Advances in dynamic DNS

With DynDNS almost inevitably deciding to abandon their free offerings, it was time for me to be off to pastures new to adress my few dynamic hosts. DynDNS, having long served as the go-to address for many system admins wishing to give a DNS name to their machines on dialup, has over the last few years slowly but steadily tried to convert its userbase from free to paid customers. This culminated in an eMail today, announcing that they would be discontinuing their free service entirely.

I initially toyed with the idea of hosting a dynamic DNS myself, but ended up with several reasons against it, to wit:

  • I wanted to have port 53 (DNS) on my virtual machine unoccupied, because I intend to run a “stealthy VPN” disguised as DNS traffic at some point.
  • Every solution I found pretty much boiled down to tearing a hole somwhere into my server to write zone files from a CGI, or worse, PHP script. I do not want the outside world to have an attack vector on my DNS zone.
  • My hosters’ DNS admin interface is simple and powerful enough for me to not want to go back to writing zone files myself.
  • I actually found a free offering that does what I want, and even better than my current setup!

 What my wishlist looked like:

  • I have two dial-up endpoints that due to various reasons (primarily remote location backup, and remote administration) need to be able to talk to each other. Therefore I’m content with a small number of (free) hosts.
  • Ideally, I would be able to incorporate these dynamic hosts into my domain hierarchy. Therefore, the service should allow me use my own custom domain instead of only allowing me to choose from a predefined list.
  • The service should provide an https:// update URL – one would be surprised how rarely this is the case.
  • My routers (AVM Fritz!Box) should be able to automatically update the names. Almost all dynamic DNS hosters comply with this requirement, since the URL configurable on the router is pretty free-form.
  • The service should be free as in beer.

What I ended up using:

My router came preconfigured with several other services, but none of them had the option to use custom domains. afraid.org has custom domains, but for their free service you need to offer your custom domain to all other users. Since I did not want to allow random strangers to post hostnames under my hierarchy, their service was also out.

Through random chance I ended up at Zonomi. Their free offer has a limit of 10 DNS entries, and otherwise all the features I want! Since they count the 2 NS entries and the SOA record towards that limit of 10, you only really get 7 custom entries, but other than that it fit my profile perfectly. And they have a nicely minimalistic, modern interface to boot, which I liked a lot.

I have now setup a zone dyn.example.org containing my two hosts, and have linked that to my primary domain via NS entries (dyn.example.org IN NS ns1.zonomi.com).

Works totally as expected and I got rid of those ugly mycustomname.dyndns.org names in the process. Thank you DynDNS, but good riddance!

Written on: April 7, 2014
Categorized as: Product review, System administration