[isf-wifidog] Dynamic DNS : The ultimate solution

Rein Petersen rein.petersen at gmail.com
Mer 8 Mar 13:21:15 EST 2006 

Here's a great doc on securing DNS (with TSIG):

http://www.linux.ie/articles/tutorials/dns-tsig.php

Rein

On 3/8/06, Rein Petersen <rein.petersen at gmail.com> wrote:
>
> it is a pretty easy script to create the A record... updating an existing
> might take a different form:
>
> #!/usr/bin/perl -w
>
>  use Net::DNS;
>  use strict;
>
>  # Create the update packet.
>  my $update = Net::DNS::Update->new('ilesansfil.org');
>
>  # Prerequisite is that no A records exist for the name.
>
>  $update->push(pre => nxrrset('boohdabar.ilesansfil.org. A'));
>
>  # Add the A records for the name.
>  $update->push(update => rr_add('
> boohdabar.ilesansfil.org. 3600 A 67.70.2.26'));
>
>
>  # Send the update to the zone's primary master.
>  my $res = Net::DNS::Resolver->new;
>  $res->nameservers('
> DNS1.SMARTNAMESERVERS.COM');
>
>  my $reply = $res->send($update);
>
>  # Did it work?
>  if ($reply) {
>      if ($reply->header->rcode eq 'NOERROR') {
>          print "Update succeeded\n";
>
>      } else {
>          print 'Update failed: ', $reply->header->rcode, "\n";
>      }
>  } else {
>      print 'Update failed: ', $res->errorstring, "\n";
>  }
>
>
>
> On 3/8/06, Rein Petersen <rein.petersen at gmail.com> wrote:
> >
> > Sorry, the appropriate library is :  Net::DNS::Update
> >
> > http://search.cpan.org/~olaf/Net-DNS-0.57/lib/Net/DNS/Update.pm<http://search.cpan.org/%7Eolaf/Net-DNS-0.57/lib/Net/DNS/Update.pm>
> >
> > It allows you to do the dynamic updates of a dns server.
> >
> > Sorry for the confusion... Rein
> >
> >
> > On 3/8/06, Rein Petersen < rein.petersen at gmail.com> wrote:
> > >
> > > Hey François,
> > >
> > > That'll work for HTTP for sure - or whatever ports you have Apache
> > > answering - it would definately let webcams be easily accessible remotely
> > > (with the appropriate port-forward on the router). But other services (say
> > > PCAnywhere or something like that) would still rely on DNS to map a domain
> > > name to an ip address.
> > >
> > > A further elaboration of Mina's idea to utilize your existing DDNS
> > > service would be to implement a trigger on the table that captures the ip
> > > address of the heartbeat and, on change, call a perl script that implements
> > > the Net::DNS perl module :
> > >
> > > http://search.cpan.org/~olaf/Net-DNS-0.57/lib/Net/DNS.pm
> > > <http://search.cpan.org/%7Eolaf/Net-DNS-0.57/lib/Net/DNS.pm>
> > >
> > > The Net::DNS library allows you to craft the appropriate DNS request
> > > to add/update a dynamic host. Please excuse my linux ignorance, but I would
> > > assume you'd want to spawn a new thread/process so your perl ddns-updating
> > > script doesn't hold up the database update that caused the trigger while it
> > > is updating a remote dns server - I know there is some complication with
> > > multithreading and linux but I'm totally novice when it comes to linux.
> > >
> > > Of course this is all just theoretical but, I'd be willing and
> > > interested in writing the perl script that updates DDNS if the ISF folks
> > > thought it was a worthy venture. Regardless, it's fun to talk about it.
> > >
> > > Rein
> > >
> > >
> > >
> > > On 3/8/06, François Proulx < fproulx at edito.qc.ca> wrote:
> > > >
> > > > Here is a potential solution for managing dynamic DNS entierely from
> > > > the Wifidog back-end.
> > > > Create an Apache name-based VirtualHost with the ServerAlias
> > > > parameter set to something like
> > > > ServerAlias *.hotspots.ilesansfil.org
> > > >
> > > > See Apache doc here :
> > > > http://httpd.apache.org/docs/1.3/mod/core.html#serveralias
> > > >
> > > > So, there would be a proxy PHP script that would be called and look
> > > > if the first part of the URL matches the name of a hotspot in the database,
> > > > maybe even do soundex or metaphone searches then redirect to the right
> > > > portal page .... So that's pretty simple to do and we can specify the alias
> > > > in the Wifidog admin back-end
> > > >
> > > >
> > > > On 8-Mar-2006, at 11:19 , Max Horváth wrote:
> > > >
> > > > Well, the question is - can you provide a tutorial on how to run our
> > > > own DDNS server?
> > > > Cheers, Max!
> > > >
> > > > Am 08.03.2006 um 16:24 schrieb Mina Naguib:
> > > >
> > > >
> > > > On 8-Mar-06, at 8:41 AM, Rein Petersen wrote:
> > > >
> > > > Hi Max, Hi Benjamin,
> > > >
> > > > Benjamin's idea of using a client to update an existing dynamic dns
> > > > service is probably the easiest. You could delegate a subdomain of
> > > > ilesansfil.org (how about " venues.ilesansfil.org") to a remote
