APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed
RSS Feeds RSS Feeds











(OLDER) <- More Stuff -> (NEWER) (NEWEST)
Printer Friendly Version
->
-> Dynamic DNS Services


Dynamic DNS Services Update Scripts





Sat Sep 18 15:54:03 2004

Referencing: http://www.dyndns.org

Strangely enough, I never had any need for a dynamic DNS service until this week. In retrospect, it really does seem odd that I've never needed such a service before now, but so be it. My problem this week was that I wanted to set up a Kerio Mail Server in my office as a demo. My router could redirect the various ports I'd need, but I wanted to be able to send it real mail from the outside world, and although my cable assigned ip stays constant for months or even years, I needed a domain to send to.

Well, that's easy. Visit http://www.dyndns.org, sign up for a free account, and it's done. I assigned my current cable dynamic ip address to the hostname I chose, and now "xyz.dyndns.info" points to my cable modem.

In my case, I could have stopped there. The only time the dynamic ip changes is when I change routers. While that is something I do fairly frequently in the course of testing things, I certainly didn't need to do it during the run of this demo, and even if I did, I could pop back to dyndns.org and update myself.

But what if I needed this for a longer term or if my dynamic ip address were more dynamic than it is now? Well, there are hundreds and hundreds of clients that will update dynamic dns services. Many home-use routers even have a client built into them (though the services warn against using these because most update too often for no reason).

Well, as usual, I don't want to use someone else's code. I'd rather understand how the thing works and do it myself. I might use someone else's code after that, but almost always I want to get my own hands dirty first.

So, first problem: how to find the current ip address? If you are behind a firewall, there may be some way to get the device or computer to tell you. It might be as simple as an "ifconfig eth1" if you are using a Linux router. But I change firewalls frequently, so I can't depend on that.

There are places on the net that can help. For example, you can use http://checkip.dyndns.org/. At the command line,

lynx --dump http://checkip.dyndns.org/ > myip
 

will put your current ip into "myip". That's handy, and I'll use that in the Perl script later in this article, but what if you don't want to depend on things like that? If you have your own server hosted somewhere, you can use it to find out. It's not hard to write a Perl server that listens for connections on a certain port and just logs the connecting machines ip, but you don't even need to go that far if you have a web server. On a machine behind the firewall, have a script that does something like this every now and then:

lynx --dump http://yourserver.com/whatsmyip.html?564312 > /dev/null
 

The "whatsmyip.html" doesn't exist, and the extra "?563412" is just a number you make up. These accesses will be logged, so on the server we'll find these in our access_log:

66.31.38.153 - - [18/Sep/2004:10:01:01 +0000] "GET /whatsmyip.html?564312 HTTP/1
.0" 404 2240 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
66.31.38.153 - - [18/Sep/2004:11:01:01 +0000] "GET /whatsmyip.html?564312 HTTP/1
.0" 404 2240 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
66.31.38.153 - - [18/Sep/2004:12:01:01 +0000] "GET /whatsmyip.html?564312 HTTP/1
.0" 404 2240 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
66.31.38.153 - - [18/Sep/2004:13:01:16 +0000] "GET /whatsmyip.html?564312 HTTP/1
.0" 404 2240 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
66.31.38.153 - - [18/Sep/2004:14:01:01 +0000] "GET /whatsmyip.html?564312 HTTP/1
.0" 404 2240 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
 

A simple shell script can extract "66.31.38.153" which is what we need to know. That script could continue on to update the dynamic dns service.

So how do you update the service? Every service has their own method, but we'll just look at dyndns.org. You can find the full details at http://www.dyndns.org/developers/, but the short version is that it updates by accessing a web page. You could do this with a shell script and lynx, but I'll show a sample Perl program here. There are some rules we have to observe if we don't want them to cancel our free account for abuse. First, they don't want us to use the "checkip" more often than every 10 minutes. Second, if the ip hasn't changed, we shouldn't update more often than once every 28 days. Finally, if we get a problem response, we shouldn't try again until we know why the problem happened.

These rules are complicated enough that we'll probably screw up our code at least a few times, so dyndns.org provides test accounts you can work against. The code below uses such an account, so is safe for you to play with. It is intended to be run from cron at regular intervals, but it makes sure that it doesn't run more often.

