Adding a Single-host OpenDNS Network Using SSH Port Forwarding

Posted on February 15, 2011 by ryan

OpenDNS is capable of adding entire networks into their database, however, a lot of times it is better and simpler to build your own recursive DNS to simplify not only your own setup, but also to simplify registration of your IP addresses, as OpenDNS requires extra validation for any network that contains more than one IP address.  By adding a host (like your recursive DNS server), you save the hassle of having OpenDNS approve it, and additionally are able to include local-only DNS apart from OpenDNS.  However, if you are running a minimal UNIX/Linux operating system without a GUI (you should be for this type of server), you run into the problem of how to register this IP.

OpenDNS requires that you use the actual host you are registering when you register a single IP network.  This can be accomplished by using a CLI web browser like Lynx, but the OpenDNS site is definitely not created to facilitate doing it this way.  Instead, you can use another host to have the web browser, and just forward the ports through the recursive server using SSH.

Requirements:

  • SSH server on the recursive name server
  • SSH client on your GUI client
  • A web browser on the client

I assume that you are using some using a UNIX/Linux operating system as the client, although it is feasible that you could use Windows and PuTTY.  I am using OSX.

The process is remarkable simple.

1. Forward your local port 80 and 443 through an SSH tunnel to your remote server

  • This won’t require root access on the remote server, but it will require root (or sudo) access on the local (client) machine, since you will be binding to ports lower than 1024.
  • You cannot have any local web server running while you do this, because this will require the normal web server ports.
  • Assuming that your remote username is john, that your remote host is dns.john.example.com, and that you are using the default SSH port (22) for the server, use this command to connect up the port forwarding.  Note that it will still open up a shell for you, and that when you exit the shell, the port forwarding will stop.
    sudo ssh john@dns.john.example.com -L 80:www.opendns.com:80 -L 443:www.opendns.com:443

2. Point all opendns.com and www.opendns.com traffic to 127.0.0.1

Edit -etc-hosts, and add the following:

127.0.0.1 www.opendns.com
127.0.0.1 opendns.com

3. Open your web browser to opendns.com, and add the network.

  1. Browse to opendns.com in your browser.  When you get there, look at the top, and make sure that it is seeing the forwarded server’s IP address.
  2. Log In.
  3. Go to the Dashboard.
  4. Go to Settings.
  5. The IP address is probably already entered.  Ensure that it is correct, and add it.
  6. Log off.

4. Clean up.

  1. Close your SSH session.  This should stop the port forwarding as well.
  2. Revert your -etc-hosts file.

     Just remove the lines that we added in step 2.

That’s it.  You’ve successfully added that remote server to OpenDNS, and you were able to do it from a complete web browser rather than having to use Lynx.

P.S. For the record, I love Lynx.

 It’s just rather difficult to use with sites that use as much Javascript as the OpenDNS site.

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>