APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed


Dynamic DNS Services Update Scripts


© Tony Lawrence, aplawrence.com

Strangely enough, I never had any need for a dynamic DNS service until this week. In retrospect, it really does seem odd that I've never needed such a service before now, but so be it. My problem this week was that I wanted to set up a Kerio Mail Server in my office as a demo. My router could redirect the various ports I'd need, but I wanted to be able to send it real mail from the outside world, and although my cable assigned ip stays constant for months or even years, I needed a domain to send to.

Well, that's easy. Visit http://www.dyndns.org, sign up for a free account, and it's done. I assigned my current cable dynamic ip address to the hostname I chose, and now "xyz.dyndns.info" points to my cable modem.

In my case, I could have stopped there. The only time the dynamic ip changes is when I change routers. While that is something I do fairly frequently in the course of testing things, I certainly didn't need to do it during the run of this demo, and even if I did, I could pop back to dyndns.org and update myself.

But what if I needed this for a longer term or if my dynamic ip address were more dynamic than it is now? Well, there are hundreds and hundreds of clients that will update dynamic dns services. Many home-use routers even have a client built into them (though the services warn against using these because most update too often for no reason).

Well, as usual, I don't want to use someone else's code. I'd rather understand how the thing works and do it myself. I might use someone else's code after that, but almost always I want to get my own hands dirty first.

So, first problem: how to find the current ip address? If you are behind a firewall, there may be some way to get the device or computer to tell you. It might be as simple as an "ifconfig eth1" if you are using a Linux router. But I change firewalls frequently, so I can't depend on that.

There are places on the net that can help. For example, you can use http://checkip.dyndns.org/. At the command line,

lynx --dump http://checkip.dyndns.org/ > myip
 

will put your current ip into "myip". That's handy, and I'll use that in the Perl script later in this article, but what if you don't want to depend on things like that? If you have your own server hosted somewhere, you can use it to find out. It's not hard to write a Perl server that listens for connections on a certain port and just logs the connecting machines ip, but you don't even need to go that far if you have a web server. On a machine behind the firewall, have a script that does something like this every now and then:

lynx --dump http://yourserver.com/whatsmyip.html?564312 > /dev/null
 

The "whatsmyip.html" doesn't exist, and the extra "?563412" is just a number you make up. These accesses will be logged, so on the server we'll find these in our access_log:

66.31.38.153 - - [18/Sep/2004:10:01:01 +0000] "GET /whatsmyip.html?564312 HTTP/1
.0" 404 2240 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
66.31.38.153 - - [18/Sep/2004:11:01:01 +0000] "GET /whatsmyip.html?564312 HTTP/1
.0" 404 2240 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
66.31.38.153 - - [18/Sep/2004:12:01:01 +0000] "GET /whatsmyip.html?564312 HTTP/1
.0" 404 2240 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
66.31.38.153 - - [18/Sep/2004:13:01:16 +0000] "GET /whatsmyip.html?564312 HTTP/1
.0" 404 2240 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
66.31.38.153 - - [18/Sep/2004:14:01:01 +0000] "GET /whatsmyip.html?564312 HTTP/1
.0" 404 2240 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
 

A simple shell script can extract "66.31.38.153" which is what we need to know. That script could continue on to update the dynamic dns service.

So how do you update the service? Every service has their own method, but we'll just look at dyndns.org. You can find the full details at the website, but the short version is that it updates by accessing a web page. You could do this with a shell script and lynx, but I'll show a sample Perl program here. There are some rules we have to observe if we don't want them to cancel our free account for abuse. First, they don't want us to use the "checkip" more often than every 10 minutes. Second, if the ip hasn't changed, we shouldn't update more often than once every 28 days. Finally, if we get a problem response, we shouldn't try again until we know why the problem happened.

These rules are complicated enough that we'll probably screw up our code at least a few times, so dyndns.org provides test accounts you can work against. The code below uses such an account, so is safe for you to play with. It is intended to be run from cron at regular intervals, but it makes sure that it doesn't run more often.

