Difference between revisions of "Dynamic DNS tutorial"
Jump to navigation
Jump to search
(Created page with "{{Template:EGI-Engage menubar}} {{TOC_right}} = How to use EGI FedCloud Dynamic DNS service = Using EGI FedCloud Dynamic DNS service is very simple and intuitive via GUI por...") |
|||
Line 1: | Line 1: | ||
{{Template:EGI-Engage menubar}} {{TOC_right}} | {{Template:EGI-Engage menubar}} {{TOC_right}} | ||
= How to use EGI FedCloud Dynamic DNS service = | = How to use EGI FedCloud Dynamic DNS service = | ||
Line 6: | Line 5: | ||
Using EGI FedCloud Dynamic DNS service is very simple and intuitive via GUI portal. Just go to https://nsupdate.fedcloud.eu and follow the menu in the portal. Concretely: | Using EGI FedCloud Dynamic DNS service is very simple and intuitive via GUI portal. Just go to https://nsupdate.fedcloud.eu and follow the menu in the portal. Concretely: | ||
* Dynamic DNS service uses EGI CheckIn for authentication. If you have not EGI account, please register via https://sso.egi.eu/admin/ | *Dynamic DNS service uses EGI CheckIn for authentication. If you have not EGI account yet, please register via https://sso.egi.eu/admin/ | ||
* Log into Dynamic DNS service portal using EGI account via menu "Login" and click on "egi" button | |||
* Use "Overview" | *Log into Dynamic DNS service portal using EGI account via menu "Login" and click on "egi" button | ||
* Follow the instruction after host creation for IP assignment/update. | |||
* You can edit/update/delete your registered hostnames in the "Overview" menu | *Use "Overview" menu and click on "Add host" to register a new hostname in an available domain. Choose a hostname in an available domain and click on "Create" | ||
*Follow the instruction after host creation for IP assignment/update. Note the host secret and the update URL (in form "https://HOSTNAME:SECRET@nsupdate.fedcloud.eu/nic/update") and save them for later use | |||
*Run "curl https://HOSTNAME:SECRET@nsupdate.fedcloud.eu/nic/update" in your VM to assign the hostname to a running VM | |||
*or add "curl https://HOSTNAME:SECRET@nsupdate.fedcloud.eu/nic/update" into cloud_init file to assign hostname automatically at start. | |||
*You can edit/update/delete your registered hostnames in the "Overview" menu and click on the hostname | |||
Please feel free to test and send your feedbacks/suggestions/comments to viet.tran@savba.sk | |||
= FAQ = | |||
*For updating IP address, only hostname and its secret are needed. No user information is stored on VM in any form for updating IP. | |||
*NS-update server uses HTTPS protocol, hostname/secret are encrypted as data and not visible during transfer so it is secure to use the update URL | |||
*Hostnames/IP addresses are not expired so no need to refresh IP addresses if no changes, it is enough to run once. You can add the following command “curl https://HOSTNAME:SECRET@nsupdate.fedcloud.eu/nic/update” to cloud-init to assign hostname automatically at VM start | |||
*If you get an error message when logging into NS-update server via EGI CheckIn, your browser may have expired token from EGI CheckIn. Try open this link https://aai-dev.egi.eu/oidc/saml/login in your browser to refresh the token or restart your browser | |||
*DNS server set Time-to-Live (max time for caching DNS records) to 1 min for dynamic DNS, but MS Windows seems to not respect that. You can clear DNS cache in Windows with “ipconfig /flushdns” command with Administrator account | |||
*NS-update portal does not store host secret in recoverable form. If you forget the secret of your hostname, simply generate new one via "Show configuration" button in the host edit page. The old secret will be invalid. | |||
= API = | |||
Dynamic DNS update server uses dydns2 protocol, compatible with commercial providers like [https://help.dyn.com/remote-access-api/perform-update/ dyn.com], [http://www.noip.com/integrate/request noip.com]. The API is specified as follows: | |||
GET /nic/update?hostname=yourhostname&myip=ipaddress | |||
Host: nsupdate.fedcloud.eu | |||
Authorization: Basic base64-encoded-auth-string | |||
User-Agent: | |||
Where | |||
base64-encoded-auth-string: base64 encoding of username:password | |||
username: your host name | |||
password: your host secret | |||
hostname in the parameter string can be omitted or must be the same as username | |||
myip in the parameter string if omitted, the IP address of the client in the GET request will be used | |||
Using hostname/secret as username/password can significantly increase security as no user credential is needed for updating IP address for VMs |
Revision as of 10:17, 8 March 2017
How to use EGI FedCloud Dynamic DNS service
Using EGI FedCloud Dynamic DNS service is very simple and intuitive via GUI portal. Just go to https://nsupdate.fedcloud.eu and follow the menu in the portal. Concretely:
- Dynamic DNS service uses EGI CheckIn for authentication. If you have not EGI account yet, please register via https://sso.egi.eu/admin/
- Log into Dynamic DNS service portal using EGI account via menu "Login" and click on "egi" button
- Use "Overview" menu and click on "Add host" to register a new hostname in an available domain. Choose a hostname in an available domain and click on "Create"
- Follow the instruction after host creation for IP assignment/update. Note the host secret and the update URL (in form "https://HOSTNAME:SECRET@nsupdate.fedcloud.eu/nic/update") and save them for later use
- Run "curl https://HOSTNAME:SECRET@nsupdate.fedcloud.eu/nic/update" in your VM to assign the hostname to a running VM
- or add "curl https://HOSTNAME:SECRET@nsupdate.fedcloud.eu/nic/update" into cloud_init file to assign hostname automatically at start.
- You can edit/update/delete your registered hostnames in the "Overview" menu and click on the hostname
Please feel free to test and send your feedbacks/suggestions/comments to viet.tran@savba.sk
FAQ
- For updating IP address, only hostname and its secret are needed. No user information is stored on VM in any form for updating IP.
- NS-update server uses HTTPS protocol, hostname/secret are encrypted as data and not visible during transfer so it is secure to use the update URL
- Hostnames/IP addresses are not expired so no need to refresh IP addresses if no changes, it is enough to run once. You can add the following command “curl https://HOSTNAME:SECRET@nsupdate.fedcloud.eu/nic/update” to cloud-init to assign hostname automatically at VM start
- If you get an error message when logging into NS-update server via EGI CheckIn, your browser may have expired token from EGI CheckIn. Try open this link https://aai-dev.egi.eu/oidc/saml/login in your browser to refresh the token or restart your browser
- DNS server set Time-to-Live (max time for caching DNS records) to 1 min for dynamic DNS, but MS Windows seems to not respect that. You can clear DNS cache in Windows with “ipconfig /flushdns” command with Administrator account
- NS-update portal does not store host secret in recoverable form. If you forget the secret of your hostname, simply generate new one via "Show configuration" button in the host edit page. The old secret will be invalid.
API
Dynamic DNS update server uses dydns2 protocol, compatible with commercial providers like dyn.com, noip.com. The API is specified as follows:
GET /nic/update?hostname=yourhostname&myip=ipaddress Host: nsupdate.fedcloud.eu Authorization: Basic base64-encoded-auth-string User-Agent:
Where
base64-encoded-auth-string: base64 encoding of username:password username: your host name password: your host secret hostname in the parameter string can be omitted or must be the same as username myip in the parameter string if omitted, the IP address of the client in the GET request will be used
Using hostname/secret as username/password can significantly increase security as no user credential is needed for updating IP address for VMs