#!/usr/bin/perl
use LWP::UserAgent;
use HTTP::Request;
use HTTP::Response;
$debug=0;
$checkip=1;
chdir("/root/dyndns") or die "can't chdir /root/dyndns $!";
# Try to get a lock just in case we got called again
# this isn't 100% foolproof but is good enough for this purpose
open("O",">lock");
flock(O, 2) ; #block here
if (-e "badstatus") {
  logit("badstatus\n");
  myexit(0);
}
# Don't check more often than every ten minutes.
# We call this with cron, but this just makes sure
open(F,"currenttime");
$last=<F>;
chomp $last;
close F;
$last+=600;
$now=time();
if ($checkip) {
  while ($last > $now) {
    printf "sleeping %0.2d\n",($last - $now);
    sleep ($last - $now);
    $now=time();
  }
  open(F,">currenttime");
  print F $now;
  close F;
  $what="http://checkip.dyndns.org/";
  $ua=LWP::UserAgent->new();
  $ua->agent("APL Perl/1.0");
  $req=HTTP::Request->new(GET=>$what);
  $response=$ua->request($req);
  if ($response->is_error() ) {
      logit("Couldn't get $what");
      myexit(0);
  } else {
     $currentip=$response->content();
     $currentip=~ s/.*Current IP Address:  *//;
     $currentip=~ s/..body.*//;
     chomp $currentip;
     open(F,"currentip");
     $lastip=<F>;close F;
     chomp $lastip;
     open(F,">currentip");
     print F "$currentip\n";
     close F;
  }
}
open(F,"lastupdate");
$lastup=<F>;close F;
chomp $lastup;
$days=($now - $lastup)/(3600 * 24);
if ($days >= 28 or $lastip != $currentip or $debug) {
    logit("update $days $lastip $currentip\n");
    $what="http://members.dyndns.org/nic/update?system=dyndns&hostname=test.dynd
ns.org&myip=$currentip";
    $ua=LWP::UserAgent->new();
    $ua->agent("APL Perl/1.0");
    $req=HTTP::Request->new(GET=>$what);
    $req->authorization_basic('test', 'test');
    $response=$ua->request($req);
#  Lynx equivalent is
#
# lynx --dump -auth youraccount:yourpass  "http://members.dyndns.org/nic/update?system=dyndns&hostname=yourhost.dyndns.info&myip=$currentip"
#
    if ($response->is_error() ) {
        print "Error \n";
        myexit(0);
    } else {
        $status=$response->content();
        print "$status\n";
        open(F,">lastupdate");
        print F $now;close F;
        myexit(0) if ($status =~ /good/ or $status =~ /nochg/);
        logit("Dyndns says $status\n");
        myexit(0);
    }
}

sub myexit {
    $a=shift;
    flock(O, 8);
    close O;
    exit $a;
}

sub logit {
    $a=shift;
    print $a;
}
 

What if you don't want to use dynamic DNS?

Strangely enough, I ran into that once. This person didn't want his DHCP supplied IP address made known to the world, which is exactly what DNS does.

That being the case, there's only a couple of ways to do it: email or other messaging, perhaps using an intermediary that does have a constant address or is listed in DNS. For example, if he had a web site that he only wanted a few people to know about, he could update (programatically) a page at another site that his buddies could access, or similar schemes. I guess there are still free web sites about, so that solution could avoid cost. If the folks to be allowed access has a fixed address or can be found through DNS, and is running a decent OS, then you could run a little simple server app there that the changing machine could contact. Such a server isn't at all difficult. If the idea here is dhcp on both sides, then an intermediary is the only way I can think of: a servet app there accepts connections and either stores or gives out the ip. I'm not sure that free web sites let you run programs like that. You could also do it through a file sharing service: he stores an encrypted file that his buddy can pick up and decrypt. Technically theres nothing mind boggling about any of these schemes. But I do agree that they are more complicated than simply signing up for a dynamic dns service and limiting access through .htacces policies.




If this page was useful to you, please help others find it:  





Comments?




More Articles by - Find me on Google+



Click here to add your comments
- no registration needed!

"...and although my cable assigned ip stays constant for months or even years..."

Have you checked with your cable provider to see if they'll give you a static IP address? Mine did, and I didn't even have to whine and plead. <Grin>

--BigDumbDinosaur

---September 20, 2004

No, I haven't. But I'm not sure I want to keep cable, either. It hasn't been very reliable..

--TonyLawrence





Don't miss responses! Subscribe to Comments by RSS or by Email

Click here to add your comments


If you want a picture to show with your comment, go get a Gravatar

Kerio Samepage


Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.

Publishing your articles here

Jump to Comments



Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.

I am a Kerio reseller. Articles here related to Kerio products reflect my honest opinion, but I do have an obvious interest in selling those products also.

Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.

We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.

pavatar.jpg

This post tagged:

       - Blog
       - DNS
       - Networking
       - Perl
       - Web/HTML















My Troubleshooting E-Book will show you how to solve tough problems on Linux and Unix systems!


book graphic unix and linux troubleshooting guide



Buy Kerio from a dealer
who knows tech:
I sell and support

Kerio Connect Mail server, Control, Workspace and Operator licenses and subscription renewals



Click and enter your name and phone number to call me about Kerio® products right now (Flash required)