What is dynamic dns. Own Dynamic DNS

In this part of the review, we included three services at once: OpenDNS, GoogleDNS and Level3DNS, since they all have similar characteristics and it is difficult to choose the best among them.

It's important to note that the public DNS services listed do not use encryption. Let us also remind you that your Internet provider receives your personal data, and using public DNS will not save you from this.

OpenDNS (208.67.222.222 and 208.67.220.220)

OpenDNS, also known as Cisco Umbrella, is a very popular DNS service that can filter content based on a variety of parameters, including blocking adult websites and providing protection against identity theft.

OpenDNS has free and premium plans, differing only in connection speed and the presence of an exception feature designed to create a “blocked network environment” (as OpenDNS calls it).

The most attractive option of the OpenDNS service is the ability to create custom filters, which allows you to filter content yourself. So if you want to implement at the DNS level, use OpenDNS.

Public Google DNS (8.8.8.8 and 8.8.4.4)

Google Public DNS is very popular. Although this service is quite fast and has good support, Google Public DNS has one drawback, and that is the collection of user statistics.

It's no longer a secret that Google makes money from advertising and collecting user data, which is then used to produce relevant results for search queries.

This cannot be said to be a serious security breach since GoogleDNS still does not have access to personal user data, but it is still necessary to keep in mind that data is being collected, and this could potentially lead to the disclosure of confidential information.

The Google DNS information website contains documentation covering the services and functions of this service in more detail.

Level3DNS (4.2.2.1 and 4.2.2.2)

Level3DNS provides a wide range of products that are suitable for both personal purposes and the corporate segment.

Level3 is one of the largest Internet service providers, which means that almost all traffic passes through their servers. Level3 does not charge for DNS services (simply because that's what they do), and as a result, this service has reached the third place in popularity in the world.

As with the previously mentioned DNS servers, keep in mind that Level3 logs all queries originating from your computer.

The most confidential DNS servers

Based on the anonymity criterion, we selected DNS services that do not register requests and at the same time offer additional protection (ad blocking, malware blocking) of the connection.

DNS.Watch (84.200.69.80 and 84.200.70.40)

DNS.Watch is a public DNS service that has become famous due to the fact that no registration is required to use it.

DNS.Watch provides both IPV4 and IPv6 public DNS servers and supports DNSSEC (note that DNSSEC does not mean "DNS encryption" in this case; DNS queries on this site are still not encrypted).

In our opinion, the shortcomings of DNS.Watch lie in speed - when testing from Russia, we found a long delay (more than 100 ms).

DNSCrypt

DNSCrypt offers support for encrypted DNS queries, but the service only works through its own software, so simply setting up DNS servers on your network card won't get you started on the fly.

And that's why:

DNSCrypt, unlike other services, encrypts the DNS requests you make, rather than leaving them as readable text that can be easily intercepted.

DNSCrypt supports major operating systems and also provides router firmware. Installation and configuration instructions are provided on their website, right on the main page.

We cannot ignore another interesting feature that allows the user to run their own DNS server - for some it may be useful.

Comodo Secure DNS (8.26.56.26 and 8.20.247.20)

Comodo Secure DNS provides quite a few services for a fee, but the DNS service itself is free and, according to the company itself, it can be recommended to anyone, especially those users who need reliable, fast and secure Internet surfing.

Choose a DNS from those listed by us, but do not forget that different services offer different functionality, and in our review we did not rank the services by location or name the best DNS, but we recommend all of these services for use.

For many computer system users, the concept of a dynamic DNS server is somewhat abstract. Most users have no idea what dynamic DNS is and what servers of this type are used for. Meanwhile, there is nothing particularly complicated in understanding this term or in setting up the service. Further, theoretical information and practical solutions are offered for consideration, which can be easily mastered by anyone, even those not familiar with these services.

Dynamic DNS: what is it and what is it for?

The very technology of using DNS servers initially assumes that they act as a kind of interpreters, allowing you to access Internet resources without entering a digital combination of the site address corresponding to its IP address.

