What is dynamic dns. Recommended public DNS servers

The article is no longer relevant. Yandex transfers everyone to Yandex.Connect. In the Connect API on this moment there is no ability to manage DNS records. API pdd.yandex no longer works.
Telegram api can be used to get dynamic ip. Instructions

I have been using dyndns services for a long time to connect from outside to a home file-cleaning-torrent download on a fryakh, which has a dynamic ip from the provider. Although dyndns has paid for this service for a long time for newly registered users, I used it for free, because I registered even before they started asking for money. But the other day I received a letter that they can no longer provide this service to me for free and from next month I will have to pay for it. This did not suit me and I began to look for a way out of the current situation.

Since my domains are delegated to Yandex DNS, I began to read manuals for their API and a solution was found. I'll tell you about it below.

To use the Yandex api, we need to get a token. It is quite simple to get it, we enter it in the browser.

Https://pddimp.yandex.ru/get_token.xml?domain_name=domen.ru

Where domen.ru is your delegated domain to Yandex. We enter the captcha and look in the output:

Token = "XXXXXX"

The quotes will be your token. We copy it somewhere, we will need it a little later.
Now we need to add a subdomain to our domain, which will refer to the machine with a dynamic ip. Go to https://pdd.yandex.ru, select a domain and click "DNS Editor" add an A-record for the domain there:

In the "Host" field, enter the subdomain, and in the "Record value" field, write any ip (later it will change when the ip of your car changes).

Now we need to get the id of our post. To do this, enter in the browser:

Https://pddimp.yandex.ru/nsapi/get_domain_records.xml?token=XXXXXX&domain=domen.ru

Where XXXXXX is your token, and domen.ru is your domain delegated to Yandex.

In the output, we are looking for a line with our record myhome.domen.ru and in this line we find:

Id = "1234567"

In quotes, the id of the record, just copy it somewhere.

Now we write a script on a wheelbarrow with a dynamic ip. The script will check the external ip of the wheelbarrow every half an hour and if it has changed, it will change the A-record to Yandex DNS.

# ee /usr/local/bin/dyndns.sh

#! / bin / sh PATH = / sbin: / bin: / usr / sbin: / usr / bin: / usr / local / sbin: / usr / local / bin; export PATH DOMEN = "domen.ru" # your domain delegated to Yandex SUB = myhome # subdomain TOKEN = XXXXXX # RECID token = 1234567 # record id while true; do IP = "curl -s http: //ip..domen.ru dns1.yandex.ru | grep has | awk" (print $ 4) "` # replace myhome.domen.ru with your subdomain if [$ IP! = $ YAIP] then curl -s "https://pddimp.yandex.ru/nsapi/edit_a_record.xml?token=$TOKEN&domain=$DOMEN&subdomain=$SUB&record_id=$RECID&content=$IP&ttl=1800" fi sleep 1800; done;

Change the values of the variables according to the comments.

Making the script executable:

# chmod + x /usr/local/bin/dyndns.sh

And add the corresponding entry in crowns:

# crontab -e @reboot /usr/local/bin/dyndns.sh

That's it, now after a reboot, the script will automatically run. Reboot or run the script manually and check at https://pdd.yandex.ru if the value of the entry for our subdomain has changed.

P.S. To make everything completely free, you don't have to buy a domain, but use a free domain in the.tk zone. You can get it on the website www.dot.tk

Sometimes it is necessary to register DNS for a computer with a dynamic IP address. An easy way to do this is with services like dyndns, described in a recent topic. Sometimes this approach works badly enough.

For example, in my situation, the provider sometimes changes my public IP address. This sometimes happens, usually every few months. Also, my home computer rarely reboots. During this time, the dyndns service, which I used earlier, managed to send me inactivity alerts a couple of times in order to disable the "unused" account. It is also impossible to switch to a manually assigned DNS zone, because sometimes the address still changes. And usually you find out about this when you need access to home computer Here and now.

