We use cookies to ensure you get the best experience on our website
Inicio Explorar Axuda
Rexistro Iniciar sesión
0ct0pu5
/
desec-stack
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: 5233cceb56
Ramas Etiquetas
desec-stack
/
docs
/
dyndns
/
update-api.rst

update-api.rst 6.7 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165 
  1. .. _update-api:
    2. 

  2. 

  3. IP Update API
    4. 

  4. ~~~~~~~~~~~~~
    5. 

  5. 

  6. In case you want to dig deeper, here are the details on how our IP update API
    7. 

  7. works.  We provide this API to be compatible with
    8. 

  8. most dynDNS clients. However, we also provide a RESTful API that is
    9. 

  9. more powerful and always preferred over the legacy interface described here.
    10. 

  10. 

  11. Please note that when using HTTPS (which we highly recommend), outdated setups
    12. 

  12. (such as TLS < 1.2) are not supported.  If you encounter SSL/TLS handshake
    13. 

  13. issues, you may have to update your dynDNS client and/or libraries used by it
    14. 

  14. (such as OpenSSL).
    15. 

  15. 

  16. **Note:** Out of mercy for legacy clients (especially old routers), we still
    17. 

  17. accept unencrypted requests for this service.  We **urge** you to **use HTTPS
    18. 

  18. whenever possible**.
    19. 

  19. 

  20. Update Request
    21. 

  21. ``````````````
    22. 

  22. An IP update is performed by sending a ``GET`` request to ``update.dedyn.io``
    23. 

  23. via IPv4 or IPv6.  To enforce IPv6, use ``update6.dedyn.io``.  The path
    24. 

  24. component can be chosen freely as long as it does not end in ``.ico`` or
    25. 

  25. ``.png``.  HTTPS is recommended over HTTP.
    26. 

  26. 

  27. When the request is authenticated successfully, we use the connection IP
    28. 

  28. address and query parameters to update your domain's DNS ``A`` (IPv4) and
    29. 

  29. ``AAAA`` (IPv6) records.  The new records will have a TTL value of 60 seconds
    30. 

  30. (that is, outdated values should disappear from DNS resolvers within that
    31. 

  31. time).
    32. 

  32. 

  33. 

  34. .. _update-api-authentication:
    35. 

  35. 

  36. IP Update Authentication
    37. 

  37. ************************
    38. 

  38. 

  39. You can authenticate your client in several ways. If authentication fails, the
    40. 

  40. API will return a ``401 Unauthorized`` status code.
    41. 

  41. 

  42. Preferred method: HTTP Basic Authentication (with token)
    43. 

  43. --------------------------------------------------------
    44. 

  44. Encode your username and token (provided during registration) in the
    45. 

  45. ``Authorization: Basic ...`` header. This is the method virtually all dynDNS
    46. 

  46. clients use out of the box.
    47. 

  47. 

  48. **Important:** If your dynDNS client asks for a *password*, do not enter your
    49. 

  49. account password (if you have one). Instead, enter your token!
    50. 

  50. 

  51. 

  52. HTTP Token Authentication
    53. 

  53. ------------------------------------------
    54. 

  54. Send an ``Authorization: Token  ...`` header along with your request, where
    55. 

  55. ``...`` is the token issued at registration (or manually created later).
    56. 

  56. 

  57. Query string method (discouraged)
    58. 

  58. ---------------------------------
    59. 

  59. Set the ``username`` and ``password`` query string parameters (``GET
    60. 

  60. ?username=...&password=...``).
    61. 

  61. 

  62. **Important:** We **strongly discourage** using this method as it comes with a
    63. 

  63. subtle disadvantage: We log all HTTP request URLs for a few days to facilitate
    64. 

  64. debugging. As a consequence, this method will cause your secret token to end
    65. 

  65. up in our log files in clear text. The method is provided as an emergency
    66. 

  66. solution where folks need to deal with old and/or crappy clients. If this is
    67. 

  67. the case, we suggest looking for another client.
    68. 

  68. 

  69. 

  70. Determine Hostname
    71. 

  71. ******************
    72. 

  72. To update your IP address in the DNS, our servers need to determine the
    73. 

  73. hostname you want to update.  To determine the hostname, we try the following
    74. 

  74. steps until there is a match:
    75. 

  75. 

  76. - ``hostname`` query string parameter, unless it is set to ``YES`` (this
    77. 

  77.   sometimes happens with dynDNS update clients).
    78. 

  78. 

  79. - ``host_id`` query string parameter.
    80. 

  80. 

  81. - The username as provided in the HTTP Basic Authorization header.
    82. 

  82. 

  83. - The username as provided in the ``username`` query string parameter.
    84. 

  84. 

  85. - After successful authentication (no matter how), the only hostname that is
    86. 