Everyone knows that for a resource, only the name of a specific page, consisting of letters, numbers or special characters, is written in the address bar of the browser, and the DNS server, based on the name of the resource, redirects to the corresponding IP.

Dynamic DNS works a little differently, allowing you to assign domain names to any device (individual terminal, etc.) that is set to use a dynamic IP. In this case, completely different IP addresses can be used, for example, obtained via DHCP or IPCP. But the main difference from static technology is that information on the server can be updated completely automatically. When connecting to a resource from other machines, their users will not even know that at certain moments the IP address changes.

Dynamic IP Issues

One of the fundamental principles of dynamic DNS servers is that the client machine has a dynamic IP address. If you use a static address, you may need to pay a considerable amount of money for its use. This is why there is no need to buy a static address when setting up DDNS.

Special software clients installed on user terminals can perform such conversion without user intervention.

Benefits of using DDNS

But why then is a dynamic DNS server used? As the simplest example, we can consider video surveillance, organized by installing a recorder and IP cameras.

It seems that the instructions say that this model supports connection via a router with the ability to control what is happening via the Internet, but in reality it turns out to be impossible to connect without a DDNS server.

When using DDNS technology, users receive undeniable advantages, among which the following can be highlighted:

  • the ability to use completely different protocols and ports in private networks when accessing services;
  • no need to purchase a static IP tied to a specific device;
  • simplified possibility via RDP clients;
  • network monitoring (monitoring computers that are online or disconnected from the network);
  • remote control and reboot of computers when problems are detected, even if the network does not have an external IP (a regular Internet connection is sufficient);
  • constantly monitoring your dynamic address to organize links to your own resource;
  • the ability to use site map generators without restrictions on the number of pages and mandatory registration;
  • tracking broken links;
  • exchange of information between computers directly, bypassing its storage on an intermediate server.

Dynamic (general principles)

As for the configuration issues, which seem like something out of science fiction to many, there is nothing particularly complicated here. In order not to deal with the procedures of setting up a router, forwarding ports and many other complex actions, the easiest way is to immediately turn to specialized applications and services that are specially created to simplify the work.

Basically, the setup comes down to installing a special client application and adding your own resource name, for which three third-level domain names will be provided. This is not always convenient, so some programs have added the ability to obtain even a first-level name.

The most popular platforms and clients

Dynamic DNS is used quite widely today. For example, Microsoft uses Kerberos authentication for Active Directory without the need to manually distribute keys.

One of the most popular platforms for UNIX systems is BIND, which even allows for compatibility with Windows NT. Many hosting companies also provide dynamic DNS for free, allowing users to change the content of the content through a standard web interface.

If we talk about client applications and services, the most popular among them are the following:

  • ASUS DDNS;
  • No-IP;
  • HE Free;
  • DNS-O-Matic;
  • Zone Edit;
  • DynDNS.

Let's look at setting up DDNS using each client as an example.

ASUS DDNS

Those users who have a dynamic DNS router from ASUS are luckier than others. To use DDNS, simply enter the settings section and activate the service itself.

After this, you should come up with and register an arbitrary name, after which the user will receive a domain name in the form “Name.asuscomm.com”. In addition, the dynamic DNS list includes many more additional services and services, and is also by far the largest.

No-IP

Dynamic DNS in the form of a No-IP service also requires an equally simple setup. To do this, you need to follow a few simple steps.

First you need to register on the noip.com resource and add the desired host from the account created during registration (Add Host function). After this, three domain names will become available for free registration, for which you will need to come up with your own name.

HE Free DNS Service

This service may seem no less interesting to many. In principle, the setting is very symbolic (as in previous cases).

However, it is this service that attracts users with a fairly impressive list of additional features, to which quick links are immediately provided (certification, tunnel broker, network map, IPv6 protocol management, DNS and telnet servers).

DNS-O-Matic

Before us is another very interesting and perfect client, the functioning of which differs from all previous services. Its main task is to allow the user to change his dynamic IP at once on all services in which there is registration, almost with one click.