To implement the described method, you need a server on the Internet with DNS server ohm bind on it. And also the domain zone, the subdomain of which we will allocate for our computer. The variant with connecting a Linux computer to a Linux server is described. For the use of others operating systems you will need to read the manuals and modify some of the steps.

So:
1. We have an installed bind9 server with the server.org domain
2. Create a zone client.server.org.zone:

$ ORIGIN.
$ TTL 10; 10 seconds
client.server.net IN SOA ns1.server.net. hostmaster.server.net. (
eighteen ; serial
10800; refresh (3 hours)
3600; retry (1 hour)
604800; expire (1 week)
ten ; minimum (10 seconds)
$ TTL 3600; 1 hour
NS ns1.server.net.
NS ns2.server.net.
MX 10 client.server.net.

Here servers ns1.server.net and ns2.server.net are DNS servers for our zone, client.server.net is the address of our home computer

3.Generate keys on the client:
client # cd / etc / namedb / keys
client # dnssec-keygen -b 512 -a HMAC-MD5 -v 2 -n HOST client.server.net.

4. Create a file with a key on the server:
server # cd / var / named / chroot / etc
server # vim keys.conf:

Key client.server.net. (
algorithm "HMAC-MD5";
secret "omr5O5so / tZB5XeGuBBf42rrRJRQZB8I9f + uIIxxei8qm7AVgNBprxtcU + FQMzBvU / Y + nyM2xbs / C8kF3eJQUA ==";
};

V this case a symmetric key is used, which is unsafe: if someone has access to the key file on your server, they can use your key to change your zone data. In this case, you can use an asymmetric key.

We set access rights to the file with the keys:
server # chmod 640 keys.conf
server # chown root: named keys.conf

5. add our zone to named.conf:
include "/etc/keys.conf"
zone "client.server.net" (
type master;
file "zones / client.server.net";
allow-update (
key client.server.net;
};
};

A parameter is written here that allows you to update the zone data. In general, after reading the manuals, you can find options for this parameter that allow you to update only one record in the zone for given key... That is, you can have a zone with subdomains client1, client2, etc. which will authorize with keys key1, key2, etc.

6. Restart the DNS server:
server # /etc/init.d/named reload

7. Create a script on the client that will update the zone data:
#! / bin / bash
IFACE = "wlan0"
TTL = 3600
SERVER = ns1.example.com
HOSTNAME = foo.example.com
ZONE = example.com
KEYFILE = / root / ddns-keys / Kfoo.example.com. +157 + 12345.private

New_ip_address = `ifconfig $ IFACE | grep "inet addr:" | awk "(print $ 2)" | awk -F ":" "(print $ 2)" `
new_ip_address = $ (new_ip_address / /)

Nsupdate -v -k $ KEYFILE<< EOF
server $ SERVER
zone $ ZONE
update delete $ HOSTNAME A
update add $ HOSTNAME $ TTL A $ new_ip_address
send
EOF

At the beginning of the script, the corresponding parameters are described: interface, server and zone names, location of the file with the key.

8. It remains only to configure autostart / automatic change of address when changing DNS.
We will do this using a script for the NetworkManager:
create a file /etc/NetworkManager/dispatcher.d/20-dyndns.sh:
#! / bin / sh

Iface = $ 1
state = $ 2

If ["x $ state" == "xup"]; then
/ etc / namedb / ddns-update
elif ["x $ state" == "xdown"]; then
true
fi

Let's make it executable and owned by the root user.

Run-check-use.

Upd: If it does not work, check (install) the named rights on the server to write to the folder in which the client.server.org.zone file is located
named will create the file client.server.org.zone.jnl there

The following materials were used.

For many users of computer systems, the concept of a dynamic DNS server is somewhat abstract. Most users have no idea what a dynamic DNS is and what this type of server is used for. Meanwhile, there is nothing particularly complicated in understanding this term and in setting up a service. Further, theoretical information and practical solutions are offered for consideration, which can be easily mastered by any person, even not familiar with these services.

