SRX

Hi Experts

Can any one give me step by step configuration commands for configuring SRX as DDNS client? Also like netscreen can we do the destination NAT on the dynamic IP address on the untrust interface through its FQDN?

Thanks

download http://forums.juniper.net/jnet/attachments/jnet/junos-automation/392/1/dyn-dns-update.xslt.zip

upload  /var/db/scripts/event/

set system services apply-macro dyndns-client1 hostname XXXX.3322.org
set system services apply-macro dyndns-client1 password XXXX
set system services apply-macro dyndns-client1 type 3322
set system services apply-macro dyndns-client1 username XXXX

set event-options policy dyn-dns-updater events SYSTEM
set event-options policy dyn-dns-updater attributes-match SYSTEM.message matches "EVENT Add"
set event-options policy dyn-dns-updater then event-script dyn-dns-update.xslt
set event-options event-script file dyn-dns-update.xslt

The format of the update message is different from server to server. This script accepts the following most common ones:

    dyndns
    dtdns
    dnspark
    3222
    no-ip
    dns-o-matic
    everydns
    changeip
    freedns (more on this one later)
    dnsexit

Hi nicol

Thanks for the reply. Just few quesitons:

1- What is 3322 in the command "set system services apply-macro dyndns-client1 type 3322" If I am using the dyndns then should I need to specify "set system services apply-macro dyndns-client1 type dyndns" ????

2- In the configuration, you provided, we did not specify the ADSL interface anywhere in the configuration?

Thanks

Hi Nicol,

Did you manage to get it working with freedns.afraid.org?

Just in case anyone wants to get the script working with a freedns direct update url instead of updating freedns through a dnsomatic account...

script goes in /var/db/scripts/event/ like the instructions say.

The event-options part is just like everyone else says, and it goes in the base of the heirarchy:

event-options {
    policy dyn-dns-updater {
        events SYSTEM;
        attributes-match {
            SYSTEM.message matches "EVENT Add";
        }
        then {
            event-script dyn-dns-update.xslt;
        }
    }
    event-script {
        file dyn-dns-update.xslt;
    }
}

And the freedns part that works for me looks like this, just the type and url parameters are all that's needed, and you can even use https instead of the http direct urls that freedns gives you:

under the system / services heirarchy:

       apply-macro dyndns-client1 {
            type freedns;
            url "https://freedns.afraid.org/dynamic/update.php?<the secret part>";
        }

To test it, just disable/commit enable/commit your outside dhcp interface.  And if you have ppoe then see some other threads about the script to make sure you match the correct message.

And FYI, the script seems to only log "ERROR: Address xxx.xxx.xxx.xxx has not changed." in the dyndns.log file.  Looks like there may be missing logic to log the actual result but I haven't dug into it yet.  Maybe someone can post an updated version of the script that logs freedns correctly?

Oh, and I'm doing this on a J2320, not an SRX...

Jay.

gauravg@srx-a# run show system services dynamic-dns client
node0:
--------------------------------------------------------------------------
warning: named-service subsystem not running - not needed by configuration.

set system services apply-macro dyndns-client1 hostname xx.freedns.afraid.org
set system services apply-macro dyndns-client1 password dynamicdns
set system services apply-macro dyndns-client1 type dns-o-matic
set system services apply-macro dyndns-client1 username "x.x@xxxxx.com"

freedns link is added to the dns-0-matic and comes active 

script is uploaded and relevant config as well . still cant get the ddns working 

---

@nicol wrote:

download http://forums.juniper.net/jnet/attachments/jnet/junos-automation/392/1/dyn-dns-update.xslt.zip

upload  /var/db/scripts/event/

 

set system services apply-macro dyndns-client1 hostname XXXX.3322.org
set system services apply-macro dyndns-client1 password XXXX
set system services apply-macro dyndns-client1 type 3322
set system services apply-macro dyndns-client1 username XXXX

set event-options policy dyn-dns-updater events SYSTEM
set event-options policy dyn-dns-updater attributes-match SYSTEM.message matches "EVENT Add"
set event-options policy dyn-dns-updater then event-script dyn-dns-update.xslt
set event-options event-script file dyn-dns-update.xslt

 

The format of the update message is different from server to server. This script accepts the following most common ones:

    dyndns
    dtdns
    dnspark
    3222
    no-ip
    dns-o-matic
    everydns
    changeip
    freedns (more on this one later)
    dnsexit

---

DDNS is now a supported feature in Junos itself with scripting no longer needed.  This was added with Junos 12.1x44D10

http://www.juniper.net/techpubs/en_US/junos12.1x45/topics/reference/command-summary/Show-system-services-dns-dynamic-dns.html

http://kb.juniper.net/InfoCenter/index?page=content&id=KB28971

hi Spuluka

i have tried that  on 12.1x44D10 but only "dyndns" and "ddo" are valid opttion . Dyndns has changed from free services to paid .  I have tried to use the dns-o-matic and freedns.afraid.org account but no luck . 

I am running srx behind a adsl router for ipsec tunnel ( based on hostname / fqdn) . i have  configured the dhcp address at wan interface facing adsl router.  I want to monitor the srx using the dyndns account  so i know tunnels are dropping when internet drop or they get dropped even if internet was alive. 

Is there another way for using dyndns without the given options . 

thanks