Enabling and configuring the DNS server. How to Set Up Remote Access via DDNS on a TP-Link Router - Static IP Address from Dynamic
If you know what it is IP address And DNS but don't know what it is DynDNS or you know, but don’t know how it can be useful, then this article is for you. If you don't know what it is IP address And DNS and even more so DynDNS, but you get Internet at home using technology ADSL(For example, WOW from Ukrtelecom), then this article may also be useful.
I'll start with IP addresses And DNS. Each computer that is connected to the Internet has a numerical value that serves to uniquely identify it. This numerical value is called IP address. Example - 92.113.177.223 . It is difficult for us humans to remember such numbers. That's why smart people came up with DNS :)
Domain Name System ( DNS - domain name system) allows you to match a domain name (convenient for us people) with IP address(convenient and necessary for cars). Thanks to DNS we type in the address bar of the browser not difficult to remember IP addresses, and the names we understand are: ya.ru, website etc. :)
The situation is developing in such a way that IP addresses there is no longer enough for all computers, so such conventional concepts as static IP address And dynamic IP address. Do not confuse the concepts of dynamic IP address and ! It is customary to call it static IP address which is leased to you (your computer) for a certain period (usually an agreement is concluded with the provider on this matter) and you are guaranteed to be able to use it during this period and it will not change. That is, the provider gave you the address 80.80.100.150 and the contract states that it will static, which means you can use this address all the time and no one else will receive it. What's happened dynamic IP address The easiest way to show this is by using the same connection as an example WOW from Ukrtelecom. When you connect to the Internet, your equipment also receives IP address, but it is not permanent, since the next time you connect you will receive a different address, then a third, etc. Of course they will IP addresses from a certain range, but which one exactly IP address you will receive the next time you connect is unknown in advance.
There's nothing wrong with dynamic IP addresses unless you start doing more interesting things than just accessing the Internet from your computer. For example, the inverse problem is . Let's take the simplest case - access to a computer using the protocol RDP- connection to the remote desktop of our Windows XP. What do we need to connect to our home computer from a work computer? Nothing special. Allow and configure the connection itself on your home computer and know it IP address. But know IP address we certainly cannot, since it is dynamic and can be anything at the moment when we want to connect to the computer. Classic domain name system ( DNS) only works with static IP addresses. And we cannot link a domain name to our IP address.
This is where it comes in handy DynDNS. This service allows you to track changes in our IP address and ensures that our domain name is associated with the currently current IP address of our computer. Then we only need to remember the domain name of the computer, and DynDNS will already make sure that the currently valid IP address is always associated with this name.
How does this work in practice? I'll tell you with my own example. There is a website that provides such a service. It's called dyndns.com. Having registered on this site, I created a domain name of the form kuzmenko.dyndns.org. And continue on your own ADSL modem In chapter DynDNS, registered my credentials. All. Now I can always log into my computer using the domain name (so far there have been no failures in a year and a half). If you need a more detailed description of registration or settings on the modem, write, I’ll add it.
I wrote about that in more detail. The main thing to remember is that you only need to configure the DynDNS client on one device on the network, and, if possible, on the one that receives an external dynamic IP address.
A DNS server is an extremely useful feature to protect your own computer from malicious sites. The process seems difficult for beginners, but in reality everything is much simpler, and the procedure for installing a DNS server will not take much time.
DNS is an acronym derived from Domain Name System. From English to Russian this is translated as “Domain Name System” changing them into IP addresses. And the DNS server stores the corresponding addresses in the database.
The work is carried out in this way: the browser, going to the site, contacts the DNS server to find out the desired address. The Server identifies the site, sends a request to it, and sends the received response back to the user.
How to find out if the DNS server is enabled on your computer
The current DNS server settings are determined as follows:
- “Control Panel” -> “Network and Internet” -> “View network status and tasks.” Select your network connection, go to the “General” panel, then go to properties.
- Go to the properties of “Internet Protocol Version 4 (TCP/IPv4)”.
- Open the "General" tab. If the option to use the following DNS server addresses is activated, it means it is in working mode.
Repeat the previous steps, activate “Use DNS server”. After this, you will need to specify a primary DNS server, and then a secondary one.
How to configure/change DNS
When changing or additional settings, you will not need to perform many actions. You must use the window that was opened earlier and go to the “Advanced” item. Here, detailed adjustment of access to DNS servers is carried out. In Windows 7, you can configure all this yourself. Therefore, the question of how to change the DNS server yourself will not cause problems.
DNS suffixes are also available for management. The average user does not need them. This setting, which helps to conveniently share resources, was created for providers.
