Date:Posted By:Category:Blog

Automation to update BIND with IPv4 and IPv6 from OPNSense and Portainer

If you have a homelab and use BIND with your OPNSense and Docker (w/Portainer), this might be of interest! There are a few details that require either setup or creation, such as the Redis server and the API credentials that will be required to interact with your environment.

After running a homelab with internal BIND DNS setup for a while, and did not explore the built-in that OPNSense has (wanted to learn-it-all), and then wanted to resolve IPv6 hostnames (fqdns because + localdomain.tld) for my network this became an eventual desire and then creation. It uses the OPNSense API as well as the Portainer API, then directly and securely interacts with BIND via TSIG.

In previous blog entries I’ve covered some of the elements of using the OPNSense to dynamically update the BIND entries from DHCP and as DHCPv6 doesn’t make its way over, this really finishes that leg too. The authentication will be the same, you will need to identify the host providing the update and put the TSIG details in the same fashion.

Please feel free to check it out, comment, or even suggest how else one would do the same in a different way:

Homelab DNS Updater (Github)

This script automates dynamic DNS updates for a homelab network using Bind9, Redis, OPNsense, and Portainer. It synchronizes device hostnames, IP addresses, and MAC addresses between your network infrastructure and DNS records.

Prerequisites

Software Dependencies:

  • Python 3.x (tested with 3.9+)
  • Redis server (redis)
  • OPNsense firewall (API enabled)
  • Bind9 DNS server configured with TSIG key for updates
  • Portainer (for Docker container metadata, optional)

Install required Python packages:

pip install redis requests dnspython python-dotenv configparser

We might try to include other container management surfaces in the future, for now it is just Portainer which you can find out more about at https://www.portainer.io/portainer-tutorials.

The Github repo is the correct place to read documentation, and provide feedback, but feel free to comment here too if so wish, and thank you!

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.