What DDNS providers you guys recommend?
from Human4C@lemmy.ml to selfhosted@lemmy.world on 14 Dec 19:29
https://lemmy.ml/post/40327393
from Human4C@lemmy.ml to selfhosted@lemmy.world on 14 Dec 19:29
https://lemmy.ml/post/40327393
I’m new to self-hosting. All I did so far was install Ubuntu Server, enable SSH and tried setting up DuckDNS, which I could not set up automatic update of my IP following the documentation, neither updating manually through the website, which even though seems to be changed, when I ssh the domain, I get the initial IP
Anyone using DuckDNS? Is it working properly for you guys? Did I just mess something up?
What other DDNS providers would you recommend me?
threaded - newest
For dynamic updating of dns, don’t use ddclient or cron scripts on the server. Instead use inadyn.
Ddclient is more or less just dead/maintenance mode.
also using cron scripts kinda sucks and is ugly.
just use inadyn and spare yourself headache.
You’d basically just add something like this to the inadyn.conf file
provider duckdns.org { username = YOUR_TOKEN password = noPasswordForDuckdns hostname = YOUR_DOMAIN.duckdns.org }https://github.com/troglobit/inadyn?tab=readme-ov-file#project-archived
…well shit.
edit: that being said, duckDNS has not changed in a LONG time, so Inadyn will work for duckdns fine. May need other solutions with evolving platforms like No-IP or Cloudflare as this begins to age out if no one forks it.
I put the curl command to update my duckdns IP in cron about 13 years ago, and have never needed to touch it once.
It’s just worked for me
This. Never had an issue.
I did this too, and my log always gets an OK. But the IP never changes.
The ip shouldnt change unless the server is down for a period of time and the ip is dynamic.
If it is returning OK then it sounds like duckdns is working as intended
Oh wow, me too. And I just checked and it’s still there, still works. The token is 10 years old.
Anything that supports bind’s built-in nsupdate.
Duck DNS works great… Most of the time. If you cannot accept downtime multiple times a year, get yourself a domain and a service like cloud flare instead. DuckDNS is free and you get more than you pay for, but the bar is low when the cost is zero.
Or just use two dns providers. I have duckdns and desec. That latter seems to be a bit faster and has’t had any downtime for me so far.
Yeah DuckDNS gave me many false positive outages where its resolution failed, for multiple half-days every year I used it (5yrs+).
I moved to the afraid.org and its been solid, if anyone’s looking for another free service - only cost is you have to log in once every six months to validate your account is not dormant. They have a paid tier which gives more features (that most home users will never need), and that allows the guy running it to fund a very reliable service.
I have dyndns. I don’t recommend them, unless a coworker just gave you their lifetime pro account for free.
Thanks Roody, wherever you are!
I had used duckdns for a while back in the day. Always worked great.
These days I have a domain at namecheap which provides a DynDNS feature as well so I’m using that.
I’ve used no-ip.com for years without issue.
My NAS supports a few services out of the box. If you have anything like that, see what they support natively first.
Another free option I like is dynu.com
They have an example ddclient config in their FAQ: www.dynu.com/FAQ/Dynamic-DNS-Service#IPUpdate
I already used desec.io for my domains back when I had static IP blocks at home so I just used the dyndns api with ddclient to update them automatically for my dynamic IP.
I used to just use a script with
cronto update Cloudflare DNS records but these days I don’t screw around with exposing anything to the public internet directly, I just use Tailscale.Is there a difference between using Tailscale and Wireguard? I already have a Wireguard setup and want to know what benefits it has over Wireguard.
They’re similar but mainly Tailscale arranges WireGuard tunnels between peers. There are tons of useful features around that functionality like being able to route specific traffic through specific hosts (“nodes” using “app connectors”); it’s even better at finding a way out of hostile networks using relays.
Just as an example I typically use my VPS as an “exit node” so that all my traffic routes through it (which does a ton of tunnel hopping through commercial VPNs) while my wife isn’t into that at all, but both of us have Tailscale on our devices so when either of us accesses Home Assistant it’s routed directly to the host hosting it.
