DDNS not working after fresh 21.02.2 install

whoshoe · February 18, 2022, 3:43pm

Hi guys,

I am using google.com provider in DDNS service. It was working with the old version but with 21.02.2 I just constantly get an error:

curl: (28) Failed to connect to domains.google.com port 443 after 134469 ms: Operation timed out

I have tried certificate path, directory, IGNORE and even without certificate.

My config looks like this:

config ddns 'global'
        option ddns_dateformat '%F %R'
        option ddns_loglines '250'
        option ddns_rundir '/var/run/ddns'
        option ddns_logdir '/var/log/ddns'

config service 'ipv4_preset'
        option service_name 'google.com'
        option enabled '1'
        option lookup_host 'proxy.xxxxxx.com'
        option use_ipv6 '0'
        option domain 'proxy.xxxxxx.com'
        option username 'xxxxxxx'
        option password 'xxxxxxx'
        option ip_source 'network'
        option ip_network 'wan'
        option interface 'wan'
        option use_syslog '2'
        option check_unit 'minutes'
        option force_unit 'minutes'
        option retry_unit 'seconds'
        option use_https '1'
        option check_interval '5'
        option cacert '/etc/ssl/certs/ca-certificates.crt'

Can anyone help me with this issue? Thanks!

frollic · February 18, 2022, 3:47pm

can you ping domains.google.com from the router ?

whoshoe · February 19, 2022, 1:37am

Pinging domains.google.com doesn't work. I am not sure whether ping is block or not but I can access domains.google.com from browser through the router.

anon89577378 · February 19, 2022, 1:59am

Run nslookup on your DNS resolvers.

whoshoe · February 19, 2022, 2:04am

Switch back to my old x86 router DDNS query to domains.google.com works without being able to ping domains.google.com.

It's weird that I can ping 8.8.8.8 without any issue but cannot ping google.com or domains.google.com. It just gives me request timeout. Accessing the web page of google looks ok.

@anon89577378 nslookup from openwrt debug tool shows this:

Server:		127.0.0.1
Address:	127.0.0.1#53

Non-authoritative answer:
Name:	google.com
Address: 142.250.207.110

anon89577378 · February 19, 2022, 2:18am

Doesn't look like a DNS resolver IP...

I was looking for something like 8.8.8.8 or 8.8.4.4, or whatever you're using for DNS.

nslookup 8.8.8.8 (or your DNS resolver IP)

whoshoe · February 19, 2022, 2:30am

Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
Name:    domains.google.com
Address:  142.251.42.238

anon89577378 · February 19, 2022, 2:44am

Here's what I get...

root@OpenWrt:~# nslookup 8.8.4.4
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
4.4.8.8.in-addr.arpa    name = dns.google

root@OpenWrt:~# nslookup 8.8.8.8
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
8.8.8.8.in-addr.arpa    name = dns.google

root@OpenWrt:~# nslookup google.com
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:      google.com
Address 1: 142.250.217.110
Address 2: 2607:f8b0:400a:806::200e

root@OpenWrt:~# nslookup domains.google.com
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:      domains.google.com
Address 1: 142.250.69.206
Address 2: 2607:f8b0:400a:805::200e

I can ping all.

Of course, the IPs will be different due to our locations.

For some reason, ICMP Echo replies may be turned off at those endpoints.

I would try running a Wireshark trace, or MTR to the endpoint IPs for those domain names, and see if you get any clues.

I suspect it's something in your 21.02.2 config.

You might compare your current "non-working" config, to the last config that worked.

whoshoe · February 19, 2022, 3:07am

Here's the full results:

root@OpenWrt:~# nslookup 8.8.8.8
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
8.8.8.8.IN-ADDR.ARPA    name = dns.google

root@OpenWrt:~# nslookup google.com
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:      google.com
Address 1: 142.250.207.110
*** Can't find google.com: No answer
root@OpenWrt:~# nslookup domains.google.com
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:      domains.google.com
Address 1: 142.250.76.142
*** Can't find domains.google.com: No answer
root@OpenWrt:~# nslookup 8.8.4.4
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
4.4.8.8.in-addr.arpa    name = dns.google

Besides https and certficate in the /etc/config/ddns everything looks identical.

anon89577378 · February 19, 2022, 3:10am

Run the above suggested traces and see if there are any clues...

I would use a file diff program to compare the "working" and "non-working" configs.

My personal choice is BeyondCompare.

whoshoe · February 20, 2022, 1:05pm

I rolled back to 19.07.9 and everything works perfectly. I guess I'll wait for a more thoroghly tested version.

frollic · February 20, 2022, 3:40pm

There's no real testing, AFAIK, it's done by the users.