# Dynamic IP at home + self hosted DNS server on static ip



## generic (May 16, 2012)

Hello everyone,

I'd like to be able to connect to my machine at home when I need to. Problem is that my IP is dynamic therefore I don't remember it, that's why I'd like to have DNS entry pointing to it, for example:

*home.mydomain.tld*

I do have a domain, my own dedicated server with static IP and it's running BIND. So all components are in place. And since I'm a bit paranoid I'd like to avoid unnecessary ssh auto logging/opening new ports.

So far my idea is to send some prepared ICMP packet to my DNS server (protected by pf), where cron running script can run nsupdate to alter BIND config files, for example:


```
ping -c1 -s<number> mydomain.tld (DNS server)
```

Obviously this solution is far away from being perfect (eg. if <number> is guessed).

Probably some of you already faced similar situation and are able to provide some solution.

Thank you


----------



## SirDice (May 16, 2012)

You could register with DynDNS. There are some scripts in the ports tree that can automatically submit your dynamic IP address. A lot of SOHO modem/routers also have this functionality built-in.

You can then create a CNAME on your DNS server pointing to the DynDNS hostname you got.


----------



## bbzz (May 16, 2012)

Or, you can go medieval on this thing and write a simple script which runs every five minutes or so on your computer and checks for its IP. If it's changed, send new IP to your email. This can never fail.


----------



## generic (May 16, 2012)

SirDice said:
			
		

> You could register with DynDNS. There are some scripts in the ports tree that can automatically submit your dynamic IP address. A lot of SOHO modem/routers also have this functionality build-in.
> 
> You can then create a CNAME on your DNS server pointing to the DynDNS hostname you got.



I'm aware of DynDNS, but I don't really want to use such a thing. Basically what I need is to send somehow my IP address to my DNS server without the need to run some specific service, the rest can be easily scripted on the target system.



			
				bbzz said:
			
		

> Or, you can go medieval on this thing and write simple script which runs every 5 min or so on computer and checks for its IP. If it's changed, send new IP to your email. This can never fail.



Yup, I've been thinking about this as well, but for that I have to have smtpd running on both nodes...


----------



## SirDice (May 16, 2012)

You could set up a small webserver on the DNS server and have your dynamic machine submit the new IP address on a small webform. The webserver can run on a high port and have authentication turned on.

Might take some fiddling with scripts but should be possible to archive. It does require an extra service on the DNS server though.


----------



## bbzz (May 16, 2012)

You don't need smtpd just for checking that email, use one of public emails. Just use something like mail/ssmtp to send email. But, I think I like SirDice's suggestion even better. You could even tunnel trough ssh if you don't want additional ports open.


----------



## generic (May 16, 2012)

The idea with web server is actually a pretty good idea SirDice. I'll set it up on some vhost and monitor with swatch for specific patterns.

Thank you


----------



## DutchDaemon (May 16, 2012)

I use nc(1) (netcat) for quick exchanges of small bits of data, like IP addresses. Just hang a small line-parsing shell script off of the listening nc, and you're off. It's in the base system.

It can be as simple as:


```
#!/bin/sh

/usr/bin/nc -kl your.ip 12345 | while read ip
do
[ some input sanitation / error checking] && [ some action with the ] {ip}
done
```

Start it under screen or tmux, and it will happily run forever without eating any resources worth mentioning. Pick a random high port and/or firewall it.


----------



## generic (May 17, 2012)

I'll consider netcat also. It have this advantage that I don't have to use any log monitoring tools for that, as in case of web server. Thank you DutchDaemon.

So far I got running security/swatch checking my www server logs, but that solution is not as clean as I'd like it to be, mostly because of swatch working weird (not recognizing $0 and $1, $2... etc. as parameters passed to script). But that's another story


----------