Also MagicDNS is great.
This might be obvious but it could be caching? Use a tool like dig to check if it’s really updated. Not had a problem with duckdns, works good.
You could be behind CGNAT - I’m not sure the best way to tell but it could be the reason.
I would also highly recommend buying a cheap domain to use - it would be the price of a coffee per year but makes life so much easier and you don’t have to depend on duckdns. You can buy through cloudflare, porkbun or many other options which you can search for a good DDNS service to update them.
CGNAT does have a designated range by spec. 100.64.0.0/10, which covers addresses from 100.64.0.0 to 100.127.255.255. Technically they could be using any other private address space but it would be very uncommon in a modern ISP.
I didn’t know that, thanks for sharing
I read briefly about CGNAT, a d I think this is the case, checking the IP of my services with external services I get an IP different from the one I see in my machine. Tested more than one DDNS service and all updated my IP with the same “wrong” value.
How do I solve this? Should I contact my ISP and hope they can provide a solution?
Yeah, first try your ISP to see if you can get a dynamic or fixed IP instead. Check if their website/FAQ mentions dynamic IP or cgnat. They might outright reject it, or try to upgrade you to an extortionate business package though. I signed up for my service and checked the cgnat before signing up but they hadn’t got around to updating their website that they changed their policy. After the surprise of being behind cgnat and after screenshotting their own website, I complained and hit upgraded to a higher level package for free.
You can use tailscale to get around it, but then you need to install it on all devices and login. You can use cloudflare tunnels and think you can set it to not require login for some services. Both rely on third parties. Both are also safer than exposing directly to the public internet.
If you want full control, you have to rent a cheap vps and setup a tunnel between that and your home server, then use the public IP of the vps for your services. Wireguard is probably the best choice for VPN. You could try pangolin, which is an open source cloudflare tunnel so is more complicated than a VPN but also includes a reverse proxy.
I got my domain through namecheap. So, I just use them, they have a dynamicdns implementation. I setup a namecheapddns docker container that auto updates mine.
Yep same DDClient is super simple to setup with name cheap. Followed ip address changes with very little if any down time. I’ve never noticed between ip changes.
Same! Except I use windows and they have a small app that you can install and run in the background which will update the IP if needed.
I also used duckdns for years before moving to this and I never had any issues using that either. It was the same thing, small app that ran on your machine and you needed the token and it just worked.
NoIP works great for me so far!
I’ve used duckDNS for years. A couple of years ago it started flaking out every couple of months so I migrated off it.
Another one I have seen recommended in here is afraid.org, adding it as haven’t seen it mentioned yet.
I use them. I also like their vibe and aesthetic
I’m surprised the amount of people saying they have had no issues with DucksDNS. I’ve used it for about five years and had issues on and off with it being unresponsive many times.
Gave up and moved to afraid.org about a year back and that’s been a very solid service ever since.
Can you do letsencrypt dns challenges against the free tier now? This was one reason I moved to duckdns. Plus I kept forgetting to login to keep the account alive so it would just stop working until I logged in and reactivated. Duckdns do emulate that experience with their random downtime though 😂
I used duckdns for years without any issues at all. Only reason I switched is because I’m using Pangolin and tunneling instead of exposing my IP directly.
I use ddclient on my vps
cloudns.net
On the off chance you’re facing issues due to CGNAT, you’d likely need to work around it with something like a cloudflare tunnel, or purchasing a cheap VPS and porting all traffic through WireGuard or similar.
I have been using duckdns for a few years without issues. It should be simple enough , just set up a cron job with your details as listed on their site where you configure it. This keeps your dns entry up to date.
I am using Dynu. It works fine and it’s free, no complaints. Their app for Linux to update periodically didn’t seem to work well from my experience, I just set up a cron job to do it instead.
DuckDNS had been unreliable when I used it, but it’s been a while. I swapped over to desec.io but their signups aren’t always open. Can highly recommend them though, and they offer many paths to update the IP, including DynDNS(2) protocol or just ddclient.