On a wi-fi router
When using a router, you must set its IP address in the DNS options. To perform these manipulations, you will need DNS relay and DHCP server enabled.
The router interface is designed for checking and subsequent detailed settings. First you need to check the DNS in the WAN port. DNS relay is activated in the LAN port settings.
On the computer
Setting up a DNS server in Windows 10 is similar to the same situation in earlier versions of the OS. First you need to select the “Internet Protocol Version 4 (TCP/IPv4)” properties. Go to additional options and configure the list of servers.
Setting up a DNS server on a computer and on a laptop is the same.
On a tablet
Depending on the installed operating system, the actions differ somewhat, but they all have the following points in common:
- Open the “Wi-Fi” menu located in “Settings”.
- Go to the properties of the current Internet connection.
- Click “Change network”, then “Show additional parameters”.
- Scroll to the DNS servers item, then register them.
On a smartphone
Since now there is not much difference between the operating systems of a phone and a tablet, to set up the necessary DNS servers, it is enough to know the instructions described above.
Possible errors and how to fix them
Problems with Internet operation occur when the DNS server settings are incorrect, including when they unexpectedly fail.
What to do if the server is not responding or is not detected
Most often, this problem occurs when the server is disconnected or the settings are lost. To do this, open the “Control Panel”, go to “System and Security”, then “Administration”. Click on “Services”, find “DNS Client” and double-click on it. The status bar indicates the command “Running”. Otherwise, you need to select automatic startup type from the drop-down list above.
If the service is running but the error still appears, there are server problems. First, it is better to change the DNS server addresses according to the above instructions. However, it is still possible to reinstall the network card drivers, check the Internet connection and ask your provider about possible technical problems.
Doesn't resolve names correctly
If this error occurs, you need to check the correctness of your DNS server settings. It’s better to simply change the DNS server address to get rid of the problem.
Problems are also possible on the operator’s servers, and the problem is solved in the same way - by changing the DNS.
For the inexperienced user, there is a list of high-quality and free servers:
Addresses: 8.8.8.8; 8.8.4.4
Like all Google services, it performs its tasks efficiently, but has a known disadvantage - it collects and stores user statistics. Despite this, the server does not have any access to personal data, so there is no need to worry about security.
If you want to learn more about server work, there is official documentation on the information site.
OpenDNS
Addresses: 208.67.222.222; 208.67.220.220
A popular server due to the presence of a wide range of filters and protection against theft of personal data. Basic functions are free, but it is possible to purchase premium access, which allows you to create a “locked network environment” and increase connection speed.
DNS.WATCH
Addresses: 84.200.69.80; 84.200.70.40
Does not require registration to use, provides a more serious level. The only negative is the low speed.
Norton ConnectSafe
Addresses: 199.85.126.10; 199.85.127.10
It also does not “ask” for pre-registration and securely stores user data. Created by the developers of Norton antivirus, without requiring additional advertising.
Level3 DNS
Addresses: 4.2.2.1; 4.2.2.2
Suitable not only for personal use, but also for corporate purposes. A completely free resource, it ranks third in global popularity.
Comodo Secure DNS
Addresses: 8.26.56.26; 8.20.247.20
The basic version is free, but for some money you can purchase a large number of useful services. It provides reliable data protection in both paid and free versions.
OpenNIC DNS
Addresses: you should go to the project website, it will select the best ones depending on the user’s location.
Due to its huge coverage, it allows you to conveniently explore the Internet anywhere in the world.
DHCP server: what is it and what are its features
Most suitable for networks with a large number of computers due to the transfer of their network settings to all connected devices.
Such a server allows the administrator to specify a range of server hosts and avoid wasting a lot of time on detailed optimization.
It only works with IP address settings and the addresses themselves.
Conclusion
The primary task of DNS servers is to transfer an IP address. Servers from other companies, some of which are described above, can speed up and greatly facilitate Internet surfing. However, it does not require painstaking setup, and many errors can be resolved by using another server.
IVAN KOROBKO, certified MCP specialist, author of more than 50 articles and two books. Engaged in the creation of various applications for Active Directory
Home hosting
We use dynamic DNS services
How to ensure constant access to network resources whose IP addresses periodically change.
Most modern TCP/IP networks use a DNS service, the main purpose of which is to map easy-to-remember names like company.com to IP addresses. Without this service, using the Internet would be very difficult, because... remembering multiple IP addresses is much more difficult than remembering the names of network resources associated with content. Dynamic DNS (Dynamic DNS, DDNS) services work in a similar way, which allows you to assign domain addresses to resources that often change their IP address. To update a changed IP address, a special program is used, which is installed on the computer or included in the router firmware.
