Having Your Own Domain Name with a Dynamic IP Address |
We describe here a method of using a domain name of your own, obtained from a domain name registrar, for a machine with a dynamic IP address. It involves setting up BIND on the machine.
Note that versions of BIND for Mac and Windows 9x are available too (see http://www.dns.net/dnsrd/servers/ and ftp://ftp.is.co.za/networking/ip/dns/bind/nt/ ).
The user should obtain one or more domain names from dynamic DNS service. These dynamic IP domain names are then given to the user's domain name registar as the names of the name servers for the user's domain.
Most registrars require at least two name servers to be provided.
There is a reliability advantage to using two or more different dynamic domain services. If one is down, the other will still be able to provide a name server address.
Do not use "wildcard" domain names for this.
These are typically implemented using CNAME
records.
Some resolvers (for example BIND) will
refuse to use a name server if a CNAME
record
is encountered while resolving its address.
On the user's machine BIND only needs to serve external requests (the user is under no obligation to use their own BIND installation to serve their DNS needs). So it only needs one zone.
To avoid the need to modify the BIND configuration when the IP address changes,
that one zone can just use MX
and CNAME
records to one
of the dynamic IP domain names that were used for the name servers. The zone
could contain something like:
$TTL 1D you.ca. SOA you.ca. root.you.ca. ( 20020101 ;serial 3600 ;refresh 1800 ;retry 604800 ;expiration 0 ;TTL for NACK ) you.ca. NS you.dyndnservice1.ca. you.ca. NS you.dyndnservice2.ca. you.ca. MX 0 you.dyndnsservice1.ca. www.you.ca. CNAME you.dyndnsservice1.ca.
Note that CNAME records have some limitations and possibly unexpected effects. For example:
CNAME
and an SOA
record
for the same name. So the zone for site.com
cannot have a
CNAME
record for site.com
.
CNAME
and an MX
record
for the same name.
CNAME
record, a
standards compliant MTA will re-address the mail to the canonical host name, so
that the receiving MTA must accept mail addressed to the canonical/GnuDIP host
name.
It would be better to set up a structure that modifies the BIND configuration when the IP address changes. The details of doing this would very greatly depending on your circumstances. For an example of how this might be done for Slackware Linux serving as an Internet gateway, obtaining its dynamic IP address using DHCP, see ownexample.html.
One difficulty that may be encountered is that domain name registrars typically require you to enter not just the name server names for a domain, but also IP addresses corresponding to these names.
However, the DNS root servers will only use these IP addresses if "glue" records are needed.
This is discussed in RFC 1033 ("Domain Administrators Operations Guide"). We quote:
"You may only put data in your domain server that you are authoritative for. You must not add entries for domains other than your own (except for the special case of "glue records")".and
"If the name server host for a particular domain is itself inside the domain, then a 'glue' record will be needed. A glue record is an A (address) RR that specifies the address of the server. Glue records are only needed in the server delegating the domain, not in the domain itself."
The root and top level domain servers use BIND. BIND enforces this RFC standard, as can be verified by setting up a test configuration of BIND. In particular:
Since the domain names used here as name server names are not within the domain the name servers serve, there is no need for glue records, and any addresses your registrar forces you to enter will not be used.
It should be noted that some registrars' web interfaces perform unnecessary and ignorant validation tests on the name server information as it is entered.
The user should be able to get around these by temporarily setting the IP addresses for their dynamic IP accounts to appropriate (distinct) values. Once the name server information has been accepted by the domain name registrar's web interface, the IP addresses may be reset correctly.