Dynamic IP

Need to access my home computers when on the road, from my netbook. But ISP assigns me a dynamic IP — seemingly stable, never seen it change, but in principle it might.

Usually, I’d use DynDNS‘s free service — a subdomain under homelinux.net, say, and a daemon they recommend to watch for changes — but I’ve my own domain, and WebFaction allow me free use of their DNS servers.

WebFaction’s API

  1.  WF offer XML-RPCs for editing DNS records! (JSON would’ve been even sweeter! ;o) Easy enough in Python (2.x):
    # Login.
    server = xmlrpclib.ServerProxy("https://api.webfaction.com/")
    session_id, _ = server.login(USER_ID, PASSWORD)
    # Update DNS.
    server.delete_dns_override(session_id, "home.decodecode.net")
    server.create_dns_override(session_id, "home.decodecode.net", new_ip)

Watchdog

  1. With DynDNS, it knows my IP by just looking at where the request came from, but with WF I’d need to figure it myself. Some use What Is My IP, etc, but why bother? Adds complexity, (un)reliability, dependence… Oh yes, nice if you’re behind an unfriendly masquerading (NAT) router, but I set my cable modem as a bridge — ifconfig shows my public IP address.
    WAN_IF = "eth1"
    
    def get_ip_address():
    	s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    	return socket.inet_ntoa(fcntl.ioctl(
    			s.fileno(),
    			0x8915,  # SIOCGIFADDR
    			struct.pack("256s", WAN_IF[:15])
    		)[20:24])
  2. Scenarios: when might IP change? Is this script reliable? eth1 is my gateway to the ISP: /etc/network/interfaces:
    auto eth1
    iface eth1 inet dhcp

    ISP provides a time-limited dynamic IP:

    $ ps -ef | grep dhcp
    dhcp     22592     1  0 Oct13 ?        00:00:16 dhclient3 -e IF_METRIC=100 -pf /var/run/dhclient.eth1.pid -lf /var/lib/dhcp3/dhclient.eth1.leases eth1

    So the address assigned to eth1 is always current, there’s no caching involved, no risk our script won’t notice the change.

  3. Could ask Linux for the default (ie, gateway) interface instead of hardcoding “eth1″…
  4. Saving the current address to trigger updates only when IP changes:
    IP_FILE = "/var/run/.home-dynamic-IP"
    ip0 = file(IP_FILE).read().strip()

Performance

Cron

  1. No external service’s favors, not limitations: I can run this as a cron job as often as I want. Will only call WF if IP change detected. Just this in /etc/crontab:
    */5 * * * * root /usr/local/bin/update-dynamic-ip.py

    (Remember to restart cron. ;o)

  2. Permissions? /etc/crontab et al are all owned by root:root. And cron runs as root (`ps -ef | grep cron`). Superuser never asks for permission (nor forgiveness ;o), so moot question. Except, needed to chown the script so can edit it conveniently — across LAN, over ssh, too. Editor complains it can’t create a backup when saving to /usr/local/bin/, but I don’t mind.

Syslog

Security

I feel safe enough, even with my own leg in the cloud — as opposed to a router’s, presumably more reliable? I sometimes peek at the IPTables log and wonder/chuckle at the sheer number of break-in attempts, obviously targeted at winblows users. Poor devils.

  1. SSH: fingerprint.
  2. Throttling?
  3. Port knocking?



Comments are closed.