FreeDNS.Afraid.org A Record Setup

Using FreeDNS.Afraid.org with DD-WRT when you lose your Free DynDns or D-Link DDNS Account 11


The Problem

In the “early” days of the internet, you could find free Dynamic DNS (DDNS) accounts everywhere. The providers of those free services, such as DynDns, hoped that by giving you a freebie, you’d eventually become a paying customer for one of their pay services.

Unsurprisingly, that’s not what happened.

When Dyn decided to stop offering free accounts and cancelled everyone’s free DDNS service, users predictably went in search of other free options. D-Link router owners got a reprieve, as D-Link had previously partnered with Dyn to offer limited free DDNS services for D-Link users. However, anyone could claim they were a D-Link user and use the free service… even if they were using something other than a D-Link router.

Eventually, D-Link caught on, and kicked off everyone that couldn’t verify they actually owned a D-Link router with a valid serial number and MAC address. This led to a mad scramble for a new, reliable, and totally free DDNS service.

Note: I’ve got an old D-Link DIR-615 wireless router that I no longer use, but because I have a valid serial number and MAC address from that router, D-Link still allowed me to keep a free DDNS account through their partnership with Dyn. However, I’m not a Dyn fan, so I chose to go with different option.

The Solution

Enter FreeDNS.Afraid.org. As of the writing of this post, they still offer 100% free dynamic DNS services. Like those who came before them, their budget relies completely on users who choose to pay for their premium DNS services.

The How-To

If your router has a built-in pre-configured DDNS service, it’s possible that it won’t work with Afraid.org. For example, my Google Fiber “network box” (their fancy word for router & WiFi access point) limits your choices to a small list of DDNS providers… none of which are free.

But since I have a Linksys router running DD-WRT set up as a standalone access point at my Utah house with Google Fiber, and also use Linksys routers with DD-WRT in router configuration at both my main house in Seattle and our cabin in Eastern Washington, I was able to configure them all to use Afraid.org’s FreeDNS service so that I can remotely access each location.

Step 1: Create an account on FreeDNS.Afraid.org

Visit the signup page at FreeDNS.Afraid.org, then verify your email address once you receive the activation email.

Step 2: Create an A Record for your IP Address

Click the Dynamic DNS link in the “For Members:” menu. For Type, select A.

Next, select a Subdomain that you want to use. This needs to be one that hasn’t already been taken on the main domain you’ll choose next, so don’t be surprised if you have to try a few to find one that’s unique. For this example, let’s say I just used “steve

Now drop down the Domain list and pick one of the domains that’s available. For this how-to, I’ll use “example.com” (actual domains will probably have weird sounding names, like chickenkiller.com, ignorelist.com, or strangled.net).

Finally, enter the current WAN IP for your internet connection as the Destination. It should auto-populate your current IP. But you’re setting this up for a remote system with a different IP, don’t worry about it for now. We’ll be setting up your DD-WRT client to auto-update with the correct IP.

Leave the TTL and Wildcard settings at the default, and press Save!

Here’s what it should look like when you’re done:

FreeDNS.Afraid.org A Record Setup

FreeDNS.Afraid.org A Record Setup

Step 3: Find your Record’s Unique Update Token

Your Dynamic DNS page should now show a list of all your DDNS domains and subdomains (called your Update Candidate List) that looks something like this:

Dynamic DNS Update Candidates List

Dynamic DNS Update Candidates List

Let’s briefly go over the 5 available links and what they do.

  1. The Direct URL is a link that will manually (and instantly) set the DNS for that subdomain to the WAN IP of your current connection. So if you’re not currently connecting from the IP address that you want associated with this subdomain, don’t click this link.
  2. The Wget Script link is a batch file for updating your DDNS with the Linux wget utility.
  3. The Curl Script link does the same thing as the Wget Script link, but with the Linux curl utility.
  4. The Edit Record link lets you manually enter the IP address, or modify the domain or subdomain for this record.
  5. The quick cron example link shows an example cron entry for updating via the cron utility on Linux systems.