Dynamic DNS: what is it and what is it for?

The very technology of using DNS servers initially assumes that they act as a kind of interpreters that allow you to access Internet resources without entering a digital combination of a site address corresponding to its IP address.

Everyone knows that for a resource, only the name of a specific page, consisting of letters, numbers or special characters, is written in the browser's address bar, and the DNS server, by the name of the resource, redirects to the corresponding IP.

Dynamic DNS works in a slightly different way, allowing you to assign domain names to any device (individual terminal, etc.) that is set to use dynamic IP. In this case, completely different IP addresses can also be used, for example, obtained via DHCP or IPCP. But the main difference from static technology is that the information on the server can be updated completely automatically. When connecting to the resource from other machines, their users will not even know that at certain times the IP address changes.

Dynamic IP issues

One of the fundamental principles of dynamic DNS servers is that the client machine has a dynamic IP address. In the case of using a static address, you may need to pay a considerable amount of money for using it. That is why you don't need to buy a static address when setting up DDNS.

Special software clients installed on user terminals can perform this conversion without user intervention.

Benefits of using DDNS

But what, then, is a dynamic DNS server used for? As the simplest example, we can consider video surveillance, organized by installing a recorder and IP cameras.

It seems that the instructions say that this model supports connection through a router with the ability to control what is happening via the Internet, but in fact it turns out to be impossible to connect without a DDNS server.

When using DDNS technology, users receive undeniable advantages, among which the following can be singled out separately:

the ability to use in private networks when accessing services and services of completely different protocols and ports;
no need to purchase a static IP with a binding to a specific device;
simplified capability through RDP clients;
network monitoring (tracking computers that are online or disconnected from the network);
remote control and restart of computers when problems are detected, even if the network does not have an external IP (a regular Internet connection is enough);
constant tracking of your dynamic address to organize links to your own resource;
the ability to use sitemap generators without restrictions on the number of pages and mandatory registration;
tracking broken links;
exchange of information between computers directly, bypassing its storage on an intermediate server.

Dynamic (general principles)

As for the setting issues, which seem to many to be something from the realm of fantasy, there is nothing particularly complicated here. In order not to deal with the procedures for setting up a router, port forwarding and many more complex actions, the easiest way is to immediately turn to specialized applications and services that are specially created to simplify work.

Basically, the setup boils down to installing a special client application and adding your own resource name, for which three third-level domain names will be provided. This is not always convenient, so some programs have added the ability to get a name, even the first level.

Most popular platforms and clients

Dynamic DNS is widely used today. For example, Microsoft uses Kerberos authentication for Active Directory without the need for manual key distribution.

One of the most popular platforms for UNIX systems is BIND, which even allows compatibility with Windows NT. Many hosting companies also provide dynamic DNS for free, allowing users to modify content content through a standard web interface.

If we talk about client applications and services, the most popular among them are the following:

ASUS DDNS;
No-IP;
HE Free;
DNS-O-Matic;
Zone Edit;
DynDNS.

Let's look at the DDNS setup for each client as an example.

ASUS DDNS

Those users who have a dynamic DNS router from ASUS are more fortunate than others. To use DDNS, just go to the settings section and activate the service itself.

After that, you should come up with and register an arbitrary name, after which the user will receive a domain name in the form "Name.asuscomm.com". In addition, the dynamic DNS-list includes many more additional services and services, and today it is almost the largest.

No-IP

Dynamic DNS in the form of No-IP service assumes no less simple configuration. For him, you need to follow a few simple steps.

First, you need to register on the noip.com resource and add the desired host with the account created during registration (Add Host function). After that, three domain names will become available for free registration, for which you will need to come up with your own name.

HE Free DNS Service

This service may seem no less interesting to many. In principle, the setting is very symbolic (as in the previous cases).

