Since dyn.com stopped it's free service, and no-ip.com didn't work on my Fritz!Box, I've created a custom dyndns service with very little overhead. If you want to use it, you have to run your own DNS server for a zone that will be updated. Tested with Bind 9, might work with other named's, too.

It can be used to assign any hostname under DOMAIN to an IP address.

One part of the program, htdocs/index.php, has to be runned on an Apache server at http://DOMAIN/. You have to create a GPG key pair for signing. Update the configuration parameters in index.php, and allow your DNS host to access htdocs/tokens/ by editing htdocs/tokens/.htaccess. It stores tokens (a string of 32 hexadecimal characters) and their IP-Addresses. Any client can update to its own IP address by calling http://DOMAIN/TOKEN or http://DOMAIN/index.php?token=TOKEN. The webserver part does not know which token is assigned to which domain name!

The other part, bin/update-dyndns.sh DOMAIN, must be executed as cronjob on the maschine running Bind. Create a directory in /root/DOMAIN. In this directory, for every hostname (hostname.DOMAIN), create a random file whose name matches /^[a-f0-9]{32}/ (e.g. an md5 sum of a random input). This file contains the hostname, and nothing else. The filename is your token.

Additionally, you have to import the public key from the webserver's key pair (no need to trust it).

update-dyndns.sh will fetch the signed and compressed "token ip"-list from the web server, verifies the GPG signature and greps all valid pairs from it (ipv6 is allowed, too). If anything changed, it will assign the tokens to hostnames (using /root/DOMAIN/TOKEN files) and create a new zone file that will be placed at /etc/bind/zones/db.DOMAIN. After that, "rndc reload" is executed. All paths can be changed within the script file; in any case, remember to update the SOA section.

Please have a look at https://vcs.os.tasmiro.net/hg/public/dyndns.tasmiro.net and feel free to comment/patch/fork ;-)

I will add a more detailed explenation as soon as possible. After my son's birthday tomorrow.