Forums/OpenDNS Community/FAQ: Networks with Dynamic IP Addresses

Dynamic IP Addresses : Technical Detail and FAQ

mattp1
posted this on December 20, 2013 14:50

Dynamic IP: Technical Details and FAQ

General Information for Updater Clients 

 

Technical Details

OpenDNS accounts work with dynamic IP addresses through Dynamic DNS (DDNS), if you use a DDNS software client.

For software information go to the downloads page.  There's a client for Windows, Mac OSX and Linux: https://support.opendns.com/entries/23282614

When using OpenDNS, the purpose of dynamic DNS is to preserve your OpenDNS preferences if your ISP or network operator changes your IP address.

What is dynamic DNS (DDNS)?

Many people get a dynamic Internet Protocol (IP) address assigned to them by their ISP or network operator.  The alternative is a static IP address.  If you're not sure which one you have, you likely have a dynamic IP address but contact your ISP to be sure. 

It is difficult for public Internet resources to know how to find a webserver or mailserver or other Internet-addressable resource located at a dynamic IP address. DDNS provides a workaround, giving an individual a method of registering their current IP address with a third-party service on the web so they are publicly accessible and addressable, even as their IP address changes over time.

The below information still holds true, but DNS-O-Matic, a free service from OpenDNS, gives you an easy way to distribute your dynamic IP changes to multiple services with a single update. Keep dynamic DNS hostnames and OpenDNS updated at the same time.

 

OpenDNS Dynamic DNS FAQ 

 

Downloading Top Domains Data Greater Than 200 Records

 

OpenDNS provides a tool called fetchstats to enable OpenDNS Administrators to download the Top Domains log data that has been collected for a network. Fetchstats is useful when downloading data ranges that are greater than 200 records, which is the file-size limit for an online download from the OpenDNS Stats page.

The fetchstats tool is available for Linux and Microsoft operating systems and both use the following arguments: 

  • <username> - the email address of the OpenDNS Administrator for the network
  • <network-id> - the numerical id of network; found in URL of network’s Dashboard settings page
  • <YYYY-MM-DD> - the first day of the report
  • [<YYYY-MM-DD>] - the optional last day of the report

For more information about using fetchstats, click or copy one of the following links: 
Linux: https://github.com/opendns/opendns-fetchstats/blob/master/README#L5 
Microsoft: https://github.com/opendns/opendns-fetchstats/blob/master/fetchstat... 

To download the fetchstats tool click on or copy one of the following links: 
Linux: https://github.com/opendns/opendns-fetchstats/raw/master/fetchstats 
Microsoft: https://github.com/opendns/opendns-fetchstats/raw/master/fetchstats... 

Note: The OpenDNS password for the network being accessed is required to access fetchstats and to proceed with the data download.

Fetchstats is made available by OpenDNS, but is not directly supported. Use of the tool is at your own risk.

 

Error Messages 

If you have received one of the following Error Messages while navigating the Internet or using OpenDNS, expand the message to understand the cause of the error and the known solutions to resolve it.

 

Dashboard Login Failure

If you experience problems when attempting to log in to the OpenDNS Dashboard, verify that you are accepting cookies from OpenDNS. If cookies are enabled and problems persist, try clearing the cache and the cookies of your Internet browser and retry.

SERVFAIL

The SERVFAIL error indicates that the nameserver of the requested domain is experiencing an internal error. OpenDNS servers are able to reach the domain but are unable to communicate with the specific nameserver. This can be the result of a few conditions such as unusually high traffic on that particular server. The only solution is to keep trying or try again later.

Network Already Exists / IP Address Taken by Another User / !Yours

These 3 errors are related to networks that use dynamic IP addresses, which have been or are currently registered with OpenDNS by another account holder.

The Network Already Exists error occurs when the IP address of your network was, at one time, previously registered with OpenDNS by a different account holder. Because many networks use dynamic IP addresses, the IP address is now assigned to your network, but still linked to the original OpenDNS account holder.

The Your IP Address Taken or !Yours errors usually occur when updating your network IP address with the OpenDNS client-side IP updater. The conflict arises when the IP address being updated falls into one of the following two scenarios: 

  1. Actual address is registered to another OpenDNS account holder.
  2. The IP address falls in the range of a larger netblock, which is registered with another OpenDNS account holder.

When these network conflicts occurs, not all OpenDNS features can be fully configured on your network, though you will still be using OpenDNS servers and benefiting from our fast, secure and reliable Internet experience.

