Dynamic DNS – update domain record yourself

For some silly ‘reasons‘ ISP’s tend to hand out only dynamic IPv4 addresses to their customers.

  • to discourage the user to run a server at home
  • to sell overpriced business contracts with symmetric bandwidth and static IPv4 and other additional useless goodies which are missing in the non-business contract

But the dynamic IPv4 is not a big deal. There are lot’s of DynDNS providers which have focused to solve this problem with a floating IP address at home.

There are some which offer this service for free with some caveats.

  • nagging its users to make a paid subscription
  • annoying its users with advertisements or spam
  • cancelling hosts or accounts after a short period of non-usage
  • hiding the few free features almost undiscoverably between a ton of commercial-only features
  • no-ip.com – works good, monthly nagging
  • dyn.com –  one of the bigger commercial DynDNS providers

The more interresting providers:

  • he.net – Hurricane Electric – untested by me – though they have a good IPv6 Tunnel broker service
  • freedns.afraid.org – this is the one which i use/used until now. Just working without any hassle. I’d recommend this one.
  • nsupdate.info – they run an open DynDNS service and also develop the software under a BSD-3 License. Anyone can self-host a Dynamic DNS Provider with the full stack of services. Their documentation is nice. And the project is available here:  github.com/nsupdate-info/nsupdate.info. Though it’s tempting to self-host the service, i guess it’s too much just for our use case here. Maybe i’ll cover this topic in the future.

The major services are also prepared to use with DD-WRT / LEDE / openWRT to update the Domain record if the WAN IP has changed.

The disadvantage of the DynDNS Provider above is they give you a subdomain which point’s to your home IP address, but the domain is not possible to choose. So the domain is mostly already known as a DynDNS Domain and often filtered or blocked by proxies.

Gandi DNS API Update

As all of my domains are hosted at Gandi i wanted to keep my domain name also for my home equipment like dynamic.cave_at_home.tld. Which is not so obvious a dynamic updated Domain Record.

Gandi provides remotes APIs using the XML-RPC protocol making it easy to build third party applications to manage your Gandi resources (domains, contacts, hosting, etc). So we can use this API if the IP has changed to update our Domain Record without any third party.

I have the following setup at home. My Modem is connected to my ISP and provides an IPv4 Address via DHCP to my Router’s WAN Port. I want to access my Webserver from the outside via webserver.domain.tld. To achieve this, i run a separate Linux Container with only a Python stack and an update script which accesses the Gandi API.

The Gandi API terminates at: https://rpc.gandi.net/xmlrpc/ . A complete documentation is available at: http://doc.rpc.gandi.net/index.html but we are only interrested in updating a single domain record in our zone file. => http://doc.rpc.gandi.net/domain/reference.html#domain.zone.update

A small search on GitHub for “gandi” and “dyndns” shows 3 repository’s which have already done this. Happily they are developed and released with an open source license so we can reuse and improve them.

I have decided to use the one from jasontbradshaw because it supports multiple subdomains in a single config file and seems to do what i need. I forked it and repaired a problem with the TTL, which got overwritten everytime with 1080 seconds (3 hours). The project is obviously pretty active on GitHub: gandi-dyndns/network with heavy forking. Which is also a plus.

To use it, we need first to enable the API at Gandi for our user. Visit https://www.gandi.net/admin/api_key and apply for the production API key by following their directions.

Create a new Domain Record in your Zone File by adding a new line.

  1. Click on “Edit the Zone” under “Zone files”.
  2. Click “Create a new version”.
  3. Click “Add”.
  4. Change the values to:
Field Value
Type A
TTL 600
Name dynamic
  1. Click “Submit”.
  2. Click “Use this version”.
  3. Click “Submit”.

Edit the config files as described here: script-configuration.

My config looks like this:

root@dyndns:~/gandi-dyndns-master# cat config.json 
 "api_key": "cP9eAqobtvxkTn6hz4wCuRLE",
 "domains": {
 "domain.tld": [ "dynamic", "sub1", "sub2"]

And after some testing, it is CRON’ed every 5 minutes and checks for updates.


root@dyndns:~/gandi-dyndns-master# crontab -l | tail -n 2
*/5 * * * * /root/gandi-dyndns-master/gandi_dyndns.py >/dev/null 2>&1

A check back at Gandi shows, a new Zone File has been created and the defined records got updated well. The small TTL time ensures a fast flush from the wrong IP from the DNS caches.

Now all my subdomains are pointing all the time to the WAN IP of my Home Router. The Router Forwards the ports 80 and 443 to my Webserver.

Comments are closed.