Gandi Groups


Gandi API: Dynamic DNS updates

You should be logged in to post new messages. Create an account.

While not necessarily directly related to GANDI's XML API, I was
wondering if there's a way to update a domain's zonefile dynamically.
Right now I use a CNAME to point to a dyndns.org address, but it would
be nicer/simpler if I could directly update the zone in question.

Possible methods:
- the "GANDI way": an extension of the XML-RPC api ("zone_set" only
allows you to switch between pre-defined zones, not dynamically alter
one - if I understand it correctly)

- the "common way": using the dyndns.org protocol, which is used by
other dynamic dns providers too. (a simple HTTP GET request) Quite a
lot of (software and hardware) clients support this protocol (see for
instance, http://www.dyndns.com/support/clients/thir... and
http://www.dyndns.com/support/clients/hard...)

- the "standard way": basically the RFC2136 method, so we can use
nsupdate and related tools. Windows 2000/XP/2003 support this natively
with a different authentification method (GSS-TSIG/RFC3645 instead of
TSIG/RFC2845)

So, Gandi folks... will this be supported one way or another?
On Mar, 13 2007 16:03 CET, De Clerck wrote:
[...]
- the "GANDI way": an extension of the XML-RPC api ("zone_set" only
allows you to switch between pre-defined zones, not dynamically alter
one - if I understand it correctly)
This is going to change, methods are being developped so you will also
be able to create new zones with the API (ie. without the website). Any
update of this kind will require the infamous TTL amount of time.
- the "common way": using the dyndns.org protocol, which is used by
other dynamic dns providers too. (a simple HTTP GET request) Quite a
lot of (software and hardware) clients support this protocol (see for
instance, http://www.dyndns.com/support/clients/thir... and
http://www.dyndns.com/support/clients/hard...)

- the "standard way": basically the RFC2136 method, so we can use
nsupdate and related tools. Windows 2000/XP/2003 support this natively
with a different authentification method (GSS-TSIG/RFC3645 instead of
TSIG/RFC2845.
There is still an open discussion at Gandi regarding which protocol we
will support and when. There are higher priorities on our todo list,
notably new TLDs, the mail, the hosting... So, the next question being
:
So, Gandi folks... will this be supported one way or another?
The answer is : it will, we want it. We just have to find which way and
when.
\o/ Pierrick "dek\" Prévert
 G  Gandi
On Mar, 16 2007 14:00 CET, Pierrick "dek\" Prévert wrote:
The answer is : it will, we want it. We just have to find which way
and when.
Hello,

Wanted to ask if there was any new information on this topic? I just
transferred some of my domains over to Gandi and would like to be able
to update the A record of the domain that points to my home network
whenever it changes. If you made some decisions about how or when this
will be supported, please let me know. If not that's fine, I can write
something that updates the record via the website for now. Btw, if
anyone else is interested, I can post the script here once its
finished.

- Max
On Avr, 6 2007 18:43 CEST, VokinLoksar wrote:
On Mar, 16 2007 14:00 CET, Pierrick "dek\" Prévert wrote:
The answer is : it will, we want it. We just have to find which way
and when.
Hello,

Wanted to ask if there was any new information on this topic? I just
transferred some of my domains over to Gandi and would like to be able
to update the A record of the domain that points to my home network
whenever it changes. If you made some decisions about how or when this
will be supported, please let me know. If not that's fine, I can write
Sorry but this is not a "work in progress". We are still working on the
mail, hosting and API v1.0. I'll post here to keep you informed once I
hear about it.
something that updates the record via the website for now. Btw, if
anyone else is interested, I can post the script here once its
finished.
Good idea. Thanks.
\o/ Pierrick "dek\" Prévert
 G  Gandi
On Avr, 6 2007 18:43 CEST, VokinLoksar wrote:
[...]
Hello,

Wanted to ask if there was any new information on this topic? I just
transferred some of my domains over to Gandi and would like to be able
to update the A record of the domain that points to my home network
whenever it changes. If you made some decisions about how or when this
will be supported, please let me know. If not that's fine, I can write
something that updates the record via the website for now. Btw, if
anyone else is interested, I can post the script here once its
finished.

- Max
I am much interested in your script instead of writing mine.  Can you
please post it ?

thanks,
-- Patrick
On Avr, 6 2007 16:43 CEST, VokinLoksar wrote:
On Mar, 16 2007 14:00 CET, Pierrick "dek\" Prévert wrote:
The answer is : it will, we want it. We just have to find which way
and when.
Hello,

Wanted to ask if there was any new information on this topic? I just
transferred some of my domains over to Gandi and would like to be able
to update the A record of the domain that points to my home network
whenever it changes. If you made some decisions about how or when this
will be supported, please let me know. If not that's fine, I can write
something that updates the record via the website for now. Btw, if
anyone else is interested, I can post the script here once its
finished.

