In this article, I will try to explain in simple terms what the Dynamic Domain Name System (DDNS) function is and for what purposes it is used. To make this article as simple as possible, I tested everything on my hardware. I tried to study all the nuances and possible problems that can be encountered during the setup process.
Below we will talk about using DDNS on routers. Almost every modern router has support for the dynamic domain name system function, which makes it possible to register a free, static address for the router. Using this address, from anywhere you can go to your router (its web interface), or access the server configured on the router (or behind it), webcam, network storage, etc.
What is DDNS?
Function "Dynamic DNS" (Dynamic DNS) allows you to assign a permanent domain name (address for access from the Internet) public, dynamic IP-address that the router receives from the provider. This is necessary first of all to access the settings of the router via the Internet (when you are not connected to your home network). Also, using DDNS, you can configure Internet access to the FTP server, which is configured on the router. There are different scenarios for using the DDNS function (web server, game server, NAS access, IP camera). But remote access to an FTP server and router settings are the most popular options. In my case, after setup, both worked fine. Some manufacturers provide the ability to remotely access router settings through the cloud (using an application on a mobile device). It is much easier and more convenient. But this function is not available on all routers.
First, I want to explain how DDNS works. Every router that is connected to the Internet receives an external IP address from the provider. At this address, you can access the router via the Internet (or to the server that is configured on the device behind the router). Even when we are connected to the Internet through another router, mobile Internet, etc., and are not on our local network. But the problem is that the provider most often issues a dynamic IP address, not a static one.
Perhaps your ISP gives you a white (I'll talk about white and gray addresses later in the article), static IP address. In this case, you do not need to configure DDNS as you have a permanent IP address to access the router. Most likely, the "Static IP Address" service can be activated at an Internet provider. Usually, this service is paid.
The dynamic, external IP address that the provider issues to the router can constantly change (the provider issues a new address to the router each time). And after changing the address, we will not be able to access the router via the Internet. Here we DDNS comes in handy... As I wrote at the beginning of the article, using this function, you can get a permanent address for accessing our router, even if the provider issues a dynamic IP address that is constantly changing.
Conclusions: if the provider issues an external static IP address (most often you need to separately activate this service) - you do not need to bother with setting up the "Dynamic DNS" function, it makes no sense, since you already have a permanent address. If you have dynamic external IP - DDNS setting will solve this problem. Since after configuration we will receive a static address.
Not so simple: "gray" IP addresses and DDNS
Now I will briefly explain what gray and white external IP addresses are, and you will understand everything. To access the Internet, the provider assigns an external (public) IP address to a router or a specific device. A white, public IP address (even if it is dynamic) allows us to access our router from the Internet. That is, this address provides a direct connection from the Internet to the router.
Since there are not enough white IP addresses for all devices on the Internet (perhaps this is not the main reason), Internet providers very often give their client (routers, devices) gray IP addresses (they are also private, or private). These are addresses from the local (private) network of the Internet provider. And already from the local network of the provider there is an Internet connection through one external IP address. It can be common for a certain number of clients.
We will not discuss now whether it is bad or good. But the point is that DDNS function via gray IP will not work... To set up dynamic DNS, you need your ISP to give you a white, public IP address.
Some routers can determine by themselves which IP-address is issued by the provider. Private (gray), or public (white). For example, on ASUS routers, if the address is gray, the following warning is displayed in the DDNS settings section: "The wireless router uses a private WAN IP address. This router is in a NAT environment and the DDNS service cannot work."
If your router is not able to detect this automatically, then there is another way to find out.
How to check if the ISP is issuing a "white" or "gray" IP address?
First you need to go to the settings of your Wi-Fi router, and right on the main page (usually, this is "Network Map", or "Status"), or in the WAN (Internet) section, look at the WAN IP address that is assigned to the Internet router. provider. For example, on a TP-Link router:
Next, we need to go to any site where you can see your external IP address. For example, at https://2ip.ru/
Important! Make sure VPN is not enabled on the device, in the browser. Otherwise, the site will display not your real IP address, but the address of the VPN server. Use a standard browser.
