DynIP: Sub-Minute Dynamic DNS with RFC 2136, IPv6, and DNSSEC Built In

DynIP is a dynamic DNS service pitched at homelabbers and network operators who find typical DDNS offerings too slow and too limited. It claims end-to-end propagation in roughly 60 seconds via 60-second TTLs and NOTIFY-driven multi-region nameservers, a sharp contrast to the 30-minute cache windows common elsewhere. The service speaks RFC 2136 with TSIG natively, so FortiGate, MikroTik, OPNsense, and OpenWRT routers can push updates over standard DNS UPDATE rather than vendor-specific HTTP hooks.

The feature set leans toward modern network realities: dual-stack A and AAAA updates, IPv6-only zones for ISPs that have moved past CGNAT workarounds, and DNSSEC enabled by default with automated key generation and DS publication in the parent zone. Users can bring their own domain by delegating two NS records to dynip.dev, then carve out dynamic subdomains under their own namespace. A REST API, scoped API tokens, and a snippet generator for router CLIs round out the automation story.

Account controls include TOTP-based 2FA, per-token read-only or full-access scopes, and immediate account and zone deletion (billing records are retained seven years under Swedish law). The free tier covers basic use; API tokens and longer-lived automation credentials sit behind a Pro plan, with downgrades locking excess zones rather than deleting them.