I have a leased server that also runs DNS, and there is a record (subdomain) for my home IP. It is used for certain purposes such as to VPN into my house. Problem is my ISP has a DHCP lease time of like 10 minutes, so any slight internet blip and I end up with a new IP, and if I'm not home to find out what my IP is then I lose connectivity. I also host a game server which also then is "down" till I can manually change the DNS record once I go home and find out what my IP is.

I want to setup some kind of script that connects to my leased server and updates the IP. What would be the best way of doing this? I'm thinking a special SSH account with key pair setup and it simply SSHes in and runs a script that updates a file with the originating IP (would run script from home). How would I go about programatically finding out my IP when connecting to a server from SSH. I'm thinking the w command and parsing out the username of the account. Is there an easier way?

Also, is there a way in bind I can setup a record entry to look in a text file for the IP? Idealy, is there a way to do this without having to restart bind to update the info? I don't really want to regenerate the whole record each time, that's kind of dirty, and if I want to make other changes to that record then I need to modify the script that generates it. Is there actually a way to modify a DNS entry live through command line? Basically what I'm thinking is have a script that runs as root, or the DNS user and it would read the IP address that the updater script wrote and then update DNS.

I'm open to any suggestions on a secure way of doing this.

There's also a couple places on the server where my home IP is hard coded such as the postfix mynetworks file so I can relay mail. So I'd probably want this updater script to update that too.

I bought a domain from dyn.com and run ddclient to update the record whenever it changes. I can log in to my home via domain name. It also updates the MX record so my mail works.

you can get a free name from freedns.afraid.org. There are several dynamic DNS clients that will up date the name. I use a script i wrote.

I don't want to use one of those services as they come and go been through that already. I'm looking at a more DIY way as I want a sub domain to update only.

I already have an idea how I want to do it, it's just that it involves having to reload the dns service to change the IP and that seems dirty to me, I'm just wondering if there's a way to update a record on the fly without reloading. Issue with reloading named is you absolutely HAVE to be present as every now and then it might fail and that causes lot of chaos. A single syntax error and it fails to start so if for whatever reason the script did not run right I risk downtime. Also for whatever reason on that specific centos install if named fails to start, all the zones get deleted and I have to restore from backup. So it's a real pain in the ass if it happens and I'm not there to deal with it.

It has been around for a long time and you too can help freedns.afraid.org stays that way?..


See chapter 10.2. "DNS Dynamic Update" of O'Reilly DNS and BIND or this or this?


Way not enough nfo. Somehow clairvoyance doesn't work today and it seems I've misplaced my Crystal Ball too. Bummer.

nsupdate can update named on the fly.

not looking for a solution to that issue (posted about it before with more details but never figured out the cause, I think it has to do with OVH using a custom kernel, lot of stuff does not work the same) just wanted to mention it and specify I did not want a solution that involves having it to restart due to that risk.

That info on dynamic DNS and nsupdate might be useful though I will read about that.

Ok so nsupdate and the required config changes for the zone was useful info. Thanks for that, did not know about that feature of named. I think I got it working now. I am updating a test sub domain for now and when I feel that it's executing properly I will make it update the main one.

My only concern though is that now nsupdate works from anywhere in the world and anyone who guesses my key can update that zone to put whatever they want in it. This could be very bad. Is there a way to make it so it has to be from localhost only? I googled this real quick and it seems you can either make it work by IP OR key, but not both. I want to still use a key. Even if I have to use a global setting, that will be fine with me.

That said, this is how I'm going about doing this: I wrote a script on the online/DNS server that checks $SSH_CLIENT (I parse it as so: CURIP=`echo $SSH_CLIENT | awk -F ' ' '{print $1}'`
and then checks it against a text file with the last IP that was updated. If it's different it then proceeds to generate a file which is then ran with nsupdate and the IP file is updated. On one of my home servers I have a cron job that SSHes into my server and runs the script. Brilliant if I say so myself. Elegant and secure. (once I figure out how to prevent nsupdates from outside the server that is)