Saturday, September 23, 2017

OpenDNS IP Updater for Dynamic Networks - ddclient in Debian

I've been trying out OpenDNS's web content filtering. This computer is used (stress tested!) by two children, and I didn't want them straying onto any nasty sites.

The only problem is that my ISP gives me a dynamic IP address- which changes now and then, and when it does, content filtering stops.

Somebody suggested a Linux IP updater.

The updater uses ddclient, so the first thing to do is to install that from the Debian repository. The installer offers a lot of configuration options, but just click through those because you're going to add a custom configuration file from the link above, replacing the one that is written to the etc/ddclient.conf file.

These are the configuration settings I used:
##
## OpenDNS.com account-configuration
##
use=web, web=myip.dnsomatic.com
ssl=yes
server=updates.opendns.com
protocol=dyndns2
login=opendns_username
password=opendns_password
opendns_network_label
DNS-O-Matic is an OpenDNS service that detects your IP address- which is then fed to the OpenDNS server and updated if it has changed. (You change the checking interval by editing /etc/default/ddclient).

(In Debian at least the default setting seems to be for ddclient to run as a daemon, and there doesn't appear to be a need to add anything to start it.)

Login=the email address that serves as your OpenDNS login: joebloggs@gmail.com.

Password=your OpenDNS password, inside single quotes:'password$' (Apparently ddclient is written in Perl and special characters must be in quotes in Perl, and OpenDNS insists on at least one special character in password.) *see warning below.

opendns_network_label is the name you have given to your network on the OpenDNS settings page: for me it was Home. (NB If you have spaces in your network label, they must be replaced by underscores.)

So the final three lines were:
login=joebloggs@gmail.com
password='password$'
Home
You can test if the updater is working by running
# ddclient -verbose -file /etc/ddclient.conf
For me the updater didn't work at first- my IP address changed but OpenDNS wasn't updated.The above command gave the following error message:
updating: authorization failed Unauthorized FAILED
After an hour or two of Googling, I eventually stumbled upon a solution at DynDNS Community Forum: *apparently ddclient doesn't handle special characters well (even in quotes), and I had several in mine.

I changed my password for something with only one special character (a boring old $- they seem to be acceptable), and my IP address was updated in the OpenDNS settings, so everything seems to be working OK now.