Month: February 2023

How to Create Your Own Dynamic DNS Service using Cloudflare Dynamic DNS

Learn how to set up a Dynamic DNS service with Cloudflare for free. Dynamic DNS allows you to update your DNS records automatically whenever your IP address changes, and Cloudflare makes it easy with their API. To get started, create an API token with permission to edit DNS records, and use a simple Bash script to update your DNS record with Cloudflare. The script is designed to run on your source machine and can be used to provide DDNS service from anywhere. With Cloudflare Dynamic DNS, you can take advantage of their CDN and security features to improve website performance and security.

Dynamic DNS is used by many who have been given a dynamic IP address by their IP provider. While there are free services out there, it is typically a service that costs $25 a year. In this article, I will show you how to create your own script to manage dynamic DNS service using Cloudflare.

Some Background

How it All Started

This all started with a Network Chuck video. For some background, I’ve been running NoIP as my dynamic DNS provider for a couple of years. This combined with port forwarding on my firewall, allowed me to VPN to my home network and RDP into my desktop PC when I was away from home.

This setup has worked for years, but the Network Chuck video highlighted the security issues surrounding punching holes in my network firewall. So I followed his advice and the steps in his video to install a free Kemp load balancer and SSL offloader on my network. The Kemp load balancer acts as a reverse proxy, forwarding external requests to my internal resources, and SSL offloading ensures that my connections are secure.

While this was a great step forward in terms of network security, it also meant that my dynamic DNS provider was no longer working. NoIP relies on a client-side application to periodically update your IP address with their DNS servers, but with the Kemp load balancer in place, I needed a more flexible solution.

Cloudflare Dynamic DNS

Enter Cloudflare Dynamic DNS. Cloudflare is a CDN and security company that offers a suite of services to improve website performance and security. One of their services is Dynamic DNS, which allows you to update your DNS records automatically when your IP address changes.

The best part? Cloudflare Dynamic DNS is completely free!

To get started, you’ll need to sign up for a Cloudflare account and create a new API token with permission to edit DNS records. Once you have your API token, you can update your DNS records using Cloudflare’s API.

Creating Your Dynamic DNS Script

To make things easy, I modified an existing simple Bash script that I found on GitHub that updates my DNS records with Cloudflare. Here’s the script:

bash
#!/bin/bash

# A bash script to update Cloudflare DNS A records with the external IP of the source machine
# Used to provide DDNS service from anywhere
# DNS records need to be pre-created on Cloudflare

# Proxy - uncomment and provide details if using a proxy
#export https_proxy=http://<proxyuser>:<proxypassword>@<proxyip>:<proxyport>

# Cloudflare zone is the zone which holds the records
zone=example.com

# DNS records to be updated
dnsrecords=(vpn.example.com vcenter.example.com desktop.example.com www.example.com example.com)

# Flag for Cloudflare proxy status (ALL LOWER CASE)
use_proxy=true

# Cloudflare authentication details file path
cloudflare_auth_file="./cloudflare_auth_key.txt"

# Get the Cloudflare authentication key from the file
cloudflare_auth_key=$(cat "$cloudflare_auth_file")

# Get the current external IP address
current_ip=$(curl -s -X GET https://checkip.amazonaws.com)

echo "Current IP is $current_ip"

# Loop through the DNS records and update if necessary
for dnsrecord in "${dnsrecords[@]}"; do
    if [[ "$use_proxy" != "true" ]] && [[ $(host $dnsrecord 1.1.1.1 | grep "has address" | grep "$current_ip") ]]; then
        echo "$dnsrecord is currently set to $current_ip; no changes needed"
    else
        cloudflare_zone_id=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones?name=$zone&status=active" \
          -H "Authorization: Bearer $cloudflare_auth_key" \
          -H "Content-Type: application/json" | jq -r '{"result"}[] | .[0] | .id')

        cloudflare_dnsrecord=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$cloudflare_zone_id/dns_records?type=A&name=$dnsrecord" \
          -H "Authorization: Bearer $cloudflare_auth_key" \
          -H "Content-Type: application/json")