Most xDSL providers provide Internet access using a dynamic IP address allocated from a pool of their IP addresses. In this case, the IP address usually changes once every 24 hours, after which the existing session is terminated and then restored, and the IP address is updated. In this regard, resources located behind the router in the internal network (LAN) will be unavailable, because now the IP address to access them is unknown. Using the DDNS client built into most ADSL modems, you can map a new IP address to a registered domain name.
Dynamic DNS services on the Internet
There are many websites on the Internet that provide DDNS-enabled domain names for free. Currently, there are several such services in the world:
- no-ip.com
- tzo.com
- dyndns.com
- dyndns.dk
- FreeDNS.afraid.org
- ChangeIP.com
The list of services from which you have to choose is limited to the list located on the built-in website of the ADSL modem. It usually contains one or two sites. This list is hardcoded into the modem firmware and can only be changed by the manufacturer (see Fig. 1).
Each of the services supports several dozen second-level domain names, for example dyndns.info, game-host.org, homeftp.net. The user determines the host name independently when registering an account on the server.
First level domains
Currently, DDNS servers on the Internet provide second-level domains, and various network-wide top-level domains are actively used. The latter are divided into network-wide and geographic. Since the location of the user's registered domain using the DDNS server is not static, the server only provides publicly available domain names.
Registration on the Dynamic DNS server
Before registering a domain name, you must create your own account on it. On the server http://www.DynDNS.com the registration procedure is extremely simple. Several parameters need to be set:
The name for logging into the site (login), which will subsequently be specified in the ADSL modem (see Fig. 2).
Password and its confirmation. The password must be at least 5 characters long.
Email address and confirmation. The specified email address should not be fictitious, since it receives a letter containing a link to activate the created account.
After completing the account creation process, an email will be sent to the specified mailbox containing a link to activate the created account. After logging into the site under a registered name, you need to create a host and select a domain name from the proposed list (see Fig. 3), then activate the changes made.
Setting up Dynamic DNS in an ADSL modem
Any modern ADSL modem has a built-in web interface. However, not all of them support the Dynamic DNS service. Before purchasing a modem, you need to familiarize yourself with its specifications and make sure that this service is supported, find out the list of supported DDNs sites and make sure that the list of second-level domains is suitable for you. Despite the differences in the web interfaces of different modems, the ideology of setting up the DDNS service is the same everywhere.
Note: as a rule, to enter the internal website of the modem, the standard address 192.168.1.1 is used. The name and password must be clarified in the documentation or on the modem manufacturer’s website. Typically, the login name for the site is admin, the password is admin or 1234.
Note: when you try to log into the website http://www.DynDNS.org, you are automatically redirected to http://www.DynDNS.com.
In Fig. Figure 4 shows a screenshot of the Dynamic DNS service configuration, which is divided into two parts.
In the first of them (Dynamic DNS Setup), a connection to the service provider website (www.DynDNS.org) is configured. The second part (IP Address Update Policy) manages the location of the site, which can be created on one of the computers on the internal network.
Dynamic DNS Setup
In the Dynamic DNS Setup group of parameters, you must select the provider (on whose website the domain name is registered), the host name and account parameters for logging into the provider’s website. After all the data has been entered, you need to activate the service in the ADSL modem. To do this, check the box next to the Active Dynamic DNS entry. This completes the initial setup. Make sure that the modem connection to the site is established. To do this, you need to run several commands in the command line shell:
ipconfig /flushdns– clears the DNS service cache on the local computer;
ping korobko.DynDNS.info– allows you to determine whether the site is accessible at a given time.
Setting up IP Address Update Policy
In the IP Address Update Policy section, you configure the internal IP address where the network resource, such as a website, will be located. By default, the router's IP address is set to Use WAN IP Address. It is recommended to use either automatic IP address detection (Dynamic DNS server auto detect IP address), or specify the IP address (Use specified IP Address) of the internal network computer on which the site or FTP server is located.
Let's assume that all local network addresses are assigned statically and the IP address of the computer on which the WEB or FTP server will be created is 192.168.1.2. Based on these premises, it is preferable to choose the third setting option (see Fig. 4, point 2).
Installing and configuring IIS server
The IIS server is a standard component of Windows operating systems that is not installed by default.
To install it, you need to launch the Add or Remove Programs snap-in in the Control Panel. In the dialog box that appears, go to the “Install Windows Components” tab and check the box next to Internet Information Server (IIS).
When setting up a web server, you must remember that users visiting the site are perceived by the system as anonymous, i.e. unidentified. Therefore, you must disable user credential checking in the server properties.