Click on the quick cron example link and look at the bottom of the file. You should see something that looks like this:

0,5,10,15,20,25,30,35,40,45,50,55 * * * * sleep 32 ; wget -O - http://freedns.afraid.org/dynamic/update.php?ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890= >> /tmp/freedns_steve_example_com.log 2>&1 &

Find the long string of letters, numbers, and characters following the update.php? part of the included URL. This is your unique update token for this record. Select the entire string (including any characters at the end, such as the equal sign in the above example) and copy it to your system’s clip board (CTRL+C on a Windows box). In the above example, you would have selected and copied:

ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890=

Step 4: Configure DD-WRT to use FreeDNS.Afraid.org

Log in to the admin interface of your DD-WRT router. Click the Setup tab, then the DDNS sub-tab. Select freedns.afraid.org as the DDNS Service. Next, enter the username and password you chose when setting up your FreeDNS.Afraid.org account. Note that your username is not your email address. It’s your freedns.afraid.org UserID, which you can find in the upper-right corner of http://freedns.afraid.org/dynamic/ (when you’re logged in).

In the Hostname field, enter the full subdomain and domain name you want to associate with your connection’s IP address, then a comma, followed by the unique update token for the record. Don’t use any spaces in this field. Our example’s hostname would be:

steve.example.com,ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890=

Select “Yes” for Do not use external ip check.

You can leave the Force Update Interval option at the default of 10, or change it to some other value for the number of days you want to want to wait between forcing the system to push an IP address update to FreeDNS.Afraid.org. I set mine to 5.

Here’s what that tab should look like when you’re done entering your settings:

DD-WRT Settings for FreeDNS.Afraid.org

DD-WRT Settings for FreeDNS.Afraid.org

When you’re done, press Save and then Apply Settings.

Step 5: Verify that your Settings are Working

Once you press Apply Settings, keep an eye on the DDNS Status area at the bottom of the DDNS tab. You should see messages appear that will confirm you’ve set everything up properly, and that your DD-WRT router is successfully updating FreeDNS.Afraid.org with your WAN IP address. It should look something like this:

DD-WRT FreeDNS.Afraid.org settings successful!

DD-WRT FreeDNS.Afraid.org settings successful!

Note that the WAN IP of your router (in the upper right corner of the image) should match IP address reported in the DDNS Status area.

If you don’t get “success” messages, go back and check all your settings. You may have forgotten to include a character in your update token. Or maybe you mis-typed your password. Or maybe you set the wrong hostname. But if you go back and double-check all your settings (and you’re certain  you have a working internet connection), then everything should be fine.

At this point, you should be able to ping the FQDN (fully qualified domain name) that you set up (such as steve.example.com) and see it attempt to ping WAN IP address. The ping will probably time out (which is a good thing), but you’ll confirm that the hostname is being resolved to the proper IP address.

And… that’s it! Congratulations on setting up your DD-WRT router to use the FreeDNS.Afraid.org free DDNS service.

As always, I welcome your questions, comments, and feedback below.

  • Robert F

    This was a very well written tutorial. I had initially planned to purchase a commercial dyn.com account to get DDNS service, but the lack of well-written DD-WRT-specific instructions forced me to find an alternative. Would be happy to send you a few bucks for your documentation work.

    • Thanks Robert, but your kind comments are all the thanks I need! 🙂

  • Pingback: Using a dynamic DNS (DDNS) to solve the problem of keeping a firewall open to remote users at changeable IP addresses » TechNotes()

  • Pingback: Install an SSL Certificate on a Ubiquiti EdgeMAX EdgeRouter()

  • Jens Robot

    First great great guide, very easy to understand, so thanks for this 😀

    however no cigar for me 🙁 I hope you can help me.

    I’m using DD-WRT on a netgear r7000.

    I been trying for 30 minutes now to get this to work. No matter what i always get “Tue Oct 27 14:51:53 2015: W:INADYN: Error validating DYNDNS svr answer. Check usr,pass,hostname! (HTTP/1.1 200 OK”

    I checked the fields over and over again. I copy paste from lastpass, and the login works fine on their site. I login with my username (email), copy my generated code from lastpass. Did the token thing with fulldomain+subdomain and a comma between them.

    I want to post more from my log, but im afraid my router will be compromised if there is sensitive information. What do you reckon ? 😛

    NOTE: my DD-WRT is v24-sp2 (08/15/14) kongac build, and mine says “use external ip check” yes/no instead of other way around. I leave this at default which is “No”

    • Hi, Jens. First, verify that you have “freedns.afraid.org” selected as the DDNS service (sorry if that’s too easy a recommendation!)

