Can I update my dynamic IP address by tracking a DynDNS dynamic hostname?
My Netgear router directly supports DynDNS.org so it has the ability to keep my dynamic hostname's IP address up to date without the involvement of a computer.
So is there a cunning way of getting my OpenDNS account to track the IP address of my DynDNS hostname to save me the inconvenience of having to have the dns-o-matic updater running on my PC, since this means that changes to my IP address don't get reported to OpenDNS while my PC is off.
Note that:
1) I have many PCs, laptops, iPhones and iPads on my home network, so the desktop PC often stays off for days at a time.
2) I currently use dns-O-matic to update my DynDNS dynamic hostname.
3) My router ONLY supports DynDNS.org
-
Ah no, I think this is what you do already to keep updated both, DynDNS and OpenDNS. And no, there is no way (any longer) to track a DDNS hostname's IP address to update OpenDNS. Updates to OpenDNS must come out of the network where its IP address is going to be applied.
Your only chance is to look for a later or other firmware for your router which supports other DDNS services too. "User defined" would already be sufficient. Or buy another router.
-
Dmitro, good morning, you didn't read my second answer, did you? Why not? Shouldn't be too difficult to read and to understand...
Also, why in the world would you want to update OpenDNS with the "DynDNS webaddress"? The IP address of the DynDNS website is of no use for this purpose.
-
Good morning,
I've read both of your answers, and also some other records on the subject. Yes, I did not put it right, I should have said: "hostname's IP". I simply did not quite get - why " there is no way (any longer) to track a DDNS hostname's IP address to update OpenDNS"?... because "Updates to OpenDNS must come out of the network where its IP address is going to be applied"? Actually I did not quite get the last one.
Anyway, if you say you "no way to track", I'm not going any deeper - you know about this inconvinience, and it does not matter if it is due to the OpenDNS system design or DynDNS design.
P.S. Sorry for my poor English.
-
Your English is good, nor worries!
""Updates to OpenDNS must come out of the network where its IP address is going to be applied"? Actually I did not quite get the last one."
If you want to update your OpenDNS network with e.g. 123.456.78.90, then this update request must come from 123.456.78.90. This is intentional for security reasons. Another update facility like DNS-O-Matic or DNS Allocator would not come from 123.456.78.90, so the update request would not be accepted by OpenDNS.
Clearer now?
-
Yeah clear but stupid if I can add an adress into a DNS database I am already authenticated by the dns hosting system and have permissions granted by the doman netregistry of the domain name. I manage a lot of networks and find using dyndns saves on static IP adresses and I can rember clients gateways by name ratehr then 115.112.113.11
-
"stupid if I can add an adress into a DNS database I am already authenticated by the dns hosting system and have permissions granted by the doman netregistry of the domain name."
Any of those, the registrant or the registrar or the DNS hoster could be bad actors. Didn't hear about these many incidents which work exactly this way? Conficker random domains and FastFlux domains are just two of far too many examples...
So now you know what your "authentication" regarding DNS is really worth - nothing! You cannot trust this at all. (Maybe you personally can, but a 3rd party like OpenDNS or another person cannot.)
-
I agree with the discussion, but in the case where I want to use the FQDN since it is on a cell modem and we never know who is connected on the back end, it is a problem. I would have to check and see if the Mofi supports DDNS updating as well, but I don't believe it does.
I am willing to take the security risk to have the ability to over ride that. Make sense?
Mike
-
I don't really see a security risk in tying an OpenDNS "network" to a dynamic DNS FQDN. As long as the owner of that network sets it up, then that person can vouch that it's a valid address for the network. The usual situation would be one like kbro describes, where the same person manages both the OpenDNS network and the Dynamic DNS hostname. In that case, the only risk would be if one or the other of these is compromised. It's not quite as easy as you suggest, rotblitz. Most reputable domain registrars have pretty robust authentication these days because it's a big deal if someone steals your domain name.
It's fairly easy to implement at the OpenDNS end using a standard DNS lookup (the "dynamic" part is only of interest for updating the DNS name). The main concern would be the cost of doing bulk updates for all of the OpenDNS networks attached to a DNS name rather than an IP address.
-
"I don't really see a security risk" - But OpenDNS sees.
Any third party DDNS service is not under the control of OpenDNS, and that's the point which makes it a security risk, no matter what the reputation of the service is.
"It's fairly easy to implement at the OpenDNS end using a standard DNS lookup"
No doubt. Btw, updating OpenDNS from a Dynamic DNS hostname was possible in the past, some years ago, with DNS Allocator (https://dnsalloc.uxnr.de/) and DNS-O-Matic (https://www.dnsomatic.com/), and I also used that until it was disabled by OpenDNS at DNS-O-Matic. I'm happy enough to have a router directly supporting DNS-O-Matic, so I was not really impacted by that change.
Please sign in to leave a comment.
Comments
11 comments