OpenDNS & Dynamic IP Update

In my last blog post I showed you how to configure your Linux No-IP dynamic DNS update. In this post we are going to take DNS a bit further and show you how to make your internet surfing not only faster, but safer.

OpenDNS is a free (or if you wish pay) service that gives you more control over your family's internet access. Their are several how-tos on the site for how to use it and set it up. Go ahead and setup a free account and it will immediately direct you to step by step documentation for setting up your home network to use it. Several benefits of why you should use OpenDNS include (but not limited to) faster speed since they cache sites, access controls to limit what sites you don't want to access, and history to see what and where your going on the internet.

After you setup your account you will need to setup your dynamic IP updater so your access rules and history is applied even if your IP address changes. To do this you first need to install ddclient:
# yum install ddclient
Then simply add the following text at the bottom of the /etc/ddclient.conf:
## OpenDNS.com account-configuration
use=web, web=whatismyip.org
Of course you will need to change the "USERID" and "PASSWORD" values to the ones you created for your OpenDNS login. Lastly be sure that the line at the top of the config file that says "ssl=yes" is uncommented. You do this by removing the "#" in front of it. Now save the config.

Your all done, simply start the service:
# service ddclient start
Then add it to your run levels:
# chkconfig ddclient --add
# chkconfig --levels 25 ddlcient on
If you want to make sure your ddclient is working like it is supposed to you can always check the process and check your logs. It should look something like this:
# ps -ef | grep ddclient
ddclient XXXX 1 0 20:43 ? 00:00:00 ddclient - sleeping for 270 seconds

OR you can run:

# service ddclient status
ddclient (pid XXXXX) is running...
To Check the log files:
# tail /var/log/messages
Sep 9 20:43:18 linux ddclient[XXXX]: SUCCESS: updating opendns_network_label: good: IP address set to XXX.XXX.XXX.XXX

Note 1: A few home routers have this capability in them. Check your routers documentation if you would rather run this on your router instead of your Linux computer.
Note 2: The ddclient has several capabilities that you should look into. If you look in your config file you will find that ddclient can update several dynamic IP services such as dynDNS (same as No-IP) and many more. You may wish to open a dynamic DNS account through one of the providers it supports so your only running one process instead of two.
Note 3: Their are ways around OpenDNS, such as changing the DNS servers of the PC your using. If you want to keep this from happening you can always block DNS requests through your Linux firewall server (this will be discussed in detail in future blog posts) or you can lock users out of the DNS configuration of your PC's (also will be discussed in future blog posts).

No comments:

Post a Comment