As usual, you first need to register and then add a service through the Add Service function (for example, from those listed above). Further. you should enter the data used for registration in these services (User ID - email address, Password - password, Host/Identifier - name of the third-level domain that was generated by the service. After entering the data, you can find out about the linking of the service to your account by the appeared icon in the form of a green hand with a thumb up opposite the account of the specified service.

ZoneEdit

All of the above services are free. Now pay attention to this service.

Its use is paid for in the form of special “credits”, the cost of which is equal to one US dollar. That is, for a year the payment will be twelve dollars. e. The registration and configuration procedure is almost exactly the same as in the first examples, so there is no point in dwelling on it in detail.

DynDNS

This is perhaps the most popular service, although it is not free. The cost of its use starts from twenty-five dollars per year.

By the way, even when DDNS is activated on the router, if such a function is provided, the user in most cases will be prompted to register with this service. Despite the paid use, DynDNS, as noted by the vast majority of experts, is the most reliable service. Another point is related to the fact that almost all modern router models support this service, and some devices with outdated firmware are only oriented towards it.

Recently, due to the mass blocking of file-sharing torrent trackers and other unwanted Internet resources, the topic of using publicly available free public DNS servers, which are an excellent alternative to provider ones, has become relevant. The second reason for their use is private problems with the provider’s DNS. Large telecom operators such as Rostelecom, Beeline or Dom.ru, as a rule, do not have this. But small providers or home networks often experience crashes and denials of service. This usually happens due to savings on equipment and the use of old, almost “dead” hardware.
The third reason why you should try public DNS servers is usually faster operation and response speed. Not every provider’s server responds as quickly as Google or Yandex. Well, the last, fourth reason is that many third-party services filter phishing sites, malicious and fraudulent resources, and some also have erotica with pornography.

Here is the most comprehensive list of publicly available free domain name servers:

Google Public DNS

Free public servers from the world's largest media giant, Google:
DNS for IPv4:

8.8.8.8 8.8.4.4

Servers for IPv6:

2001:4860:4860::8888 2001:4860:4860::8844

Yandex.DNS

Fast and reliable DNS service. It is possible to use safe and child filters

77.88.8.8 77.88.8.1

Secure - Block phishing and fraudulent sites:

77.88.8.88 77.88.8.2

Family - Blocking sites for adults, erotica and pornography:

77.88.8.7 77.88.8.3

Norton ConnectSafe

A separate service from Symantec Corporation, a security company for over 20 years.
The following public free DNS servers are available.

Without filtering:

198.153.192.1 198.153.194.1

Safe (filter for malware, phishing and fraudulent sites):

198.153.192.40 198.153.194.40

Safe plus without pornography:

198.153.192.50 198.153.194.50

Family (safe, no porn, erotica and adult sites):

198.153.192.60 198.153.194.60

Comodo Secure DNS
Another player developing its solutions in the computer security market is Comodo. It also has its own special service of free public servers.

8.26.56.26 8.20.247.20

Other public domain name servers

Cisco Systems:
64.102.255.44
128.107.241.185

SkyDNS Service:
193.58.251.251

OpenDNS:
208.67.222.222
208.67.220.220

DNS Advantage:
156.154.70.1
156.154.71.1

Verizon Level 3 Communications:
4.2.2.1
4.2.2.2
4.2.2.3
4.2.2.4
4.2.2.5
4.2.2.6

ScrubIT:
67.138.54.100
207.225.209.66

GTE:
192.76.85.133
206.124.64.1

One Connect IP:
67.138.54.100

Exetel:
220.233.167.31

VRx Network Services:
199.166.31.3

SpeakEasy:
66.93.87.2
216.231.41.2
216.254.95.2
64.81.45.2
64.81.111.2
64.81.127.2
64.81.79.2
64.81.159.2
66.92.64.2
66.92.224.2
66.92.159.2
64.81.79.2
64.81.159.2
64.81.127.2
64.81.45.2
216.27.175.2
66.92.159.2
66.93.87.2

Sprintlink:
199.2.252.10
204.97.212.10
204.117.214.10

  • All Music Downloader - how to download music...

