How to Maintain Umbrella on Networks with Dynamic IP Addresses
Most home, small school, and small business networks are typically provisioned by Internet Service Providers (ISPs) that issue a dynamic IP address when defining each unique internet network. Chances are that you're using a dynamic IP address, even if you're not aware of it.
Dynamic IP address means that the 'public' IP of your network changes over time when the 'lease' for that IP address changes. Your IP may stay the same for several weeks, but the lease will eventually expire and be given to another customer of your ISP.
When the IP address you've registered with Umbrella changes, the Umbrella security settings no longer apply. These settings no longer match your account information and must be updated.
To avoid having to manually update this information, we recommend installing the Umbrella Dynamic IP Updater on at least one computer within the network that you've registered in Umbrella.
Navigate to Deployments > Core Identities > Networks, select the identity that's on a dynamic IP and check Dynamic.
- Click Save.
Download an Umbrella Dynamic IP Updater onto at least one computer in the network. The links to do this are below.
The Umbrella Dynamic IP Updater automates the discovery and registration of a network's IP address to your Umbrella account when the IP address changes. This ensures consistent protection provided by your Umbrella settings to your network and to all computers and devices that connect to your network.
To maintain and automatically update your dynamic IP when it changes, following these guidelines:
- The computer should be stationary to the network and not a laptop (only used in the network on which you are configuring Umbrella).
- The computer should always be powered on (or turned on before any other computers log onto the network.)
The software is available for Windows, Mac, and Linux.
Where do I Download an Umbrella Dynamic IP Updater Client?
You can find and download the official Dynamic IP updater clients for Windows, Mac, and Linux using the links in the following table. There are additional third-party clients and services available, but only the ones listed are supported byUmbrella.
|Umbrella Dynamic IP Address Updater Client||Notes|
|Windows IP Updater||This is the officially supported Umbrella Windows client, which sends your network's new IP Address to Umbrella whenever it should change.|
|This is the officially supported Umbrella Mac client, which sends your network's new IP Address to Umbrella whenever it should change.|
|Linux IP Updater||This links to the officially supported Umbrella Linux client, which sends your network's new IP Address toUmbrella whenever it should change.|
Dynamic IP Addresses: Technical Details and FAQ
What is dynamic DNS (DDNS)?
Many people get a dynamic Internet Protocol (IP) address assigned to them by their ISP or network operator. The alternative is a static IP address. If you're not sure which one you have, you likely have a dynamic IP address but contact your ISP to be sure.
It is difficult for public Internet resources to know how to find a webserver or mailserver or other Internet-addressable resource located at a dynamic IP address. DDNS provides a workaround, giving an individual a method of registering their current IP address with a third-party service on the web so they are publicly accessible and addressable, even as their IP address changes over time.
The below information still holds true, but the Umbrella Dynamic Update API gives you an easy way to distribute your dynamic IP changes to multiple services with a single update.
DNS-O-Matic is another option but not recommended as it is only designed for home users and may not be as reliable as the Dynamic Update API.
What are the DNS Request Types?
The following table explains the DNS Request Types that can be collected and listed in an Umbrella report.
DNS Lookup Type
|A||IPv4 address record||
Returns a 32-bit IP address, which typically maps a domain’s hostname to an IP address, but also used for DNSBLs and storing subnet masks
|AAAA||IPv6 address record||
Returns a 128-bit IP address that maps a domain’s hostname to an IP address
|MX||Mail exchange record||
Maps a domain name to a list of message transfer agents for that domain
|NS||Name server record||
Delegates a DNS zone to use the specified authoritative name servers
Pointer to a canonical name that returns the name only and is used for implementing reverse DNS lookups
|SOA||Start of authority record||
Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone
Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX
Carries extra data, sometimes human-readable, most of the time machine-readable such as opportunistic encryption, DomainKeys, DNS-SD, etc.
What is SmartCache?
Here's how it works: When an authoritative DNS provider suffers an outage, all of the Websites it provides service for are taken offline. They are inaccessible to everyone on the Internet. But no longer for Umbrella users. Our servers will now immediately look for the last known good address for the site in our caches, and use that to load the site. So effectively Umbrella users will be able to access websites that appear down for everyone else.
For our millions of users at businesses, schools, and libraries around the world, this saves them from Internet access interruptions.
Authoritative DNS outages happen frequently and can be a big problem. In March of 2009, it was reported that major authoritative DNS provider UltraDNS suffered an outage that took Salesforce.com, Amazon.com and Petco.com offline for several hours. And just recently in October 2016, an attack against DynDNS took down major chunks of the internet, including twitter.com and more.
In such cases, SmartCache fixes the inaccessibility problem and allows people to visit those sites despite the authoritative server outage.
This is just the latest in a long series of DNS innovations we've developed and passed on to you. Most recently it was blocking the Conficker worm from phoning home. By blocking the domain names the worm used, we were and continue to be able to protect people around the globe. We want our customers to know that we are committed to continually innovate and give you easy-to-use services that make your Internet experience better.
SmartCache is turned on by default for all users and only applies to queries where the authoritative server hands back a SERVFAIL response code or the query simply goes unanswered.
A list of other known DDNS clients that should work with Umbrella:
This free service gives you an easy way to distribute your dynamic IP changes to multiple services with a single update. Keep dynamic DNS hostnames and Umbrella updated at the same time.
A small updater program that helps keep your Dynamic IP information up to date on the Umbrella website. Also supports DNS-O-Matic and DynDNS.
|Windows||HomingBeacon Dynamic DNS Update Client||
ChangeIP’s Dynamic DNS update client supports Umbrella updates with version 220.127.116.11 and later.
DynSite is a shareware, that is you can try it for free for 30 days then you have to register your copy to obtain a license code (also called a serial number) if you want to keep using it. If you decide not to register you have to uninstall the program (from Control Panel > Add or Remove Programs icon.) Add the configuration file, aka the.dns file, to the right place.
|Windows||Dynamic IP Monitor||
There is a 60-minute trial version, and a full version for US$9.95. Umbrella is supported as a built-in option from version 3.2 on.
Instructions on using DynDNS Updater with Umbrella can be found here.
Want to learn more?
Visit our tutorial video here: Register & Protect Your Network