Can I update my dynamic IP address by tracking a DynDNS dynamic hostname?

Comments

11 comments

  • Avatar
    rotblitz

    What updater sends your update requests to DNS-O-Matic? Isn't this your router?

    You simply could add OpenDNS as another service at DNS-O-Matic, beside DynDNS, to get it updated too, in parallel to your DynDNS hostname. That is what DNS-O-Matic has been created for.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Ah no, I think this is what you do already to keep updated both, DynDNS and OpenDNS. And no, there is no way (any longer) to track a DDNS hostname's IP address to update OpenDNS. Updates to OpenDNS must come out of the network where its IP address is going to be applied.

    Your only chance is to look for a later or other firmware for your router which supports other DDNS services too. "User defined" would already be sufficient. Or buy another router.

    0
    Comment actions Permalink
  • Avatar
    dmitro

    Is there any way that OpenDNS could update IPs by getting it from DynDNS webaddress, that a person could add in his user settings? It could be done with every so often (this can be also entered in user options)

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Dmitro, good morning, you didn't read my second answer, did you?  Why not?  Shouldn't be too difficult to read and to understand...

    Also, why in the world would you want to update OpenDNS with the "DynDNS webaddress"?  The IP address of the DynDNS website is of no use for this purpose.

    0
    Comment actions Permalink
  • Avatar
    dmitro

    Good morning,

        I've read both of your answers, and also some other records on the subject. Yes, I did not put it right, I should have said: "hostname's IP". I simply did not quite get - why " there is no way (any longer) to track a DDNS hostname's IP address to update OpenDNS"?... because "Updates to OpenDNS must come out of the network where its IP address is going to be applied"? Actually I did not quite get the last one.

    Anyway, if you say you "no way to track", I'm not going any deeper - you know about this inconvinience, and it does not matter if it is due to the OpenDNS system design or DynDNS design.

    P.S. Sorry for my poor English.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Your English is good, nor worries!

    ""Updates to OpenDNS must come out of the network where its IP address is going to be applied"? Actually I did not quite get the last one."

    If you want to update your OpenDNS network with e.g. 123.456.78.90, then this update request must come from 123.456.78.90.  This is intentional for security reasons.  Another update facility like DNS-O-Matic or DNS Allocator would not come from 123.456.78.90, so the update request would not be accepted by OpenDNS.

    Clearer now?

    0
    Comment actions Permalink
  • Avatar
    d

    Yeah clear but stupid if I can add an adress into a DNS database I am already authenticated by the  dns hosting system and have permissions granted by the doman netregistry of the domain name. I manage a lot of networks and find using dyndns saves on static IP adresses and I can rember clients gateways by name ratehr then 115.112.113.11

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "stupid if I can add an adress into a DNS database I am already authenticated by the  dns hosting system and have permissions granted by the doman netregistry of the domain name."

    Any of those, the registrant or the registrar or the DNS hoster could be bad actors.  Didn't hear about these many incidents which work exactly this way?  Conficker random domains and FastFlux domains are just two of far too many examples...

    So now you know what your "authentication" regarding DNS is really worth - nothing!  You cannot trust this at all.  (Maybe you personally can, but a 3rd party like OpenDNS or another person cannot.)

    0
    Comment actions Permalink
  • Avatar
    va3mw

    I agree with the discussion, but in the case where I want to use the FQDN since it is on a cell modem and we never know who is connected on the back end, it is a problem.  I would have to check and see if the Mofi supports DDNS updating as well, but I don't believe it does.

     

    I am willing to take the security risk to have the ability to over ride that.  Make sense?

     

    Mike

    0
    Comment actions Permalink
  • Avatar
    sheamuspatt

    I don't really see a security risk in tying an OpenDNS "network" to a dynamic DNS FQDN. As long as the owner of that network sets it up, then that person can vouch that it's a valid address for the network. The usual situation would be one like kbro describes, where the same person manages both the OpenDNS network and the Dynamic DNS hostname. In that case, the only risk would be if one or the other of these is compromised. It's not quite as easy as you suggest, rotblitz. Most reputable domain registrars have pretty robust authentication these days because it's a big deal if someone steals your domain name.

    It's fairly easy to implement at the OpenDNS end using a standard DNS lookup (the "dynamic" part is only of interest for updating the DNS name). The main concern would be the cost of doing bulk updates for all of the OpenDNS networks attached to a DNS name rather than an IP address. 

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "I don't really see a security risk"  -  But OpenDNS sees.

    Any third party DDNS service is not under the control of OpenDNS, and that's the point which makes it a security risk, no matter what the reputation of the service is.

    "It's fairly easy to implement at the OpenDNS end using a standard DNS lookup"

    No doubt.  Btw, updating OpenDNS from a Dynamic DNS hostname was possible in the past, some years ago, with DNS Allocator (https://dnsalloc.uxnr.de/) and DNS-O-Matic (https://www.dnsomatic.com/), and I also used that until it was disabled by OpenDNS at DNS-O-Matic.  I'm happy enough to have a router directly supporting DNS-O-Matic, so I was not really impacted by that change.

    0
    Comment actions Permalink

Please sign in to leave a comment.