified by the contents of the www field. This latter method must be accomodated by adjusting the appropriate virtual host file on your server (see the examples below) to accept both http://myhost1.me and http://www.myhost1.me.
  • Choose a Dynamic DNS Registrar that is reputable and whom you trust. A Dynamic DNS provider is able to redirect your server traffic to an anonymous IP address by using a type of "man-in-the-middle" redirection (and thereby potentially could intercept your communications). This can be an obvious security risk. Always use SSL/TLS and/or SASL authentication with security certificates, and be sure to encrypt any email that has confidential information in it.

Other Dynamic DNS updater clients

  • IPcheck is a Python-based client/script to update a dynamic IP address with a Dynamic DNS-capable registrar. Install:
sudo apt-get install ipcheck
  • Inadyn is a client/script to update a dynamic IP address with several Dynamic DNS-capable registrars. Install:
sudo apt-get install inadyn
  • EZ-IPUpdate is a client/script to update a dynamic IP address with several Dynamic DNS-capable registrars. (The website for this package may or may not be functional.) Install:
sudo apt-get install ez-ipupdate
  • DynDns is another perl-based client/script to update a dynamic IP address with a Dynamic DNS-capable registrar. Install:
sudo apt-get install dyndns
  • Zoneclient is another Python-based script to update a dynamic IP address with a Dynamic DNS-capable registrar.

Redirecting a URL

Most free Dynamic DNS providers allow only 1 or 2 free URLs, and they usually include the domain name of the provider itself. For example, DynDNS domains are often of the format mydomain.dyndns.org or something similar.

If you have registered a URL with a different DNS registrar, it can be forwarded to the free URL created at the dynamic DNS provider. (The Dynamic DNS providers (e.g. DynDNS) hope that you will register your URL with them, of course, so that they can make money.)

The dynamic domain URL (e.g. mydomain.dyndns.org) points to the numeric IP address of your location (router/computer). When traffic is routed to this dynamic domain URL, it is then re-rerouted to the correct numeric IP address. This can be a transparent process and, if desired, it is not necessary to reference the dynamic URL except in the forwarding rules from the original DNS registrar to the Dynamic DNS registrar (e.g. DynDNS).

Using forwarding rules, an infinite number of URLs can be forwarded to a single dynamic URL. The primary host that resides at the destination IP address must then resolve the forwarded URLs (using virtual host or .htaccess files) and direct them to the appropriate server on the computer (or LAN).

CNAME aliases

Different DNS registrars have different methods of forwarding a URL, but in general there is one method common to all of them: CNAME aliases (also known as a "CNAME redirect").

If you have a URL registered with a DNS registrar, go to the DNS settings for your domain name. Delete any A records (or other entries) and use only CNAME entries.

For example, let's say my free Dynamic DNS URL is mydomain.dyndns.org (at DynDNS.com). My domain URL is mydomain.me, registered at SuperDuper DNS Registrar.

Logging into SuperDuper DNS Registrar, I edit the DNS settings for mydomain.me (which in my control panel is found under Manage DNS). I make sure I have these entries:

Name Type Content
@ CNAME mydomain.dyndns.org.
www CNAME mydomain.dyndns.org.

The period ("full stop") at the end of the URL is important to designate that the CNAME is a FQDN (fully qualified domain name). A CNAME should not have "http://" in it. The @ symbol indicates a URL name without the first segment, e.g. the URL mydomain.me by itself.

  • Using CNAME aliasing (a "CNAME redirect"), the original URL is retained in the browser; only the destination IP address is changed. The URL arrives at the server unchanged. It is up to you (using virtual host files or Rewrite rules in the .htaccess files of Apache, for example) if you wish to massage the URL at your server (to change it to a canonical name) or redirect it.

URL forwarding

Some domain name registrars have a URL forwarding option. The method of implementation varies from provider to provider, however, and (depending on the DNS registrar) is often not as reliable as CNAME aliases. URL forwarding may be enabled using a DNS setting (similar to a CNAME alias) such as "URL redirect" or it may be in the form of a "Web forwarding" or "Webhop" service. Check with your DNS registrar for specific instructions. Generally the URL is forwarded to a new URL (e.g. http://newdestination.newhost.me).

  • Using URL forwarding, the URL in the browser is changed completely (to the new URL specified). Your server's .htaccess or virtual host files must be expecting the new URL (and be able to handle it appropriately).

Examples

Multiple domain name URLs, single Dynamic URL

I have 3 servers on my host, each using a different domain name:

  • mysite_1.mydomain.org is registered at MasterBlaster DNS Registrar.
  • mysite_2.mydomain.org is registered at MasterBlaster DNS Registrar.
  • mysite_3.myotherdomain.me is registered at Felix DNS Registrar. This site can also be accessed as myotherdomain.me and www.myotherdomain.me.

I registered a free Dynamic URL at DynDNS and using ddclient make sure it is forwarded to my dynamic IP address (using the instructions above):

  • bagoftricks.dyndns.org

At MasterBlaster DNS Registrar I set up CNAME forwarding for mydomain.org:

Name Type Content
mysite_1 CNAME bagoftricks.dyndns.org.
mysite_2 CNAME bagoftricks.dyndns.org.

