Linux IP Updater for Dynamic Networks

Follow

Comments

81 comments

  • Avatar
    rotblitz

    "Just in case you're thinking I have two accounts."

    Why did you write this?  You can have as many accounts as you want.  Nobody cares!

  • Avatar
    chitchcock

    Please note: The password must not contain special characters reserved for URL encoding. It should be a straight alphanumeric password.

    My password originally contained the character "&" which does not work, wrapped or unwrapped.  After about three hours of trial & error I happened to find the this correction in the 8th post down the page in the search for ddclient.

    Hopefully this will save someone else some time.

    :>))

     

  • Avatar
    el_garicimo

    Hi,

    Open DNS seems pretty sweet, good job everyone. I'm getting this setup on a computer for my little cousin, and I wanted to give some feedback on the setup instructions.

    I'm adding this for a dynamic ip address, so before adding a network in my open dns dashboard, I went to setup ddclient (i'm using linux, peppermint 5 to be exact). However, to put in your 'opendns_network_label' and finish setting up the ddclient, you need to FIRST add your network... this took me a while to realize, so maybe specifying the order of operations or making it more clear that the 'opendns_network_label' is the label YOU give to your network that you're updating, some future first time users may not be as confused as I was!

    thanks

  • Avatar
    mattwilson9090

    It would be helpful to know which directions you were following that you thing were unclear or confusing. Otherwise you are asking OpenDNS employees to review every single piece of documentation on their website and in this forum that address setting up and using OpenDNS.

  • Avatar
    rotblitz

    @el_garicimo
    "feedback on the setup instructions"

    Do you mean the setup instructions where this thread starts with?  Well, the purpose is not to explain the whole process but only about how to configure ddclient for use with OpenDNS.  An Updater is anyway the last thing in the process after everything else is done.

  • Avatar
    chitchcock

    Below is my working ddclient.conf file.  My password originally contained a symbol. The instructions that state to place a single quote around passwords with symbols did not work for me. My symbol was the "&" sign. After spending a couple of hours chasing my tail, I changed my OpenDNS passwrd to letters and numbers.

    Working ddclient.conf file:
    # Configuration file for ddclient generated by debconf
    #
    # /etc/ddclient.conf

    use=web, web=myip.dnsomatic.com
    ssl=yes
    server=updates.opendns.com
    protocol=dyndns2
    login=my email address
    password=my passwrd
    Home

    In a terminal window change directory to /etc
    Edit the ddclient.conf file using gedit:
    In a terminal window enter" sudo gedit /etc/ddclient.conf
    Edit the file
    Save file and exit gedit

    In a terminal window restart ddclient:
    sudo /etc/init.d/ddclient restart

    Now you can test to verify if it will work:

    In a terminal window enter: sudo ddclient -daemon=0 -debug -verbose -noquiet  to verify that your ddclient.conf file will work.

