Updating DNS Entries (with nsupdate or alternative implementations) – Run Your Own DynDNS Service

Please refer to my newer and more complete blog post on this topic: Deploy Your Own Bind9 based DDNS Server.

dyndns.org has stopped serving DynDNS for free to the great public. If have a (virtual) server, you can simply host your own dynamic DNS service. The most common DNS server is ISC's DNS server BIND9 and it can be used for DynDNS too.

To update your RRs (resource records) and more on your DNS server, you can use nsupdate. It is a command line too that comes with Bind9. It authenticates your updates towards the server with a HMAC (Keyed-Hash Message Authentication Code).

First create keys using

dnssec-keygen -r /dev/urandom -a HMAC-SHA512 -b 512 -n HOST sub.dyn.example.com.

Then use the tool nsupdate to remotely update the nameserver:

## Static
## Or dynamic:
IPV4=$(curl -s "http://v4.ipv6-test.com/api/myip.php")
IPV6=$(curl -s 'http://v6.ipv6-test.com/api/myip.php')


nsupdate -k $KEY -v << EOF
server $NS
zone $ZONE
update delete $DOMAIN A
update delete $DOMAIN AAAA
update add $DOMAIN 30 A $IPV4
update add $DOMAIN 30 AAAA $IPV6

Python Wrappers for nsupdate

Here is my custom solution:

ddns.py – a script to update the A and AAAA RRs of HOSTNAME on a DNS server using nsupdate with TSIG. This script is ready to run on Mac OS X (10.8) and on any other Unix or Linux systems where nsupdate and the Python module dnspython are available. (Install the latter using pip install dnspython, see its introduction and examples.)

I use this tool regularly (as of 2014-08-22).

I also found another Python nsupdate-wrapper script called ddns (without the .py at the end): ddns.

Python Alternatives to nsupdate

A Python script implementing all the communication with the Bind name server on its own is dnsupdate.py.