Another article in a series of advanced settings for the EdgeOS network operating system from Ubiquiti Networks, which runs all EdgeMax routers from this manufacturer, is devoted to configuring a Dynamic Domain Name Server (Dynamic DNS).
Many providers, when providing their services, offer customers a dynamic external IP address, which changes with each connection or from time to time. But it often happens that there is a need to access a router or home server (storage) located in your local network from outside, for example, when you are away or on vacation. And then what if the address is always different? One of the most common solutions to this problem is just the use of one of the dynamic domain name services.
And if we talk about the Ubiquiti EdgeOS operating system, then it initially supports a number of such services. At the time of this writing, all EdgeRouters, without additional scripting or additional software, work with:
- Dnspark
- DynDNS
- NameCheap
- Zoneedit
- Dslreports
- EasyDNS
- Sitelutions
Some of them operate on a commercial basis, but many provide their services for free. Below we will consider the option of configuring dynamic DNS, using the Sitelutions service as an example.
And first, we need to register by following the link https://www.sitelutions.com/signup and filling out a simple form.
And after some simple settings, DNS records, we get the Hostname ID, and we already have an account name and password. This data is enough for us to configure dynamic recording.
All router settings related to dynamic DNS are done through the command line (CLI). To do this, we must first enter the configuration mode using the command:
[email protected]: ~ $ configure
[email protected]#
And then, execute a series of the following commands:
set service dns dynamic interface eth0 service -dyndnsservice- host-name -host-
set service dns dynamic interface eth0 service -dyndnsservice- login -username-
set service dns dynamic interface eth0 service -dyndnsservice- password -password-
Only instead of "-" we use<" и ">"in teams.
Where, instead of eth0, we must indicate the interface to which the provider's cable is connected. Moreover, it is worth paying attention to the fact that if our connection to the provider is carried out via one of the tunnel protocols (PPPoE, PPTP, L2TP, etc.), then we must specify it, for example - pppoe0.
Instead of -dyndnsservice-, we enter the name of the dynamic domain name server service, we have it sitelutions. -host- we replace it with the name of our host or with the Hostname ID that we received during registration. Well, of course, -username- and -password-, we substitute our username and password.
Thus, in our particular case, these commands will look like this:
[email protected]# set service dns dynamic interface eth1 service sitelutions host-name 11881117
[email protected]# set service dns dynamic interface eth1 service sitelutions login [email protected] site
[email protected]# set service dns dynamic interface eth1 service sitelutions password CyyKay7TAG
[email protected]#
[email protected]# commit
[email protected]# save
Saving configuration to "/config/config.boot" ...
Done
[email protected]#
After that, once at a certain time, the system itself will check the IP address, and if it has changed, then send new data to the Sitelutions service. Thus, regardless of IP changes, you can always access your router or local network from anywhere in the world where there is Internet.
You can check if dynamic DNS is working by running the command:
show dns dynamic status
Among ordinary users, no one has ever thought about how the Internet works. How surfing on the global web occurs, why browsers end up on the pages that you request. This is where the Domain Name System (DNS) server comes into play. This system is necessary in order to correctly follow the routes between Internet addresses, from the PC to the requested sites.
When and why it becomes necessary to change the DNS server
By default, the DNS server is assigned by your ISP, but there are cases of overload when there are too many clients accessing a particular service. Because of this, the speed of downloading and transferring data packets can significantly decrease. Also, some DNS servers have restrictions due to the laws of the state in which they operate. It happens that governments even block the world's social networks and instant messengers. In some cases, changing DNS can allow access to blocked resources, as well as increase the speed of downloading files and content.
How a DNS server works is to direct the user to the correct internet address
How to find out the registered DNS server address and how to change it
Now the global trend of providers is to automatically determine the DNS server, that is, it is not needed initially. But it's still quite easy to recognize him, just a few clicks of the mouse.
Windows
You can find out your DNS server and replace it in the corresponding column of the "Control Panel".
