Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen der Seite angezeigt.

--- content:serverbasics:network-dyndns [2024/04/20 19:17] – [Security/privacy Extensions] obel1x
+++ content:serverbasics:network-dyndns [2025/07/10 20:39] (aktuell) – obel1x
@@ Zeile 36: / Zeile 36: @@
 </file>
+How the rebind protection work: DNS queries to your Router won't return the IP of the service. So if you experience, that ''dig to 8.8.8.8'' will work, but ''nslookup'' does not - check the rebind protection!
 ===== Modem Setup =====
@@ Zeile 66: / Zeile 67: @@
 After that, check if your device has an temporary adress with ''ip addr''
+*** Not finished - i have not found any docs at ddclient, how to get the interface temporary adress working, made up [[https://github.com/ddclient/ddclient/issues/651|https://github.com/ddclient/ddclient/issues/651]] *** For the time beeing, i will be fine using the non- private adress.
 ===== DynDNS Provider =====
-Next Step to choose is a provider for dyndns. There are many dyndns- providers out there. i chose [[https://dynv6.com|https://dynv6.com]] which seems to work fine. Registration there is done quite fast and no setup needs to be done at the providers interface.
+Next Step to choose is a provider for dyndns. There are many dyndns- providers out there - even free of charge. E.g. [[https://dynv6.com|https://dynv6.com]] which seems to work fine. Registration there is done quite fast and no setup needs to be done at the providers interface.
+The opposite of those free registries is, that you can only use a subdomain of the Top-Level domain they offer, which makes your Domain Name fixed at the end. For me personally, i have bought a domain on my own in the tld of my country (costs about 15 Euro in one Year), which i can now use.
+===== Register Subdomains =====
+After you logged into your DynDNS Provider, enable dynDNS for your IPs and add subdomains - each one for one service. If you want to acces your Portainer you created when setting up docker, e.g. use a Subdomain called
+portainer.domain.tld
+Make sure, that DynDNS is selected for that record again!
 ===== DDclient =====
@@ Zeile 75: / Zeile 86: @@
 The Task to update the dyndns- entry to point to the right host can be done best on the host itself as explained before. The Host may detect interface- changes of the Adress and will push out automagically using some client.
-DDClient can be used in the local server/host to assign some DNS- Record to an IP. It turned out, that the **DDclient V3.8.3 of OpenSuSE Leap 15.5** was not able to work with IPv6 in the Version coming from the main Repositories.
+Hint for old SuSE: DDClient can be used in the local server/host to assign some DNS- Record to an IP. It turned out, that the **DDclient V3.8.3 of OpenSuSE Leap 15.5** was not able to work with IPv6 in the Version coming from the main Repositories. So add the Repository ''[[https://download.opensuse.org/repositories/network/|https://download.opensuse.org/repositories/network/]]${releasever}/''with yast and update to the Packages of that Repository first, so you get **DDclient V3.11.3**, which is able to deal with ipv6.
-Add the Repository ''[[https://download.opensuse.org/repositories/network/|https://download.opensuse.org/repositories/network/]]${releasever}/''with yast and update to the Packages of that Repository first, so you get **DDclient V3.11.3**, which is able to deal with ipv6.
+After upgrading to Leap 15.6, this should be gone.
-The config is in ''/etc/ddclient.conf'' and it could contain e.g. those lines:
+The config is in ''/etc/ddclient/ddclient.conf'' and it could contain e.g. those lines:
 <file>
-#01.01.2023 dnydns test
+# Globals
-ssl=yes,
+daemon=300
+ssl=yes
+syslog=yes
+mail-failure=root
+# IP-Specific
 usev6=ifv6,
-if=wlan0,
+if=eth0,
 protocol=dyndns2,
-server=dynv6.com,
+server=dyndns.strato.com/nic/update,
-login=none, password='blabla'
+login='domain.tld', password='blabla',
-domainname.dynv6.net,cname.domainname.dynv6.net
+nextcloud.domain.tld,ipa.domain.tld
+# If you want ipv4 too you may use:
+usev4=cmdv4, cmdv4=/etc/ddclient/myipv4address.sh
+protocol=dyndns2,
+server=dyndns.strato.com/nic/update,
+login='domain.tld',
+password='blabla',
+nextcloud.domain.tld,ipa.domain.tld
 </file>
@@ Zeile 98: / Zeile 122: @@
   * DDClients Config is a bit strange to understand. My example is **one server **in the view of ddclient, which is why there are commas seperating the options for that host.
   * You can also specify each option without comma, but then the setting will change the **defaults**  of ddclient
+After that, you may use a script for determining the right ipv4- adress. This is while NAT of IPV4 needs the adress of your router and not you servers adress.
+One Example would be this file /etc/ddclient/myipv4address.sh
+<file>
+#!/bin/bash
+curl -s4 http://ifconfig.me/ip
+</file>
+Or - if you are using Fritzbox, then you may use phyton:
+<file>
+#!/bin/bash
+FULLSTR=$(/etc/ddclient/get_ipaddress.py)
+SEARCH='"NewExternalIPAddress":'
+S2='",'
+P1=${FULLSTR#*$SEARCH}
+P2=${P1%%$S2*}
+IPADDR=${P2:2}
+echo -n ${IPADDR}
+</file>
+And File /etc/ddclient/get_ipaddress.py
+<file>
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Quelle: https://github.com/ran-sama/fritzbox-soap-json
+# Vorbereitung:
+# - Paket python3-xmltodict installieren
+# - Benutzer, Passwort
+import requests, xmltodict, json, re
+from requests.auth import HTTPDigestAuth
+def main():
+    # define your IP and credentials in you fritzbox first
+    username = "fritzboxuser"
+    password = "passwordfritzboxuser"
+    # what we want to access
+    req_endpoint = '/upnp/control/wanpppconn1'
+    service = 'urn:dslforum-org:service:WANPPPConnection:1'
+    action = 'GetInfo'
+    # form-autofill for python users
+    soapaction = service + '#' + action
+    raw_envelope = re.sub(r"\s +", "",
+        """<?xml version="1.0" encoding="utf-8"?><s:Envelope s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><u:{action} xmlns:u="{service}"></u:{action}></s:Body></s:Envelope>""")
+    # send the authenticated soap request
+    auth = HTTPDigestAuth(username, password)
+    device = "http://fritz.box:49000" + req_endpoint
+    headers = {'soapaction': soapaction, 'content-type': 'text/xml','charset': 'utf-8'}
+    envelope = raw_envelope.format(service=service, action=action)
+    encoded = envelope.encode("utf-8")
+    boxdata = requests.post(url=device, data=encoded, headers=headers, auth=auth).content.decode('utf-8')
+    # XML to dict, remove outer nesting, pretty print JSON
+    data_dict = xmltodict.parse(boxdata)
+    response_tag = 'u:' + action + 'Response'
+    data_dict = data_dict['s:Envelope']['s:Body'][response_tag]
+    json_data = json.dumps(data_dict, indent=4)
+    print(json_data)
+main()
+</file>
 ==== Debugging ====
@@ Zeile 113: / Zeile 210: @@
 ==== Check the Connection ====
-you may now have the IPv6 of your Device published at some adress and check this by:
+you may now have the IPv6 of your Device published at some adress and check this by digging at googles DNS for that IPV6:
 <code>
-pcserver2023:~ # nslookup obel1x.dynv6.net
+pcserver2023:~ # dig @8.8.8.8 ipa.obel1x.de AAAA
-Server:         192.168.2.1
-Address:        192.168.2.1#53
+; <<>> DiG 9.18.33 <<>> @8.8.8.8 ipa.obel1x.de AAAA
+; (1 server found)
+;; global options: +cmd
+;; Got answer:
+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50334
+;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
+;; OPT PSEUDOSECTION:
+; EDNS: version: 0, flags:; udp: 512
+;; QUESTION SECTION:
+;ipa.obel1x.de.                 IN      AAAA
+;; ANSWER SECTION:
+ipa.obel1x.de.          60      IN      AAAA    2a00:1f:f8c1:6d01:468a:5bff:fe9f:6415
-Non-authoritative answer:
+;; Query time: 44 msec
-Name:   obel1x.dynv6.net
+;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP)
-Address: 2003:c4:bf3c:c236:88a:927d:ac6:5a35
+;; WHEN: Sat Feb 08 12:49:12 CET 2025
+;; MSG SIZE  rcvd: 70
 </code>