- Max
Hi Max,

Did you ever figure out that script? I'd appreciate it if you could post it.

Thanks,

JP
On Mar, 21 2011 18:46 CET, James Parker wrote:
On Avr, 6 2007 16:43 CEST, VokinLoksar wrote:
On Mar, 16 2007 14:00 CET, Pierrick "dek\" Prévert wrote:
The answer is : it will, we want it. We just have to find which way
and when.
Hello,

Wanted to ask if there was any new information on this topic? I just
transferred some of my domains over to Gandi and would like to be able
to update the A record of the domain that points to my home network
whenever it changes. If you made some decisions about how or when this
will be supported, please let me know. If not that's fine, I can write
something that updates the record via the website for now. Btw, if
anyone else is interested, I can post the script here once its
finished.

- Max
Hi Max,

Did you ever figure out that script? I'd appreciate it if you could post
it.

Thanks,

JP
Hi JP

I'm currently working on a python script to do this.

https://github.com/lembregtse/gandi-dyndns

Kind regards,

Eric
I have written a Perl CLI interface to much of the Gandi domain XML PRC API.
 It can easily handle updates of A & AAAA records as well as MX and CNAMEs. 
I haven't added TXT records to it but if there is interest, I could add it. 
I am releasing it under the GPL v3 or later in the hope that it will help at
least one other person.

http://www.16paws.com/projects/pfSense/gan...

Andrew
Andrew,
your link seems broken
Just for the record. and wya to get your external ip from the command line:

wget -q -O - checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e
's/<.*$//'
If anyone still has any interest, I threw together a shell script today to
update the A record for my domain. I can't say why I used the shell and not
an existing XML-RPC module to do this, but it was pretty fun getting it to
work!

I can only confirm that it works on OpenBSD 5.2, and as it's written now it
has to be run on a machine directly connected to the internet (it uses
ifconfig to determine your external IP). This should be fairly easy to tweak
if you want to grab your IP from some website. To determine if an update is
needed, it simply compares this IP to the result of an nslookup on Gandi's
main nameserver.

Right now it just updates the @ record (I have a CNAME for www) but it
should be pretty easy to expand on. The xml() function can take lists of
arguments, including a method name, so it should be able to call any method
that's part of the API.

This script WILL NOT run as is, so don't download it and expect it to work
out of the box. You need to set an API key, the ID of the zonefile you want
to modify (look in your address bar when you're editing the zone via the
web), your domain name, and your internet-facing network interface. And you
should probably have an at least cursory familiarity with shell scripting
and the Gandi API.

Here it is: http://brianpcurran.com/gad.txt

Once you're all set up, run the script with no arguments to display usage
information.
I updated the script a bit to work with a domain name instead of a zone_id.
Usage is "gad -a APIKEY -d example.com" now.
Annnnnnnnnnnd one last update. I put the script on Google Code:
http://code.google.com/p/gandi-automatic-d...

The link above will be broken shortly.
On Dec, 9 2012 20:16 CET, Brian Curran wrote:
Annnnnnnnnnnd one last update. I put the script on Google Code:
http://code.google.com/p/gandi-automatic-d...

The link above will be broken shortly.
Thank you very much for this easy to use script.
It runs perfectly on Debian Wheezy.

Will it keep the existing ttl value of the record or will it reset it to
default value of 10800 ?

It would be perfect if doesn't change it, but I can't really understand your
code, bad dev skills...
On Mar, 7 2012 13:42 CET, Eric Lembregts wrote:
Hi JP

I'm currently working on a python script to do this.

https://github.com/lembregtse/gandi-dyndns

Kind regards,

Eric
Hello,

I cloned your repository and I started to add some functionality:
 - more controls (return code checks)
 - no connection to Gandi if address did not changed
 - less options but a config file

and I have plan to add better logging, emailing of the new address and to
create package for ubuntu/debian and MacPorts.

You can find this version at:
https://github.com/objectitude/gandi-dyndn...

Hope this can help!

    Richard
On Jan, 13 2013 16:33 CET, lademan wrote:
Thank you very much for this easy to use script.
It runs perfectly on Debian Wheezy.

Will it keep the existing ttl value of the record or will it reset it to
default value of 10800 ?