> > > > dnydns service so your existing dns is not affected, then have a trigger on
> > > > the db that uses the client to update the remote dyndns server on change of
> > > > an ip address.
> > > >
> > > >
> > > > The DNS server handling ilesansfil.org already supports dynamic DNS
> > > > entry updating ;-) No need for anything fancy to be done.
> > > >
> > > >
> > > > I had imagined something a little more elaborate - delegating a
> > > > subdomain to your auth server and running a perl sockets service that
> > > > answers only host lookups on port 53. Bothering with the entire BIND DNS
> > > > spec would be unecessary (don't need reverse or MX queries). DNS speaks
> > > > binary on the wire so it is still a little elaborate but not impossible
> > > > (I've worked on a resolver for a mail server called Lumisoft Mail).
> > > >
> > > >
> > > > Entirely doable (done it before as well), but a bit overkill :-)
> > > >
> > > >
> > > > I think Benjamin's plan may be easier to implement.
> > > >
> > > > Rein
> > > >
> > > > On 3/8/06, Benjamin Crulli <lostocean at gmail.com > wrote:
> > > > >
> > > > > These are the three dyndns GNU/Linux softwares i know about.
> > > > > <a href="
> > > > > http://sourceforge.net/project/showfiles.php?group_id=65917">updatedd</a>
> > > > >
> > > > > <a href="http://www.funtaff.com/software/addns.pl">Addns.pl</a>
> > > > > <a href=" http://ipcheck.sourceforge.net/ ">ipcheck.py</a>
> > > > >
> > > > > On 3/8/06, Max Horváth < max.horvath at maxspot.de> wrote:
> > > > > > This feature would be nice ... but I think we won't be able to
> > > > > do it by just
> > > > > > extending the auth server.
> > > > > >
> > > > > > In fact I still don't know which software exists for linux to
> > > > > provide a
> > > > > > DynDNS service :( ...
> > > > > >
> > > > > > Did you already do some research?
> > > > > >
> > > > > > Cheers, Max!
> > > > > >
> > > > > >
> > > > > > Am 08.03.2006 um 05:11 schrieb Rein Petersen:
> > > > > >
> > > > > > Hi All,
> > > > > >
> > > > > >  Considering that Wifidog clients heartbeat frequently to the
> > > > > auth server, I
> > > > > > was wondering if anyone had considered rolling Dynamic DNS
> > > > > service into
> > > > > > Wifidog auth server.
> > > > > >
> > > > > >  Then you could resolve dynamic ip addresses to names like
> > > > > > boodhabar.ilesansfil.org
> > > > > >
> > > > > >  This might be helpful for venues that want to run their own
> > > > > services or
> > > > > > have a webcam installed.
> > > > > >
> > > > > >  Just a crazy idea but I think it would be cool.
> > > > > >
> > > > > >  Rein
> > > > > >
> > > > > > _______________________________________________
> > > > > > WiFiDog mailing list
> > > > > > WiFiDog at listes.ilesansfil.org
> > > > > > http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> > > > > >
> > > > > > _______________________________________________
> > > > > > WiFiDog mailing list
> > > > > > WiFiDog at listes.ilesansfil.org
> > > > > > http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Ben Crulli
> > > > > _______________________________________________
> > > > > WiFiDog mailing list
> > > > > WiFiDog at listes.ilesansfil.org
> > > > > http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Rein Petersen MCP MCP+I MCSE MCDBA MCAD
> > > > Software Engineer_______________________________________________
> > > > WiFiDog mailing list
> > > > WiFiDog at listes.ilesansfil.org
> > > > http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> > > >
> > > >
> > > > _______________________________________________
> > > > WiFiDog mailing list
> > > > WiFiDog at listes.ilesansfil.org
> > > > http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> > > >
> > > >
> > > > _______________________________________________
> > > > WiFiDog mailing list
> > > > WiFiDog at listes.ilesansfil.org
> > > > http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > WiFiDog mailing list
> > > > WiFiDog at listes.ilesansfil.org
> > > > http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> > > >
> > > >
> > > >
> > >
> > >
> > > --
> > > Rein Petersen MCP MCP+I MCSE MCDBA MCAD
> > > Software Engineer
> > >
> >
> >
> >
> > --
> > Rein Petersen MCP MCP+I MCSE MCDBA MCAD
> > Software Engineer
> >
>
>
>
> --
> Rein Petersen MCP MCP+I MCSE MCDBA MCAD
> Software Engineer
>



--
Rein Petersen MCP MCP+I MCSE MCDBA MCAD
Software Engineer
-------------- section suivante --------------
Une pièce jointe HTML a été enlevée...
URL: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20060308/095308bb/attachment.htm

More information about the WiFiDog mailing list