When setting up your OpenDNS dashboard, if you are a home user on a Internet provider that gives you a dynamic IP address, you need to tell OpenDNS your IP address has changed or there will not be any relevant stats for your domain. In fact, it may report erroneously that a BotNet or Malware has been detected on your IP when, in fact, it is another OpenDNS user that happened to get your stale IP address.

Unfortunately, it is a bit confusing on the easiest way to set this up on a Linux machine. The confusion is elevated when the machine that can update OpenDNS is behind a NAT firewall and the software cannot run on that machine/box. The solution is to use a correctly configured version of ddclient. I have done this on both Ubuntu and Fedora with much success.

For Ubuntu, issue the following command to install ddclient:

sudo apt-get install ddclient

When installing ddclient on Ubuntu, it will present a nice configuration wizard. You can answer the questions however you want; you can alway go and edit the configuration files after the install. Here are my responses; you can follow along during the installation:

Dynamic DNS service provider: other

Dynamic DNS server: updates.opendns.com

Dynamic DNS update protocol: dyndns2

Username for dynamic DNS service: <username you use to log into OpenDNS>

Password for dynamic DNS service: <password you use to log into OpenDNS>

Network interface used for dynamic DNS service: <just press return as you will need to enter this later>

DynDNS fully qualified domain names: <Your OpenDNS Network name; substitute ‘+’ for ‘ ‘>

For Fedora, issue the following command to install ddclient:

sudo yum install ddclient

This will not lead you through the nice installation wizard, although there a few adjustments necessary.

With each Operating System, adjustments are necessary before this will work. Edit the configuration file,

/etc/ddclient.conf

as the superuser. Ensure it reads as follows. If on Ubuntu, it will be a short file filled with the values used in the wizard. If done in Fedora, there will be a number of lines that are commented, just append the following to the bottom of the file. the entries in bold need to be adjusted for your configuration. Note the OpenDNS network name is the friendly name you defined for you network in OpenDNS. If it contains spaces in the name, make sure to substitute each space with a plus (+).

If you are using Fedora, you will not need the ssl=yes line as it appears early in the configuration file, although there should be no harm in leaving it there.

The most important line in the configuration is the use=web: it tells OpenDNS to use the publically available IP address for your machine that live behind the NAT router.

##
## OpenDNS.com account-configuration
##

ssl=yes # use ssl-support
use=web
server=updates.opendns.com 
protocol=dyndns2           
login=<strong>&lt;username you use to log into OpenDNS&gt;</strong>     
password=<strong>&lt;password you use to log into OpenDNS&gt;</strong> 
<strong>&lt;Your OpenDNS Network name; substitute '+' for ' '&gt;
</strong>

Now that it is configured, it is helpful to test to ensure all the settings are correct. To test, issue the following command after saving the configuration files:

ddclient -daemon=0 -debug -noquiet

If you prefer lots of output add the -verbose switch.

If it is configured correctly you will see output similar to the following:

DEBUG:    proxy  = 
DEBUG:    url    = http://checkip.dyndns.org/
DEBUG:    server = checkip.dyndns.org
DEBUG:    get_ip: using web, http://checkip.dyndns.org/ reports 1.2.3.4
DEBUG:    
DEBUG:     nic_dyndns2_update -------------------
DEBUG:    proxy  = 
DEBUG:    url    = http://updates.opendns.com/nic/update?system=dyndns&hostname=Home&myip=1.2.3.4
DEBUG:    server = updates.opendns.com

Note that I used Home as my OpenDNS network name and the public IP address is 1.2.3.4 – YMMV. Also note the hostname is case sensitive.

If you issue this command too often, you will get a warning to “Wait at least 5 minutes between update attempts.”. If you see this, don’t worry, just wait.

You can also attempt to enter the URL in your browser to check the status. If it comes back with nohost then something is wrong. If it comes back as good <IP Address> then the configuration is correct.

Finally, once the configuration is correct, enable ddclient to run as a daemon. This is done by editing /etc/default/ddclientand ensuring run_ipup = “false” and run_daemon = “true”.

You may need to manually start ddclient by issuing:

sudo /etc/init.d/ddclient start

This should keep OpenDNS happy and maintaining statistics for your network.

This entry was posted on Saturday, July 31st, 2010 at 3:29 pm and is filed under WILT. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.