One Bad Pixel
Better than The Nullset. =D

Vyatta Dynamic DNS and NAT translations

In my series of Vyatta articles, I discussed configuring your WAN interface using DHCP in , but did not touch base on how to configure Dynamic DNS or how to setup inbound NAT translations when the WAN address is dynamic.

In this article, I will explain how to get Dynamic DNS operating, as well as how to setup an inbound NAT to your DHCP Assigned address.

Like most things Vyatta, the process is quite simple, but without some serious Google-fu, you may be left scratching your head on how to implement it. Without delaying things, let’s make it happen.

First, you will need a Dynamic DNS account.. There is a handful of free options out there. I chose to use DynDNS myself, but Vyatta supports DynDNS, DNSPark, DSLReports, EasyDNS, NameCheap, Sitelutions, and ZoneEdit. I am going to configure DynDNS here, but the other services should be nearly identical. If you have any D-Link products, you can legitimately* use DLinkDDNS. *NOTE: I say legitimately.. You can actually sign up for a free DynDNS account using this link, but they have a specific warning about it on their page.. Your mileage may vary.

edit service dns dynamic interface eth0
set service dyndns 
set service dyndns host-name
set service dyndns login 
set service dyndns password 

That’s it! Specify which interface you are monitoring for IP changes, in this example it was eth0. I assume you could actually add multiple Dynamic DNS services as well if you want more than one. You can also add additional host-name entries if you want to update more than one.

If you want to verify that its sending data out properly, use the command “show dns dynamic status” outside of configuration mode.

vyatta@OneBadPixel-Vyatta:~$ show dns dynamic status
interface    : eth0
ip address   : x.x.x.x
host-name    :
last update  : Thu Jan  1 00:00:00 1970
update-status: good

Now that we have a DNS name that we can always be reached at, let’t add a destination NAT translation to our webserver that we setup in . This works identically to the way we originally set it up, but instead of specifying a source address, we omit that line.

edit nat destination
set rule 110 description "NAT inbound TCP80,TCP443 to WEB server"
set rule 110 destination port 80,443
set rule 110 inbound-interface eth0
set rule 110 protocol tcp
set rule 110 translation address

If you previously configured rule 110 as in Part 5, the above commands will not make any changes. You actually need to delete the destination address, as so:

delete nat destination rule 110 destination address

That’s it! Our destination NAT translation is now bound to whatever address is attached to eth0.


Leave a comment!