At Felix DNS Registrar I set up CNAME forwarding for myotherdomain.me:

Name Type Content
@ CNAME bagoftricks.dyndns.org.
www CNAME bagoftricks.dyndns.org.
mysite_3 CNAME bagoftricks.dyndns.org.

On the host computer on my LAN to which incoming port 80 and 443 traffic is initially directed (by the router), I use Apache virtual host files for each of the incoming URLs.

  • For example, mysite_3.myotherdomain.me is a MediaWiki website stored at /etc/mediawiki/mysite_3. There is a symbolic link from /var/www/MySite_3 to /etc/mediawiki/mysite_3, which was created:
sudo ln -s /etc/mediawiki/mysite_3 /var/www/MySite_3

A virtual host configuration file named MySite3 was then created in /etc/apache2/sites-available (use gedit instead of kate in Ubuntu):

sudo kate /etc/apache2/sites-available/MySite3

and the settings created:

<VirtualHost *:80>
#
UseCanonicalName off
#
DocumentRoot /var/www/MySite_3
DirectoryIndex index.php index.html
#
ServerName mysite3.myotherdomain.me
## We want to be able to access the web site using foobar1.dyndns.org or www.foobar1.dyndns.org
ServerAlias  www.myotherdomain.me myotherdomain.me  
ServerAdmin webmaster@localhost
#
RewriteEngine On
#
<Directory /var/www/MySite_3>
 Options Indexes FollowSymLinks MultiViews
 Options FollowSymLinks MultiViews
 # AllowOverride None
 Order allow,deny
 allow from all
</Directory>
#
</VirtualHost>
The virtual host file was made active and Apache restarted:
sudo ln -s /etc/apache2/sites-available/MySite3 /etc/apache2/sites-enabled/MySite3
sudo /etc/init.d/apache2 restart
  • Mysite_1 is a Drupal6 website stored at /etc/drupal/6/sites/mysite_1.mydomain.org. There is a symbolic link from /etc/drupal/6/sites/mysite_1.mydomain.org to /var/www/MySite_1, which was created:
sudo ln -s /etc/drupal/6/sites/mysite_1.mydomain.org /var/www/MySite_1

A virtual host configuration file named MySite1 was then created in /etc/apache2/sites-available (use gedit instead of kate in Ubuntu):

sudo kate /etc/apache2/sites-available/MySite1

and the settings created:

<VirtualHost *:80>
#
UseCanonicalName off
#
DocumentRoot /var/www/MySite_1
DirectoryIndex index.php index.html
#
ServerName mysite_1.mydomain.org
## We want to be able to access the web site using foobar1.dyndns.org or www.foobar1.dyndns.org
ServerAlias  mysite_1.mydomain.org  
ServerAdmin webmaster@localhost
#
RewriteEngine On
#
<Directory /var/www/MySite_1>
 Options Indexes FollowSymLinks MultiViews
 Options FollowSymLinks MultiViews
 # AllowOverride None
 Order allow,deny
 allow from all
</Directory>
#
</VirtualHost>
The virtual host file was made active and Apache restarted:
sudo ln -s /etc/apache2/sites-available/MySite1 /etc/apache2/sites-enabled/MySite1
sudo /etc/init.d/apache2 restart
  • Similarly, Mysite_2 is a MediaWiki website stored at /etc/mediawiki/mysite_2. There is a symbolic link from /etc/mediawiki/mysite_2 to /var/www/MySite_2, which was created:
sudo ln -s /etc/mediawiki/mysite_2 /var/www/MySite_2

A virtual host configuration file named MySite2 was then created in /etc/apache2/sites-available (use gedit instead of kate in Ubuntu):

sudo kate /etc/apache2/sites-available/MySite2

and the settings created:

<VirtualHost *:80>
#
UseCanonicalName off
#
DocumentRoot /var/www/MySite_2
DirectoryIndex index.php index.html
#
ServerName mysite_2.mydomain.org
## We want to be able to access the web site using foobar1.dyndns.org or www.foobar1.dyndns.org
ServerAlias  mysite_2.mydomain.org  
ServerAdmin webmaster@localhost
#
RewriteEngine On
#
<Directory /var/www/MySite_2>
 Options Indexes FollowSymLinks MultiViews
 Options FollowSymLinks MultiViews
 # AllowOverride None
 Order allow,deny
 allow from all
</Directory>
#
</VirtualHost>
The virtual host file was made active and Apache restarted:
sudo ln -s /etc/apache2/sites-available/MySite2 /etc/apache2/sites-enabled/MySite2
sudo /etc/init.d/apache2 restart
  • If the servers are on different computers on the LAN, then Apache reverse proxy virtual host files should be used.

Troubleshooting

  • When using mutliple virtual host files, I might get the error:
Forbidden
You don't have permission to access / on this server.
Apache/2.2.12 (Ubuntu) Server at mysubhost.myhost.me Port 80

This occurred because I had two Apache2 virtual hosts competing for the same domain name in the ServerAlias line. In one virtual host file, I had:

ServerAlias mysubhost.myhost.me
but in the other virtual host file I had a wildcard entry:
ServerAlias *.myhost.me

This caused a conflict in Apache2. Removing the wildcard entry (with the *) solved the problem for me (after restarting Apache2 with sudo /etc/init.d/apache2 restart, of course).

Personal tools
Sponsor
  System76