However, it is this service that attracts users with a rather impressive list of additional features, which are immediately provided with quick links (certification, tunnel broker, network map, IPv6 protocol management, DNS and telnet servers).

DNS-O-Matic

Before us is another very interesting and perfect client, the functioning of which differs from all previous services. Its main task is that the user can change his dynamic IP at once on all services in which there is a registration, with almost one click.

As usual, you first need to register, and then add a service through the Add Service function (for example, from those listed above). Further. you must enter the data used for registration in these services (User ID - email address, Password - password, Host / Identifier - the name of the third-level domain that was generated by the service. icon in the form of a green hand with a raised thumb in front of the account of the specified service.

ZoneEdit

All of the above services are free. Now pay attention to this service.

Its use is paid in the form of special "credits", the cost of which is equal to one US dollar. That is, for a year, the payment will be twelve cu. e. The registration and configuration procedure is almost exactly the same as in the first examples, so it makes no sense to dwell on it in detail.

DynDNS

We have before us, perhaps, the most popular service, although not free. The cost of using it starts at twenty-five dollars a year.

By the way, even when DDNS is activated on the router, if such a function is provided, the user in most cases will be asked to register with this service. Despite the paid use, DynDNS is, according to the vast majority of experts, the most reliable service. Another point is related to the fact that almost all modern models of routers support this service, and some devices with outdated firmware are focused only on it.

Greetings, brain engineers! Shouldn't we combine our internet devices in the house using a DNS server made by do it yourself from WiFi module and Foscam webcam interface? I think it will be interesting, so let's go!

Chosen for this homemade Foscam webcam is controlled directly from a smartphone, has its own web interface, works in any browser and on any device, even with your phone's 3G connection, does not require third-party applications and is password protected.

Video streams from cameras are broadcast in separate windows, quickly and flawlessly, and under complete control.

I want to warn you right away - I AM NOT RESPONSIBLE for misuse or damage caused by this project, in any way! You act at your own peril and risk!

What is for this brain project necessary:

a web server with PHP support with a domain name,
wi-fi module Esp8266 ESP-01,
push button - 2 pcs.,
pull-up resistor 2k2 or similar - 2 pcs.,
USB-TTL adapter (for programming the wi-fi module) and several pin-connectors ("female"),
voltage regulator Ams1117 3.3V (to reduce the voltage from 5V to 3.3V to power the wi-fi module),
power supply 5V 1-2A (preferably 2A),
in the first version of the layout: if there is enough space inside the case of the power supply, then the wi-fi module is placed inside this case,
in the second version of the layout: the power supply has a USB female connector, then you will have to add a male USB connector to the module board and use it to supply power,
broken USB stick,
updated Arduino IDE
optional: Foscam webcams to work with the web interface
to ensure: blinking LED, to indicate successful download and waiting for download
internal server allowing WAN IP (this version connects to an external site to obtain IP: checkip.dyndns.org).

Step 1: Prepare the Wi-Fi module for programming

In order for the module to be programmable, it needs to be slightly modified:

solder two resistors - one to the CH-PD pin, the other to RST, solder both free resistor leads to the 3.3V pin,
solder two push buttons - one between GPIO0 and Ground, and the other between RST and Ground.

It is better to solder from the upper side of the module board, so that the contacts of the lower side are left for mounting the pin connectors. If desired, the circuit can be assembled using a breadboard, but brain solder still more durable, although see for yourself.

In the next step, the power supply will be finalized, but I immediately warn you: the USB output of your computer is not suitable for powering the ESP module !!!

Step 2: Modification of the power supply - lowering the voltage from 5 to 3.3V

The 5V-th power supply unit should produce "reliable" 1A, or better 2A, since the module is rather "gluttonous" during the transmission of the Wi-Fi signal.

V homemade we use a voltage regulator Ams1117 3.3V, because a voltage divider assembled from resistors is likely to "give out" too little current, and even if we get 3.3V to power the module, we will still be disappointed. And this regulator is an inexpensive and best solution.

