alternative to NIC 2 (DynDNS, etc) services?

[phn at icke-reklam.ipsec.nu]

Kevin Darcy <kcd at daimlerchrysler.com> wrote:

> "Brian C. Hill" wrote:

>>         Ah, yes, but what if you are behind a linksys gateway and you
>> don't know what your external IP address is? I will have to cook up
>> something, I guess, to be able to fill in the IP_ADDRESS part of your
>> example.

> I'm pretty sure you can extract the WAN address from a Linksys using SNMP or something like
> that.

> Worse come to worst, you could make a connection to some external box and have it tell you
> what it thinks your source IP address is (know anyone who would be willing to put up a
> low-usage, low-impact CGI for you on their website?)

> An even kludgier way would be to have a script connect to the HTTP-based admin interface and
> parse the HTML (yuck!).

> But, we're getting somewhat off the topic of DNS and BIND now...

Yes. 
I have made a small example aplication that sends a UDP packet to a 
receiver that does the updating. Interesting point is that the receiver
uses the source-ip as sorce for the 'A' record. Whats left is to 
create some kind of security, i am thinking in terms of a tsig-like
signature on the packet contents.

See ftp://ftp.manet.nu/pub/dynupdate.tar

Any suggestions to securing this thing is welcome ! ( and feel free to
send updates to the "dyn.manet.nu" zone )


>>         Does your example just create a one-off glue record? That would
>> be fine, but I don't want my hand-maintained zone file being converted
>> to a half-hand/half-dynamic-managed file for just one dynamically
>> updated entry.  Do I need to set up one-host zone?

> Yeah, I guess you would. Have you considered migrating to Dynamic Update for *all* zone
> updates?


> - Kevin




-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.