Sometimes it is necessary to register DNS for a computer with a dynamic IP address. A simple way for this is services like dyndns, described in the recent topic Linking a domain and dynamic IP. Sometimes this approach works quite poorly.

For example, in my situation, the provider Sometimes changes my public IP address. This sometimes happens usually once every few months. In addition, my home computer rarely reboots. During this time, the dyndns service, which I had previously used, managed to send me inactivity notifications a couple of times in order to disable the “unused” account. It is also not possible to switch to a manually registered DNS zone, because sometimes the address still changes. Moreover, you usually find out about this when you need access to your home computer here and now.

To implement the described method, you will need a server on the Internet with a DNS server bind on it. As well as a domain zone, the subdomain of which we will allocate for our computer. An option is described for connecting a Linux computer to a Linux server. To use other operating systems, you will need to read the manuals and modify some steps.

So:
1. We have an installed bind9 server with the server.org domain
2. Create a zone client.server.org.zone:

$ORIGIN.
$TTL 10 ; 10 seconds
client.server.net IN SOA ns1.server.net. hostmaster.server.net. (
18 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
604800; expire (1 week)
10 ; minimum (10 seconds)
$TTL 3600 ; 1 hour
NS ns1.server.net.
NS ns2.server.net.
MX 10 client.server.net.

Here the servers ns1.server.net and ns2.server.net are the DNS servers for our zone, client.server.net is the address of our home computer

3. generate keys on the client:
client# cd /etc/namedb/keys
client# dnssec-keygen -b 512 -a HMAC-MD5 -v 2 -n HOST client.server.net.

4. Create a file with the key on the server:
server# cd /var/named/chroot/etc
server# vim keys.conf:

Key client.server.net. (
algorithm "HMAC-MD5";
secret "omr5O5so/tZB5XeGuBBf42rrRJRQZB8I9f+uIIxxei8qm7AVgNBprxtcU+FQMzBvU/Y+nyM2xbs/C8kF3eJQUA==";
};

In this case, a symmetric key is used, which is unsafe: if someone has access to the key file on your server, they can use your key to change your zone data. In this case, you can use an asymmetric key.

Set the access rights to the file with the keys:
server# chmod 640 keys.conf
server# chown root:named keys.conf

5. add our zone to named.conf:
include "/etc/keys.conf"
zone "client.server.net" (
type master;
file "zones/client.server.net";
allow-update(
key client.server.net;
};
};

Here is a parameter that allows you to update zone data. In general, after reading the manuals, you can find options for this parameter that allow you to update only one entry in the zone for a given key. That is, you can have a zone with the subdomains client1, client2, etc. registered in it. which will be authorized with the keys key1, key2, etc.

6. Restart the DNS server:
server# /etc/init.d/named reload

7. Create a script on the client that will update the zone data:
#!/bin/bash
IFACE="wlan0"
TTL=3600
SERVER=ns1.example.com
HOSTNAME=foo.example.com
ZONE=example.com
KEYFILE=/root/ddns-keys/Kfoo.example.com.+157+12345.private

New_ip_address=`ifconfig $IFACE | grep "inet addr:" | awk "(print $2)" | awk -F ":" "(print $2)"`
new_ip_address=$(new_ip_address/ /)

Nsupdate -v -k $KEYFILE<< EOF
server$SERVER
zone $ZONE
update delete $HOSTNAME A
update add $HOSTNAME $TTL A $new_ip_address
send
EOF

At the beginning of the script, the corresponding parameters are described: interface, server and zone names, location of the file with the key.

8. All that remains is to configure autostart/automatic address change when changing DNS.
We will do this using a script for NetworkManager:
create a file /etc/NetworkManager/dispatcher.d/20-dyndns.sh:
#!/bin/sh

Iface=$1
state=$2

If [ "x$state" == "xup" ] ; then
/etc/namedb/ddns-update
elif [ "x$state" == "xdown" ]; then
true
fi

Let's make it executable and owned by the root user.

Let's launch, check, use.

Upd: If it doesn’t work, check (set) on the server the rights of named to write to the folder in which the file client.server.org.zone is located
named will create a client.server.org.zone.jnl file there

The following materials were used.