whoshoe
February 18, 2022, 3:43pm
1
Hi guys,
I am using google.com provider in DDNS service. It was working with the old version but with 21.02.2 I just constantly get an error:
curl: (28) Failed to connect to domains.google.com port 443 after 134469 ms: Operation timed out
I have tried certificate path, directory, IGNORE and even without certificate.
My config looks like this:
config ddns 'global'
option ddns_dateformat '%F %R'
option ddns_loglines '250'
option ddns_rundir '/var/run/ddns'
option ddns_logdir '/var/log/ddns'
config service 'ipv4_preset'
option service_name 'google.com'
option enabled '1'
option lookup_host 'proxy.xxxxxx.com'
option use_ipv6 '0'
option domain 'proxy.xxxxxx.com'
option username 'xxxxxxx'
option password 'xxxxxxx'
option ip_source 'network'
option ip_network 'wan'
option interface 'wan'
option use_syslog '2'
option check_unit 'minutes'
option force_unit 'minutes'
option retry_unit 'seconds'
option use_https '1'
option check_interval '5'
option cacert '/etc/ssl/certs/ca-certificates.crt'
Can anyone help me with this issue? Thanks!
frollic
February 18, 2022, 3:47pm
2
can you ping domains.google.com
from the router ?
1 Like
whoshoe
February 19, 2022, 1:37am
3
Pinging domains.google.com
doesn't work. I am not sure whether ping is block or not but I can access domains.google.com from browser through the router.
Run nslookup on your DNS resolvers.
whoshoe
February 19, 2022, 2:04am
5
Switch back to my old x86 router DDNS query to domains.google.com
works without being able to ping domains.google.com
.
It's weird that I can ping 8.8.8.8 without any issue but cannot ping google.com
or domains.google.com
. It just gives me request timeout. Accessing the web page of google looks ok.
@anon89577378 nslookup from openwrt debug tool shows this:
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
Name: google.com
Address: 142.250.207.110
Doesn't look like a DNS resolver IP...
I was looking for something like 8.8.8.8 or 8.8.4.4, or whatever you're using for DNS.
nslookup 8.8.8.8 (or your DNS resolver IP)
whoshoe
February 19, 2022, 2:30am
7
Server: dns.google
Address: 8.8.8.8
Non-authoritative answer:
Name: domains.google.com
Address: 142.251.42.238
Here's what I get...
root@OpenWrt:~# nslookup 8.8.4.4
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
4.4.8.8.in-addr.arpa name = dns.google
root@OpenWrt:~# nslookup 8.8.8.8
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
8.8.8.8.in-addr.arpa name = dns.google
root@OpenWrt:~# nslookup google.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: google.com
Address 1: 142.250.217.110
Address 2: 2607:f8b0:400a:806::200e
root@OpenWrt:~# nslookup domains.google.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: domains.google.com
Address 1: 142.250.69.206
Address 2: 2607:f8b0:400a:805::200e
I can ping all.
Of course, the IPs will be different due to our locations.
For some reason, ICMP Echo replies may be turned off at those endpoints.
I would try running a Wireshark trace, or MTR to the endpoint IPs for those domain names, and see if you get any clues.
I suspect it's something in your 21.02.2 config.
You might compare your current "non-working" config, to the last config that worked.
whoshoe
February 19, 2022, 3:07am
9
Here's the full results:
root@OpenWrt:~# nslookup 8.8.8.8
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
8.8.8.8.IN-ADDR.ARPA name = dns.google
root@OpenWrt:~# nslookup google.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: google.com
Address 1: 142.250.207.110
*** Can't find google.com: No answer
root@OpenWrt:~# nslookup domains.google.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: domains.google.com
Address 1: 142.250.76.142
*** Can't find domains.google.com: No answer
root@OpenWrt:~# nslookup 8.8.4.4
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
4.4.8.8.in-addr.arpa name = dns.google
Besides https and certficate in the /etc/config/ddns
everything looks identical.
Run the above suggested traces and see if there are any clues...
I would use a file diff program to compare the "working" and "non-working" configs.
My personal choice is BeyondCompare.
whoshoe
February 20, 2022, 1:05pm
11
I rolled back to 19.07.9 and everything works perfectly. I guess I'll wait for a more thoroghly tested version.
frollic
February 20, 2022, 3:40pm
12
There's no real testing, AFAIK, it's done by the users.