Ddns setup / confusion

lenovomi · November 19, 2022, 12:11am

hello,
i want to setup ddns with duckdns.org where i already created few domains as a.duckdns.org, b.duckdns.org , etc...

I set on my router inside /etc/dnsmasq.conf rules that translates these domains to local ips within my LAN
address=/a.duckdns.org/10.0.1.1
address=/b.duckdns.org/10.0.1.2
etc...

so basicaly nslookup on openwrt router of a.duckdns.org points to 10.0.1.1

I dont think i understand description here >

The domain option is the domain held by the client, and 'nslookup $DOMAIN' should succeed and point to the client (or router it's behind) when everything is up to date; this is used as the check to see if $DOMAIN points to the clients public IP.
What is meant by client here? I have openwrt router (Wan public IP) ; and ddns is running on that router. Confusion...

Whats the point of the domain directive in configuration file?

I was assuming that using these lines ... once url command is called/executed all the above mentioned domains will be updated with ip address of wan interface, am i correct?

	option interface	"wan"	#assuming wan is the public network
	option update_url	"http://www.duckdns.org/update?domains=[USERNAME]&token=[PASSWORD]"

thanks!

lleachii · November 19, 2022, 12:25am

Yes, the DDNS setting is all you need.

Not sure why you did this.

lenovomi · November 19, 2022, 12:30am

what setting do u mean?

bc i am running letsencrypt; i have multiples services running on LAN that are accessed also from internet.

lleachii · November 19, 2022, 12:42am

OK, I think you misunderstood. Hopefully this helps:

You just need to add the proper configs to /etc/config/ddns

I meant you don't need this config, whatever reason you put it. If you want the LAN to lookup the local IP (which is a good idea), do the following:

# in /etc/config/dhcp

config domain                  
        option ip '10.0.1.1'  
        option name 'a.duckdns.org'

config domain                  
        option ip '10.0.1.2'  
        option name 'b.duckdns.org'

You still need the router to lookup the true global record (to verify the DDNS update), so don't set those address=/ dnsmasq configs.

lenovomi · November 19, 2022, 6:02pm

dont get it ...
i doesnt work at all;

i am trying to execute it on openwrt device which is connected via lan to main router ... so it has only
br-lan interface (local ip)

its failing ...

root@OpenWrt-test:/etc#  175558  WARN : Service section disabled! - TERMINATE
 175558  WARN : Service section disabled! - TERMINATE
 175559 ERROR : Can not detect local IP using network_get_ipaddr 'eth0' - Error: '1' - TERMINATE

i have almost identical setup on other openwrt ; i have wan port there but it has also local ip and all works fine ... so i dont get it at ALL.

lenovomi · November 19, 2022, 6:02pm

also dont get it ... why to do this via dhcp? is there a point? Whats wrong with dnsmsq?

lleachii · November 19, 2022, 6:05pm

This is OK, if you still have the sample (disabled) IPv4 and IPv6 config.

Config?

Because that's the proper file to make such a config
Yes. See: https://openwrt.org/docs/guide-user/base-system/uci

And: https://openwrt.org/docs/guide-user/base-system/dhcp

(If's there's a relevant UCI config, most people won't know the config to alter the underlying package - and altering such running files can cause instability.)

lenovomi · November 19, 2022, 6:07pm

config service 'duckdns'
option enabled '1'
option interface 'br-lan'
option username 'xxx'
option domain a.duckdns.org'
option password 'xxxxx'
option ip_source 'network'
option ip_network 'br-lan'
option check_interval '1'
option check_unit 'hours'
option update_url 'http://www.duckdns.org/update?domains=a,b&token=xxx'
option use_https '1'
option lookup_host 'a.duckdns.org'

lleachii · November 19, 2022, 6:12pm

To me clear:

config service 'duckdns'
option enabled '1'
option interface 'br-lan'
option username 'xxx'
option domain [a.duckdns.org](http://a.duckdns.org)'
option password 'xxxxx'
option ip_source 'network'
option ip_network 'br-lan'
option check_interval '1'
option check_unit 'hours'
option update_url 'http://www.duckdns.org/update?domains=a,b&token=xxx'
option use_https '1'
option lookup_host '[a.duckdns.org](http://a.duckdns.org)'

You placed this in /etc/config/ddns - correct?

domain

Domains???

You should have 2 configs for A and B!?!?

(We cannot guess the correct syntax to send to DuckDNS without their API manual, so making some a,b stuff won't help here.)

From: https://openwrt.org/docs/guide-user/services/ddns/duckdns

option update_url "http://www.duckdns.org/update?domains=[USERNAME]&token=[PASSWORD]&ip=[IP]"

Aaah!