I did not use the capacitor and resistor that, according to the instructions, should be added to the regulator, because it operates from a stable power source, and I will say that this brainwave has been working reliably for several years.

pin 3 - 5V (orange wire)
pin 2 - 3.3V (yellow wire)
pin 1 - GND (two blue wires)

Several wires with pin connectors can be soldered to the contacts, thereby simultaneously obtaining two voltage sources at 5V and 3.3V, which is very useful when assembling on a breadboard. In this case, do not forget to add two grounding wires, for +3 and + 5V, and for reliability, fasten all the wiring with a plastic clamp-tie.

To connect these wires to the ESP module (which has male connectors), you will need intermediate wires with female male connectors at the ends.

Step 3: Connecting Wi-Fi module to USB-TTL adapter and 3.3V voltage regulator

Connections (module - adapter - regulator)

GND - - - - GND - - - - GND
TX - - - - - RX
RX - - - - - TX
3,3 — — — — — — — — — — — — — 3,3

Ground contacts of the voltage regulator, module and adapter are connected together, 3.3V coming from the regulator is connected to the input of the ESP-module.

In no case do we connect the ESP module to the 3.3V contact of the adapter, even if they are on it, as this can damage the USB port of the computer, because it does not have protection against the current of the same rating that is used in this brainwashing! And to power the ESP module, always use a power supply with the required parameters.

You should be aware that some TTL-USB adapters have a 5V logic circuit, which is not suitable for our craft, only 3.3V logic is needed, otherwise the ESP module will be damaged. The type of logic can be determined using a voltmeter by connecting its probes to the TX and Ground pins, and if necessary, the voltage can be reduced by adding a level shift or voltage divider.

Step 4: Configuring Files on Web Hosting

Create a folder "/ ip" (the name is case sensitive) in the root directory of your public_html folder, and unpack / ip files into it with a resolution of 644.

Htaccess restriction prevents users from listing files in this folder because it cannot be password protected, otherwise the ESP8266 module could not access it and execute files inside it.

input.php and input2.php generate according to the browser URL ip.txt and ip2.txt with the updated IP of the ESP8266 module, the current code supports 2 different locations, and to add something else you just need to edit these files.

To control a FOSCAM camera, you need to create a “/ cam” folder (again, case sensitive) in the root directory of the public_html folder, and unpack / cam files into it with a resolution of 644. Protect this folder brain password, if cpanel is available on your server, then you can find the "password protection" icon and set a password that will be requested when the browser is instructed to go to www.yourhost / cam, then a dialog box will pop up in any browser asking for this password, all this will protect access to cameras.

foscam.php contains the camera interface, as well as the date / time stamp of ip-files and the current ip location. By the date / time stamp, you can see if the module is working. In this case, the time zone may not be displayed correctly, since it shows the time on the server.

The IP can be changed manually, it will be recorded in ip.txt and ip2.txt, and for this you need to enter ip in the field and click update ip.

interface.png and interface2.png are transparent images that tell the interface how the screen will be displayed. You need to edit foscam.php and set the value, static or ptz, corresponding to your FOSCAM camera. By default, the resolution is 320x240, but clicking on the control center opens only this camera with the best refresh rate at a resolution of 640x480.

To edit foscam.php, you can use a code editor or HTML editor that can work in WYSWYG mode.

During work brainpayers files ip.txt and ip2.txt containing updated ip of two locations where two different cards can work will be automatically recorded. Every hour (or when you specify) the board will connect to the router via wi-fi, receive an ip-address and register it in a txt file on the server. And even if the connection to the Internet is lost or the power is turned off, after the elimination of these problems, the ip will be periodically updated.

Step 5: Configuring FOSCAM Cameras and Router

On the TP-LINK router configuration page:

We look at the settings in the photo, they will help to avoid a conflict when binding the MAC address and LAN-ip, the router will provide only the assigned LAN-ip for this MAC address.

