Recently, I’ve had to move around some of the TR&A infrastructure, and I’m testing out a couple of dynamic DNS providers. I’m using the classic ddclient software on Linux to update the providers with the IP address of these resources as they change. I ran into a couple of kinks getting ddclient to work properly on modern, recent Linux distros:
1. SSL errors: everything on the internet ought to be in SSL these days, to eliminate entire classes of Man-in-The-Middle attacks. Verifying that the SSL certificate is actually valid requires additional software not always available on some client sites, so this post has a work-around to silence the error:
2. Timeouts: some network infrastructures just don’t seem to be willing to access the same web site every ten minutes to check on the external IP address., and return a timeout. To work around this, I used the simple hack described here:
Working around ddclient’s “bad hostname” and “network is unreachable” problems
Finally, I’ve set up the dynamic DNS names (something like, but not: example.no-ip.com ) as CNAME synonyms to one of my utility domains that has excellent DNS support. This way, any code I used in batch files, scripts or configuration files can reference the stable example.mydomain.com even if I need to change the CNAME from one dynamic DNS provider to another. This is so much easier than having to scramble around a dozen different client installations to see where I may have used a DNS provider that’s no longer working for me.