It would be perfect if doesn't change it, but I can't really understand
your
code, bad dev skills...
I've tested this and unfortunately the TTL is reset to the default. I'm
working on a fix for this right now. In other news, IP address comparison in
the script is now done via the API instead of a klunky nslookup on only the
first thing listed in RECORD-NAMES.
On Jan, 23 2013 09:55 CET, Richard wrote:
On Mar, 7 2012 13:42 CET, Eric Lembregts wrote:
Hi JP

I'm currently working on a python script to do this.

https://github.com/lembregtse/gandi-dyndns

Kind regards,

Eric
Hello,

I cloned your repository and I started to add some functionality:
 - more controls (return code checks)
 - no connection to Gandi if address did not changed
 - less options but a config file

and I have plan to add better logging, emailing of the new address and to
create package for ubuntu/debian and MacPorts.

You can find this version at:
https://github.com/objectitude/gandi-dyndn...

Hope this can help!

    Richard
Just curious, but if you're not connecting to Gandi when there is no change
in IP address, how are you determining that no change is needed? I was
comparing external IP and result of an nslookup, but I figured checking the
record values in the active version of the zonefile directly made more
sense. Gandi allows up to 15 RPCs per second, according to their docs, so
I'm not too worried about rate limiting.
On Jan, 26 2013 21:07 CET, Brian Curran wrote:
On Jan, 13 2013 16:33 CET, lademan wrote:
Thank you very much for this easy to use script.
It runs perfectly on Debian Wheezy.

Will it keep the existing ttl value of the record or will it reset it to
default value of 10800 ?

It would be perfect if doesn't change it, but I can't really understand
your
code, bad dev skills...
I've tested this and unfortunately the TTL is reset to the default. I'm
working on a fix for this right now. In other news, IP address comparison
in
the script is now done via the API instead of a klunky nslookup on only
the
first thing listed in RECORD-NAMES.
The latest revision of the script (r17) uses domain.zone.record.update()
instead of deleting and re-adding the record. This retains custom-set TTLs.
Let me know if you have any other issues, and I'm glad you've found it
useful!
On Jan, 26 2013 21:54 CET, Brian Curran wrote:
On Jan, 26 2013 21:07 CET, Brian Curran wrote:
On Jan, 13 2013 16:33 CET, lademan wrote:
Thank you very much for this easy to use script.
It runs perfectly on Debian Wheezy.

Will it keep the existing ttl value of the record or will it reset it to
default value of 10800 ?

It would be perfect if doesn't change it, but I can't really understand
your
code, bad dev skills...
I've tested this and unfortunately the TTL is reset to the default. I'm
working on a fix for this right now. In other news, IP address comparison
in
the script is now done via the API instead of a klunky nslookup on only
the
first thing listed in RECORD-NAMES.
The latest revision of the script (r17) uses domain.zone.record.update()
instead of deleting and re-adding the record. This retains custom-set
TTLs.
Let me know if you have any other issues, and I'm glad you've found it
useful!
Hi Brian,
thank you so much of the script! Great job and very useful.  Unfortunately
the added zone file does not contain the new IP.  Generally the output of
your script looks fine, but for some reason it doesnt work.


Activating version 8 of the zonefile for domain ###...

depth=3 /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust
External CA Root
verify error:num=19:self signed certificate in certificate chain
verify return:0
HTTP/1.1 200 OK
Date: Sun, 27 Jan 2013 12:01:05 GMT
Server: Apache/2.2.16 (Debian) mod_ssl/2.2.16 OpenSSL/0.9.8o mod_wsgi/3.3
Python/2.6.6
Content-Length: 129
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml; charset=utf-8

<?xml version='1.0'?>
<methodResponse>
<params>
<param>
<value><boolean>1</boolean></value>
</param>
</params>
</methodResponse>

Tried to update the following A records to 92.###.###.12: www 273846845.
There is no error checking on the RPCs so check the web interface if you
want to be sure the update was successful, or look at the methodResponse
from domain.zone.version.set().


If you have an idea what it could be, let me know. Thank you so much in
advance.

Marian
On Jan, 27 2013 13:04 CET, Marian wrote:
Hi Brian,
thank you so much of the script! Great job and very useful.  Unfortunately
the added zone file does not contain the new IP.  Generally the output of
your script looks fine, but for some reason it doesnt work.

...

If you have an idea what it could be, let me know. Thank you so much in
advance.

Marian
Hi Marian,

Thanks for catching that bug so quickly. I was using the record IDs from the
older version of the zonefile. I guess I didn't read the API manual
carefully enough: "Note that cloned records will have new identifiers". This
issue should be fixed with the latest revision.

-Brian