    128875:~$ sudo ddclient -daemon=0 -debug -verbose -noquiet
    === opt ====
    opt{cache}                           : <undefined>
    opt{cmd}                             : <undefined>
    opt{cmd-skip}                        : <undefined>
    opt{daemon}                          : 0
    opt{debug}                           : 1
    opt{exec}                            : <undefined>
    opt{facility}                        : <undefined>
    opt{file}                            : <undefined>
    opt{force}                           : <undefined>
    opt{foreground}                      : <undefined>
    opt{fw}                              : <undefined>
    opt{fw-login}                        : <undefined>
    opt{fw-password}                     : <undefined>
    opt{fw-skip}                         : <undefined>
    opt{geturl}                          : <undefined>
    opt{help}                            : <undefined>
    opt{host}                            : <undefined>
    opt{if}                              : <undefined>
    opt{if-skip}                         : <undefined>
    opt{ip}                              : <undefined>
    opt{login}                           : <undefined>
    opt{mail}                            : <undefined>
    opt{mail-failure}                    : <undefined>
    opt{max-interval}                    : 2592000
    opt{min-error-interval}              : 300
    opt{min-interval}                    : 30
    opt{options}                         : <undefined>
    opt{password}                        : <undefined>
    opt{pid}                             : <undefined>
    opt{postscript}                      : <undefined>
    opt{priority}                        : <undefined>
    opt{protocol}                        : <undefined>
    opt{proxy}                           : <undefined>
    opt{query}                           : <undefined>
    opt{quiet}                           : 0
    opt{retry}                           : <undefined>
    opt{server}                          : <undefined>
    opt{ssl}                             : <undefined>
    opt{syslog}                          : <undefined>
    opt{test}                            : <undefined>
    opt{timeout}                         : <undefined>
    opt{use}                             : <undefined>
    opt{verbose}                         : 1
    opt{web}                             : <undefined>
    opt{web-skip}                        : <undefined>
    === globals ====
    globals{daemon}                      : 60
    globals{debug}                       : 1
    globals{login}                       : my email address
    globals{password}                    : my passwrd
    globals{protocol}                    : dyndns2
    globals{quiet}                       : 0
    globals{server}                      : updates.opendns.com
    globals{ssl}                         : 1
    globals{use}                         : web
    globals{verbose}                     : 1
    globals{web}                         : myip.dnsomatic.com
    === config ====
    config{Home}{atime}                  : 0
    config{Home}{backupmx}               : 0
    config{Home}{cacheable}              : ARRAY(0x2551cd8)
    config{Home}{cmd}                    : <undefined>
    config{Home}{cmd-skip}               :
    config{Home}{custom}                 : 0
    config{Home}{fw}                     :
    config{Home}{fw-login}               : <undefined>
    config{Home}{fw-password}            :
    config{Home}{fw-skip}                :
    config{Home}{host}                   : Home
    config{Home}{if}                     : ppp0
    config{Home}{if-skip}                :
    config{Home}{ip}                     : <undefined>
    config{Home}{login}                  : my email address
    config{Home}{max-interval}           : 2592000
    config{Home}{min-error-interval}     : 300
    config{Home}{min-interval}           : 30
    config{Home}{mtime}                  : 0
    config{Home}{mx}                     :
    config{Home}{password}               : my passwrd
    config{Home}{protocol}               : dyndns2
    config{Home}{script}                 : /nic/update
    config{Home}{server}                 : updates.opendns.com
    config{Home}{static}                 : 0
    config{Home}{status}                 :
    config{Home}{use}                    : web
    config{Home}{warned-min-error-interval} : 0
    config{Home}{warned-min-interval}    : 0
    config{Home}{web}                    : myip.dnsomatic.com
    config{Home}{web-skip}               :
    config{Home}{wildcard}               : 0
    config{Home}{wtime}                  : 30
    === cache ====
    cache{Home}{atime}                   : 0
    cache{Home}{backupmx}                : 0
    cache{Home}{custom}                  : 0
    cache{Home}{host}                    : Home
    cache{Home}{ip}                      : xxx.xxx.xxx.xxx
    cache{Home}{mtime}                   : 1426841255
    cache{Home}{mx}                      :
    cache{Home}{script}                  : /nic/update
    cache{Home}{static}                  : 0
    cache{Home}{status}                  :
    cache{Home}{warned-min-error-interval} : 0
    cache{Home}{warned-min-interval}     : 0
    cache{Home}{wildcard}                : 0
    cache{Home}{wtime}                   : 30
    cache{home}{atime}                   : 1426840440
    cache{home}{backupmx}                : 0
    cache{home}{custom}                  : 0
    cache{home}{host}                    : home
    cache{home}{mtime}                   : 0
    cache{home}{mx}                      :
    cache{home}{script}                  : /nic/update
    cache{home}{static}                  : 0
    cache{home}{status}                  : noconnect
    cache{home}{warned-min-error-interval} : 0
    cache{home}{warned-min-interval}     : 0
    cache{home}{wildcard}                : 0
    cache{home}{wtime}                   : 30
    DEBUG:    proxy  =
    DEBUG:    url    = myip.dnsomatic.com
    DEBUG:    server = myip.dnsomatic.com
    CONNECT:  myip.dnsomatic.com
    CONNECTED:  using HTTP
    SENDING:  GET / HTTP/1.0
    SENDING:   Host: myip.dnsomatic.com
    SENDING:   User-Agent: ddclient/3.8.1
    SENDING:   Connection: close
    SENDING:   
    RECEIVE:  HTTP/1.1 200 OK
    RECEIVE:  Server: Varnish
    RECEIVE:  Retry-After: 5
    RECEIVE:  Content-Type: text/html
    RECEIVE:  Content-Length: 15
    RECEIVE:  Accept-Ranges: bytes
    RECEIVE:  Date: Sat, 04 Apr 2015 09:35:58 GMT
    RECEIVE:  X-Varnish: 1605368558
    RECEIVE:  Age: 0
    RECEIVE:  Via: 1.1 varnish
    RECEIVE:  Connection: close
    RECEIVE:  
    RECEIVE:  xxx.xxx.xxx.xxx
    DEBUG:    get_ip: using web, myip.dnsomatic.com reports xxx.xxx.xxx.xxx
    SUCCESS:  Home: skipped: IP address was already set to xxx.xxx.xxx.xxx.