Virtual servers - you need to add the local ip of your camera and the corresponding ports.

We set the DHCP server enabled, and also check if UpnP is enabled.

You can also configure remote control of your router, for a TP-Link router there is a corresponding firewall sub-item.

Do not change the default login, as the router must be public. Further in the corresponding brainfields you should set 255.255.255.255 and the port, as a rule, 8080.
On the FOSCAM camera settings page:

Username and password - you should set a new username and password, and do not forget to “find and replace” them in foscam.php instead of admin and password.

For "Basic Network settings" set: "Obtain IP from DHCP Server".
In the Http Port item, set: 8081, 8082 8083 sequentially to your cameras.
Set UPnP Settings: Using UPnP to Map Port. This will help re-establish the connection after a power outage.

After configuring the router and cameras in order for the settings to be updated, they should all be rebooted, with the router in the first place.

If the cameras and the router are configured correctly, then they can be remotely accessed from your Wan IP address, for example: http://187.34.157.22:8081. You can check your Wan IP at https://www.whatismyip.com/

Step 6: coding and programming the ESP8266 module with the Arduino IDE

For programming homemade you need to open the attached sketch in the Arduino IDE, and in the corresponding lines set the ssid "// your wifi ssid" and the password "// your wifi pwd" of your WiFi router, as well as the name of your host "// your host without / IP" and the path to the "/ ip" folder containing the server files, you do not need to change it.

You may need to change the line

url + = "input.php? ip =";

which appears twice in the sketch, and if you have a second module, just change to input2.php.

Before starting to download the code, you need to set the board type correctly, for this tool submenu you should select "Generic ESP8266", and if this is not the case, add additional boards in your preferences.

To download, you need to hold down the GPIO0 button, quickly press the RST button, and then release the previous one (GPIO0 button). Next, run compilation in the IDE and brain load.

If all goes well, opening the serial monitor at 9600 baud (bps) will show the following:

Connected To:
IP address: 192.168.0.103 (LAN IP)
Connected - Acquiring WAN IP:

connecting to
Requesting IP Update: /ip/input.php?ip=xxx.xxx.xxx.xxx
Ok

Step 7: Mounting the boards in the chassis

After checking homemade for operability, it is necessary to place its electronics in the case, thereby making an independent completed device.

If in the building of your choice for brainwashing there is enough free space, the resistors and buttons can be connected as shown in the photo, but if you plan to reprogram it later, then you should not place the board inside the case.

First option: Placement inside the enclosure
To do this, you need to open the case of the old power supply, unsolder the black (outgoing) wire with the connector, and then place the module board and voltage regulator in the case, having previously insulated them, and "power" from those contacts to which the outgoing wire was soldered. Components can be insulated with suitable foam tape or hot glue.
As a result, a power supply should be obtained, without any wires, and in this version the power supply can be 5V 1A.

A variation of this layout method can be placing the boards inside a power supply with a USB female connector at the output. Then the boards should also be fixed inside the case, insulated, and powered from the contacts of the USB connector. Thus, through this modified power supply, you can still charge your phone, but the truth is the power supply should provide 5V 2A.

Option 2: Placement outside
If you have a non-working USB flash drive that can fit motherboards homemade, then you can use it.

You need to disassemble the USB flash drive, remove the memory card, and in its place place the WiFi module and voltage regulator, and power them through the USB connector of this flash drive. In this case, you will also need to cut the module pins so that it fits into the body of the flash drive. AND NEVER CONNECT this modified flash drive to your computer's USB port!

Then the USB flash drive with the module inside must be connected to the power supply and check for the presence of a WiFi signal using your smartphone. And in general, check the performance of the finished brainwashing you can go to /cam/foscam.php of your server through your browser. And yet, it should be updated with the current ip and date / time stamp.
That's all, I hope this information brain articles will be useful to you!