• Introduction
• Supported Providers
• Example Configuration
• Generic DDNS Plugin
• Build & Install
• Origin & References

Inadyn is a small and simple DDNS client with HTTPS support. It is commonly available in many GNU/Linux distributions, used in off the shelf routers and Internet gateways to automate the task of keeping your DNS record up to date with any IP address changes from your ISP. It can also be used in installations with redundant (backup) connections to the Internet.

If your ISP provides you with a DHCP or PPPoE/PPPoA connection you risk losing your IP address every time you reconnect, or in DHCP even when the lease is renegotiated.

By using a DDNS client such as Inadyn you can register an Internet name at certain providers that the DDNS client updates, periodically and/or on demand when your IP changes.

Inadyn can maintain multiple host names with the same IP address, and has a web based IP detection which runs well behind a NAT router.

The following DDNS providers are supported natively, other providers, like http://twoDNS.de for instance, can be supported using the generic DDNS plugin. See below for configuration examples.

• http://www.dyndns.org
• http://freedns.afraid.org
• http://www.zoneedit.com
• http://www.no-ip.com
• http://www.easydns.com
• http://www.tzo.com
• http://www.3322.org
• http://www.dnsomatic.com
• http://www.tunnelbroker.net
• http://dns.he.net/
• http://www.dynsip.org
• http://www.sitelutions.com
• http://www.dnsexit.com
• http://www.changeip.com
• http://www.zerigo.com
• http://www.dhis.org
• https://nsupdate.info
• http://duckdns.org
• https://www.loopia.com
• https://www.namecheap.com
• https://domains.google.com
• https://www.ovh.com
• https://www.dtdns.com
• http://giradns.com
• https://www.duiadns.net

Some of these services are free of charge for non-commercial use, others take a small fee, but also provide more domains to choose from.

Inadyn v1.99.8 and later support HTTPS (v1.99.11 and later also support SNI), for DDNS providers that support this (you must check this yourself). Tested are DynDNS, FreeDNS, nsupdate.info, and Loopia.

Using HTTPS is recommended since it protects your credentials from being snooped and further reduces the risk of someone hijacking your account.

Note: No HTTPS certificate validation is currently done, patches welcome!

Inadyn supports updating several DDNS servers, several accounts even on different DDNS providers. The following example config file illustrates how it can be used. Feature is courtesy of Christian Eyrich.

Example /etc/inadyn.conf:

background
verbose        1
period         300
cache-dir      /mnt/ddns
startup-delay  60
#logfile /var/log/ddns.log
#pidfile /var/run/ddns.pid

system default@dyndns.org
  ssl
  username yxxx
  password xyxx
  alias yyy
  alias zzz

system default@no-ip.com
  username xxyx
  password xxxy
  alias yyy

system default@tunnelbroker.net
  ssl
  username xyzzy
  password update-key-in-advanced-tab
  alias tunnel-id

In a multi-user setup, make sure to chmod your .conf to 600 (read-write only by you/root) to prevent other users from accessing your DDNS server credentials.

Note, here only the DynDNS account uses SSL, the No-IP account will still use regular HTTP. See below for SSL build instructions.

The example has two commented out lines: logfile is disabled, causing Inadyn to default to use syslog, the pidfile is also commented out, so Inadyn defaults to create /var/run/inadyn/inadyn.pid instead. These two settings will change in Inadyn 2.0.

The example also has a cache directory specified, which in this case is a persistent store for the three cache files /mnt/ddns/yyy.dyndns.org.cache, /mnt/ddns/zzz.dyndns.org.cache and /mnt/ddns/yyy.no-ip.com.cache

The last system defined is the IPv6 https://tunnelbroker.net service provided by Hurricane Electric. Here alias is set to the tunnel ID and password must be the Update key found in the Advanced configuration tab. Also, default@tunnelbroker.net requires SSL!

Aside from dedicated DDNS provider support, Inadyn also has a generic DDNS provider plugin. Use custom@http_srv_basic_auth as your system. This will use HTTP basic authentication (base64 encoded username and password). If you don't have a username and/or password, you can try to leave these fields empty for the custom@ system. Inadyn will still send basic authentication, but use an empty username and/or password when communicating with the server.

A DDNS provider like http://twoDNS.de can be setup like this:

period         300
startup-delay  60
cache-dir      /etc/inadyn

system custom@http_srv_basic_auth
    username myuser
    password mypass
    checkip-url checkip.two-dns.de /
    ssl
    server-name update.twodns.de
    server-url /update?hostname=
    alias myalias.dd-dns.de

For https://www.namecheap.com DDNS:

system custom@http_srv_basic_auth
    username myuser
    password mypass
    ssl
    server-name dynamicdns.park-your-domain.com
    server-url /update?domain=YOURDOMAIN.TLD&password=mypass&host=
    alias alpha.YOURDOMAIN.TLD
    alias beta.YOURDOMAIN.TLD
    alias gamma.YOURDOMAIN.TLD

Here three subdomains are updated, one server-url GET update request per alias. The alias is appended to ...host= and sent to the server. Leave server-name as is, and change/add/remove alias to your DNS name. If you only wish to update a subdomain, set alias to that, like the example above. Username is your Namecheap username, and password would be the one given to you in the Dynamic DNS panel from Namecheap. Here is an alternative config to illustrate how the alias setting works:

system custom@http_srv_basic_auth
    username myuser
    password mypass
    ssl
    server-name dynamicdns.park-your-domain.com
    server-url /update?password=mypass&domain=
    alias YOURDOMAIN.TLD

As of Inadyn v1.99.14 the generic plugin can also be used with providers that require the client's IP in the update request. Here we pretend that http://dyn.com is not supported by Inadyn:

# This emulates default@dyndns.org
system custom@http_srv_basic_auth
    username DYNUSERNAME
    password DYNPASSWORD
    ssl
    server-name members.dyndns.org
    server-url /nic/update?hostname=YOURHOST.dyndns.org&myip=
    append-myip
    alias YOURHOST

When using the generic plugin you should first inspect the response from the DDNS provider. Inadyn currently looks for a 200 HTTP response OK code and the strings "good", "OK", or "true" in the HTTP response body.

Note: the alias setting is required, even if you encode everything in the server-url! The given alias is appended to the server-url used for updates, unless you use append-myip in which case your IP address will be appended instead. When using append-myip you probably need to encode your DNS hostname in the server-url instead — as is done in the last example above.

By default Inadyn tries to build with GnuTLS for HTTPS support. GnuTLS is the recommended SSL library to use on UNIX distributions which do not provide OpenSSL as a system library. However, when OpenSSL is available as a system library, for example in many embedded systems:

./configure --enable-openssl

To completely disable the HTTPS support in Inadyn:

./configure --disable-ssl

For more details on the OpenSSL and GNU GPL license issue, see:

• https://lists.debian.org/debian-legal/2004/05/msg00595.html
• https://people.gnome.org/~markmc/openssl-and-the-gpl

This is the continuation of Narcis Ilisei's original INADYN. Now maintained by Joachim Nilsson. Please file bug reports, or send pull requests for bug fixes and proposed extensions at GitHub.