[COFF] [TUHS] RetroNet… Virtual is cheap.
Grant Taylor
gtaylor at tnetconsulting.net
Sun Sep 2 12:00:44 AEST 2018
On 09/01/2018 04:20 PM, Peter Jeremy wrote:
> My approach is a script on the client system (that has dynamic address)
> that compares its external address with its address in DNS. If they
> differ, it sends an update to the DNS server. The script is hooked into
> dhclient so it's invoked when the address is updated or renewed.
That sounds like a very reasonable method to manage Dynamic DNS for a
DHCP client.
That's not quite what I was thinking of. ;-)
First: I'm assuming that the VPS in question has two public IP
addresses. (It may be possible to do this with one, but the routing
gets quite a bit more complex.)
Second: Establish a VPN / tunnel between a client machine and the VPS.
Third: Enable Proxy ARP on the VPS for the second (unused & unbound to
the VPS) IP.
Fourth: Add a route to said second (unused & unbound to the VPS) via
the far side of the VPN / tunnel.
Fifth: Bind the second (unused & unbound to the VPS) ip on the local
VPN / tunnel client.
Hypothetically this will get the second (unused & unbound to the VPS)
such that it can be bound and used by a local client. Thus the local
client will have the globally routed IP address extended to it from the VPS.
> The "DNS server" is a hack I've added to Iodine[1] - for an "A" lookup,
> it does a readlink(2) of the FQDN in a config directory and treats the
> target as an IPv4 address[2]. This FQDN is within a subdomain I've
> delegated to Iodine - I have a CNAME pointing into the subdomain. The
> client updates the symlink by SSHing to the DNS server host and running
> a command that takes the domain name and address and updates the symlink.
Intriguing. I'll have to check out Iodine. Thank you for the information.
> Whilst I've managed to get a static address at home, I still find it
> useful for VPSs where the address is static whilst the instance is
> running but not preserved across rebuilds.
Indeed.
> As an example, lookup gce1.rulingia.com.
>
> [1]http://code.kryo.se/iodine/
> [2] This is good enough because Australian ISPs don't believe in IPv6
I'll have to check out what you're suggesting.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://minnie.tuhs.org/pipermail/coff/attachments/20180901/45cac1b1/attachment.bin>
More information about the COFF
mailing list