- Press the key combination Win + R, write control in the "Run" field and launch the command by pressing the OK or Enter button on the keyboard.
We launch the "Control Panel" through the executing program
- Change the view from "Categories" to "Icons" and click on the item "Network and Sharing Center".
Select the item "Network and Sharing Center"
- A window will open with active (active, connected) networks. Click on the link opposite the one that has access to the Internet.
We view the list of active networks in the "Network and Sharing Center"
- The network status window will open. We click the button "Details ...".
In the "Status" window, click the "Details" button
- Another window will appear with all the data of the connected network. In the column "IPv4 DNS servers" we get acquainted with the valid addresses of the services that the connection is using at the moment.
Viewing connected DNS servers
Replacing the DNS server is also easy. First, go back to the "Status" window.
As a result, we have access to the specified domain name conversion service.
Ubuntuk
There are several ways to change DNS settings on Ubuntu operating systems. The easiest one is through the interface.
- In the upper right corner there is a drop-down menu for the network. Click on the corresponding icon, select the item "Change connection ...".
Open the drop-down menu of the network and click "Change connection ..."
- Select an active Internet connection and click "Change".
Choose an Internet connection and click the "Change" button
- Go to the "IPv4 Settings" tab.
Go to the "IPv4 Settings" tab
- Change the filter "Configuration method" to "Automatic (DHCP, address only)".
Change the filter "Configuration method" to "Automatic (DHCP, address only)"
- In the column "DNS Servers" we write the required addresses separated by commas. Then press the "Save" button and close the window.
In the "DNS Servers" field, write the corresponding addresses
To find out the current DNS server in Ubuntu, you need to enter the command $ cat /etc/resolv.conf in the terminal. This will give all the information over the network: the nameserver column and contains the domain address.
On a router
It should be noted right away that not all router models provide the ability to change the address of DNS servers in their settings. Some devices can be replaced with well-known services, for example "Yandex-DNS" or DNS Google.
- First you need to go to the router control page. To do this, in the address bar of any browser, enter 192.168.1.1 and press the Enter key.
- Depending on the brand of the router, further instructions have options. In some cases, additional settings and information may already be on the main page. But most often you need to press a certain button to go to the accompanying menu. The button can be called Advansed, Setup, Settings, and so on. Click on this button to go to the additional menu.
- There are several options to change the service:
Errors that can occur when using DNS
The user rarely encounters errors that are related to the DNS server, but they do happen and are divided into two types: internal and external. External refers to the problem of the service itself, which the browser is accessing. This problem is easy to solve: you need to set automatic DNS selection or change the service to a more reliable one, as shown in the examples above.
If the change methods do not solve the problem, then the problem is related to the "DNS Client" service. It can be disabled or corrupted by viruses.
If the problem persists after restarting, it means that the service files are damaged and you need to run a system scan for viruses and restore OS files. Better to use two or three anti-virus programs.
Video: How to Fix DNS Server Errors
Changing the DNS server is easy. If necessary, you can easily restore the speed of your favorite sites. Follow the instructions above and you won't have any problems surfing the net.
Sometimes it is necessary to register DNS for a computer with a dynamic IP address. An easy way to do this is with services like dyndns, described in a recent topic. Sometimes this approach works poorly enough.
For example, in my situation, the provider sometimes changes my public IP address. This sometimes happens, usually every few months. Also, my home computer rarely reboots. During this time, the dyndns service, which I used earlier, managed to send me inactivity alerts a couple of times in order to disable the "unused" account. It is also impossible to switch to a manually assigned DNS zone, because sometimes the address still changes. And usually you find out about this when you need access to your home computer here and now.
To implement the described method, you need a server on the Internet with a DNS server bind on it. And also the domain zone, the subdomain of which we will allocate for our computer. The variant with connecting a Linux computer to a Linux server is described. To use other operating systems, you will need to read the manuals and modify some of the steps.
So:
1. We have an installed bind9 server with the server.org domain
2. Create a zone client.server.org.zone:
$ ORIGIN.