     

    I hope this will help others.

    Cheers

  • Avatar
    el_garicimo

    @mattwilson9090 and @rotblitz,

    Sorry for not being more clear -- yes I meant the instructions at the top of this thread. It would also be helpful to know that the config file should be located in /etc/ddclient.conf   .... I was able to figure out how to get it set up, but only after using this youtube video as a guide https://www.youtube.com/watch?v=iuDCuUEmKF4

  • Avatar
    chitchcock

    @el_garicimo

    Thank you for the video link. I was able to make minor adjustment to my /etc/ddclient.config to read like the ddclient.conf in the video. Now it runs perfectly without any errors. 

    The only change I needed to make in /etc/default/ddclient was to change the daemon_interval to 3600

    I didn't know what to type in for entries with the automatic setup initially. This video did a good job of showing the correct input.

    This was a good find.

    Thank you.

    chitchcock

     

  • Avatar
    braseg

    What is opendns_network_label? What set in the label?
    Thank you.

  • Avatar
    chitchcock

    Matt Prytuluk
    posted this on December 2, 2013, 11:45

    "....'opendns_network_label' is the label given to the network you're updating in your account. You can find the network label in the Settings Tab of the OpenDNS Dashboard.  If you're an Umbrella customer, this is the name of the Network you've enabled Dynamic updates for in the Configuration.."

    I labelled mine 'Home' in 'Settings Tab". 'My Network' = your IP address




    OPENDNS-Settings.png
  • Avatar
    rlh2000

    I found that using the extracted copy of the Windows openDNS Updater with Wine on my Ubuntu 14 LTS operating system performs sufficiently for my needs and offers a GUI interface. Once configured and updated it remains active in the background. 

  • Avatar
    jeremybeck

    Is it strictly necessary to have my OpenDNS password in plain text in the ddclient config file?  Another service that I use ddclient for supports an MD5 hash in the ddclient config file.  Does OpenDNS support anything like this?  I'm not a fan of storing any password in a plain text file.

  • Avatar
    nubrigol

    Jeremybeck, Having the MD5 hash of the password is no more secure.  Some one with access could still use the password hash to access the API if they accept the password hash.  Although, if it makes you feel better, you could md5 hash your password and then change your openDNS password to the md5 hash.  Then you could put the hash in the file instead.  :)  (obviously not helpful, but it's pretty much the same thing!)

  • Avatar
    Daniel Cheung

    Hello jeremybeck!

    We can generate a update only password for you, so please feel free to let us know when and if you would like one. Please let us know so that we can get this processed for you in a new ticket.

  • Avatar
    djharty

    I'm getting the folowing message after the start the ddclient and the command "ddclient -daemon=0 -debug -verbose -noquiet" give me this:

    DEBUG:    server = updates.opendns.org
    CONNECT:  updates.opendns.org
    WARNING:  cannot connect to updates.opendns.org:443 socket: The name or the service is unknown  IO::Socket::IP configuration failed
    FAILED:   updating UnityMedia: Could not connect to updates.opendns.org.

    is the update server down?

  • Avatar
    rotblitz

    The update server domain is updates.opendns.com.

  • Avatar
    gfyvsllc

    Daniel Cheung, i would like an update only password!  can you give me an update only username too?  i dont want to store either of my admin access bits of info in the config file.  thanx!

     

  • Avatar
    gfyvsllc

    also what do you guys think about using dnsomatic simply for the pw/un protection?  meaning, setup a dnsomatic acct w/ some unique pw/un combo (aka not same as opendns), config ddclient to update dnsomatic only which updates opendns, noip, etc.  that way only the dnsomatic info is stored in plain text.

    i havent used dnsomatic, so if they store auth info for other services or allow you to access other services somehow, then the above solution is futile.

  • Avatar
    Daniel Cheung

    Hi gfyvsllc,

    Please send a request to support@opendns.com and request for an update-only password. Our team will take care of you there. Also, an update-only password would not allow access to your admin account (that's why it's an "update-only" password!) :)

  • Avatar
    rotblitz
    @gfyvsllc

    "also what do you guys think about using dnsomatic simply for the pw/un protection?"

