Skip to content

DNS

Jump to bottom
Brent Baccala edited this page Aug 13, 2024 · 5 revisions

DNS Configuration

Before installing a Big Blue Button server, you must already have allocated a DNS name and arranged for it to point to the IP address of the server.

Exactly how to do that is somewhat beyond the scope of these instructions, since it depends heavily on your DNS provider and your DNS configuration, but I will explain several ways that I do this for my installation.

Finding the server's IP address is complicated by two things. First, the server is almost always behind a NAT gateway, so the IP address configured on its interface is not the address by which it appears to the Internet, and second, that public IP address (at least in the case of Amazon Web Services) will change every time the machine is restarted.

1. Static DNS

The oldest and simplest way is to arrange for your machine to have a static IP address, then set your DNS A record to point to that address. On AWS, this would be done by assigning an "Elastic IP Address" to the instance. AWS does charge extra for this service, and I do prefer the flexibility of allowing my IP address to change, so while I have used this method, I prefer to avoid it.

2. Dynamic DNS through Google Domains

My DNS server is through Google, which supports dynamic DNS (i.e, the IP address can be changed using an API). Here's what my DNS configuration screen looks like:

screenshot of Google DNS configuration

I've added the DNS name collaborate.freesoft.org as a "Dynamic DNS" record which has username and password credentials.

I'll use those credentials to update my DNS record once I know my server's IP address.

If you're using hibernation on AWS without an elastic IP address (the AWS language for a fixed IP address), set your DNS timeout to 1 minute (the smallest possible value), because the server's IP address will change every time it comes out of hibernation.

To obtain the server's IP address, I'll use a service provided by Amazon that returns an instance's current public IP address to a HTTP GET from that instance.

The ddclient program will run as a daemon, monitoring the system's IP address and updating the DNS records when it changes. (It might not need to run as a daemon; perhaps only running it when the system boots would be enough.)

sudo apt install ddclient

The Debian configuration script asks a bunch of questions that I just step through, because I've already got a ddclient.conf file prepared for this DNS name, Google's dynamic DNS service, and pystun:

protocol=dyndns2
login=XXXXXXXXXXX
password=XXXXXXXXXX
server=domains.google.com
use=cmd
cmd="/usr/bin/wget -qO- http://169.254.169.254/latest/meta-data/public-ipv4"
ssl=yes
collaborate.freesoft.org

Obviously, use the username and password credentials obtained from Google.

I put this file into /etc/ddclient.conf, edit /etc/default/ddclient to set run_daemon="true", then stop and restart the ddclient service:

sudo systemctl restart ddclient

A quick tail /var/log/syslog should indicate that the system has determined its public IP address and registered it with the DNS server.

It typically takes 2 or 3 minutes for this information to propagate through the Internet and appear in the answer to my DNS queries:

baccala@samsung:~$ nslookup collaborate.freesoft.org
Server:    127.0.0.53
Address:   127.0.0.53#53

Non-authoritative answer:
Name:    collaborate.freesoft.org
Address: 54.196.224.190

3. Dynamic DNS through Amazon Web Services

If both your server instance and your DNS service are through Amazon, you can configure your instance with permission to update its own DNS record.

To do this, I used ddclient with the nsupdate-aws package (in the freesoft.org repository; source code in my NPDC respository), which installs a shell script that mimics the nsupdate program, using the AWS command line client to actually set the DNS record. Use the associated create-DNS-updater and UpdateSpecificDNSRecordPolicy.json files in the NPDC repository to create the AWS access key required by nsupdate-aws.

4. Getting the server's public IP address another way

Most of the cloud providers provide some way of easily obtaining the instance's public IP address.

However, it might not be that easy. For example, some of my machines run behind consumer-grade routers on residential broadband links. These routers provide no easy means to obtain their public IP addresses.

In this case, to obtain the server's IP address, I used the pystun program, which queries a public STUN server to find out its current public IP address. There are several versions of this program. Only the Python 2 version seems to currently work, so I install it using these commands:

sudo apt install python-pip
sudo pip install pystun

and use the line cmd=/usr/local/bin/pystun in the ddclient.conf file.

Clone this wiki locally