Configuring Dynamic DNS

Dynamic DNS (DynDNS), found under Services > Dynamic DNS, will update an external provider with the current public IP address on the firewall. This keeps a constant DNS hostname, even if the IP address changes periodically. Whenever an interface changes in some way, DHCP lease renew, PPPoE logout/login, etc, the IP will be updated.

pfSense® software supports more than 15 different DynDNS providers. In addition to the normal public services, pfSense software also supports RFC 2136 DNS updates to DNS servers.

In currently supported versions of pfSense software, the DynDNS client supports using multiple DynDNS and RFC 2136 clients. These can be used to update multiple services on the same interface, or multiple interfaces.

There are two tabs under Dynamic DNS, one for DynDNS providers, and one for RFC 2136 servers. Each tab has a list of currently configured clients, which reflects not only their configuration but also their status. Additional clients can be managed from these lists.

When editing a DynDNS client, first pick a DynDNS service provider, then choose Interface with the IP address to update. Enter a hostname, username, password, and description. Optionally, an MX record and wildcard support may be enabled depending on the provider.

When editing an RFC 2136 client, first pick the interface with the IP to update, enter a hostname, Time To Live (TTL) for the DNS record, Key name (which must match the setting on the server), Key type of Host, Zone, or User, an HMAC-MD5 key, the DNS server IP address, and a description. TCP transactions may optionally be used instead of UDP.

Free Supported Services

Most of these services offer paid services as well that come with additional benefits.

City Network

Cloudflare

DNSexit

DNS-O-Matic

DNS-O-Matic is a service offered by OpenDNS to update multiple Dynamic DNS accounts using only one Dynamic DNS configuration on the firewall. It supports many dynamic DNS services including 2MyDNS, afraid.org, ChangeIP, CJB, DLinkDDNS, DNS Made Easy, DNS Park, DNSexit, DSL Reports Monitor, DtDNS, DynDNS, DynIP, dynsip.org, dynu, easyDNS, eeditDNS, eNom, EveryDNS, NameCheap, No-IP, ODS.org, OpenDNS, regfish, Security Space, Sitelutions, TZO, WorldWideDNS.net, xname, Yi.org, and ZoneEdit. If a service is required that is not supported natively by pfSense, DNS-O-Matic gives the ability to update these hostnames from pfSense.

Euro DNS

FreeMyIP

FreeMyIP is a free dynamic DNS service for privacy-minded users. It doesn’t require your email address nor any other private information, and it doesn’t record IP address changes history. It provides comprehensive Help page with configurations for many types of network appliances, and it is under active development.

GratisDNS

HE.net

There are three options for Hurricane Electric. The “HE.net” option updates the IPv4 IP with their DNS service. “HE.net (v6)” does the same, except for IPv6. “HE.net Tunnelbroker” updates the tunnel endpoint IPv4 IP for their IPv6 tunnel broker service tunnelbroker.net.

Loopia

Namecheap

Note

To update an @ record, use @.yourdomain.com for the hostname.*

No-IP

ODS.org

OpenDNS

Amazon Route 53

SelfHost

ZoneEdit

Custom

Custom allows defining a custom URL to use for updates.

RFC 2136

RFC 2136 is a way to securely update host or zone records in a name server using a DNS query directly, rather than a web-based update system that many others use.

RFC 2136 updates are also supported if access to a DNS server enabled for RFC2136 is available. To configure a DNS server for RFC 2136 server, see: RFC2136 Dynamic DNS.

RFC 2136 also supports IPv6 updates, which other web-based providers may not yet support.