#!/usr/bin/perl
use LWP::UserAgent;
use HTTP::Request;
use HTTP::Response;
$debug=0;
$checkip=1;
chdir("/root/dyndns") or die "can't chdir /root/dyndns $!";
# Try to get a lock just in case we got called again
# this isn't 100% foolproof but is good enough for this purpose
open("O",">lock");
flock(O, 2) ; #block here
if (-e "badstatus") {
  logit("badstatus\n");
  myexit(0);
}
# Don't check more often than every ten minutes.
# We call this with cron, but this just makes sure
open(F,"currenttime");
$last=<F>;
chomp $last;
close F;
$last+=600;
$now=time();
if ($checkip) {
  while ($last > $now) {
    printf "sleeping %0.2d\n",($last - $now);
    sleep ($last - $now);
    $now=time();
  }
  open(F,">currenttime");
  print F $now;
  close F;
  $what="http://checkip.dyndns.org/";
  $ua=LWP::UserAgent->new();
  $ua->agent("APL Perl/1.0");
  $req=HTTP::Request->new(GET=>$what);
  $response=$ua->request($req);
  if ($response->is_error() ) {
      logit("Couldn't get $what");
      myexit(0);
  } else {
     $currentip=$response->content();
     $currentip=~ s/.*Current IP Address:  *//;
     $currentip=~ s/..body.*//;
     chomp $currentip;
     open(F,"currentip");
     $lastip=<F>;close F;
     chomp $lastip;
     open(F,">currentip");
     print F "$currentip\n";
     close F;
  }
}
open(F,"lastupdate");
$lastup=<F>;close F;
chomp $lastup;
$days=($now - $lastup)/(3600 * 24);
if ($days >= 28 or $lastip != $currentip or $debug) {
    logit("update $days $lastip $currentip\n");
    $what="http://members.dyndns.org/nic/update?system=dyndns&hostname=test.dynd
ns.org&myip=$currentip";
    $ua=LWP::UserAgent->new();
    $ua->agent("APL Perl/1.0");
    $req=HTTP::Request->new(GET=>$what);
    $req->authorization_basic('test', 'test');
    $response=$ua->request($req);
#  Lynx equivalent is
#
# lynx --dump -auth youraccount:yourpass  "http://members.dyndns.org/nic/update?system=dyndns&hostname=yourhost.dyndns.info&myip=$currentip"
#
    if ($response->is_error() ) {
        print "Error \n";
        myexit(0);
    } else {
        $status=$response->content();
        print "$status\n";
        open(F,">lastupdate");
        print F $now;close F;
        myexit(0) if ($status =~ /good/ or $status =~ /nochg/);
        logit("Dyndns says $status\n");
        myexit(0);
    }
}

sub myexit {
    $a=shift;
    flock(O, 8);
    close O;
    exit $a;
}

sub logit {
    $a=shift;
    print $a;
}
 

What if you don't want to use dynamic DNS?

Strangely enough, I ran into that once. This person didn't want his DHCP supplied IP address made known to the world, which is exactly what DNS does.

That being the case, there's only a couple of ways to do it: email or other messaging, perhaps using an intermediary that does have a constant address or is listed in DNS. For example, if he had a web site that he only wanted a few people to know about, he could update (programatically) a page at another site that his buddies could access, or similar schemes. I guess there are still free web sites about, so that solution could avoid cost. If the folks to be allowed access has a fixed address or can be found through DNS, and is running a decent OS, then you could run a little simple server app there that the changing machine could contact. Such a server isn't at all difficult. If the idea here is dhcp on both sides, then an intermediary is the only way I can think of: a servet app there accepts connections and either stores or gives out the ip. I'm not sure that free web sites let you run programs like that. You could also do it through a file sharing service: he stores an encrypted file that his buddy can pick up and decrypt. Technically theres nothing mind boggling about any of these schemes. But I do agree that they are more complicated than simply signing up for a dynamic dns service and limiting access through .htacces policies.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> Dynamic DNS Services


2 comments




More Articles by

Find me on Google+

Tony Lawrence




"...and although my cable assigned ip stays constant for months or even years..."

Have you checked with your cable provider to see if they'll give you a static IP address? Mine did, and I didn't even have to whine and plead. <Grin>

--BigDumbDinosaur

---September 20, 2004

No, I haven't. But I'm not sure I want to keep cable, either. It hasn't been very reliable..

--TonyLawrence





------------------------
Kerio Samepage


Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us




















This post tagged: