Transcription
How to Configure Dynamic DNSon a Virtual Access RouterIssue1.0Date03 April 2012
Table of contents1About this document . 31.1Scope . 31.2Readership . 31.3Terminology . 32Introduction . 42.1How does the router implement Dynamic DNS? . 42.1.1Overview . 42.1.2Address updates . 42.1.3VRRP support . 53Configuring the router . 63.1Configuring Dynamic DNS on a Virtual Access router . 63.1.1Configure the Dynamic DNS system . 73.1.2Configure Dynamic DNS entries . 73.1.3Defining a custom Dynamic DNS provider .104Diagnostics . 124.1Dynamic DNS statistics . 124.2Trace analyzer . 134.3Tracing using the command line . 144.3.15Command line syntax .14Interactive commands . 155.1Update Dynamic DNS. 15Copyright 2012 Virtual Access (Irl) Ltd. This material is protected by copyright. No part of this material may be reproduced,distributed, or altered without the written consent of Virtual Access. All rights reserved. Third party trademarks are the propertyof the third parties.How to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0Page 2 of 15
1: About this document1 About this documentThis document describes how to configure a Virtual Access router’s settings for DynamicDNS.1.1 ScopeThis document explains how to:Configure the router for Dynamic DNSUtilise the diagnostic and trace analyzer tools in the router1.2 ReadershipThis document is for engineers who have previous experience configuring and managingnetworks.1.3 TerminologySLAService Level AgreementDNSDomain Name ResolutionDyn DNSDynamic Domain Name ResolutionDDNSDynamic Domain Name ResolutionHow to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0 Virtual Access Ltd.Page 3 of 15
2: Introduction2 IntroductionDynamic DNS functionality on a Virtual Access router will dynamically perform DDNSupdates to a server so it can associate an IP address with a correctly associated DNSname. Users can then contact a machine, router, device etc. with a DNS name ratherthan a dynamic IP address2.1 How does the router implement Dynamic DNS?2.1.1OverviewAn account is required with the provider, and one or more domain names are associatedwith that account. A dynamic DNS client on the router monitors the public IP addressassociated with an interface and whenever the IP address changes, the client notifies theDNS provider to update the corresponding domain name.When the DNS provider responds to queries for the domain name, it sets a low lifetime,typically a minute or two at most, on the response so that it is not cached. Updates tothe domain name are thus visible throughout the whole Internet with little delay.Note: most providers impose restrictions on how updates are handled: updating whenno change of address occurred is considered abusive and may result in an account beingblocked. Sometimes, addresses must be refreshed periodically, for example, once amonth, to show that they are still in active use.2.1.2Address updatesThe DDNS client will support two types of address update:updating the public address associated with the default route, orupdating the address bound to a particular interface.The difference between these is best illustrated by example. Consider a router with anADSL link configured on ppp-1 and a backup 3G link on ppp-2. When the ADSL link isoffline, the backup link becomes active.Now consider binding the DNS client to the default route. Only a single domain name isneeded, let's say ‘va1-test-provider.org’. When the default route points to ppp-1, thedomain name is updated to reflect ppp-1's IP address. If ppp-1 goes down and thedefault route switches to ppp-2, the domain name is updated to reflect ppp-2's address.When ppp-1 becomes active again, the domain name changes back to ppp-1's address.In this scenario, the single domain name ‘va1-test-provider.org’ will always route to therouter, regardless of whether the main ADSL link or backup 3G link is in use. For mostpurposes, this will be the preferred behaviour.For some applications, it may be preferable to distinguish between the two interfaces. Forexample, the 3G interface may be associated with a private network used purely for outof-band management, while still being assigned a dynamic IP address when a connectionis made.In this case, we can assign separate DNS names to each interface. ‘va1-test-adslprovider.org’ can be associated with either the default route or directly with interfaceppp-1. ‘va-test-3g-provider.org’ can be associated with interface ppp-2.How to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0 Virtual Access Ltd.Page 4 of 15
2: IntroductionIf ppp-1 goes offline, no change is made to the DNS entry for ‘va1-test-adslprovider.org’; the associated IP address simply no longer works, since there is no routeto the routerWhenever ppp-2 comes online, ‘va1-test.3g.provider.org’ is updated with the ppp-2 IPaddress. If ppp-2 is offline, then the domain name still exists but again will not beroutable.2.1.3VRRP supportDDNS functionality on the router contains support for interacting with VRRP. This isprovided by a configurable option. If the ‘Update Only If VRRP Master’ configurationoption is set for a domain entry, then any event that normally causes that domain nameto be updated will be ignored if the router is not a VRRP master, or if VRRP is disabled. Ifthe router is a VRRP master, then domain name updates take place as usual.In addition, whenever the router attains VRRP master status, including after a reload,any domain names configured in this way will perform a forced update to their IP addressto reflect its current setting. Several routers participating in a VRRP group can each havea Dynamic DNS client active for the same domain name, and whenever the master statusmoves to a new router, the domain name is guaranteed to follow it.How to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0 Virtual Access Ltd.Page 5 of 15
3: Configuring the router3 Configuring the routerAll Virtual Access routers contain an internal web server to configure it. Before you canaccess the internal web server and start configurations, you must ensure that your PChas the correct networking set up.When your router is correctly connected to your PC, type fast.start into the URL line ofyour browser to display the start page.Figure 1: The start pageAccess the Fast Start Wizard by clicking the Fast.Start icon on the start page of theembedded web.The Fast Start Wizard will guide you through a series of forms that you must complete toconfigure your router.3.1 Configuring Dynamic DNS on a Virtual Access routerTo configure Dynamic DNS, click Advanced on the start page. The Advanced menu pageappears.How to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0 Virtual Access Ltd.Page 6 of 15
3: Configuring the routerFigure 2: The Advanced menu showing expert viewIn the left-hand menu, click Expert View.3.1.1Configure the Dynamic DNS systemIn the Expert View menu, select System - local clients - dyn dns - system. TheDynamic DNS page appears.Figure 3: The Dynamic DNS system pageFieldDescriptionCommand LineEnabledEnables or disables the IP address.Set DNS Dynamicclient enabled,yesyesEnables Dynamic DNSnoDisables Dynamic DNSTable 1: The dynamic DNS page field, description and command line3.1.2Configure Dynamic DNS entriesUp to 10 dynamic DNS client entries are supported, each corresponding to one domainname. Several domain names can be associated with the same interface if desired.How to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0 Virtual Access Ltd.Page 7 of 15
3: Configuring the routerSince it is common to use a single provider to manage multiple domain names, the clientallows the provider information for a particular entry to be inherited from the previousentry rather than having to be re-entered. This action is controlled by setting the"Provider Type" field to Previous. The provider address, username and password arethen all inherited from the most recent configured preceding entry.The special provider type 'Custom' uses the same update mechanism as DynDns.org, andis provided merely to make it more obvious that a custom update provider has beenselected. It will not fill in a default URL, so failing to provide one will generate an errorrather than an erroneous update to DynDns.com.3.1.2.1Configure a Dynamic DNS entryIn the Expert View menu, select System - local clients - dyn dns - entries. TheDynamic DNS Entries list page appears.Select add to add an entry.Figure 4: The Dynamic entries listHow to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0 Virtual Access Ltd.Page 8 of 15
3: Configuring the routerFieldEnabledDomain NameDescriptionCommand LineIndicates whether this dynamic DNS entry isconfigured or not.yesEnables an entry.noDisables an entry.The fully qualified domain name associated withthis entry. This is the name to update with thenew IP address as needed.Set DNS Dynamicclient enabled,yesSet DNS Dynamicclient entry DomainName 1, a.b.c.dThe interface to monitor for updates.InterfaceRefresh RatedefaultMonitor the interfaceassociated with the currentdefault route.interfacexMonitor the interface selected.noneThis entry is not associatedwith any interface. This entrycan only be updated manuallyusing the Update DDNScommand; this may beappropriate for specialscenarios where a scriptmonitors some activity andtriggers the update.Determines how often to refresh this entry, indays, to prevent it expiring. This is no longerrequired by most providers. If configured to anon-zero value, an update will be forced for theentry after that number of days has expired,even if the IP address has not changed.When set to yes, only update this entry if atleast one Ethernet interface on the router iscurrently a VRRP master.Update Only IfVRRP MasteryesOnly update this entry if at leastone Ethernet interface on therouter is currently a VRRP master.Set DNS Dynamicclient entryinterface 1Set DNS Dynamicclient entry RefreshRate 1Set DNS Dynamicclient entry updateOnly When VRRPMaster 1noAlways update this entry regardlessof VRRP state.Governs how account authentication and nameupdating is carried out. Most DNS providers willconform to one of the provider types listedhere.PreviousDyn.comProvider TypeThis entry uses the sameupdate mechanism as themost recent configuredpreceding entry.Uses Dyn.com updateparameters.Dyn.comNoSSLUses HTTP instead of HTTPSfor the update. This is lessmemory intensive, and makesit easier to view the updatetraffic with a network snifferfor debug purposes, howeverit is less secure.DynDns.orgUses Dyn.com updateparameters.How to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0Set DNS Dynamicclient entryProvider type 1 Virtual Access Ltd.Page 9 of 15
3: Configuring the routerCustomRead section 3.1.3 for moreinformation.The fully qualified HTTP URL where you setupdate requests. If left empty, this isautomatically inferred from the selectedProvider Type. Only configure this when using anon-standard provider.The URL should begin with http or https andmay include an optional port number after thedomain nameRead section 3.1.3 for more information.The HTTP parameter string to be supplied tothe given URL.Read section 3.1.3 for more information.Update URLUpdateParametersyesnoPassword3.1.3DNS Dynamic ClientEntry Update URL 1DNS Dynamic ClientEntry UpdateParameters 1The response text must begin withgood to indicate a successfulupdate.nochg for an unnecessary update.Anything else will be treated as anerror.Check ResponseUsernameA special entry which has noassociated default providerURL. In this case, an UpdateURL must be provided.DNS Dynamic ClientEntry Check ResponseA 200 response from the remoteserver is sufficient to indicate asuccessful update.set DNS DynamicClient EntryUsername 1,set DNS DynamicClient EntryThe password to use for authenticating domainEncrypted Password name updates with the selected provider.1,Table 2: The DNS entry page fields, descriptions and command linesThe user name to use for authenticatingdomain updates with the selected provider.Defining a custom Dynamic DNS providerIf you need to update a DNS provider that is not natively supported by the DNS client onthe router, you can use the advanced settings to directly configure such a client.Typically, you configure the DNS Provider Type to 'Custom' and then define Provider URLand Provider Parameters setting specific to that provider. If you select a Provider Typeother than Custom, for example, DynDns.org, you can leave either or both the ProviderURL and Provider Parameters fields empty and they will inherit the default values fromthe selected provider. This is convenient if, for example, you want to update the defaultupdate URL for a particular provider, but keep the update parameters the same.The update URL is defined as a fully qualified HTTP or HTTPS URL to the published updatesite for the provider, without any appended parameters. Do not include any embeddedusername or password information in the URL. Define the username and password usingthe Username and Password configuration options.For example, the HTTP and HTTPS update URLs for DynDns.org mbers.dyndns.org/nic/updateHow to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0 Virtual Access Ltd.Page 10 of 15
4: DiagnosticsThe URL may include an optional port number after the domain name. For he parameters field is appended to the update URL and contains the details of thedomain name being updated, new IP address, etc. It can contain special variable namesin braces which will be replaced by the corresponding value when performing the update:{ip}{domain}{username}{password}New IP addressDomain name being updatedUsername configured for this providerPassword configured for this providerWarning: the password is entered in plain textFor example, the update parameter list for DynDns.org is:hostname {domain}&myip {ip}&wildcard NOCHG&mx NOCHG&backmx NOCHGThe update URL and parameters list are combined to make a full URL, any neededvariable substitution is carried out, and then a HTTP GET is performed on the resultingURL to perform the update.How to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0 Virtual Access Ltd.Page 11 of 15
4: Diagnostics4 DiagnosticsVirtual Access routers support extensive remote diagnostics, status and SLA monitoringcapabilities.The status and diagnostics tools are provided as a series of Java applets.4.1 Dynamic DNS statisticsTo view Dynamic DNS statistics, from the start page, click Advanced - Expert View.In the top menu, click Operations.In the Operations menu, click troubleshooting - advanced operations - diagnostics - dynamic DNS client the dynamic DNS Stats page appears.Figure 5: The Dynamic DNS status pageThese commands display the current metrics for the dynamic DNS client.CommandDescriptionHiddenShow DDNSDisplays a summary currently configured dynamicDNS client entriesNoShow DDNS ALLDisplays a detailed list of all currently configureddynamic DNS client entriesNoShow DDNS [1 – 10]Displays a detailed view of a single dynamic DNSclient entry (whether configured or not)NoShow DDNS ProvidersLists all available DNS provider names, and theirdefault update URLsNoShow DDNS StatusDisplays current status of the DDNS client (idle,updating entry x, most recent error)NoShow DDNS Name [1-10] Displays the domain name associated with entry X,Noor “unconfigured”Table 3: Dynamic client commandsHow to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0 Virtual Access Ltd.Page 12 of 15
4: Diagnostics4.2 Trace analyzerThe Trace Analyzer provides a web interface to event tracing allowing you to quicklylocate and analyze problems.To view the Trace Analyzer, from the start page, click Advanced.In the Advanced menu, click Diagnostics.On the Diagnostics page, click Trace Analyzer. The Trace Analyzer pop-up windowappears.To view the Dynamic DNS traces check Custom Events and then click Select. TheSelect Events to Trace pop-up window appears.In the Events Available window, scroll to the bottom of the list and select DNSP. DNSPappears in the Selected Events window. Click ADD.How to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0 Virtual Access Ltd.Page 13 of 15
4: DiagnosticsFigure 6: The select event classes to trace pop-up window4.3 Tracing using the command lineFor information on logging on to the command line interface, read the quick guide ‘Usingthe CLI to Manage an SMG’Tracing via the command line is more flexible than using the trace analyzer as you canspecify the event severity and use the all class event to trace all event classes.Command line tracing also allows you to trace to a log file for examining events over aprotracted period of time.If you enter no event severity, all event severities are displayed.If you chose an event severity, all events of the chosen severity and greater aredisplayed.4.3.1Command line syntaxTo stop tracing, entering – (minus) followed by the event class will stop tracing for thisevent class. Entering – (minus) on its own will stop all tracing.SyntaxDescription dnspStarts tracing DNS Proxy events (includes Dynamic DNS events)–dnspStops DNS Proxy tracingTable 4: The command line tracing syntax and their descriptionsHow to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0 Virtual Access Ltd.Page 14 of 15
5: Interactive commands5Interactive commands5.1 Update Dynamic DNSThe command line UPDATE can be used to allow some or all of the entries associatedwith a dynamic DNS name to be updated immediately rather than whenever the interfaceIP address appears to have changed.In each case, the optional –f parameter can be used to force an update, even if the IPaddress appears to have not changed since the last update. This may be consideredabusive by the DNS provider, so should be used with caution.CommandDescriptionUpdate DDNS [-f] ALLUpdates all currently configured dynamic DNSnames.Update DDNS [-f]portnameUpdates all dynamic DNS entries associated withthe given port name; if the default route currentlyroutes out this port, then default entries are alsoincluded.Update DDNS [-f] number Updates the dynamic DNS entry associated withtable entry 'number', which must be configured.Update DDNS [-f]domainnameInvokes a dynamic DNS update for the DDNS entrywith a Domain Name matching the given name. Forexample, Update DDNS va1-test.dyndns.org.Table 5: Update Dynamic DNS commands and descriptionsHow to Configure Dynamic DNS on a Virtual Access RouterIssue: 1.0 Virtual Access Ltd.Page 15 of 15
name. Users can then contact a machine, router, device etc. with a DNS name rather than a dynamic IP address 2.1 How does the router implement Dynamic DNS? 2.1.1 Overview An account is required with the provider, and one or more domain names are associated with that account. A dynamic DNS client on the router monitors the public IP address