$ TTL 10; 10 seconds
client.server.net IN SOA ns1.server.net. hostmaster.server.net. (
eighteen ; serial
10800; refresh (3 hours)
3600; retry (1 hour)
604800; expire (1 week)
10 ; minimum (10 seconds)
$ TTL 3600; 1 hour
NS ns1.server.net.
NS ns2.server.net.
MX 10 client.server.net.
Here servers ns1.server.net and ns2.server.net are DNS servers for our zone, client.server.net is the address of our home computer
3.Generate keys on the client:
client # cd / etc / namedb / keys
client # dnssec-keygen -b 512 -a HMAC-MD5 -v 2 -n HOST client.server.net.
4. Create a file with a key on the server:
server # cd / var / named / chroot / etc
server # vim keys.conf:
Key client.server.net. (
algorithm "HMAC-MD5";
secret "omr5O5so / tZB5XeGuBBf42rrRJRQZB8I9f + uIIxxei8qm7AVgNBprxtcU + FQMzBvU / Y + nyM2xbs / C8kF3eJQUA ==";
};
In this case, a symmetric key was used, which is unsafe: if someone has access to the key file on your server, they can use your key to change your zone data. In this case, you can use an asymmetric key.
We set access rights to the file with the keys:
server # chmod 640 keys.conf
server # chown root: named keys.conf
5. add our zone to named.conf:
include "/etc/keys.conf"
zone "client.server.net" (
type master;
file "zones / client.server.net";
allow-update (
key client.server.net;
};
};
A parameter is written here that allows you to update the zone data. In general, after reading the manuals, you can find options for this parameter that allow you to update only one record in the zone for a given key. That is, you can have a zone with subdomains client1, client2, etc. which will authorize with keys key1, key2, etc.
6. Restart the DNS server:
server # /etc/init.d/named reload
7. Create a script on the client that will update the zone data:
#! / bin / bash
IFACE = "wlan0"
TTL = 3600
SERVER = ns1.example.com
HOSTNAME = foo.example.com
ZONE = example.com
KEYFILE = / root / ddns-keys / Kfoo.example.com. +157 + 12345.private
New_ip_address = `ifconfig $ IFACE | grep "inet addr:" | awk "(print $ 2)" | awk -F ":" "(print $ 2)" `
new_ip_address = $ (new_ip_address / /)
Nsupdate -v -k $ KEYFILE<< EOF
server $ SERVER
zone $ ZONE
update delete $ HOSTNAME A
update add $ HOSTNAME $ TTL A $ new_ip_address
send
EOF
At the beginning of the script, the corresponding parameters are described: interface, server and zone names, location of the file with the key.
8. It remains only to configure autostart / automatic change of address when changing DNS.
We will do this using a script for the NetworkManager:
create a file /etc/NetworkManager/dispatcher.d/20-dyndns.sh:
#! / bin / sh
Iface = $ 1
state = $ 2
If ["x $ state" == "xup"]; then
/ etc / namedb / ddns-update
elif ["x $ state" == "xdown"]; then
true
fi
Let's make it executable and owned by the root user.
Run-check-use.
Upd: If it does not work, check (install) named permissions on the server to write to the folder in which the client.server.org.zone file is located
named will create the file client.server.org.zone.jnl there
The following materials were used.
What is DNS?
DNS stands forDomain Name System or Domain Name Service. You specified a name, and DNS substitutes the ip address of the resource that hosts the site. The name in this case is exactly the hostname or IP address. Without DNS, you would have to remember the IP address of every site you want to visit. There are more than 300 million websites on the Internet today, it is completely impossible to remember the IP address of the required website.
What is dynamic IP?
How to make a static ip address from a dynamic one?
There is no need to buy a static IP. Use our free Dynamic DNS to match a dynamic address or long URL to your resource to easily remember your hostname. Remote monitoring of your home via a webcam on any port or launching your own server at your home with a dynamic IP address - all this is available with the serviceDnsIP ... Once a provider has allocated a dynamic IP, a service such as Dynamic DNS becomes necessary.