Also works with certbot for Let’s encrypt certificates using dns challenge.
Same. I have a router with OPNsense. In the “Dynamic DNS” section I create a “Custom” service with the DynDNS2 protocol. I type in
update.dedyn.ioas the server address. You need to also get an api key from the desec.io web panel that you input into the username and password fields.Now everytime the router’s WAN ip changes it automatically edits the DNS zone. So instead of going “your server -> DDNS provider -> DNS CNAME record” it’s just “your server -> DNS A record”
I also have a separate token for my web proxy (traefik) so that it can edit the DNS records to get let’s encrypt certificates through dns challenge as you describe.
As for the desec signups in my case one DNS zone was no problem, but for a second one I needed to e-mail them:
They asked me to (voluntarily) donate, which I did too.
<img alt="" src="https://szmer.info/pictrs/image/f056dd7b-6284-465b-a10c-27c1c4d8a903.png">
I ended up using Dynv6, great and simple serivce does exactly what I need. Made in Germany.
dynv6.com
Me too. Draytek Router automatically updates the IP. Set it up once and it is working since 2-3 years (don’t exactly rember when I set it up).
If you have a Mikrotik router, you can use its built-in Dynamic DNS, and configure a CNAME on your domain name
For my server I bought a domain on loopia.se and pay for no other features than the domain name. On the Loopia website I then changed the DNS nameserver to Cloudflare and use a script to update the IP of my network. Cloudflare has some package you can install on Linux to update the IP but I never tried it.
Well, if you use DDNS I assume you have some kind of server behind that. I just self host a godns container. No need for any service except an DNS API. I use cloudflare. But my IP only changes rarely, so I can’t tell you how fast that setup propegates
I am using DuckDNS and it’s working perfectly for me. I use the DynDNS feature of my Fritz!Box to update my DuckDNS-IP. The documentation on their website is spot-on for me, even for my IPv6 and I never had any issues with DuckDNS.
What I like most about the service is the possibility to use subdomains like my-service.my-username.duckdns.org. I don’t know whether this is a commong feature or not.
When you had problems updating your IP Adresse did you consider that DNS information takes some time to propagate through the internet? I think it is not guaranteed that you can access a recently changed domain.
How did you test your DuckDNS entries?
DuckDNS was resolving slow as hell for me so I ended up picking up a cheap domain from Porkbun, they got API access and it seems most of the ddns tools support them too
I used nsupdate for years and it worked just fine. I remember it being down, one time only, for like five minutes. For a project that depends entirely on donations, the service and availability they provide are just awesome.
i am using freedns.afraid.org for over a decade now and problems occured less than 5 times over that period. all others i ever tried were worse over time.
My Domain registrar has a reverse DNS service included.
I’m currently using ipv64.net
Been using ddnss.de before that for some time, but they had some outages. No problems with ipv64 so far.
I’ve been using desec.io since it’s european, non profit and privacy oriented. Bring your own domain though. Works well, although my caddy plugin has problems getting certs sometimes. My pangolin instance never has any issues getting certs so might be caddy desec plugin specific.
desec does offer one free subdomain, and you can use as many nested subdomains as you want for your services. do note you’ll need a wildcard cert for each subdomain level: *.sub.dedyn.io and *.app.sub.dedyn.io if a service needs it’s own subdomains for apis and whatnot.
edit: also a note for any fellow noobs like me it’s deDYN.io not deSEC.io on your account/subdomain. it took me an embarrassingly long time to realize my mistake trying to sign up with every subdomain i tried saying it exists already.
Any DNS provider is good if they offer an API that lets you use PUT to modify DNS records. You can make a small bash script and crontab it. I also used DuckDNS for a while, and it worked fine.
This is a great question that is relevant for me this week. Been trying to set up a wireguard vpn and found I need a DDNS. Lots of good answers to look into in the comments. Thanks everyone.
DuckDNS has long enough latency (over 2000ms) where Google Assistant can’t connect. I moved to FreeDDNS and my Home Assistant issues went away.
Reference: community.home-assistant.io/t/…/140?page=7