Revision [3160]
This is an old revision of API Whitelist made by JeffTaylor on 2014-03-19 12:56:45.
DNS Whitelisting
Due to repeated amplification attacks, Tier-2 servers now have the option to only allow access from registered IP addresses. Please check the notes on the Tier2 wiki page to determine which servers are making use of this feature.Privacy is important, so we have taken steps to ensure that your identity is protected. When you register your IP address, your username is not passed to any of the servers. The servers will only receive a list of what addresses have been registered, nothing else.
Advantages
- Because these servers do not respond to attackers, you will receive faster responses to your DNS queries
Disadvantages
- When your IP address changes, there may be a 1-2 minute delay before you are able to make queries again. Fortunately IP address changes happen very rarely with most ISPs.
OK so how do I register my IP?
First you need an OpenNIC member account. Visit http://www.opennicproject.org/members/ and create a new account, or log in to your existing account.After signing in, towards the bottom of the page you will see a box marked "If you wish to register your IP for whitelisting". The command listed here contains your username and a unique hash to authenticate you.
Linux and MAC users should have access to the 'wget' command and may enter this command directly. You should have this command run when you boot your computer, and set up a cron job to renew your IP at least once a week. Most distributions will also provide a method to run the command any time your IP address changes.
Windows users can download a version of 'wget' from http://sourceforge.net/projects/gnuwin32/files/latest/download?source=files
You can create a batch file to run this script. You should set up a scheduled task from the control panel to run this script at least once per week to renew your IP.
IP addresses are registered for 4 weeks (28 days), however you are encouraged to renew your registrations more often. For example, if you are uncertain when your ISP might change your address you could refresh every 10 minutes. On the other hand, a server may only refresh once per week.
You may also register multiple IP addresses under your account. You may have a home desktop computer, a laptop, and a work computer, and you could register each one of these by running the wget command. After 4 weeks your old addresses will expire and be removed from the system. Alternatively, if you log in to the members page it will provide you with a list of the IP addresses you have registered. By clicking on any of these addresses, you will be shown when the IP was first registered and last renewed, and given the option to delete that address.
Setting up scripts can be an advanced subject. If you need assistance, please feel free to ask for help on the mailing list or in IRC.
