Dynamic DNS

From ArchWiki

According to Wikipedia:

Dynamic DNS (DDNS or DynDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.
The term is used to describe two different concepts. The first is "dynamic DNS updating" which refers to systems that are used to update traditional DNS records without manual editing. These mechanisms are explained in RFC 2136, and use the TSIG mechanism to provide security. The second kind of dynamic DNS permits lightweight and immediate updates often using an update client, which do not use the RFC2136 standard for updating DNS records. These clients provide a persistent addressing method for devices that change their location, configuration or IP address frequently.

For RFC2136 there is nsupdate(1) from bind. For dynamic DNS services there are several packages available, see #Update clients.

Router

If the device needing DDNS sits behind a router, you should first check if the router itself can update any DDNS services. Although the selection of services may be limited, there are several advantages to using the router: it will probably be easier to set up, will require little to no maintenance, and will have no downtime (if the router is down you will not have Internet anyway).

Update clients

Note that some dynamic DNS providers do not require a dedicated client and can be updated with cURL.

Multi-service clients

  • ddclient — Update dynamic DNS entries for accounts on many dynamic DNS services.
https://github.com/ddclient/ddclient || ddclient
  • ddnsc — A simple & lightweight client written in python.
https://github.com/shyaminayesh/ddnsc || ddnscAUR
  • inadyn — Dynamic DNS client with SSL/TLS support.
https://troglobit.com/projects/inadyn/ || inadyn
  • inadyn-mt — A simple dynamic DNS client based on inadyn.
https://inadyn-mt.sourceforge.net/ || inadyn-mtAUR
  • ndyndns — Supports DynDNS and Namecheap.
https://github.com/niklata/ndyndns || ndyndnsAUR

Single-service clients

  • duckdns — Update your DuckDNS.org entries from your computer with systemd.
https://www.duckdns.org/ || duckdnsAUR, duckdns-ipv6AUR
  • hetzner_ddns — Dynamic DNS daemon for Hetzner DNS
https://github.com/filiparag/hetzner_ddns || hetzner_ddnsAUR
  • noip — Dynamic DNS Client Updater for no-ip.com services.
https://www.no-ip.com/downloads.php?page=linux || noipAUR

ddclient

ddclient is compatible with many DDNS services and is the recommended tool for updating DDNS if your router is not an option. It includes systemd support.

After installing, edit the configuration file /etc/ddclient/ddclient.conf to set up your DDNS provider (it includes many examples). Then enable and start ddclient.service.

The configuration can be tested by running ddclient with the -noquiet and -debug options:

# ddclient -daemon=0 -noquiet -debug

Some of the compatible services are listed below, but you can also check the examples and protocols for more.

ddclient compatible services
Service Configuration notes
Now-DNS example
ChangeIP example
Duck DNS example
FreeDNS example
No-IP Use protocol noip, server dynupdate.no-ip.com
nsupdate.info Use protocol dyndns2
Dyn DNS example
Namecheap example
Dynu example
Note: Free users of no-ip are required to manually confirm their domain(s) every 30 days. Domain confirmation is not required for Enhanced users though. More info at Why is My Hostname Pending Deletion?

Use an external website to determine IP address

If ddclient is unable to detect your IP address, you can configure ddclient to fetch your IP from an external webpage such as checkip.dyndns.org. This address is used by default when use=web is specified. It is also recommended to increase the check interval to avoid frequent requests to the IP check service:

/etc/ddclient/ddclient.conf
daemon=900
# obtain IP address from web status page
use=web

An alternative IP check service can be specified with the web key:

/etc/ddclient/ddclient.conf
daemon=900
# obtain IP address from web status page
use=web, web=myonlineportal.net/checkip

Use a local script to determine IPv6 address

ddclient often gets the wrong IPv6 address or none at all, but instead of an external website the IPv6 address can be determined locally. This script can be used:

/usr/local/bin/get-ip
#!/bin/bash
/sbin/ip -6 addr | grep inet6 | awk -F '[ \t]+|/' '{print $3}' | grep '^[23]'

Tell ddclient to use the script:

/etc/ddclient/ddclient.conf
# obtain IP address from script
use=cmd,cmd='/usr/local/bin/get-ip'

Use UPnP or NAT-PMP to determine external IPv4 address

If your router supports UPnP, install miniupnpc and use the external-ip utility:

/etc/ddclient/ddclient.conf
# obtain IP address from script
use=cmd,cmd='/usr/bin/external-ip'

For NAT-PMP, install libnatpmp and create a script wrapping the natpmpc output.

/usr/local/bin/get-ip
#!/bin/sh
natpmpc | grep -oP 'Public IP address : \K\S+'

Make the script executable and tell ddclient to use it:

/etc/ddclient/ddclient.conf
# obtain IP address from script
use=cmd,cmd='/usr/local/bin/get-ip'

Other providers

Other DDNS providers are not compatible with ddclient so updating your IP with them may require a special tool or some custom scripting. Remember that if the service allows you to update your IP using the command line, you can automate the process using tools such as cron or systemd/Timers.