How to Use Cloudflare As DDNS Service

Photo by Taylor Vick on Unsplash

You probably found this post while looking for a way to use Cloudflare as a DDNS provider, so you already know what DDNS is (in this case, scroll down). But if, by any chance you don’t know what it is and what Cloudflare is, here it goes…

Imagine that you are a regular home internet user and for some reason you want to host a webserver at home. Or a mail server. Or minecraft server. Or any server, it doesn’t matter what it does. Well, for most of us – tough luck, you can’t do it. The main reason is that your provider changes your external IP address every once in a while, so you can’t establish a persistent presence in the Internet without shelling out extra money for keeping your IP static. This is happening not because the provider is necessarily evil or greedy, but because there is a shortage of IP (IPv4) addresses in the world and this is one of the measures to mitigate it with the least hassle (to providers, not to you).

Fortunately, there is a solution to this problem and it’s called DDNS (Dynamic DNS). The idea is that you’re typically referring to servers not by IP addresses (you don’t type in the browser “172.217.13.78” to get to google), but by their DNS names (you’re typing “google.com” which is the DNS name). So you can keep your server running as “my.homesuperserver.com” and let the provider change the IP address of that server as many times as it wants, if only you can keep updating that DNS name with the new IP quickly enough. And this is what DDNS does. It’s a service that allows you to do exactly that.

There is a bunch of companies out there offering this service and some of them have free tiers, for example noip.com, dyndns.com and more. Unfortunately most (if not all) such services have serious limitations for these free tiers, like ncessity to login every few months, supporting only limited number of entries, slower update times and others. After all, these services are businesses and they need to make money, so they do what they can to steer you towards paying them.

At the same time, if you already have your own domain name, you get a lot more freedom. With a simple script, for for approximately $8/yr you can have an unlimited number of DDNS addresses with no strings attached. But first, let’s make sure that you’re paying reasonable price for your domain to a good company.

If you own your own domain names, there is a good chance that you’re using Cloudflare DNS. There are a few good reasons for this:

  • It’s one of the cheapest registrars out there, since they to not add the surcharges to the nominal domain name cost. Most registrars will ask you to pay around $15+ for a .com domain (GoDaddy charges $19, IONOS charges $15 and so on, though most offer deep discounts for the first year) while Cloudflare charges $8.03 (here is the full pricing: https://webspeedtools.com/cloudflare-domain-pricing/)
  • The interface is really easy to use and it doesn’t change every few months. It is is also not specifically designed to drive you crazy, obfuscate the DNS editing process and steer you towards buying services you don’t need (compare to GoDaddy)
  • The updates to DNS are lightning fast. Once you edit the entry it takes only few minutes (in most cases even seconds) to update the DNS information around the world (compare to IONOS where it could take days)
  • And, finally, it offers a few consistent REST API for managing DNS.

Just to be clear, I’not affiliated with Cloudflare, I just like what they are doing and how they are doing it.

One unfortunate things though, is that they do not offer an out of the box DDNS (Dynamic DNS) API, but it is still possible to use their REST API to accomplish the task. Here is how:

  1. First, we need to get the Cloudflare REST API token:
    1. Go to https://dash.cloudflare.com/profile/api-tokens (login if necessary)
    2. Click “Create Token”
    3. Click “Use template” in the row called “Edit Zone DNS”
    4. Optionally, select the domain name you want this token to manage in “Zone Resources”. If you leave it unedited that would allow the user of this token to edit all domains, which may not be very secure for your purposes. You can also click “Add more” and specify multiple domains you want to edit using this token.
    5. Click “Continue to Summary”
    6. Click “Create Token”
    7. Copy the token from the next page and record it in your favorite password management system. Keep it secret!
  2. Go to Cloudflare DNS management dashboard for your domain and add an “A” entry for your server. The IP doesn’t matter, you can put 1.1.1.1 there. Make sure that the Proxy Status is “DNS only”. If you will let Cloudflare to proxy your server, they may charge you eventually. Cloudflare is also a business and they also need to make money and this is how they do it – they save servers from DDoS attacks and provide CDN services (if you don’t know what it means, just ignore it, it’s not important for you at the moment).
    1. BTW, 1.1.1.1 is Cloudflare’s free DNS resolver, a really quick one. You may consider it as an alternative to google’s 8.8.8.8/8.8.4.4.
  3. Grab the Cloudflare DDNS script from here: https://raw.githubusercontent.com/rtfms/cloudflare-ddns/main/cloudflare_ddns.sh
  4. Copy the script to a *NIX (i.e. Linux, Macos, Windows with *nix commands support etc) computer in your home network
  5. Make this scripts run every few minutes (like 10min should be enough) on that server. For example, if you’re using a Linux box, you can do this:
    1. let’s assume you put the script in “/home/myusername/bin/cloudflare_ddns.sh”
    2. make sure it’s executable: “chmod +x /home/myusername/bin/cloudflare_ddns.sh”
      1. The script requires two dependencies: curl and jq. In the case if you don’t have these popular programs, please install them. If you run the script, it will provide you with the information about the missing dependencies and where to get them. If you’re running ubuntu/debian, they you can just run “apt install curl jq
    3. test that the script is working as intended: “/home/myusername/bin/cloudflare_ddns.sh AAAAAAAAAAAA_BBBBBBBBBBBBBBB_CCCCCCCCCCC my.homesuperserver.com
      1. Make sure that you replaced “AAAAAAAAAAAA_BBBBBBBBBBBBBBB_CCCCCCCCCCC” with your real Cloudflare token and “my.homesuperserver.com” with your real server name.
      2. If something will go wrong, the script will tell you about it and you will need to correct the problem.
    4. run “crontab -e” (the first time you run it you will be prompted to choose your favorite text editor)
    5. add the following line to your crontab: “*/10 * * * * /home/myusername/bin/cloudflare_ddns.sh AAAAAAAAAAAA_BBBBBBBBBBBBBBB_CCCCCCCCCCC my.homesuperserver.com
  6. Go back to Cloudflare’s DNS dashboard and verify that your DNS entry (“my.homesuperserver.com” in our example) is indeed pointing to the right IP

You’re done! Until you decide to shut down your server, it will keep updating the DNS with your current home IP address and you can finally host your favorite server at home. You only need to set up that server, configure the firewall, … and do a lot of other things, but that’s a totally different topic. Good luck!

PS. If you’re running a Windows server you can follow the directions in this awesome post by June Castillote: https://adamtheautomator.com/cloudflare-dynamic-dns/

Leave a Reply