Comment: By default, only the WEB component is installed. If you need to install an FTP server, select the appropriate component in Internet Information Server (IIS).
Using dynamic DNS services will ensure constant access to network resources whose IP addresses periodically change. In particular, this way you can provide access to files using human-readable web addresses, thereby replacing file hosting services on the Internet. In addition, supporting your own website will save money on hosting, especially if it is Windows Hosting (ASP/ASPX).
Sometimes it is necessary to register DNS for a computer with a dynamic IP address. A simple way for this is services like dyndns, described in the recent topic Linking a domain and dynamic IP. Sometimes this approach works quite poorly.
For example, in my situation, the provider Sometimes changes my public IP address. This sometimes happens usually once every few months. In addition, my home computer rarely reboots. During this time, the dyndns service, which I had previously used, managed to send me inactivity notifications a couple of times in order to disable the “unused” account. It is also not possible to switch to a manually registered DNS zone, because sometimes the address still changes. Moreover, you usually find out about this when you need access to your home computer here and now.
To implement the described method, you will need a server on the Internet with a DNS server bind on it. As well as a domain zone, the subdomain of which we will allocate for our computer. An option is described for connecting a Linux computer to a Linux server. To use other operating systems, you will need to read the manuals and modify some steps.
So:
1. We have an installed bind9 server with the server.org domain
2. Create a zone client.server.org.zone:
$ORIGIN.
$TTL 10 ; 10 seconds
client.server.net IN SOA ns1.server.net. hostmaster.server.net. (
18 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
604800; expire (1 week)
10 ; minimum (10 seconds)
$TTL 3600 ; 1 hour
NS ns1.server.net.
NS ns2.server.net.
MX 10 client.server.net.
Here the servers ns1.server.net and ns2.server.net are the DNS servers for our zone, client.server.net is the address of our home computer
3. generate keys on the client:
client# cd /etc/namedb/keys
client# dnssec-keygen -b 512 -a HMAC-MD5 -v 2 -n HOST client.server.net.
4. Create a file with the key on the server:
server# cd /var/named/chroot/etc
server# vim keys.conf:
Key client.server.net. (
algorithm "HMAC-MD5";
secret "omr5O5so/tZB5XeGuBBf42rrRJRQZB8I9f+uIIxxei8qm7AVgNBprxtcU+FQMzBvU/Y+nyM2xbs/C8kF3eJQUA==";
};
In this case, a symmetric key is used, which is unsafe: if someone has access to the key file on your server, they can use your key to change your zone data. In this case, you can use an asymmetric key.
Set the access rights to the file with the keys:
server# chmod 640 keys.conf
server# chown root:named keys.conf
5. add our zone to named.conf:
include "/etc/keys.conf"
zone "client.server.net" (
type master;
file "zones/client.server.net";
allow-update(
key client.server.net;
};
};
Here is a parameter that allows you to update zone data. In general, after reading the manuals, you can find options for this parameter that allow you to update only one entry in the zone for a given key. That is, you can have a zone with the subdomains client1, client2, etc. registered in it. which will be authorized with the keys key1, key2, etc.
6. Restart the DNS server:
server# /etc/init.d/named reload
7. Create a script on the client that will update the zone data:
#!/bin/bash
IFACE="wlan0"
TTL=3600
SERVER=ns1.example.com
HOSTNAME=foo.example.com
ZONE=example.com
KEYFILE=/root/ddns-keys/Kfoo.example.com.+157+12345.private
New_ip_address=`ifconfig $IFACE | grep "inet addr:" | awk "(print $2)" | awk -F ":" "(print $2)"`
new_ip_address=$(new_ip_address/ /)
Nsupdate -v -k $KEYFILE<< EOF
server$SERVER
zone $ZONE
update delete $HOSTNAME A
update add $HOSTNAME $TTL A $new_ip_address
send
EOF
At the beginning of the script, the corresponding parameters are described: interface, server and zone names, location of the file with the key.
8. All that remains is to configure autostart/automatic address change when changing DNS.
We will do this using a script for NetworkManager:
create a file /etc/NetworkManager/dispatcher.d/20-dyndns.sh:
#!/bin/sh
Iface=$1
state=$2
If [ "x$state" == "xup" ] ; then
/etc/namedb/ddns-update
elif [ "x$state" == "xdown" ]; then
true
fi
Let's make it executable and owned by the root user.
Let's launch, check, use.
Upd: If it doesn’t work, check (set) on the server the rights of named to write to the folder in which the file client.server.org.zone is located
named will create a client.server.org.zone.jnl file there
The following materials were used.