        cloudflare_dnsrecord_ip=$(echo $cloudflare_dnsrecord | jq -r '{"result"}[] | .[0] | .content')
        cloudflare_dnsrecord_proxied=$(echo $cloudflare_dnsrecord | jq -r '{"result"}[] | .[0] | .proxied')

        if [[ "$current_ip" == "$cloudflare_dnsrecord_ip" ]] && [[ "$cloudflare_dnsrecord_proxied" == "$use_proxy" ]]; then
            echo "$dnsrecord DNS record is up to date"
        else
            cloudflare_dnsrecord_id=$(echo $cloudflare_dnsrecord | jq -r '{"result"}[] | .[0] | .id')
            # update the record
            curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/$cloudflare_zone_id/dns_records/$cloudflare_dnsrecord_id" \
              -H "Authorization: Bearer $cloudflare_auth_key" \
              -H "Content-Type: application/json" \
              --data "{\"type\":\"A\",\"name\":\"$dnsrecord\",\"content\":\"$current_ip\",\"ttl\":1,\"proxied\":$use_proxy}" | jq
            echo "$dnsrecord DNS record has been updated with the current IP"
        fi
    fi
done

To use this script, replace the example.com variable with your own values.

Save the script to a file (e.g. cloudflare-ddns.sh) and make it executable with chmod +x cloudflare-ddns.sh.

Also, the script reads the Cloudflare API key from a file named cloudflare_auth_key.txt . This is easy enough to create using nano. nano cloudflare_auth_key.txt will create the file. Then copy and paste the key into the file and save it.

Finally, set up a cron job to run the script periodically (e.g. every 10 minutes) to ensure that your DNS records are always up to date. Here’s an example cron job:

*/10 * * * * /path/to/cloudflare-ddns.sh > /dev/null 2>&1

Conclusion

And that’s it! With a few simple steps, you can create your own dynamic DNS service using Cloudflare for free. This will ensure that your DNS records are always up to date, even when your IP address changes.

By using Cloudflare Dynamic DNS, you can also take advantage of Cloudflare’s CDN and security features to improve website performance and security. And best of all, you don’t have to worry about the security risks of opening up your network firewall.

So go ahead and give it a try!

How to Pass the Azure AZ-700: Resources and Tips

I recently studied for, took, and passed the AZ-700 exam. I was able to pass the exam by using the resources I listed below.

A Note on My Experience with the Exam

The exam was challenging. It felt much harder than AZ-104. The case study questions were the biggest challenge for me. While they weren’t difficult, they required me to keep track of a lot of information. It was one of the few times in recent exams that I used the markers and laminated graph paper they gave us for the exam.

Tim Warner’s AZ-700 Class on PluralSight

Here is where I started. Tim Warner’s course: Designing and Implementing Microsoft Azure Networking Solutions (AZ-700) is where the bulk of my training took place. I spent hours watching his videos and following along in my Azure lab. I took this route on this exam because it felt more structured around the objectives. This may not be the route you want to go because PluralSight does have a cost.

John Savill’s Technical Training on YouTube

John Savill’s training is free on his YouTube channel. This may be the best route for those who prefer not to pay for study materials. I focused mainly on the cram video. I did pick through some subjects in his playlist. I used his videos to help me with concepts that were harder for me to nail down, like load balancing.

Exam Ref AZ-700 Microsoft Azure Administrator

I bought and read through this copy of the exam reference guide. It was helpful for helping to break down concepts that I saw in videos I watched that I quite didn’t understand. I still appreciate having a book in my hand when I study, but people on a budget may be better served by just using the free learning path.

Playing Around in the Azure Environment

As I have done with all my past exams from AZ-104 to AZ-305, I played around in the environment to better understand what I was learning. I built VPN tunnels and even used Terraform to save money. I stood up multiple VNets to better understand pairing. This is a crucial part of pulling all that I was learning together.

Measureup Practice Test

Practice tests are really helpful for me to get a feel for the exam. It is important that I use practice tests that have questions that are close to the actual test but are NOT the actual test. The only test I found was the Measureup practice test. Unfortunately, it is expensive. I am aware that there is a test by Whizlabs, but I am not confident in recommending them.

Conclusion

These tools helped me study for and pass the exam. I hope that they help you along in your Azure certification journey.

%d bloggers like this: