Amazon Web Services Tips


Associate Dynamic IP with DynDNS on Instance Startup - (Linux)

by Jeff Hunter, Sr. Database Administrator



On a normal startup, every Amazon EC2 instance will come with a private IP address, a dynamic Internet routable public IP address assigned from DHCP, and a dynamic domain name (hostname) associated with the public IP address. Access to the virtual server is provided through either the dynamic public IP address or the dynamic domain name. When the instance is started again, the default action is to assign another dynamic IP address (and new domain name) to the public IP address from DHCP. The same public IP address and domain name will not be associated with the instance on a restart. This is highly undesirable when the virtual servers are running critical services and needs to be restarted. For example, if one of the EC2 instances were running a web application and needed to be restarted, it would be unreachable by its previous domain name and public IP address. This could cause a significant amount of down-time if DNS had to be re-configured and updates needed to be propagated, especially if the application relies on inter-server communication.

One method to reduce down-time related with instance reboots is to automatically associate an Amazon Elastic IP address with the EC2 instance on startup. An Elastic IP address is a static IP address that can be assigned to an instance on startup using an EC2 startup script and user data. The Elastic IP address is entered into your DNS and provides a consistent domain name and IP address to access the virtual server. Although an Elastic IP address is free of charge while it is associated with a running instance, if an Elastic IP address is allocated and is not associated with an instance, the cost is $0.01/hr (at the time of this writing).

Another approach is to use a dynamic DNS resolution service which is the method described in this guide. This approach does not use a static IP address like when using an Elastic IP address but rather updates a DNS record configured with a dynamic DNS resolution service with the dynamic public IP address assigned to the EC2 instance when it starts. DynDNS and ZoneEdit are two popular dynamic DNS resolution services that work well with Amazon EC2 instances. Using DynDNS, you would first create a place holder record entry (domain name and dummy IP address) for your domain that you expect to be updated dynamically when the instance starts. For example, I would create an A-record with a static domain name (i.e. and set the IP address to some phony value like The IP address for this entry will be updated with the dynamic public IP address assigned to the instance when it starts. This provides a persistent domain name that can be used to access the virtual server each time it is started.

This guide provides instructions on using DynDNS. I felt that DynDNS offered better support and documentation on how to use their service. I also believe after researching the other alternatives that DynDNS provided better instructions on how to install and update clients using their ddclient utility.


Perform the following prerequisites on the target EC2 instance.

  1. If you haven't already done so, create a Dyn account.

  2. Sign up for either the DynDNS Pro or the Dyn Standard DNS service. Use the Dyn Standard DNS service if you have an existing domain or will be creating a new domain using their Domain Registration process. Note that Dyn offered a free non-commercial DNS account in the past; however, as of November 2011 that program has been deprecated.

    In this guide, I am signed up for the Dyn Standard DNS service and will be using the domain

    If using the Dyn Standard DNS service, log in to your Dyn account to add or create a domain (zone). From My Account, click on My Services and then click Add Zone Service to add or create your domain.

    Figure 1: DynDNS - Zone Level Services

  3. Create a place holder record for the DNS entry that you expect to be updated dynamically when the instance starts. In the following example, I will create a new A-record for the domain name along with a phony IP address. The IP address for this entry will be updated with the dynamic public IP address assigned to the instance when it starts.

    Figure 2: DynDNS - Add Hostname

Configure Target EC2 Instance with DynDNS

Install and configure DynDNS on the target EC2 instance.

  1. The DynDNS client (ddclient) requires the perl-IO-Socket-SSL module.

    # yum -y install perl-IO-Socket-SSL.noarch

  2. Download the ddclient client software from the DynDNS website or by using wget.

    # wget

  3. Extract the ddclient client software and copy the appropriate files.

    # gunzip ddclient.tar.gz # tar xvf ddclient.tar # cp ddclient-3.7.3/ddclient /usr/sbin # mkdir -p /etc/ddclient # cp ddclient-3.7.3/sample-etc_ddclient.conf /etc/ddclient/ddclient.conf

  4. Modify the /etc/ddclient/ddclient.conf configuration file and change the hostnames, logins, and passwords where appropriate. For example:

    # vi /etc/ddclient/ddclient.conf # --------------------------- # ddclient configuration file # --------------------------- daemon=300 # check every 300 seconds. syslog=yes # log update msgs to syslog. # mail all msgs to the admin account. # mail failed update msgs to the admin account. pid=/var/run/ # record PID in file. ssl=yes # use ssl-support. Works with ssl-library. login=Your_Dyn_Username # Dyn username password=Your_Dyn_Password # Dyn password # Dyn hostname (A-record entry). # Detect IP with our CheckIP server use=web,, web-skip='IP Address' # Default options protocol=dyndns2

  5. Copy the following file when using Redhat style rc files and using daemon-mode:

    # cp ddclient-3.7.3/sample-etc_rc.d_init.d_ddclient /etc/rc.d/init.d/ddclient

  6. Enable automatic startup of ddclient when booting the EC2 instance.

    # /sbin/chkconfig --add ddclient

  7. Optional: Create a startup script on the target EC2 instance that will manually change the hostname when the instance starts.

