diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 132 |
1 files changed, 132 insertions, 0 deletions
@@ -1,3 +1,135 @@ # DDNS-Utils A collection of scripts to manage various aspects of using dynamic DNS, usually to cope with dynamic IP addressing + +## he-dyndns (he-dns/he-dyndns) +A Python-based script to update dynamic DNS records when using the +Hurricant Electric DNS service at ``dns.he.net``. This code is +designed to ba maximally portable by relying on standard +Python 3 libraries. It is not compatible with Python 2. + +## ddns-update-rfc2136 (rfc2136/ddns-update-rfc2136) +A Python-based script to update DNS records in a master server +that is RFC2136-compliant and supports TSIG-based updates. +This script is a wrapper around nsupdate(1). Properly configured +TSIG keys are needed. + +## RouterOS Script for Address List Updates (routeros/ros-ddns-addrlist) +A small RouterOS script for Mikrotik RouterOS to query a DNS +name and put that IP address into an AddressLis. Note that the +``:resolve`` function doesn't support RR types. If there's an A you +get that. If there's no A, you get AAAA. If there's neither, the script +will bomb. + +# he-dyndns Installation / Use +There is really nothing to install unless you need to add +Python3 stock libraries to your system. Copy he-dyndns somewhere useful +such as `/usr/local/bin`. + +For Debian/Ubuntu systems: ``apt install python3-dns python3-dnspython python3-urllib3`` + +For Fedora systems: ``dnf install python3-dns python3-urllib3`` + +## Configuration +Unless using the ``--key`` argument, keys for the dyanmic record +are read from ``/etc/he-dyndns.conf`` or from an alternative +location specified by ``--keyfile``. The configuration file +format is one section [keys] with record = key pairs. For example: + +``` +[keys] +dynamic.example.com = 123412341234 +``` + +Other configuration sections will be ignored. + +## Usage +``` +usage: he-dyndns [-h] [--v4] [--v6] [--addr4 ADDR4] [--addr6 ADDR6] [--key KEY] [--debug] record + +Update Hurricane Electric DNS dynamic record + +positional arguments: + record DNS record to update + +optional arguments: + -h, --help show this help message and exit + --v4 Update IPv4 A record (default) + --v6 Update IPv6 AAAA record + --addr4 ADDR4 Update A record with provided IP rather than detected IP + --addr6 ADDR6 Update AAAA record with provided IP rather than detected IP + --keyfile KEYFILE Alternate location for key config file (default /etc/he-dns-secret.conf) + --key KEY HE DDNS key for record (by default read from /etc/he-dns-secret.conf or --keyfile) + --debug Enable debug logging + +``` + +## Return Values +Returns 0 on success (successful change or no change) or 1 on failure. +Failures also include a single line error message. + +# ddns-update-rfc2136 Installation/Use +This script relies on the `netifaces` and `subprocess` libraries +that are not always installed by default in Python3. Install those +modules from `apt`, `dnf`, or `pip` as appropriate for your +system. + +Copy `ddns-update-rfc2136` somewhere useful such as `/usr/local/bin`. + +## Configuration +The script expects there to be a file `/etc/ddns-RECORD.key` for every `record` +being updated containing *only* the TSIG key for that record. For example, +updating the record `foo.example.com` should have a file named +`/etc/ddns-foo.example.com.key` available with that RR's key. It's possible +to specify `--keyfile` to select an alternate location. Make sure that the key +file is properly protected so only authorized users can view the contents. + +## General Use +This script finds the appropriate IP address from the interface specified +in the `interface` position and then updates the record `record` in the +zone `zone` on server `server`. + +For IPv4, each address is on a unique sub interface - e.g. eth0 vs eth0:0. +To use the IP address other than the main interface's, specify the sub +interface as show by `ifconfig` or `ip addr list` (see global secondary +addresses) + +For IPv6, the script will take the numerically first address assigned +to the interface. If there is no IPv6 address other than a link-scope +address (i.e. an fe80:: address), then it will use the link-scope +address - however that's probably not what's really desired. + +The script defaults to IPv6 addresses because that's what the original issue +it was written for was solved to address and it's long past time the +Internet has a v6-first attitude. It is not necessary to use the `--v6` +flag, but it's included for pretty completeness. + +## Example Usage +To +/usr/local/bin/ddns-update-rfc2136 enp1s0 foo.example.com example.com 192.0.2.2 + +## Usage +``` +usage: ddns-update-rfc2136 [-h] [--v4] [--v6] [--addr4 ADDR4] [--addr6 ADDR6] [--ttl TTL] [--keyfile KEYFILE] [--debug] + interface record zone server + +Update dynamic DNS records using RFC2136 + +positional arguments: + interface interface to obtain IP from (for IPv6, takes the numerically first global address on the interface) + record DNS record to update + zone Zone name to update (e.g. example.com) + server Server to update (IP or FQDN) + +optional arguments: + -h, --help show this help message and exit + --v4 Update IPv4 A record + --v6 Update IPv6 AAAA record (default) + --addr4 ADDR4 Update A record with provided IP rather than detected IP (causes 'interface' to be ignored) + --addr6 ADDR6 Update AAAA record with provided IP rather than detected IP (causes 'interface' to be ignored) + --ttl TTL TTL to assign to record (default 300) + --keyfile KEYFILE Alternate location for key config file (default /etc/ddns-RECORD.key where RECORD is the record name provided + as the argument) + --debug Enable debug logging + +``` |