In this article

Use this article to configure Dynamic DNS (DDNS) hostnames for networks with changing public IP addresses.

DNSFilter supports both static IP addresses and Dynamic DNS hostnames. Dynamic DNS is recommended when a network’s external (egress) IP address may change, such as in small office or home office environments.

When a public IP address changes and the dashboard is not updated, DNSFilter will no longer recognize traffic from that network. As a result, DNS resolution will stop until the IP address is updated, producing a specific type of block page message, the "Unknown Page":

All DDNS hostnames are checked automatically every 60–90 seconds. Some providers support near-instant updates.

Configure Dynamic DNS for networks with dynamic IP addresses

If the public IP address can change, configure:

• A Dynamic DNS hostname with a provider
• An updater service on the network to keep the hostname in sync with the current IP address

Most routers, firewalls, and network appliances include built-in DDNS functionality. Alternatively, install updater software on a server or workstation inside the network.

Recommended updater tools:

• Windows: Marcs Updater
• Linux/macOS: ddclient

After configuring the hostname and updater, add the Dynamic DNS hostname to the appropriate Site in the DNSFilter dashboard. As the updater sends changes to the provider, DNSFilter automatically updates its records.

⚠️ When adding multiple IPs or hostnames to a Site, ensure the Dynamic DNS hostname does not resolve to one of the DNSFilter resolver IP addresses. This will cause a configuration error.

Supported Dynamic DNS providers

DNSFilter supports all Dynamic DNS providers. However, some providers allow faster synchronization due to direct integration.

Supported providers typically use HTTP-based update methods.

Example supported providers:

• DynDNS
• no-ip 
• NameCheap 
• Zoneedit 
• Hurricane Electric and Tunnelbroker 
• Dynu 
• Afraid.org 
• ChangeiP 
• TP-Link

If using a provider not on the supported list:

• The update device must not use DNSFilter for DNS resolution during the update process, because DNSFilter will block update requests from unknown IP addresses
• DNSFilter will automatically check the hostname every 90 seconds, which may introduce a short delay

Some networking equipment and updater tools allow specifying a separate DNS server for the Dynamic DNS lookup process.

Mikrotik routers

Mikrotik routers can integrate with supported providers using the fetch command.

The fetch command must use the url property instead of address and src-path:

url="http://members.dyndns.org/nic/update?hostname=$hostname&myip=$currentIP"

Mikrotik also includes its own Dynamic DNS service (IP Cloud). To enable:

/ip cloud set ddns-enabled=yes
/ip cloud print

Use the returned dns-name value in the DNSFilter dashboard.

FRITZ!Box devices

Many FRITZ!Box devices use ISP-configured DNS servers and do not allow overriding DNS behavior.

To use Dynamic DNS with FRITZ!Box, select User-defined in the Dynamic DNS settings and enter:

http://dyndns.dnsfilter.com/nic/update?hostname=YourDynDNSHostname&myip=<ipaddr>&username=YourDynDNSUsername&password=YourDynDNSPassword&updater=fritz

Enter the hostname, username, and password associated with the Dynamic DNS account.

This sends the update to DNSFilter first, allowing DNSFilter to update its records before forwarding the request to the original provider.

Using custom update URLs

If the update device cannot use DNSFilter for DNS resolution, or must use another DNS server, configure the Dynamic DNS updater to use:

dyndns.dnsfilter.com

Keep all other update parameters the same. DNSFilter will process the update and forward it to the original provider as required.