1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
# DDNS-Utils
A collection of scripts to manage various aspects of using dynamic DNS,
usually to cope with dynamic IP addressing
## he-dyndns
A Python-based script to update dynamic DNS records when using the
Hurricant Electric DNS service at ``dns.he.net``. This code is
designed to ba maximally portable by relying on standard
Python 3 libraries. It is not compatible with Python 2.
## ddns-update-rfc2136
A Python-based script to update DNS records in a master server
that is RFC2136-compliant and supports TSIG-based updates.
This script is a wrapper around nsupdate(1). Properly configured
TSIG keys are needed.
## RouterOS Script for Address List Updates (ros-ddns-addrlist)
A small RouterOS script for Mikrotik RouterOS to query a DNS
name and put that IP address into an AddressLis. Note that the
``:resolve`` function doesn't support RR types. If there's an A you
get that. If there's no A, you get AAAA. If there's neither, the script
will bomb.
# he-dyndns Installation / Use
There is really nothing to install unless you need to add
Python3 stock libraries to your system. Copy he-dyndns somewhere useful
such as `/usr/local/bin`.
For Debian/Ubuntu systems: ``apt install python3-dns python3-dnspython python3-urllib3``
For Fedora systems: ``dnf install python3-dns python3-urllib3``
## Configuration
Unless using the ``--key`` argument, keys for the dyanmic record
are read from ``/etc/he-dyndns.conf`` or from an alternative
location specified by ``--keyfile``. The configuration file
format is one section [keys] with record = key pairs. For example:
```
[keys]
dynamic.example.com = 123412341234
```
Other configuration sections will be ignored.
## Usage
```
usage: he-dyndns [-h] [--v4] [--v6] [--addr4 ADDR4] [--addr6 ADDR6] [--key KEY] [--debug] record
Update Hurricane Electric DNS dynamic record
positional arguments:
record DNS record to update
optional arguments:
-h, --help show this help message and exit
--v4 Update IPv4 A record (default)
--v6 Update IPv6 AAAA record
--addr4 ADDR4 Update A record with provided IP rather than detected IP
--addr6 ADDR6 Update AAAA record with provided IP rather than detected IP
--keyfile KEYFILE Alternate location for key config file (default /etc/he-dns-secret.conf)
--key KEY HE DDNS key for record (by default read from /etc/he-dns-secret.conf or --keyfile)
--debug Enable debug logging
```
## Return Values
Returns 0 on success (successful change or no change) or 1 on failure.
Failures also include a single line error message.
# ddns-update-rfc2136 Installation/Use
This script relies on the `netifaces` and `subprocess` libraries
that are not always installed by default in Python3. Install those
modules from `apt`, `dnf`, or `pip` as appropriate for your
system.
Copy `ddns-update-rfc2136` somewhere useful such as `/usr/local/bin`.
## Configuration
The script expects there to be a file `/etc/ddns-RECORD.key` for every `record`
being updated containing *only* the TSIG key for that record. For example,
updating the record `foo.example.com` should have a file named
`/etc/ddns-foo.example.com.key` available with that RR's key. It's possible
to specify `--keyfile` to select an alternate location. Make sure that the key
file is properly protected so only authorized users can view the contents.
## General Use
This script finds the appropriate IP address from the interface specified
in the `interface` position and then updates the record `record` in the
zone `zone` on server `server`.
For IPv4, each address is on a unique sub interface - e.g. eth0 vs eth0:0.
To use the IP address other than the main interface's, specify the sub
interface as show by `ifconfig` or `ip addr list` (see global secondary
addresses)
For IPv6, the script will take the numerically first address assigned
to the interface. If there is no IPv6 address other than a link-scope
address (i.e. an fe80:: address), then it will use the link-scope
address - however that's probably not what's really desired.
The script defaults to IPv6 addresses because that's what the original issue
it was written for was solved to address and it's long past time the
Internet has a v6-first attitude. It is not necessary to use the `--v6`
flag, but it's included for pretty completeness.
## Example Usage
To
/usr/local/bin/ddns-update-rfc2136 enp1s0 foo.example.com example.com 192.0.2.2
## Usage
```
usage: ddns-update-rfc2136 [-h] [--v4] [--v6] [--addr4 ADDR4] [--addr6 ADDR6] [--ttl TTL] [--keyfile KEYFILE] [--debug]
interface record zone server
Update dynamic DNS records using RFC2136
positional arguments:
interface interface to obtain IP from (for IPv6, takes the numerically first global address on the interface)
record DNS record to update
zone Zone name to update (e.g. example.com)
server Server to update (IP or FQDN)
optional arguments:
-h, --help show this help message and exit
--v4 Update IPv4 A record
--v6 Update IPv6 AAAA record (default)
--addr4 ADDR4 Update A record with provided IP rather than detected IP (causes 'interface' to be ignored)
--addr6 ADDR6 Update AAAA record with provided IP rather than detected IP (causes 'interface' to be ignored)
--ttl TTL TTL to assign to record (default 300)
--keyfile KEYFILE Alternate location for key config file (default /etc/ddns-RECORD.key where RECORD is the record name provided
as the argument)
--debug Enable debug logging
```
|
