Kubernetes Home – what do you do if your ISP changes your IP addresses?

&gt; <i>what do you do if your ISP changes your IP addresses?</i><p>I update the DNS record. Manually. It&#x27;s a once in a blue moon thing, and I assume the probability of it is low enough that it will not occur when I&#x27;m so far from home that &quot;it can wait until I get home&quot; doesn&#x27;t suffice.<p>15+ years or so now, and that strategy has worked just fine.<p>… TFA&#x27;s intro could do with explaining why the IP is so hard coded in the cluster, or in the router? My home router just does normal port-forwarding to my home cluster. My cluster … doesn&#x27;t need to know its own IP? It just uses normal Ingress objects. (And ingress-nginx.) I&#x27;m wondering if this is partly complexity introduced by having a |cluster| &gt; 1, and I&#x27;m just on duck tales here. Y&#x27;all have multiple non-mobile machines? (I have a desktop &amp; a laptop. I&#x27;m not running k8s on the laptop… because it&#x27;s a laptop. I … suppose I could … and deal with connectivity to the desktop with like Wireguard or something but … why?)<p>My previous ISP offered static IP addresses, and I had one, since I had a somewhat special offer where the price wasn&#x27;t terrible. It changed on me one day. They refused to fix that. I was very disappointed.

Crazy that someone is using something as complex as k8s on a home server and without knowing basics.<p>Newbies are better served starting with the simple stuff and then moving to the complex if needed

How about a wireguard tunnel from an ingress box? You still pay for one VPS, but can run everything locally and just load balance at the ingress. I just manually add configs to nginx, but there are automated tools too.

This is an example of optimizing something that shouldn&#x27;t exist. They can simplify all of this by adding Cloudflare tunnel or Wireguard to proxy traffic from the outside world to a k8s Service running in the cluster.

I have one A record for my home ip address. This is dynamically updated by my router whenever the public IP address changes. Everything else is a CNAME pointing at the A record. Completely set and forget and supported by most of the shelf consumer routers or router OS like vyos.<p>This is a much preferable solution to me as there are no changes to external-dns resources when the public IP changes. Granted, i don’t run a dual stack setup.

Kubernetes admin here with ~2y experience. Since a lot of you have misconception of what this guy is doing I will try to explain. Author wrote a piece of code which will interact with network gateway to get IPv4&#x2F;IPv6 network address and then update kubernetes configuration accordingly from within a container running on said cluster. That seems to be needed, because MetalLB component in use exposes kubernetes deployments in cluster via predefined IPv6 network address pool which is given from ISP, so if that changes, cluster configuration should change too. This is one of most bizarre things I have read about kubernetes this year and probably shouldn&#x27;t exist outside a home testing environment, but hey, props to author for coming up with such idea.

&quot;My ISP is in total control over my external IP addresses. I don’t pay for permanent IP addresses, and while they haven’t so far changed neither my IPv4 address or my IPv6 network, it can happen. Probably by mistake, since I have no kept my current ones for three months&quot;<p>If you can&#x27;t shell a buck or persuade your isp to reserve a static ip for you. Try to persuade their dhcp server.<p><a href="https:&#x2F;&#x2F;datatracker.ietf.org&#x2F;doc&#x2F;html&#x2F;rfc2131#section-3.5" rel="nofollow">https:&#x2F;&#x2F;datatracker.ietf.org&#x2F;doc&#x2F;html&#x2F;rfc2131#section-3.5</a><p>And, again, if you can&#x27;t handle fundamentals, drop the Google level tech. You are not that deep.

Holy cow, I&#x27;ve been doing kubernetes for 8+ years at this point. No idea why your home IP address would change a single thing in kubernetes.

Uhh. What is all this for? My IP address can change. I just use a dynamic DNS client to update my DNS record using my registrar&#x27;s API. It&#x27;s been this way since, like, 2001? (Well, most registrars didn&#x27;t have APIs back then, but there was dyndns).

Nothing, inside the network addresses don&#x27;t change, so K8S will never see anything change even if your external addresses update.

Thanks for the post. I ran into the same issue with assigning IPv6 addresses to k8s pods. Wish there were easier solutions to handle the prefix changing.

Dealing with changing residential ips is nothing new. It&#x27;s interesting to see how it&#x27;s still being solved for even in this overly complex k8s landscape we find ourselves in now.<p>Back in the day we&#x27;d use free services like <a href="https:&#x2F;&#x2F;freedns.afraid.org&#x2F;" rel="nofollow">https:&#x2F;&#x2F;freedns.afraid.org&#x2F;</a> on a cron to refresh the ip every so often.<p>I used afraid to refresh my dial up ip address, for my &quot;hosting service&quot; domain. The &quot;hosting service&quot; was an old tower pc living in the cabinet underneath a fish tank. Ops was a lot different back then...<p>Nowadays, if you&#x27;re poking holes in your firewall and exposing your ip address to the world, you&#x27;re doing it wrong. We&#x27;ve moved away from that model. There&#x27;s no need to do that and expose yourself in those ways, when you can instead tunnel out. Cloudflare&#x2F;argo tunnels, or tailscale tunnels, dial out from your service and don&#x27;t expose your system directly to the open internet. Clourflare will even automagically set the dns for your domain to always route through that tunnel. Your isp allocated ip address is irrelevant, and nothing ever needs it because nothing ever routes to it. Your domain routes to a cf endpoint, and your system tunnels out to it, meeting in the middle. No open ports, no firewall rules, no NAT bs. Only downside is, you&#x27;re relying on and trusting services like cf and tailscale.

You update your cluster with your new IP address.<p>How you do that depends on your level of expertise.

&gt; what do you do if your ISP changes your IP addresses?<p>You use dyndns

My experience is this is no longer a problem. Ever since the US gov legalized data mining&#x2F;spying&#x2F;tracking I have not had my residential IP change. I think its more profitable to spy by essentially giving &quot;free&quot; static IPs to all customers.

This could all be solved using HE.net tunnel broker for free…

Huh? I host my domain with Namecheap and it&#x27;s a simple curl command to update my DNS daily on my Pi. Why all this?