    This works for other services defined on DNS-O-Matic, but not for OpenDNS.  It must be the same credentials in this case.

  • Avatar
    madhusker

    Time for an update to this thread!

    /sbin/curl -v -k -u user@blah.com:PASSWORD https://updates.opendns.com/nic/update

    Put it in a cron job and forget it. Work well on my QNAP NAS.

  • Avatar
    Edmund Laugasson

    The problem is that there is not good idea to write plain text password into crontab as it is readable to all users... How to solve this? May I make /etc/crontab readable only for root? Or can I use hashed credentials?

  • Avatar
    Alexander Harrison

    We'd get around the password issue by issuing an update-only password that can only be used to update your IP address and is no good to edit any of your settings. To have one made, follow up here and one can be sent over to you. 

  • Avatar
    nubrigol
    Even with the update-only password, I wouldn't store it in a readable cron script. You will want to store it in a different location (only accessible by root) and import it into your cron script.
  • Avatar
    rotblitz

    ddclient is in no way an OpenDNS product.  You're simply wrong here.  Refer to http://sourceforge.net/projects/ddclient/ to raise feature requests.

  • Avatar
    daemoch

    Coming fresh in from the MS Windows world, this was a real headache.  The youtube video posted earlier was a real help  (THANK YOU!!), as well as the ddclient wikis.

    Start by watching the Youtube video; it's short and totally worth the 5 minutes!

    If you are still having problems, keep in mind that ddclient is written in Perl and that it will mess with the syntax.  http://perlmaven.com/quoted-interpolated-and-escaped-strings-in-perl

    Here is the final ddclient.config I got working on a Linux Mint 17.2 (Debian/Ubuntu) using OpenDNS and polling dnsomatic for the external IP.  You can cut-and-paste it into your config and it should help.

    The last 3 lines are the ones that you will want to replace with your own information, but keep the apostrophes at the start and end of the login and password entries so that Perl doesn't screw you up.  You'll get a 401 error if you don't use them and need them, but Perl will basically ignore them if you didn't need them after all.  If you still get a 401 error, double double DOUBLE check your login, password, and network name spellings for typos!

    # Configuration file for ddclient generated by debconf
    #
    # /etc/ddclient.conf
    daemon=3600
    use=web, web=myip.dnsomatic.com
    ssl=yes
    server=updates.opendns.com
    protocol=dyndns2
    login='sample@gmail.com'
    password='Th!ng5L!k3Th!5'
    Whateveryounamedtheopendnsnetwork

  • Avatar
    rotblitz

    "daemon=3600"

    This will check for IP address changes only once every hour (3600 seconds).  You may want to check more often...

  • Avatar
    daemoch

    I'd considered that.  I'm running this on a home computer wherein an hour of downtime is unlikely to be noticed or matter though.  As a point, I should have mentioned that to future readers though, true.  Thank you for pointing it out.

     

    Personally, what’s the experience for a good polling interval?

  • Avatar
    rotblitz

    This is nothing to do with "downtime".  Nothing will be down, and you'll continue to use OpenDNS for your DNS queries.  It's just that your individual dashboard settings do not take effect during that time.

    And there's no polling.  The update client only checks at http://myip.dnsomatic.com/ if your IP address has changed. 

    A recommended interval for this check is 5 or 10 minutes (300 or 600 seconds), depending on how important it is for you that your settings are in effect.

  • Avatar
    daemoch

    "This is nothing to do with "downtime".  Nothing will be down, and you'll continue to use OpenDNS for your DNS queries.  It's just that your individual dashboard settings do not take effect during that time."

    - the potential downtime I was referring to was the Dashboard, not the PC.  I believe Dashboard would just show a '0' activity count is all as it would be watching the wrong (old) IP.  Correct me if I'm wrong here.

    "And there's no polling.  The update client only checks at http://myip.dnsomatic.com/ if your IP address has changed."

    - OK, I'm unclear here I think... isn't ddclient monitoring the current IP I have?  And doesn't it do that by checking (polling) with an external IP service (in this case dnsomatic)?  If I understand correctly, it then registers that IP to my OpenDNS account as my current IP, and it registers it whether it's a new IP or the same IP either way.

Please sign in to leave a comment.