Dynamic DNS ( DDNS or DynDNS ) is the method of updating name servers automatically in Domain Name System (DNS), often in real time, with configuration DDNS is active from hostnames, addresses or other configured information.
This term is used to describe two different concepts. The first is the "dynamic DNS update" that refers to the system used to update traditional DNS records without manual editing. These mechanisms are described in RFC 2136, and use TSIG mechanisms to provide security. The second type of dynamic DNS allows for lightweight updates and often frequent use of update clients, which do not use the RFC2136 standard to update DNS records. These clients provide persistent addressing methods for devices that change their location, configuration, or IP address on a regular basis.
Video Dynamic DNS
​​â € <â €
In the early stages of the Internet (ARPANET) host addressing on the network is achieved by a static translation table that maps the hostname to an IP address. The table is manually maintained in the form of a host file. The Domain Name System brings the same method of distributing the same address information automatically online through a recursive query to a remote database that is configured for each network, or domain. Even this DNS facility still uses a static search table at each participating node. The IP address, once assigned to a particular host, seldom changes and the mechanism is initially sufficient. However, the rapid growth of the Internet and the proliferation of personal computers in the workplace and at home creates a huge burden for administrators to keep track of assigned IP addresses and manage their address space. Dynamic Host Configuration Protocol (DHCP) allows companies and Internet service providers (ISPs) to assign addresses to computers automatically when they are turned on. In addition, it helps save available address space, as not all devices can be actively used at all times and addresses can be set as needed. This feature requires that DNS servers be automatically stored at this time. The first implementation of dynamic DNS fulfills this purpose: The host computer obtains a feature to notify each DNS server of the address they have received from the DHCP server or through its own configuration. This protocol-based DNS update method was documented and standardized in an IETF RFC 2136 publication in 1997 and has become a standard part of the DNS protocol (see also nsupdate program).
The explosive growth and proliferation of the Internet into homes leads to a decrease in available IP addresses. DHCP becomes an important tool for ISPs also to manage their address space to connect home users and small businesses with one IP address each by applying a network address translation (NAT) on the router where the customer is. The private network behind this router uses an address space set aside for this purpose (RFC 1918), disguised by NAT devices. This, however, solves the principle of Internet architecture and the end-to-end method required to enable private networks, by frequently replacing external IP addresses, to find their public addresses and putting them into the Domain Name System to participate in Internet communications properly. Today, many service providers, called Dynamic DNS service providers, offer such technologies and services on the Internet.
Maps Dynamic DNS
Domain Name System
DNS is based on a distributed database that takes time to update globally. When DNS was first introduced, the database was small and could be handled easily. As the system grows, this task becomes difficult to handle by one site, and a new management structure is introduced to disseminate updates among many domain name registrars. Today's registrars offer end-user updates to their account information, usually using web-based forms, and the registrar then pushes out update information to other DNS servers.
Due to the nature of the distributed DNS system and its registrars, updates to the global DNS system can take hours to distribute. So DNS is only suitable for services that do not often change their IP address, as it does for most major services like Wikipedia. However, smaller services are generally much more likely to move from host to host over a shorter time period. Servers running on certain types of Internet service providers, especially cable modems, tend to change their IP address in a very short period of time, in the order of days or hours.
DDNS
Dynamic DNS is a system that addresses the issue of quick updates. This term is used in two ways, which, although technically the same, have very different user destinations and populations. The first is "standard-based DNS updates", which use extensions of the DNS protocol to request updates; this is often used for enterprise laptops to register their addresses. The second is usually a web-based protocol, usually an HTTP retrieval with a username and password that then updates some DNS records (with some unspecified method); this is usually used for domestic computers to register themselves with a publicly known name to be found by a wider group, such as a game server or webcam.
End users of Internet access receive IP address allocation, often only one address, by their Internet service provider. The specified address can be fixed (ie static), or may change from time to time, a situation called dynamic . Dynamic addresses are generally only provided to residential customers and small businesses, as most companies specifically require static addresses.
Dynamic IP addresses present problems if customers want to provide services to other users on the Internet, such as web services. Because IP addresses can change frequently, the corresponding domain names must be reprinted quickly in DNS, to maintain accessibility using well-known URLs.
Many providers offer commercial or free Dynamic DNS services for this scenario. Automatic reconfiguration is generally applied on the router or user's computer, which runs the software to update the DDNS service. Communication between user and provider equipment is not standard, although some standard web-based update methods have emerged over time.
Dynamic-based dynamic DNS updates
The standard method of updating dynamic domain name server records is prescribed by RFC 2136, commonly known as dynamic DNS updates. The method described by RFC 2136 is a network protocol for use with a managed DNS server, and that includes a security mechanism. RFC 2136 supports all types of DNS records, but is often used only as an extension of the DHCP system, and where the official DHCP server registers client records in DNS. This form of support for RFC 2136 is provided by most client and server software, including those that are components of the latest operating system. Support for RFC 2136 is also an integral part of many directory services, including LDAP and Active Directory Windows domains.
Function
On a Microsoft Windows network, dynamic DNS is an integral part of Active Directory, since domain controllers register their network service type in DNS so that other computers in the domain (or forest) can access it.
Enhanced efforts to secure current Internet communications involve the encryption of all dynamic updates through the public Internet, as these public dynamic DNS services have been misused more frequently to design security breaches. Standard-based methods in the DNSSEC protocol suite, such as TSIG, have been developed to secure DNS updates, but are not widely used. Microsoft developed an alternative technology (GSS-TSIG) based on Kerberos authentication.
Some free DNS server software systems, such as dnsmasq, support dynamic update procedures that directly involve internal DHCP servers. This server automatically updates or adds DNS records as it provides addresses, freeing administrators from tasks to specifically configure dynamic updates.
DDNS for Internet access devices
Dynamic DNS providers offer client software programs that automate the discovery and registration of public IP addresses of client systems. The client program is run on a computer or device on a private network. It connects to a DDNS provider system with a unique login name; the provider uses a name to connect the public IP address found from the home network with the hostname in the domain name system. Depending on the provider, the hostname is registered in the domain owned by the provider, or in the customer's own domain name. This service can work with a number of mechanisms. Often they use HTTP service requests because even strict environments usually allow HTTP services. The provider may use RFC 2136 to update the DNS server.
Many home network modems/routers include client applications in their firmware, which are compatible with various DDNS providers.
DDNS for security tool manufacturers
Dynamic DNS is an expected feature or even a requirement for IP-based security devices such as DVRs and IP cameras. Many options are available for the current manufacturer, and this includes the use of existing DDNS services or the use of custom services hosted by the manufacturer itself.
In most cases, a simple HTTP-based update API is used because it allows easy integration of DDNS clients into firmware devices. There are some pre-made tools that can help ease the burden of server and client development, such as MintDNS, cURL and Inadyn. Most web-based DDNS services use standard usernames and password security schemes. This requires that the user first create an account on the DDNS server website and then configure their device to send updates to the DDNS server whenever IP address changes are detected.
Some device manufacturers go further by simply allowing their DDNS Service to be used by the devices they create, and also eliminating the need for usernames and passwords altogether. This is generally done by encrypting the device's MAC address using an undisclosed cryptographic algorithm on the DDNS server and inside the device firmware. The resulting decryption or decryption failure is used to secure or deny an update. Resources for the development of specialized DDNS services are generally limited and involve a complete software development cycle for designing and mapping of secure and robust DDNS servers.
See also
- Comparison of DNS server software
External links
- List of dynamic DNS servers, articles on doc.pfsense.org , taken in 2017-02-17 21-59 UTC
Source of the article : Wikipedia
0 Comments