    # vi /etc/init.d/ec2-set-hostname #!/bin/bash # chkconfig: 2345 95 20 # processname: ec2-set-hostname # description: Manually change the hostname when the instance starts # Replace the following environment variables for your system export # Source function library . /etc/rc.d/init.d/functions # Source networking configuration [ -r /etc/sysconfig/network ] && . /etc/sysconfig/network # Check that networking is configured if [ "${NETWORKING}" = "no" ]; then echo "Networking is not configured." exit 1 fi start() { if [ -n "${EC2_HOSTNAME}" ] then hostname $EC2_HOSTNAME unalias cp cp -f /etc/sysconfig/network /etc/sysconfig/network.bak sed -ie 's/^\(HOSTNAME\)=.*$/\1='$EC2_HOSTNAME'/' /etc/sysconfig/network else echo "No hostname passed." fi } stop() { echo "Nothing to do here" } restart() { stop start } # See how we were called. case "$1" in start) start ;; stop) stop ;; restart) restart ;; *) echo $"Usage: $0 {start|stop|restart}" exit 1 esac exit $?

    Update the runlevel information for the new system service.

    # /bin/chmod +x /etc/init.d/ec2-set-hostname # /sbin/chkconfig --level 34 ec2-set-hostname on

  8. Manually start ddclient for the first time.

    # /etc/rc.d/init.d/ddclient start

    When the service starts, it will automatically update the IP address for the domain name you created in DynDNS (i.e. with the dynamic public IP address of the EC2 instance within 60 seconds.

    Figure 3: DynDNS - Verify DynDNS IP Address Updated

  9. Stop and Start the target EC2 instance to verify the domain name you created in DynDNS gets updated with the newly assigned dynamic public IP address of the instance. Do not test this by rebooting the instance. Rebooting an EC2 instance will use the same IP addresses from the previous session.

    Figure 4: DynDNS - Verify DynDNS IP Address Updated

  10. Now, every time the instance boots, it will update the appropriate entry in DynDNS with the new public IP address assigned to the instance. This provides a consistent hostname that can be used to access the virtual server.

    $ ping -c 3 PING ( 56(84) bytes of data. 64 bytes from ( icmp_seq=1 ttl=39 time=42.6 ms 64 bytes from ( icmp_seq=2 ttl=39 time=39.9 ms --- ping statistics --- 3 packets transmitted, 2 received, 33% packet loss, time 2000ms rtt min/avg/max/mdev = 39.938/41.271/42.605/1.348 ms $ ssh -i .ssh/idevelopment-ec2-key.pem The authenticity of host ' (' can't be established. RSA key fingerprint is 9d:55:57:6a:9c:25:4f:42:98:61:3e:92:c4:5e:fe:3b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ',' (RSA) to the list of known hosts. Last login: Mon Oct 1 22:31:48 2012 from [root@vmlinux1 ~]# hostname

About the Author

Jeffrey Hunter is an Oracle Certified Professional, Java Development Certified Professional, Author, and an Oracle ACE. Jeff currently works as a Senior Database Administrator for The DBA Zone, Inc. located in Pittsburgh, Pennsylvania. His work includes advanced performance tuning, Java and PL/SQL programming, developing high availability solutions, capacity planning, database security, and physical / logical database design in a UNIX / Linux server environment. Jeff's other interests include mathematical encryption theory, tutoring advanced mathematics, programming language processors (compilers and interpreters) in Java and C, LDAP, writing web-based database administration tools, and of course Linux. He has been a Sr. Database Administrator and Software Engineer for over 20 years and maintains his own website site at: Jeff graduated from Stanislaus State University in Turlock, California, with a Bachelor's degree in Computer Science and Mathematics.

Copyright (c) 1998-2017 Jeffrey M. Hunter. All rights reserved.

All articles, scripts and material located at the Internet address of is the copyright of Jeffrey M. Hunter and is protected under copyright laws of the United States. This document may not be hosted on any other site without my express, prior, written permission. Application to host any of the material elsewhere can be made by contacting me at

I have made every effort and taken great care in making sure that the material included on my web site is technically accurate, but I disclaim any and all responsibility for any loss, damage or destruction of data or any other property which may arise from relying on it. I will in no case be liable for any monetary damages arising from such loss, damage or destruction.

Last modified on
Wednesday, 21-Nov-2012 18:21:26 EST
Page Count: 643