When registering on our service, you will receive a domain name. A special client that needs to be downloaded is installed on the user's computer. This client periodically sends information to the DNS server, reporting its IP address. The DynDNS server saves the last IP of the user and, when accessing the custom domain name obtained during registration, redirects the request to this IP.
Private network.
Regular services only offer third-level domain names. This can be awkward. In the presence of an external dynamic IP address, our innovative project allows you to get a domain name of not only the third, but also the first level. By installing a special application on computers, a private network will become available to you, in which you will be able to access services or programs using any protocol or port. In this case, no traffic will pass through our server. All information will be transferred between computers directly.
Remote computer and remote desktop.
Via DynDNS Secure service DnsIP allows you to organize a connection to a remote computer through any remote access program using any port. In this case, you directly contact the remote computer, and our service only informs your programs of the required IP address.
Network monitoring.
Using our service, network monitoring will become available to you. All connected users (their computer names) will be monitored only by you. You will be informed which computer is online and which one is offline.
If any application on the remote computer does not respond and there is a need to safely reboot the remote machine, you can do this by pressing a button without using the command line and special firewall settings, and even if the remote network does not have an external IP address. You only need to have an Internet connection.
Auto-pressing the button for free access when using Yota.
If you use free Internet access from the "Yota" provider, the connection is blocked once a day, and a window appears in the browser with a proposal to continue at a slow speed. This is extremely inconvenient when using remote access to this computer. In this case, it is enough to install ourfree programand it will restore internet access within minutes. This option is available without registering a user on our website. In this case, the program only needs to be installed, no settings need to be made.
You can find out the IP address of your resource at any time.
At your service is the page http://dns-free.com/dns2ip.php?dns=xxxxxxx, where xxxxxxx is the domain name in the DnsIP system. Use it to organize links to your resource using the dynamic dns system. Or add to favorites, and with one click find out the current ip of your resource. Or enter manually in the form on the same
As a rule, the time that the system spends on connecting to the DNS server when visiting web resources is short. Most often, those servers that the provider uses by default work stably and quickly. However, there are times when standard DNS is not fast enough. In this case, you can try changing the server.
Google Public DNS
According to the developers themselves, this DNS can significantly speed up the loading of web pages. In order to use this server, in the connection settings, you must register the addresses 8.8.8.8 and 8.8.4.4 for the primary and secondary DNS, respectively.
If you are interested in servers or data storage system, then Server City offers you to buy DELL, IBM servers, as well as data storage systems at a bargain price. Here on the site server-city.ru you can read in more detail about all the services offered by the company.
Following the lead of Google, Yandex has developed its own alternative DNS server. In addition, the developers have added family control capabilities in case it becomes necessary to block potentially dangerous resources. To use DNS without filtering functions, you must enter the address 77.88.8.8 in the connection settings. If you enter the address 77.88.8.88, you can use the functions of filtering dangerous resources. In the event that you enter the address 77.88.8.7, you activate the filtering of dangerous sites and porn resources.
This service is quite popular on the web and for good reason. OpenDNS allows you to use modern methods of protection on the Internet, is fast and has many nice features, for example, the function of correcting typos in typed addresses.
The service has paid and free modes.
Free mode with standard settings is available at the following addresses:
- 208.67.222.222
- 208.67.220.220
SkyDNS
This service is the leader in the Russian-speaking Internet in the field of security and filtering of inappropriate content. As the developer himself assures, tens of thousands of users, large companies, Internet providers, etc. use the service. Paid and free modes are available.
Connection to the free mode is available after completing the registration procedure, which will not take much time. To use SkyDNS, you will be prompted to download a small SkyDNS Agent application, or provide your IP. However, you can use the service without installing the application.
To do this, you will need to specify the DNS address 193.58.251.251.
In addition, to find a suitable DNS, you can use the appropriate software, which is a lot on the Internet.
