Maintain Networks with Dynamic IP Addresses
Available Languages
Contents
Introduction
This document describes how to manage networks with Dynamic IP addresses in Cisco Umbrella.
Prerequisites
Requirements
There are no specific requirements for this document.
Components Used
The information in this document is based on Cisco Umbrella Dynamic IP Updater.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.
Maintain Umbrella on Networks with Dynamic IP Addresses
Most home, small school, and small business networks are typically provisioned by Internet Service Providers (ISPs) that issue a dynamic IP address when defining each unique internet network. Chances are that you are using a dynamic IP address, even if you are not aware of it.
Dynamic IP address means that the public IP of your network changes over time when the lease for that IP address changes. Your IP can stay the same for several weeks, but the lease eventually expires and is given to another ISP user.
When the IP address that you registered with Umbrella changes, the Umbrella security settings no longer apply. These settings no longer match your account information and must be updated.
To avoid having to manually update this information, Cisco Umbrella recommends installing the Umbrella Dynamic IP Updater on at least one computer within the network that you registered in Umbrella:
1.Navigate to Deployments > Core Identities > Networks, select the identity that is on a dynamic IP and select Dynamic.
2. Select Save.
3. Download an Umbrella Dynamic IP Updater onto at least one computer in the network. The links to do this are listed later in this article.
The Umbrella Dynamic IP Updater automates the discovery and registration of a network IP address to your Umbrella account when the IP address changes. This ensures consistent protection provided by your Umbrella settings to your network and to all computers and devices that connect to your network.
To maintain and automatically update your dynamic IP when it changes, use these guidelines:
- The computer must be stationary to the network and not a laptop (only used in the network on which you are configuring Umbrella).
- The computer must always be powered on (or turned on before any other computers log onto the network.)
- The account used with the updater must be listed as an admin of the dashboard for the organization to which the network is registered.
The software is available for Windows and Mac.
Note: In addition to the Umbrella Dynamic IP Updater, most Dynamic DNS (DDNS) clients works to achieve the same purpose of keeping your network updated. However, any DDNS 3rd party clients cannot be supported by Support. If you are developing your own Dynamic DNS client, read more in this link for related information.
Where to Download an Umbrella Dynamic IP Updater Client
You can download the official Dynamic IP updater clients using the files attached at the bottom of this article (Windows and Mac OS). There are additional third-party clients and services available, but only the ones listed are supported by Umbrella.
| Umbrella Dynamic IP Address Updater Client | Notes |
|
Windows IP Updater |
This is the officially supported Umbrella Windows client, which sends the new IP Address of your network to Umbrella whenever it needs to change. |
|
Mac IP Updater |
This is the officially supported Umbrella Mac client, which sends your the new IP Address of your network to Umbrella whenever it needs to change. |
Dynamic IP Addresses: Technical Details and FAQ
Dynamic DNS
Many people get a dynamic Internet Protocol (IP) address assigned to them by their ISP or network operator. The alternative is a static IP address. If you are not sure which one you have, you likely have a dynamic IP address but contact your ISP to be sure.
It is difficult for public Internet resources to know how to find a webserver or mailserver or other Internet-addressable resource located at a dynamic IP address.
DDNS provides a workaround, giving an individual a method of registering their current IP address with a third-party service on the web so they are publicly accessible and addressable, even as their IP address changes over time.
The information later in this article still holds true, but theUmbrella Dynamic Update APIgives you an easy way to distribute your dynamic IP changes to multiple services with a single update.
DNS-O-Maticis another option but not recommended as it is only designed for home users and do not tend to be as reliable as the Dynamic Update API.
DNS Request Types
This table explains the DNS Request Types that can be collected and listed in an Umbrella report.
|
DNS Lookup Type |
Description |
Function |
|
A |
IPv4 address record |
Returns a 32-bit IP address, which typically maps a domain’s hostname to an IP address, but also used for DNSBLs and storing subnet masks |
|
AAAA |
IPv6 address record |
Returns a 128-bit IP address that maps a domain’s hostname to an IP address |
|
MX |
Mail exchange record |
Maps a domain name to a list of message transfer agents for that domain |
|
NS |
Name server record |
Delegates a DNS zone to use the specified authoritative name servers |
|
PTR |
Pointer record |
Pointer to a canonical name that returns the name only and is used for implementing reverse DNS lookups |
|
SOA |
Start of authority record |
Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone |
|
SRV |
Service locator |
Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX |
|
TXT |
Text record |
Carries extra data, sometimes human-readable, most of the time machine-readable such as opportunistic encryption, DomainKeys, DNS-SD, and so on. |
SmartCache
When an authoritative DNS provider suffers an outage, all of the Websites it provides service for are taken offline. They are inaccessible to everyone on the Internet. But no longer for Umbrella users. Our servers now immediately looks for the last known good address for the site in our caches, and use that to load the site. So effectively Umbrella users is able to access websites that appear down for everyone else.
For our millions of users at businesses, schools, and libraries around the world, this saves them from Internet access interruptions.
Authoritative DNS outages happen frequently and can be a big problem. In March of 2009, it was reported that major authoritative DNS provider UltraDNS suffered an outage that took Salesforce.com, Amazon.com and Petco.com offline for several hours. And in October 2016, an attack against DynDNS took down major portions of the internet, including twitter.com and more.
In such cases, SmartCache fixes the inaccessibility problem and allows people to visit those sites despite the authoritative server outage.
This is just the latest in a long series of DNS innovations that Cisco Umbrella developed and passed on to you. Most recently it was blocking the Conficker worm from phoning home. By blocking the domain names the worm used, we were and continue to be able to protect people around the globe.
SmartCache is turned on by default for all users and only applies to queries where the authoritative server hands back a SERVFAIL response code or the query simply goes unanswered.
Other Known DDNS Clients that are Likely to Work with Umbrella
|
Service |
DNS-O-Matic |
This free service gives you an easy way to distribute your dynamic IP changes to multiple services with a single update. Keep dynamic DNS hostnames and Umbrella updated at the same time. |
|
Windows |
Marcs Updater |
A small updater program that helps keep your Dynamic IP information up to date on the Umbrella website. Also supports DNS-O-Matic and DynDNS. |
|
Windows |
HomingBeacon Dynamic DNS Update Client |
ChangeIP’s Dynamic DNS update client supports Umbrella updates with version 3.0.0.6 and later. |
|
Windows |
DynSite |
DynSite is a shareware, that is you can try it for free for 30 days then you have to register your copy to obtain a license code (also called a serial number) if you want to keep using it. If you decide not to register you have to uninstall the program (from Control Panel > Add or Remove Programs icon.) Add the configuration file, aka the.dns file, to the right place. |
|
Windows |
Dynamic IP Monitor |
There is a 60-minute trial version, and a full version for US$9.95. Umbrella is supported as a built-in option from version 3.2 on. |
|
Windows |
DynDNS Updater |
Instructions on using DynDNS Updater with Umbrella can be found here. |
|
Linux |
ddclient |
An open-source dynamic IP updater client written in Perl. |
Want to Learn More?
- Visit our tutorial video here: Register & Protect Your Network
Revision History
| Revision | Publish Date | Comments |
|---|---|---|
1.0 |
03-Sep-2025
|
Initial Release |
FeedbackContact Cisco
- Open a Support Case
- (Requires a Cisco Service Contract)