As internet service providers (ISPs) begin rolling out IPv6-only connections, many tech-savvy users—especially those trying to self-host services—are facing new challenges. One such example is JioFiber in India, which offers native IPv6 but no public IPv4. If you're trying to run a home server, access a NAS remotely, or manage your smart home dashboard from anywhere, Dynamic DNS (DDNS) becomes essential.
In this post, I’ll guide you through setting up a Dynamic DNS solution for IPv6 using Cloudflare and wildcard domains, ideal for scenarios like these.
The Problem
- With ISPs like JioFiber:
- No public IPv4 address
- Dynamic and often-changing IPv6 addresses
- Traditional DDNS providers (like No-IP or DynDNS) don't support IPv6-only use cases well
- Difficult to host or expose services to the public internet
The Solution: Cloudflare DDNS for IPv6
Using Cloudflare’s API and a simple Bash script, we can automatically update a wildcard AAAA (IPv6) DNS record whenever your IPv6 address changes.
This method supports:
- IPv6-only networks (like JioFiber)
- Custom domains hosted on Cloudflare
- Wildcard subdomains (*.yourdomain.com)
- Linux servers or Raspberry Pi as update clients
Requirements
To implement this, you’ll need:
- A domain name (e.g., opensio.co.in)
- Cloudflare DNS for your domain
- Cloudflare API Token, Zone ID, and Record ID
- A Linux system with: curl, jq, cron (for automation)
Create a Cloudflare API Token
Log in to your Cloudflare dashboard.
Go to My Profile > API Tokens.
- Click Create Token.
- Use the "Edit zone DNS" template.
- Limit the token’s access to the relevant zone (your domain).
- Click Continue to Summary and Create Token.
- Copy and securely store your API token.
Get Your Zone ID and Record ID
Zone ID
Go to your domain’s Overview page in Cloudflare.
Look under API > Zone ID.
DNS Record ID
Use the following command to list DNS records:
curl -X GET "https://api.cloudflare.com/client/v4/zones/YOUR_ZONE_ID/dns_records" \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "Content-Type: application/json"
Locate your AAAA record and note its ID.
The Script
Create the script at /usr/local/bin/cloudflare_ddns.sh:
sudo nano /usr/local/bin/cloudflare_ddns.sh
#!/bin/bash
set -euo pipefail
IFS=$'\n\t'
# Cloudflare API details
CLOUDFLARE_API_TOKEN="your_api_token_here"
CLOUDFLARE_ZONE_ID="your_zone_id_here"
CLOUDFLARE_AAAA_RECORD_ID="your_record_id_here"
DOMAIN_NAME="*.opensio.co.in"
# Get current IPv6
CURRENT_IPV6=$(curl -s http://ipv6.icanhazip.com | tr -d '\n')
[[ -z "$CURRENT_IPV6" ]] && { echo "No IPv6 found"; exit 1; }
# Get current DNS value
DNS_IPV6=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records/$CLOUDFLARE_AAAA_RECORD_ID" \
-H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
-H "Content-Type: application/json" | jq -r .result.content)
# Update if needed
if [ "$CURRENT_IPV6" != "$DNS_IPV6" ]; then
echo "Updating wildcard AAAA record to $CURRENT_IPV6"
RESPONSE=$(curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records/$CLOUDFLARE_AAAA_RECORD_ID" \
-H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
-H "Content-Type: application/json" \
--data "{\"type\":\"AAAA\",\"name\":\"$DOMAIN_NAME\",\"content\":\"$CURRENT_IPV6\",\"ttl\":1,\"proxied\":false}")
if echo "$RESPONSE" | jq -e '.success' | grep -q true; then
echo "Update successful!"
else
echo "Update failed:"
echo "$RESPONSE"
exit 1
fi
else
echo "No change in IPv6. DNS is up to date."
fi
Make the script executable:
sudo chmod +x /usr/local/bin/cloudflare_ddns.sh
Automate with Cron
sudo crontab -e
Add this line to run the script every 5 minutes:
*/5 * * * * /usr/local/bin/cloudflare_ddns.sh >> /var/log/cloudflare_ddns.log 2>&1
Allow Inbound Traffic on JioFiber Router
- Log in to your JioFiber router admin panel.
- Navigate to Security > Firewall > IPv6 Firewall Rules.
- Allow incoming HTTP (port 80) and HTTPS (port 443) traffic to your device’s IPv6 address.
You now have a fully functional Dynamic DNS setup for an IPv6-only network using Cloudflare, supporting wildcard subdomains. You can use *.opensio.co.in to access any service you’re hosting at home.