  86.   associated with your user account (if not ambiguous).
    87. 

  87. 

  88. If we cannot determine a hostname to update, the API returns a status code of
    89. 

  89. ``400 Bad Request`` (if no hostname was given but multiple domains exist in
    90. 

  90. the account) or ``404 Not Found`` (if the specified domain was not found).
    91. 

  91. 

  92. Subdomains
    93. 

  93. ----------
    94. 

  94. The dynDNS update API can also be used to update IP records for subdomains.
    95. 

  95. To do so, make sure that in the above list of steps, the first value
    96. 

  96. provided contains the full domain name (including the subdomain).
    97. 

  97. 

  98. Example: Your domain is ``yourdomain.dedyn.io``, and you're using HTTP Basic
    99. 

  99. Authentication.  In this case, replace your authentication username with
    100. 

  100. ``sub.yourdomain.dedyn.io``.  Similarly, if you use the ``hostname`` query
    101. 

  101. parameter, it needs to be set to the full domain name (including subdomain).
    102. 

  102. 

  103. .. _determine-ip-addresses:
    104. 

  104. 

  105. Determine IP addresses
    106. 

  106. **********************
    107. 

  107. The last ingredient we need for a successful update of your DNS records is your
    108. 

  108. IPv4 and/or IPv6 addresses, for storage in the ``A`` and ``AAAA`` records,
    109. 

  109. respectively.
    110. 

  110. 

  111. For IPv4, we will use the first IPv4 address it can find in the query string
    112. 

  112. parameters ``myip``, ``myipv4``, ``ip`` (in this order). If none of them is
    113. 

  113. set, it will use the IP that connected to the API, if a IPv4 connection was
    114. 

  114. made. If no address is found or if an empty value was provided instead of an IP
    115. 

  115. address, the ``A`` record will be deleted from the DNS.
    116. 

  116. 

  117. For IPv6, the procedure is similar. We check ``myipv6``, ``ipv6``, ``myip``,
    118. 

  118. ``ip`` query string parameters (in this order) and the IP that was used to
    119. 

  119. connect to the API for IPv6 addresses and use the first one found. If no
    120. 

  120. address is found or an empty value provided instead, the ``AAAA`` record will
    121. 

  121. be deleted.
    122. 

  122. 

  123. 

  124. Update Response
    125. 

  125. ```````````````
    126. 

  126. If successful, the server will return a response with status ``200 OK`` and
    127. 

  127. ``good`` as the body (as per the dyndns2 protocol specification). For error
    128. 

  128. status codes, see above.
    129. 

  129. 

  130. dynDNS updates are subject to rate limiting.  For details, see
    131. 

  131. :ref:`rate-limits`.
    132. 

  132. 

  133. 

  134. Examples
    135. 

  135. ````````
    136. 

  136. The examples below use ``<your domain>`` as the domain which is to be updated
    137. 

  137. (which could be a custom domain or a dedyn.io domain like
    138. 

  138. ``yourdomain.dedyn.io``) and ``<your authorization token>`` as an API token
    139. 

  139. affiliated with the respective account (see :ref:`manage-tokens` for details.)
    140. 

  140. ``1.2.3.4`` is used as an example for an IPv4 address, ``fd08::1234`` as a
    141. 

  141. stand-in for an IPv6 address. Replace those (including the ``<`` and ``>``)
    142. 

  142. with your respective values.
    143. 

  143. 

  144. 

  145. Basic authentication with automatic IP detection (IPv4 **or** IPv6)::
    146. 

  146. 

  147.   curl --user <your domain>:<your authorization token> https://update.dedyn.io/
    148. 

  148. 

  149.   curl https://update.dedyn.io/?hostname=<your domain> \
    150. 

  150.     --header "Authorization: Token <your authorization token>"
    151. 

  151. 

  152. Basic authentication with forced use of IPv6 (will remove IPv4 address from the DNS)::
    153. 

  153. 

  154.   curl --user <your domain>:<your authorization token> https://update6.dedyn.io/
    155. 

  155. 

  156.   curl https://update6.dedyn.io/?hostname=<your domain> \
    157. 

  157.     --header "Authorization: Token <your authorization token>"
    158. 

  158. 

  159. Basic authentication with simultaneous update of IPv4 and IPv6::
    160. 

  160. 

  161.   curl --user <your domain>:<your authorization token> \
    162. 

  162.     "https://update.dedyn.io/?myipv4=1.2.3.4&myipv6=fd08::1234"
    163. 

  163. 

  164.   curl "https://update6.dedyn.io/?hostname=<your domain>?myipv4=1.2.3.4&myipv6=fd08::1234" \
    165. 

  165.     --header "Authorization: Token <your authorization token>"
    166.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5