Topic: Dyndns-update behind hardware NAT

[Maarten]

Hi everybody,
I run an SME 5.6 (and 6.0b3) behind a hardware NAT router.
SME external interface = 192.168.1.2; Internal is 10.0.0.1

Problem is that when SME runs the update-dyndns-script, my account at DYNDNS.org says I'm At 192.168.1.2.
This is correct, of course, and I can circumvent by letting an Windows desktop behind SME do the update, but I would rather let SME handle the update.

Can anyone help me get this to work?

[Klaus Eckert]

does your router has an option to tell the SME his new IP on redial?
if not, your SME has to find the router-IP itself.
then you can do a dyndns-update with the router-IP.

cheers klaus

[Tom Keiser]

Look on the Dyndns.org site to see if there is a script that will query your brand and model of router and report the ip address to dyndns. There are a slew of them for all the popular routers.

Tom

[Michael Soulier]

Maarten wrote:
>
> Can anyone help me get this to work?

Yup. Remove the router. The server is one.

I have yet to see a compelling reason to stick a broadband NAT box in front of my server. Those boxes make bad assumptions about how one uses the internet, and provide no additional security, IMHO.

Mike

[Robert L. Baer]

Hi Maarten,

even though I have to agree with Michael Soulier, that there are no additional benefits by using a hardware router, here is a solution that should work for you.

replace the line in  /sbin/e-smith/dynamic-dns/dyndns.org
that reads
IPADDR=$1
with
IPADDR=$(wget -q -O - http://checkip.dyndns.org/|sed -e 's/[^0-9.]//g')
and your update should be fine.

You should be aware of three things though.
1st , this solution should only be used if you cannot obtain the routers IP-Address by any other means, like a DynDNS client that can query the router. ddclient is a good one.
2nd, do not use this method more often than every 10 minutes, or your account may be blocked. See the DynDNS FAQ.
3rd, there is no guarantee that the string returned by http://checkip.dyndns.org will have the same format forever. Even though the above sed command discards everything but digits and dots, if DynDNS.org changes the format, the regular expression might require  adjustment.

It still does'nt do an automated update if your external IP changes, since your SME server is not aware of the change. Contact me offlist if you are interested in a solution to achieve this.

[Maarten]

Guys,
thx very much (especially Robert - your solution seems to work for me)

The reason I use the Draytek NAT router is because I bought it (for use at home) before I started with SME. Shame to leave it in the closet.
Another reason is I  share the ADSL with my neighbours; I do not want them to use my E-smith stuff like mail, shared folders etc. This way, they only see the *outside* of SME and cannot screw up my setup.

I know SME is supposed to be tamperproof, idiotproof etc, but my neighbours?

THX
Maarten

[Kelvin]

Hi Maarten,

Look for the ddclient addon. There is a setting in ddclient that queries the web for your IP address if your NAT box is not among the list of supported boxes.

Kelvin

[Maarten]

A bit off-topic:
One of the reasons I use the hardware, is that my provider uses MAC-address to set IP. If I change network cards, it can take up to 24 hours before the new NIC is accepted. The router, of course, always has teh same MAC, so I can change (usually upgrade) servers and nics behind it without problems

Just in case you needed a reason
Maarten

[Paul]

Maarten,

I have found a perfect fix for the NIC mac address problem.

I "cloan" the original mac address from the original NIC onto my SME's NIC.  This way if I change NICs or do upgrades, I always get the same IP address.

My ISP thinks I have been using the same network card that they provided me 3 years ago.  I first cloaned it to my linksys router and now (after getting rid of the router) to my SME box.

It's easy to do with a custom template.

Paul