If the WAN IP address in the router settings and on the website is different, then the provider will give you a gray IP address. And if they match, then white. In my case, the addresses are different, which means that I have a gray IP address and DDNS cannot be configured.
In this case (if the address is gray) you can call the support of your ISP and tell them that you need a white external IP address. Most likely, they will pretend that they do not understand what is at stake and will begin to tell you about static and dynamic addresses. They say it's the same thing, connect a static IP with us and everything will work. Yes, the static IP will be white, but this is usually a paid service. And as we already found out above in the article, then you no longer need to configure DDNS.
How does dynamic DNS work on a router?
On routers from different manufacturers, even on different firmwares, the Dynamic DNS setting may differ. But, since the principle of operation is the same, the setup scheme on all devices will be approximately the same. Within the framework of this article, it is impossible to show in detail how to configure on different routers (I will do this in separate articles), but we will now see how it works approximately.
- You need to go to the settings of the router and find the section with the "DDNS" settings. It may also be called "Dynamic DNS". There should be a list of services that provide dynamic DNS service. Some of them are paid, some with a free trial, and some provide DDNS for free (with certain restrictions, but we will be happy with the ethereal version). Most popular: dyn.com/dns/, no-ip.com, comexe.cn.
Most likely, there will immediately be a link to register with the selected service that provides dynamic DNS.
Many network equipment manufacturers provide their own DDNS services. For example, for ASUS it is WWW.ASUS.COM (in the list of services on the router), on Keenetic devices - KeenDNS (with support for cloud access, which works with gray IP addresses). TP-Link has TP-Link ID service. But, as I understand it, it is not yet available on all routers and only works through the cloud. If the router provides its own dynamic domain name service, then it is better to choose it. - You need to register with the selected service and get a unique address there. In the settings of the router, you need to specify this address, and most likely also the login and password that you set when registering for the selected service.
If the connection with the service is established (see the connection status), you can save the settings. - After we have received a unique address and set all the settings in the router (and it has established a connection to the service), you can use this address to access the router itself via the Internet.
Or to an FTP server, for example (by typing the address via ftp: //). In the case of FTP, a storage device must be connected to your router, an FTP server must be configured, and "Internet access" must be enabled.
To enter the router settings through this address, you will most likely have to allow remote access for all addresses in the settings.
Most likely, there will immediately be a link to register with the selected service that provides dynamic DNS.
If the connection with the service is established (see the connection status), you can save the settings.
To enter the router settings through this address, you will most likely have to allow remote access for all addresses in the settings.Dynamic DNS Security
Since our router has a unique, permanent address (even if not known to everyone) through which you can access it, you definitely need to think about security. To block unauthorized access to the router itself, the FTP server, cameras and other servers and devices that are connected / configured on the router.
First of all, you need to set a strong password for the administrator of the router. I wrote about this in the article on how to change the password on a router from admin to another. If there is an opportunity to change the username, change it. Even if someone finds out the address of your router and goes to it, then without knowing the username and password, he will not be able to access the settings.
If an FTP server is configured, file sharing - be sure to change the username and password of the default user admin (it is requested when accessing the FTP server). If you create new users, then set strong passwords for them.
Is there an IP camera, NAS connected to the router? They should also be protected with a good password. I also recommend changing the default username (admin). This can be done in the settings of these devices.
If, for example, you plan to use the DDNS address only for accessing the FTP server, and you do not need access to the router's control panel, then make sure that remote access is disabled in the router settings.
Conclusions
The DDNS function can be configured only on the router that receives an external, white, dynamic IP address from the provider. If the router receives a static external (WAN) IP address, then this function does not make any sense.
If the provider cannot, or does not want to give you a white WAN IP address, and you don’t want, or it is not possible to connect to the "Static IP Address" service, then study the information on your router. Perhaps there is a way to access the settings through the cloud. But access to files, IP cameras, NAS, via the cloud most likely cannot be configured.
