Hi. I'm jon.404, a Unix/Linux/Database/Openstack/Kubernetes Administrator, AWS/GCP/Azure Engineer, mathematics enthusiast, and amateur philosopher. This is where I rant about that which upsets me, laugh about that which amuses me, and jabber about that which holds my interest most: *nix.
Keeping Route53 updated
I have dual ISP connections at home due to the uptime requirements of working from the home office. It's nice sometimes to be able to connect back to the home office when I'm out (I've found various reasons over the years heh), and memorizing two ips is, well, twice as difficult as memorizing one ip.
The problem is, both my ISP uplinks are DHCP-assigned. They tend to be stable, but they could change at a moment's notice. And if working in tech has taught me anything, it's that the moment I *really* need to know that IP, it'll suddenly be something else.
So I decided to set up two records in the public portion of my domain I have hosted at Route53, one for each IP that is assigned to my uplinks. This way, I can hit "isp1.mydomain.com" rather than recall 12.23.34.45 or whatever. This is pretty useful.
But what if, as I already stated, the IP changes for either uplink? It's easy enough to automate Route53 updates, but how do I *get* the ips, in an idiot-proof/stupidity-proof manner? Complicating the matters is the fact that the two uplinks are on different virtual routing domains (*because* they are dynamically assigned) on my OpenBSD edge router.
It's been around for a long while, but opendns.com will parrot back your ip if you ask nicely. Specifically, if you ask for "myip.opendns.com". Since opendns has two "known ips" that have been in use for, well, literally *years*, I'm comfortable with relying on those ips. So I happen to have two tables defined in pf.conf, one for ISP1 and one for ISP2, and these tables force traffic to the ips in table 1 to traverse ISP1 and the ips in table 2 to traverse ISP2. Here's a quick-n-dirty:
/etc/pf.conf snippet
############################################
ISP1ext=cnmac1 # the interface ISP1 is connected to
ISP2ext=cnmac2 # the interface ISP2 is connected to
table <ISP1> { 208.67.222.222/32, 8.8.8.8/32 }
table <ISP2> { 208.67.220.220/32, 8.8.4.4/32 }
pass out quick on rdomain 0 from any to <ISP1> nat-to ($ISP1ext) rtable 1
pass out quick on rdomain 0 from any to <ISP2> nat-to ($ISP2ext) rtable 2
############################################
Now anytime I request "myip.opendns.com" from 208.67.222.222, I get the ip assigned to me via ISP1, and when I request "myip.opendns.com" from 208.67.220.220, I get the ip assigned to me via ISP2. Now just plug those in to my Route53 update script, set it up in a cron job, and hit isp1.mydomain.com or isp2.mydomain.com whenever I need to.
finito!
Edit: Here's the script I set as a cronjob:
The problem is, both my ISP uplinks are DHCP-assigned. They tend to be stable, but they could change at a moment's notice. And if working in tech has taught me anything, it's that the moment I *really* need to know that IP, it'll suddenly be something else.
So I decided to set up two records in the public portion of my domain I have hosted at Route53, one for each IP that is assigned to my uplinks. This way, I can hit "isp1.mydomain.com" rather than recall 12.23.34.45 or whatever. This is pretty useful.
But what if, as I already stated, the IP changes for either uplink? It's easy enough to automate Route53 updates, but how do I *get* the ips, in an idiot-proof/stupidity-proof manner? Complicating the matters is the fact that the two uplinks are on different virtual routing domains (*because* they are dynamically assigned) on my OpenBSD edge router.
It's been around for a long while, but opendns.com will parrot back your ip if you ask nicely. Specifically, if you ask for "myip.opendns.com". Since opendns has two "known ips" that have been in use for, well, literally *years*, I'm comfortable with relying on those ips. So I happen to have two tables defined in pf.conf, one for ISP1 and one for ISP2, and these tables force traffic to the ips in table 1 to traverse ISP1 and the ips in table 2 to traverse ISP2. Here's a quick-n-dirty:
/etc/pf.conf snippet
############################################
ISP1ext=cnmac1 # the interface ISP1 is connected to
ISP2ext=cnmac2 # the interface ISP2 is connected to
table <ISP1> { 208.67.222.222/32, 8.8.8.8/32 }
table <ISP2> { 208.67.220.220/32, 8.8.4.4/32 }
pass out quick on rdomain 0 from any to <ISP1> nat-to ($ISP1ext) rtable 1
pass out quick on rdomain 0 from any to <ISP2> nat-to ($ISP2ext) rtable 2
############################################
Now anytime I request "myip.opendns.com" from 208.67.222.222, I get the ip assigned to me via ISP1, and when I request "myip.opendns.com" from 208.67.220.220, I get the ip assigned to me via ISP2. Now just plug those in to my Route53 update script, set it up in a cron job, and hit isp1.mydomain.com or isp2.mydomain.com whenever I need to.
finito!
Edit: Here's the script I set as a cronjob:
Code:
#!/bin/sh
function update {
logger "Route53 UPDATE: ${1} -> ${2}"
. $HOME/awscli/bin/activate
cat <<- _EOF > /tmp/${1}
{
"Changes": [
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "${1}",
"Type": "A",
"TTL": 60,
"ResourceRecords": [
{
"Value": "${2}"
}
]
}
}
]
}
_EOF
aws route53 change-resource-record-sets --hosted-zone-id Z21PLEXAMPLE --change-batch file:///tmp/${1} --profile myr53updateprofile
rm /tmp/${1}
}
# ISP1
[ -f $HOME/isp1_old_ip ] && export isp1_old_ip=$(cat $HOME/isp1_old_ip) || export isp1_old_ip='X'
isp1ip=$(dig +short @208.67.222.222 myip.opendns.com)
[ -z $isp1ip ] || echo $isp1ip > $HOME/isp1_old_ip
[ $isp1ip = $isp1_old_ip ] || update isp1.mydomain.com $isp1ip
# ISP2
[ -f $HOME/isp2_old_ip ] && export isp2_old_ip=$(cat $HOME/isp2_old_ip) || export isp2_old_ip='X'
isp2ip=$(dig +short @208.67.220.220 myip.opendns.com)
[ -z $isp2ip ] || echo $isp2ip > $HOME/isp2_old_ip
[ $isp2ip = $isp2_old_ip ] || update isp2.mydomain.com $isp2ip
Total Comments 0
