DDNS updating without RFC 2136 can be configured by navigating to Services | Dynamic DNS and clicking on the Dynamic DNS tab (the first tab). This tab will show you a table with all the DDNS clients that have been added.

To utilize DDNS, you must first find someone that provides DDNS services. Your ISP may provide DDNS services; if not, there are several organizations that provide DDNS services for a variety of costs (some provide them for free). Cost, ease of use, and the existence of additional security features (such as invisible domains) are all factors you might consider when choosing a service.

Once you have chosen a DDNS service, you can begin the configuration process from your DDNS service's website. First, you will need to create at least one (sub) domain. Here we can see one such domain configuration page; this one is from the DuckDNS website. Once you have created a domain, you need to find out the username and password (if any) that are required for the service, as well as the update URL. You should be able to find this information on the service's website.

Once you have this information, you can go back to the Dynamic DNS page in the pfSense web GUI, make sure you have selected the Dynamic DNS tab, and click on the green +Add button to add a DNS client. This will launch the client configuration page.

The first option on the page is the Disable this client checkbox. This allows you to enter the client information without activating DDNS. The Service Type drop-down box allows you to select your service from a number of options; many DDNS service providers are listed here (in some cases, there are multiple listings for the same provider). Select your provider here; if there is more than one listing for your provider, check your provider's website for guidance on which option to choose. If your provider is not listed, you can select Custom.

Note that if you select Custom, several options will appear below the Service Type drop-down box that would not appear otherwise. The Enable verbose logging checkbox, if checked, provides more detailed logging information. Normally, if both IPv4 and IPv6 addresses are enabled, IPv6 addresses will be preferred, but if you want IPv4 resolution instead, you can check the Force IPv4 resolving checkbox. Finally, Verify SSL peer will cause libcurl to verify peer certificates, thus providing the greatest possible level of security on SSL/TLS connections between pfSense and the DDNS provider.

If you do not select Custom, then the next option will be the Interface to monitor drop-down box. In virtually all cases, this should be set to WAN. In the Hostname edit box, you need to enter the fully qualified hostname of the hostname you added on your service provider's website. The MX edit box allows you to add an IP address of a mail server. Not all services allow you to set up a separate mail server, but if yours does, this is where you would specify it. The Enable Wildcard checkbox, if checked, causes anything typed before your domain name to resolve to your domain name: for example, if your domain name is mydomain.duckdns.org, www. mydomain.duckdns.org will resolve to mydomain.duckdns.org. The Enable verbose logging option provides for a more verbose level of logging, which can be helpful in troubleshooting.

Finally, the Username and Password fields are where you enter the username and password combination you got from your DDNS provider's website. You may be able to leave these fields empty; in other cases, you may have to enter an API user/ key combination or some other key or token. Finally, in the Description field you can enter a brief description. Press the Save button at the bottom of the page to save the client information. This should return you to the page with the DDNS client table, and the entry you just made should be in the table.

Once you have entered the DNS client information, you still need a means of sending out DNS changes to your DDNS provider. This often comes in the form of updater software that must be run on one of your computers. Once the software is installed, the parameters that you must enter may include such things as:

• The domain which you want to update
• A token or some other kind of identifier
• The refresh interval (5 minutes, 10 minutes, and so on)

The software may also provide a means of forcing an update, so that when your WAN address changes, you don't have to wait for the automatic update. Your DDNS provider will have more detailed information on how to install and configure your updater software.