Pity the DNS-illiterate - CNAME + DDNS help s.v.p.

[stevech]

Someone who understands DNSes and all the ill-defined jargon... take pity.

Goal: DDNS updates for my rarely changing IPv4 address given me my my beloved ISP - synch that IP address to my domain name. Somehow with CNAME records and all that jibberish:

my registrar: Google domains, for "mydomain.com" (or some such)
my NAS has DDNS to NAS vendor's DDNS server, but mine is in their domain and tld.
my router, same story: DDNS to their own DDNS server, their tld.

Google, my registrar, has a lot of options and capabilities with my domain name, but I can't understand all the jargon.

How can I get mydomain.com at Google to follow the DDNS server which tracks my numeric IP du jour? Google Domains also has some proprietary tools in this area. All greek to me.

I do have my numeric IP address key into an "A" record at Google for mydomain.com. But that IP will change every 3-6 months based on history.

I found a way to forward all web server accesses made to mydomain.com to the symbolic name at the NAS vendor. That doesn't meet the goal. My NAS has an SSL certicate tied to mydomain.com.

So, anyone smart in all this A record, CNAME, aliasing domain names of mine to a single IP address?

Google has a DDNS service of their own. They take in dyndns2 protocol reporting. To do that, I'd have to get a client that does that and put it on a computer (or hack the NAS' Linux).

Confused.

 

[System Error Message]

custom DDNS updates can also be done from some routers. Consumer routers only have a limited choice in that matter while 3rd party firmware may have more choices. If you use merlin firmware you may be able to script it. Mikrotik routerOS can also update via scripts. Pfsense and UTMs might also have what you want because they use unix/linux too. Script wise the update is done this way.

1) Get your WAN Interface IP or Download the results from an ip checker website (to get your external IP if your WAN IP isnt)
2) have the script check if it is the same ip as the old one, this can be from the last downloaded file or variable containing the IP (optional)
3) Update your IP if needed (each DDNS has very similar ways to update via scripts).

There are a few examples on mikrotik script wiki examples but they are made for routerOS but should help you understand the process involved.

 

[stevech]

thanks, but I'm well beyond DDNS clients in routers. The kinds of commonplace routers I use have hard-coded DNS provider names/protocols.

The question posed is how to use CNAME records in the DNS server to alias domains together and for one IP.
The only client I've found is ddclient. Open source. Poorly documented. Buggy.
If I can get it or something better to use the dyndns2 protocol (a short piece of HTML, a URL) and send that to domains.google.com, I'd be OK with DDNS reporting, automated.

If I can get a DDNS client to report directly to domains.google.com, I don't need the CNAME hack. I have an always-on windows 7 PC that can run the client. I'd prefer to NOT alter my NAS (Synology) with script additions. Seems like I shouldn't have to write my own script/daemon - reinventing a wheel!

For now, all I have is a fixed IP A record at domains.google.com.
My IP changes a few times a year (2?) due to TimeWarner network shuffles. My IP can also change if my router does a fail-over to cellular if/when Time Warner service is failing.

 

[jtp10181]

If you already have two DDNS domains updating from your NAS and router, just make a CNAME record in Google and point it to one of those DDNS domains. Very simple DNS entry. I have never used google domains so I can't walk you through it, this wiki article covers CNAME well though.

https://en.m.wikipedia.org/wiki/CNAME_record


Sent from my iPad using Tapatalk

 

[stevech]

In domains.google.com, there's a config web page for "Custom records".
When I choose record type A and enter my domain name (registrar is google), and I enter the numeric IP address, all is fine.
If I delete that A record, then...
create a new record type CNAME, and on the left side I enter @ and on the right I enter me.asuscomm.com (my registration at ASUS, my reporting router).
Google rejects it saying can't do that for a root domain (@, I guess). Same error if I use mydomain.com, issued by google). Here's the error text from google
CNAME records for the root domain are not supported


if I reverse left and right side, with left=me.asuscomm.com and right side as mydomain.com... no error but no nslookup says no address known for mydomain.com. However, nslookup for me.asuscomm.com works ok.

(mydomain is actually xxx
me is actually xxx)

hence, my confusion.

Is it that their CNAME insists on subdomains, not the root in the tld .com (that they issued)? I don't need/want subdomains.

domains.google.com does have a DDNS service, but I have yet to get ddclient to run on windows and report to google. I'd rather use CNAME with my router's (ASUS) DDNS.

steve

 

[jtp10181]

Yes you probably have to use a subdomain with the CNAME record. Just do something like router.domain.com or if you want to short, r.domain.com.

