Google Domains

Domain regstration and DNS for DUGAS.CC and DUGASENTERPRISES.COM have been provided by for many years but I’ve just moved them to Google Domains saving me some money.  Dyn’s costs have gone up dramatically over the past few years until it now costs $75/year for registration and DNS for a single .COM domain and $105 for a .CC.  Google charges only $12 and $20 respectively saving me $145.year on only two domain.  There are two hitches that I’ve run into – DDNS and IPv6.

Dynamic DNS Support

The Sophos UTM9 firewall I’m using runs ddclient under the hood to handle dynamic DNS updates. Google Domains supports dynamic updates using their own protocol as well as DynDNS-2.  The version of ddclient on the firewall doesn’t include support for Google domains but it works fine with the other protocol.  It’s not supported in the UTM’s UI so I manually created the config in /etc/ddclient/google.conf and added /etc/crontab.ddclient-google to run ddclient every 5 minutes.

The ddclient config:

use=if, if=eth1,, protocol=dyndns2, login=XXX, password='YYY'

Note the XXX and YYY strings need to be copied from the Google Domains admin interface.

The crontab file:

*/5 * * * * root /usr/sbin/ddclient -daemon=0 -file=/etc/ddclient/google.conf

The UTM machine regenerated /etc/crontab and it’s now ensuring the address is updated every 5 minutes.

IPv6 Support

It seems Google doesn’t think the IPv6 address my ISP assigns are going to change much at all.  They don’t support dynamic updates for AAAA records.  On the other hand, the UTM has logic to propagate changes in the delegated address blocks from the ISP to internal interfaces.  I’ve see that delegation change at least once but I’m not sure if it does very often.  I find the different apparent positions to be curious.  Not sure if I should be worried about this.  At first glance, it seems shortsighted.