      I don’t know what you mean by “lastpass,” but really all I can recommend beyond the instructions in the post (which I just re-checked) is to make sure you have no extra spaces, etc.

      Also, even though you might be able to log in with your email on afraid.org, your “Username” in the DD-WRT field should NOT be your email address. It’s should be your short username, like “steve” or “jens.” When logged in to afraid.org, look up to the upper right for your UserID (just above Account Type).

      See if that fixes it!

      • Jens Robot

        Hi Steve thanks for the reply. Lastpass is just a password manager. What i tried to say was that misspelling should not happen, as i just copy from lastpass, and confirm that my password (which is a long string of generated chars) works via login to the site it self.

        Unfortunately i already tried all you mentioned. I did suspect username was not my email.

        I have a feeling my routers dd-wrt is causing this. At first when i tried many combinations of the login, it sometimes gave me the login error in the password field, removing what i input there. Sometimes even adding illegal chars to the end of pass. Getting my dd-wrt updated is complicated, as it needs custom builds where little documentation exist. I could give it another go, but i don’t wanna commit the time to it. Yes i am lazy 😛

        I took a screenshot and “greyed” out what i thought could be misused. Might have overdone it xD

        Again thanks for replying. If you have no other suggestions i will just make my server update this once in a while, but i much rather have my router do it.

        • Hi, Jens. All the formatting looks right. I’ve used the Kong builds, and they should work fine with the DDNS feature. The only thing I can recommend is to temporarily turn OFF any password managers, and manually type in your username/pass to make sure it’s accurate (verify they are what you think they are by using them to manually log in to afraid.org first). Also, make sure you are copying and pasting the stuff following “update.php?” all the way out to the space before the “>>” (don’t include the space or the >>). I think you’re SO close — don’t give up! 🙂

          • Jens Robot

            Auch, this is getting frustrating. I mirror what you say, disable addon in chrome, everything inputted again, the token is 44 digits long. I noticed no discrepancies from last time, and I carry on but with no luck. Still the same error 🙁

            As is see it it’s the router OR my setup on afraid.org. To summarize, i just made an account the same day i’m trying this. I find a good domain, registered A record for subdomain. It’s status is “pending”, but from what i understand that shouldn’t matter, it should be active. And when i ping it i get my home wan ip.
            Is any of this wrong, been ages since i messed with any dns :/

          • Jens Robot

            In short i did all you said, and spotted no discrepancies. Same error over and over 🙁

            I was out of ideas, but noticed that you don’t actually need to use login information to update the ip. You can use the URL in the cron example. I tried messing with wget commands on the router, but i found no way of automating it, and I was in way over my head anyway 😛

            I was about to give up, but got the idea to use the custom ddns entry in dd-wrt and paste in the data. In the first try it gave me this:

            Wed Oct 28 20:09:39 2015: INADYN: Started ‘INADYN Advanced version 1.96-ADV’ – dynamic DNS updater.
            Wed Oct 28 20:09:39 2015: I:INADYN: IP address for alias ‘X.omgpwned.net’ needs update to ‘x.x.x.x’
            Wed Oct 28 20:09:39 2015: I:INADYN: Alias ‘X.omgpwned.net’ to IP ‘x.x.x.x’ updated successfully.

            Surprise set in as i expected it to at least return the “No update required.” line, as i would get if i visited the update URL itself, or used wget. Ran it twice, and the 2nd time it gives me this output:

            Wed Oct 28 19:50:45 2015: INADYN: Started ‘INADYN Advanced version 1.96-ADV’ – dynamic DNS updater.
            Wed Oct 28 19:50:45 2015: INADYN: IP read from cache file is ‘x.x.x.x’. No update required.

            I changed the redirect to an external located pc, and ran the setup from dd-wrt again at home to confirm that it actually did change back to my own wan ip, and it did ^_^

            I attached my setup. Your username/password is not needed, but the fields cannot be blank.

            Hope this helps someone, and thanks for your input and encouragement Steve. The internet would not be the same without folks like yourself :*

          • Woot! Congrats! 🙂