BTW With the asus router and Merlins firmware you can have a custom DDNS script be triggered. But the CNAME is much easier and works great, that's what I'm using.

Also, I just have my root domain parked since no web site right now.


Sent from my iPad using Tapatalk

 

[stevech]

OK then! r.mydomain.com in the CNAME record at domains.google.com was accepted.
I wait a few minutes and start doing nslookup mydomain.com and 4 of 5 times I get no IP address line displayed.
1 in 5 times I get the correct IP.

My PC's IPv4 NIC is set for static DNS primary = 4.2.2.2 and secondary 8.8.8.8

I also tried adding the DNS server's IP to the nslookup command line. No difference.

nslookup of yahoo.com and other biggies works properly.

oh why must it be so hard.

 

[jtp10181]

Let it stew for a while. Sometimes if I am changing a bunch of things around I just let it sit overnight. Check out the tools on kloth.net also. I use that to test stuff from outside.

Sent from my XT1080 using Tapatalk

 

[stevech]

Thanks...
If I direct nslookup to use google's big ole DNS, and noting my CNAME record is in THEIR domain, as is my registration, nslookup never returns my IP. If I use 4.2.2.2 (that's the old GTE server as I recall), it sometimes returns an IP address.

I'll wait and see.
But my SSL certificate has to have a working mydomain.com or I cannot access my NAS via SSL. I want to turn off HTTP access and go HTTPS-only. Not wanting to wait hours and hours. That's why I choose domains.google.com!!

 

[htismaqe]

Yeah, DNS changes take a while to propagate. You should start seeing it reliably after 8 hours or so.

 

[stevech]

You'd think that domains.google.com could propagate across the room to bigDNS 8.8.8.8 nearly as fast as the NYSE can execute a big-guy stock block trade!!

 

[System Error Message]

stevech, DNS entries are cached. When google updates their DNS server it could take seconds but the entire internet will only update google's entries when it expires on their server, aside from that you also have the local caches that need to be cleared too. Some DNS servers also only update their configurations after they expire, If you ever made your own local DNS server you would know what i mean. Your DNS entry on google DNS is static and only takes into affect when your last entry expires. Dynamic DNS providers usually delete your last entry when updating your domain against your IP if it is a subdomain.

 

[stevech]

I know. But hours later, nslookup mydomain.com 8.8.8.8 fails (8.8.8.8 is of course, google's DNS farm). If I delete the CNAME record and put in an A record with my numeric IP address du jour, the same nslookup command succeeds within a couple of minutes, and continues to do so.

to their credit, google support tells me this isn't correct and they'll talk to me by phone to degbug. Their domains.google.com is in a beta state.

 

[jtp10181]

You can't query the root domain if you have no record for it. Only a query to the r.domain.com you setup would work at that point. You might have to park the root and then setup the cname.

Do you have to have the root domain pointing to your IP? Only way might be a custom ddns script which I could probably make quickly. Would shut down the asuscomm ddns though.

Sent from my XT1080 using Tapatalk

 

[stevech]

I'm a noob. Don't know "park the root" term.
I am able to make an A record for mydomain.com with the numeric IP address. That works fine for the DNSes.
I cannot put, in the A record, instead of the numeric address, me.asuscomm.com for my router's DDNS at ASUS. Perhaps A records must have a numeric IP (assumed to be a static public IP).

CNAME as I described doesn't work - DNSes don't return my IP from the aliased me.asuscomm.com that's in the CNAME record, right side. It has worked very intermittently with DNS 4.2.2.2 and never with 8.8.8.8.

 

[jtp10181]

You said you were trying to lookup mydomain.com though. Shouldn't you be checking the r.mydomain.com instead? If you have a CNAME for that and it still won't work reliably then I don't know. Works prefect for me with Namecheap and the ASUS ddns.

Sent from my XT1080 using Tapatalk

 

[stevech]

If I nslookup r.mydomain.com the DNS returns the wrong IP address - one I don't recognize. Could be an IP within asuscomm.com.
I have the CNAME record right-side using myname.asuscomm.com.

It's all gibberish to me.

 

[jtp10181]

If I do nslookup from Windows command prompt I get the ASUS ddns and my IP.

Can't really tell you anything else without knowing actual info to check myself.

Sent from my XT1080 using Tapatalk

 

[stevech]

Thanks for help.
I'll hope that google's phone help will solve it.