Use one domain per config.

lenovomi · November 19, 2022, 6:16pm

they say
HTTP Parameters
domains - REQUIRED - comma separated list of the subnames you want to update

lenovomi · November 19, 2022, 6:19pm

i replicated your config:

root@OpenWrt-test:/etc#  181843  WARN : Service section disabled! - TERMINATE
 181843  WARN : Service section disabled! - TERMINATE
 181843 ERROR : Can not detect local IP using network_get_ipaddr 'br-lan' - Error: '1' - TERMINATE

and used 1 domain per conf section

lenovomi · November 19, 2022, 6:22pm


 181843       : Registered IP '78.xxxxx' detected
 181843  info : Starting main loop at 2022-11-19 18:18
 181843       : Detect local IP on 'network'
 181843 ERROR : Can not detect local IP using network_get_ipaddr 'br-lan' - Error: '1' - TERMINATE
 181844  WARN : PID '4835' exit WITH ERROR '1' at 2022-11-19 18:18
 182153       : ************ ************** ************** **************

lenovomi · November 19, 2022, 6:25pm

something fundamental is broken and not documented. ...

lenovomi · November 19, 2022, 6:27pm

maybe its better to use?

lenovomi · November 19, 2022, 6:30pm

ok i changed network to URL and its working now;

ddns.duckdns=service
 182849       : verbose mode  : 0 - run normal, NO console output
 182849       : check interval: 3600 seconds
 182849       : force interval: 259200 seconds
 182849       : retry interval: 60 seconds
 182849       : retry counter : 0 times
 182849       : No old process
 182849       : last update: never
 182849       : Detect registered/public IP
 182849       : #> /usr/bin/nslookupa.duckdns.org  >/var/run/ddns/duckdns.dat 2>/var/run/ddns/duckdns.err
 182849       : Registered IP '78.x' detected
 182849  info : Starting main loop at 2022-11-19 18:28
 182849       : Detect local IP on 'web'
 182849       : #> /usr/bin/wget-ssl --hsts-file=/tmp/.wget-hsts -nv -t 1 -O /var/run/ddns/duckdns.dat -o /var/run/ddns/duckdns.err --no-proxy 'http://checkip.dyndns.com'
 182849       : Local IP '78.x' detected on web at 'http://checkip.dyndns.com'
 182849       : Forced Update - L: '78.10x' == R: '78.10x'
 182849       : #> /usr/bin/wget-ssl --hsts-file=/tmp/.wget-hsts -nv -t 1 -O /var/run/ddns/duckdns.dat -o /var/run/ddns/duckdns.err --no-proxy 'https://www.duckdns.org/update?domains=a&token=xxxx'
 182850       : DDNS Provider answered:
OK
 182850  info : Forced update successful - IP: '78.1x' send
 182850       : Waiting 3600 seconds (Check Interval)

lenovomi · November 19, 2022, 9:13pm

@lleachii
this is not working ... i mean using option name in dhcp config ... does nothing ... ;/ basically all hosts resolve to upper DNS ... so no local ip is provided ;/

assuming that dhcpd server on openwrt by default is dnsmasq.

lenovomi · November 19, 2022, 9:33pm

also maybe another bug? i set Check interval to 15 min and it show following ... ie 60minutes between checks

lleachii · November 19, 2022, 9:39pm

I can't answer that for you. More importantly, I can't tell if you somehow reconfigured your clients.

From a client run:

nslookup a.exampleduckns.com

and

nslookup a.exampleduckns.com <ip_of_OpenWrt>

What answers do you receive?

lenovomi · November 19, 2022, 11:05pm

in both cases public IP

grrr2 · November 20, 2022, 12:31am

hi,

what you actually want to achieve and what do you believe DDNS is doing for you?

it looks to me your case is most likely differs what usually DDNS is used for. i.e. usually if you have local service you want to expose over internet, meaning to access remotely, but your public IP is not fixed (like in case of 99,99% regular home internet access), than DDNS will find your current public IP and report to a public DNS service. thus way you can just refer to your domain remotely and still will be able to access your local service regardless of actual public IP address which is rotated by your ISP.

so the domain DDNS doc referring to is your custom domain, in your case a.duckdns.org. as the doc explains if the domain is correctly registered with your current public IP nslookup should respond that public IP.

Example:
let's assume you have summer house with internet access and owrt router. time to time you want to login remotely to that router [and you are not using other more secured method, so please do not do this! it is just an example] from your resident house.

as the summer house owrt (called routerB) public IP is not fixed, your ISP may change allocation of its public IP, obviously you cannot access routerB via IP as you will not know when it is changed and what is the latest public IP. but DDNS on routerB from time to time will check public IP and report to duckdns.org. so when from your resident location you want to access routerB it will be enough to reference to it as a.duckdns.org, you don't need to know the actual public IP.

hence pointing a.duckdns.org to a local IP of 10.0.1.1 makes no sense unless you want a split DNS setup.