To resolve this issue, please contact us with details. Be sure and include the following: 

  • The error message
  • Your full name
  • The email address used to create the account
  • Your current IP address, found at the top of the OpenDNS home page

DNS and HTTP IP Address Mismatch (Content Filtering Not Working)

You may receive this error if you have just configured OpenDNS and are testing your configuration at our Welcome to OpenDNS test page. Typically, this issue will rectify itself within 3-5 minutes as the OpenDNS network registers your new network.

If it appears that your Web content filtering settings are no longer being applied to your network, and you have flushed DNS cache, this error is likely the result of an IP address conflict.

This error occurs when OpenDNS sees two different IP addresses: one IP address for DNS requests and a different IP address for HTTP (Web browsing) requests.

In rare cases, this error can occur if your IP address changed as the check for a new IP address was being conducted. However, in many situations this error occurs when your Internet connection is being sent through a proxy server. Check with your ISP to see if they use proxy servers for DNS or HTTP traffic. Many wireless and satellite broadband providers do use proxy servers.

OpenDNS Configuration Test Yields: "Oops!" Message

If you have tested your OpenDNS configuration and received the Oops! message, you may actually have OpenDNS configured correctly but be experiencing a problem related to how your ISP provisions your Internet connection.

First, check with your Internet Service Provider (ISP) to determine whether they allow third-party DNS services. If they do, the next most likely explanation for failing the OpenDNS configuration tests is that your ISP uses a proxy server.

If your ISP uses proxy servers, you will not be able to take advantage of our Web-based features, but you will still benefit from a fast, secure and reliable Internet navigation experience.

If the verification results from below indicate you are using different DNS servers and you are confident that you have followed the OpenDNS configuration instructions, please contact your ISP to verify whether they allow third-party DNS.

In some cases, a work-around has been found successful by configuring both the router/modem and all computers on the network to use OpenDNS servers. For more information about how to configure OpenDNS on a computer, follow this link.

To verify that you are using OpenDNS servers for DNS lookups, please go to the following instructions according to your computer's operating system.

 

 

Windows XP/Vista/7/8:

To verify that you are using OpenDNS servers for DNS lookups, from your computer running Windows, follow these steps:

  1. Go to the Windows Start menu.
  2. Choose Run
  3. In the Open: text box, type cmd.
  4. This opens the Windows terminal window. 

  1. In the terminal window, after the prompt, type nslookup www.opendns.com.. (Be sure to include the trailing period after ".com.".)
  2. The results should look like the following:

Server: resolver1.opendns.com or resolver2.opendns.com 
Address: 208.67.222.222 or 208.67.220.220 

Non-authoritative answer: 
Name: www.opendns.com 
Address: xxx.yyy.zzz.aaa

If the line including "Server" shows resolver1.opendns.com or resolver2.opendns.com and the associated IP addresses 208.67.222.222 or 208.67.220.220, respectively, then you are using OpenDNS for DNS lookups.

 

 

Mac OS/X

To verify that you are using OpenDNS servers for DNS lookups, from your computer running Mac OS, follow these steps: 

  1. Launch the application Terminal, found in Applications -> Utilities on Mac OS X.
  2. Type dig www.opendns.com.
  3. If you are using OpenDNS, the results should look similar to the following: 

;; <<>> DiG 9.2.4 <<>> www.opendns.com 
;; global options: printcmd 
;; Got answer: 
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57481 
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 

;; QUESTION SECTION:
;;www.opendns.com. IN A ANSWER SECTION: 
;;www.opendns.com. 30 IN A 208.67.219.101 
;; Query time: 4 msec 
;; SERVER: 208.67.222.222#53(208.67.222.222) 
;; WHEN: Fri Jun 15 19:35:09 2007 
;; MSG SIZE rcvd: 49

                                                   

 

Linux distributions:


To verify that you are using OpenDNS servers for DNS lookups, from your computer running Linux, follow these steps: 

  1. Bring up a terminal window.
  2. Type dig www.opendns.com.
  3. If you are using OpenDNS, the results should look similar to the following: 

;; <<>> DiG 9.2.4 <<>> www.opendns.com 
;; global options: printcmd 
;; Got answer: 
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57481 
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 

;; QUESTION SECTION:
;;www.opendns.com. IN A ANSWER SECTION: 
;;www.opendns.com. 30 IN A 208.67.219.101 
;; Query time: 4 msec 
;; SERVER: 208.67.222.222#53(208.67.222.222) 
;; WHEN: Fri Jun 15 19:35:09 2007 
;; MSG SIZE rcvd: 49

 

 

Where do I download an OpenDNS Dynamic IP updater client?

You can find and download the official Dynamic IP updater clients for Windows, Mac and Linux using the links in the following table. There are additional third-party clients and services available, but only the ones listed are supported by OpenDNS.

