SRX

While trying to configure dynamic dns on my SRX 100B, I see the two options supported are dyndns.org and ddo.jp .

Is there any way to use noip.com as a server for dynamic dns?

Thank you in advance.

The built in feature only supports Dyndns.

You would need to use the noip agent on a computer behind the firewall for automatic updates.

Thank you "spuluka".

I see there's some script available that supports no-ip and a few others.

I'll try this and post the outcome here.

http://forums.juniper.net/t5/Junos-Automation-Scripting/Script-for-DDNS/td-p/56004

I see your reply is from 2015... Is this still the only supported DDNS provider?

------------------------------
RAY MILLER
------------------------------

Hello ,

Configure the DNS that you want in name server configuration in SRX :

# set system name-server <DNS Server >

Hello,

Please configure the same using : http://kb.juniper.net/InfoCenter/index?page=content&id=KB15656&smlogin=true

Hi Sam, thanks for your reply.

That article talks about configuring DNS.

I'm curious if we can configure NO-IP as a server for Dynamic DNS?

Hello ,

We cannot use non-ip for that , as suggested we need to have the scripts for the same .

hi all,

I know over the years there has been a few threads about using no-ip and updating ones dynamic host address.  There is a good generic script out there that I too used but i am not sure when it broke but i tried it on the latest JTAC recommended 12.1X46 release and found that it was not working because you could not write to the /var/log directory directory.  Once I changed it to write to /var/tmp it worked just fine, but i was thinking.. there has to be a simpler way that you can follow as a newbie such as myself, so here is my option that I use that works.

admin@MySRX01> show configuration event-options
policy dyn-dns-updater-2 {
    events snmp_trap_link_up;
    attributes-match {
        snmp_trap_link_up.interface-name matches pp0.0;
    }
    then {
        execute-commands {
            commands {
                "file delete /var/tmp/dyndnsupdate.log";
                "ping 1 count 20 interval 1 wait 1";
                "file copy PASSWORD@dynupdate.no-ip.com/nic/update?hostname=<HOSTNAME>">http://USERNAME:PASSWORD@dynupdate.no-ip.com/nic/update?hostname=<HOSTNAME> /var/tmp/dyndnsupdate.log";
            }
            output-format text;
        }
    }
}

traceoptions {
    file eventd size 1m world-readable;
    flag all;
}

So all you need to to are substitute <USERNAME>, <PASSWORD> and <HOSTNAME> with your relevant details.  It makes it a little easier too if rather than using your email address for the username you avail yourself of the option from no-ip to give yourself a proper username.  So for example your URL could look like

file copy MySecurePassword@dynupdate.no-ip.com/nic/update?hostname=myhostname.sytes.net">http://NoIPUsername:MySecurePassword@dynupdate.no-ip.com/nic/update?hostname=myhostname.sytes.net /var/tmp/dyndnsupdate.log

as opposed to

file copy NoLongEmailAddress@Some.Domain.net.au:MySecurePassword@dynupdate.no-ip.com/nic/update?hostname=myhostname.sytes.net">http://NoLongEmailAddress@Some.Domain.net.au:MySecurePassword@dynupdate.no-ip.com/nic/update?hostname=myhostname.sytes.net /var/tmp/dyndnsupdate.log

As for what the script does,  I'll explain each line so that us newbies out there who are not experts like a lot of the people around here, can make sense of it rather than just copying and pasting it and not understanding what it actually does.

events snmp_trap_link_up;

says to the event engine that we are looking for the SNMP_TRAP_LINK_UP event

attributes-match {
        snmp_trap_link_up.interface-name matches pp0.0;
    }

Says that in that event we are looking for the interface-name of pp0.0.  When the trap is logged it also says what interface it is talking about so here we are just saying that we only care about the pp0.0 interface which in my case is a simple ADSL PPPOE connection which i want to update when the link goes down and comes back up again (possibly with a new IP address)

    then {
        execute-commands {
            commands {
                "file copy PASSWORD@dynupdate.no-ip.com/nic/update?hostname=<HOSTNAME>">http://USERNAME:PASSWORD@dynupdate.no-ip.com/nic/update?hostname=<HOSTNAME> /var/tmp/dyndnsupdate.log";
            }
            output-format text;
        }
    }

Says that if we do find a SNMP_TRAP_LINK_UP event that does have an interface-name of pp0.0 that we are going to execute an operationals command of

"file delete /var/tmp/dyndnsupdate.log";
"ping 1 count 20 interval 1 wait 1";
"file copy PASSWORD@dynupdate.no-ip.com/nic/update?hostname=<HOSTNAME>">http://USERNAME:PASSWORD@dynupdate.no-ip.com/nic/update?hostname=<HOSTNAME> /var/tmp/dyndnsupdate.log";

 which deletes the log file we are going to use, then it just basically pauses for 20 seconds so that the link has had time to properly as in testing i have found that just because pp0.0 is up, the named process has not reloaded thus DNS resolution will not work yet, so 20 seconds after the interface has come up its all reloaded and ready to go.

and

            output-format text;

 says that this command is not to be converted into XML.  Unfortunatly, i am not sure why you need this, something to do with the file copy command not being compatible with the default XML format.

If you want to fake a test of it, what you can do once you have commited the configuration is drop to a shell and fake a log event to see what happens

admin@MySRX01> start shell
% logger -e SNMP_TRAP_LINK_UP -a interface-name=pp0.0

 So what this does is use the logger application to fire off the event we are looking for (SNMP_TRAP_LINK_UP - and yes, case is important here) with the argument of interface-name=pp0.0 which will match what we have specified.

Then you should be able to see that it has created a log file in the /var/tmp directory (as we asked it to)

% cat /var/tmp/dyndnsupdate.log
good 111.209.63.208%
%

which says that the update was successful.  If there is no change then rather than good you would receive 'nochg 111.289.63.208' as a response

Anyway.. see how you go, i hope it will be of use to someone.  Any experts out there, feel free to suggest something better /  faster or simpler etc but for me as a relative notice JUNOS'er, it seems to do what I want it to

Hey Aaron,

You are no newbie!

This is working great for me, thank you. Found this easier than having to add a script to the file system.

For free no-ip.com accounts the DNS records are cleaned up after 30days of no updates. Should my connection last longer than 30days... my DNS will disappear. Do you have a way around this?

I am very new to event policies...  I might try to create an event policy that simply updates DNS every 2weeks to work in tandem with your event policy.

Hi there,

I think you worked it out as you were typing the message :).  The easiest thing to do would be to do as you say, an event triggered evey 2 weeks to just update the connection with its IP address.

Have a play around with it.. if you cant work it out let me know and ill have a crack at it for you.

Hey Aaron,

Thanks for the reply, I think I got it!

I have tested and seems to be all good with both event triggers working together.

I now have an OR statement to kick off the update "[ snmp_trap_link_up every-month ]". I created the event 'every-month' which triggers every 2419200seconds = 28days.

event-options {
    generate-event {
        every-month time-interval 2419200;
    }
    policy dyn-dns-updater-2 {
        events [ snmp_trap_link_up every-month ];
        attributes-match {
            snmp_trap_link_up.interface-name matches pp0.0;
        }
        then {
            execute-commands {
                commands {
                    "file delete /var/tmp/dyndnsupdate.log";
                    "ping 1 count 20 interval 1 wait 1";
                    "file copy http://<USERNAME>:<PASSWORD>@dynupdate.no-ip.com/nic/update?hostname=<DNS-NAME> /var/tmp/dyndnsupdate.log";
                }
                output-format text;
            }
        }
    }
    traceoptions {
        file eventd size 1m world-readable;
        flag all;
    }
}