OpenDNS Dynamic IP
Address Updater Client
Notes
Windows IP Updater This is the officially supported OpenDNS Windows client, which sends your network's new IP Address to OpenDNS whenever it should change.
Mac IP Updater This is the officially supported OpenDNS Mac client, which sends your network's new IP Address to OpenDNS whenever it should change.
Linux IP Updater This links to the officially supported OpenDNS Linux client, which sends your network's new IP Address to OpenDNS whenever it should change.

 

How do I Configure OpenDNS on a Network with a Dynamic IP address?

 

OpenDNS can be configured on networks that are provisioned with dynamic IP addresses, which is typically how ISPs manage consumer and small business networks.

Please read Networks with Dynamic IP Addresses to learn how to maintain OpenDNS settings on a network where the IP address is likely to change.

What are the DNS Request Types?

 

The following table explains the DNS Request Types that can be collected and listed in an OpenDNS report. 

DNS Lookup TypeDescriptionFunction
A IPv4 address record Returns a 32-bit IP address, which typically maps a domain's hostname to an IP address, but also used for DNSBLs and storing subnet masks
AAAA IPv6 address record Returns a 128-bit IP address that maps a domain's hostname to an IP address
MX Mail exchange record Maps a domain name to a list of message transfer agents for that domain
NS Name server record Delegates a DNS zone to use the specified authoritative name servers
PTR Pointer record Pointer to a canonical name that returns the name only and is used for implementing reverse DNS lookups
SOA Start of authority record Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone
SRV Service locator Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX
TXT Text record Carries extra data, sometimes human-readable, most of the time machine-readable such as opportunistic encryption, DomainKeys, DNS-SD, etc.

 

What is SmartCache?

SmartCache - Here's how it works: When an authoritative DNS provider suffers an outage, all of the Websites it provides service for are taken offline. They are inaccessible for everyone on the Internet. But no longer for OpenDNS users. Our servers will now immediately look for the last known good address for the site in our caches, and use that to load the site. So effectively OpenDNS users will be able to access Websites that appear down for everyone else. For our millions of users at businesses, schools and libraries around the world, saving them Internet access interruptions and the time they waste is invaluable.

Authoritative DNS outages happen frequently and can be a big problem. In March of 2009, it was reported that major authoritative DNS provider UltraDNS suffered an outage that took Salesforce.com, Amazon.com and Petco.com offline for several hours. In such a case, SmartCache fixes the inaccessibility problem and allows people to visit those sites despite the authoritative server outage.

This is just the latest in a long series of DNS innovations we've developed and passed on to you. Most recently it was blocking the Conficker worm from phoning home. By blocking the domain names the worm used, we were and continue to be able to protect people around the globe. We want our customers to know that we are committed to continually innovate and give you easy-to-use services that make your Internet experience better.

SmartCache is turned on by default for all users and only applies to queries where the authoritative server hands back a SERVFAIL response code or the query simply goes unanswered.

 

HERE ARE KNOWN DYNAMIC DNS CLIENTS WHICH WORK WITH OPENDNS.

Mac OpenDNS Updater (AppleScript) OpenDNS Updater is a small AppleScript application that helps keep your Dynamic IP information up to date on the OpenDNS website.
Service DNS-O-Matic  This free service gives you an easy way to distribute your dynamic IP changes to multiple services with a single update. Keep dynamic DNS hostnames and OpenDNS updated at the same time.
Windows  HomingBeacon Dynamic DNS Update Client ChangeIP’s Dynamic DNS update client supports OpenDNS updates with version 3.0.0.6 and later.
Windows INADYN windows command line version The client is based on inadyn, but modified to support HTTPS (SSL) and preconfigured to use OpenDNS’s account update URL by default. Should work on Windows 2000 and later. 
Windows INADYN source code  Instructions contained in the ZIP file.
Windows DynSite  DynSite is a shareware, that is you can try it for free for 30 days then you have to register your copy to obtain a license code (also called a serial number) if you want to keep using it. If you decide not to register you have to uninstall the program (from Control Panel > Add or Remove Programs icon.) Add the configuration file, aka the.dns file, to the right place.
Windows Dynamic IP Monitor There is a 60-minute trial version, and a full version for US$9.95. OpenDNS is supported as a built-in option from version 3.2 on. 
Windows DynDNS Updater Instructions on using DynDNS Updater with OpenDNS can be found here. 
Windows DirectUpdate Download DUD file (opendns.dud) and save at C:Program FilesDirectUpdate v4dns
Windows  myDynIPPro  
Rocon Software’s dynamic DNS client supports OpenDNS updates with version 4.3.4 and later.

 

 

 
Topic is closed for comments