Entering DDNS info for Cloudflare

Using OpenWrt 19.07-02 and can't find out where in the GUI one would enter attributes like domain, userid, password, etc. for Cloudflare to manage it.

I saw mention somewhere to go to Services->DDNS but I don't see it there. So, I updated file /etc/config/ddns-opkg a while ago and later my IP changed but cloudflare did not get updated. I have installed curl and ddns-scripts_cloudflare.com-v4.

Thanks, Rich

do you have the luci-app-ddns?
also you need to change the ddns config file ... ddns-opkg is not used

No sir, but i just added it.

Now it shows up under Services

I created an entry but don't know how to test it. Any clue?

Enter the data and check the log
Or just ping the address and check the ip

1 Like

My OpenWrt LAN router(192.168.1.2 WAN side) is behind my FIOS Gateway router(192.168.1.1 LAN side) so it seems to be using 192.168.1.2.

Would you know how to get around that?

Thanks.

165212       : ************ ************** ************** **************
 165212  note : PID '3186' started at 2020-06-20 16:52
 165212       : ddns version  : 2.7.8-12
 165212       : uci configuration:
ddns.Cloudflare.check_interval='15'
ddns.Cloudflare.dns_server='1.1.1.1'
ddns.Cloudflare.domain='richnpeg.us'
ddns.Cloudflare.enabled='1'
ddns.Cloudflare.lookup_host='home.richnpeg.us'
ddns.Cloudflare.password='***PW***'
ddns.Cloudflare.service_name='cloudflare.com-v4'
ddns.Cloudflare.username='***user***'
ddns.Cloudflare=service
 165212       : verbose mode  : 0 - run normal, NO console output
 165212       : check interval: 900 seconds
 165212       : force interval: 259200 seconds
 165213       : retry interval: 60 seconds
 165213       : retry counter : 0 times
 165213       : No old process
 165213       : last update: never
 165213       : Verify DNS server '1.1.1.1'
 165213       : #> timeout 2 -- /usr/bin/nc 1.1.1.1 53 </dev/null >/var/run/ddns/Cloudflare.dat 2>/var/run/ddns/Cloudflare.err
 165213       : Detect registered/public IP
 165213       : #> /usr/bin/nslookup home.richnpeg.us 1.1.1.1 >/var/run/ddns/Cloudflare.dat 2>/var/run/ddns/Cloudflare.err
 165213       : Registered IP '173.75.59.197' detected
 165213  info : Starting main loop at 2020-06-20 16:52
 165213       : Detect local IP on 'network'
 165213       : Local IP '192.168.1.2' detected on network 'wan'
 165213       : Update needed - L: '192.168.1.2' <> R: '173.75.59.197'
 165213 ERROR : No or private or invalid IP '192.168.1.2' given! Please check your configuration
 165213 ERROR : No update send to DDNS Provider
 165213       : Waiting 900 seconds (Check Interval)

Easy, change your configuration under Advanced Settings tab to:

1 Like

ended up using this URL

https://cloudflare.com/cdn-cgi/trace

Not sure if this is an error or if OK from log

184439  info : Starting main loop at 2020-06-20 18:44
 184439       : Detect local IP on 'web'
 184439       : #> /usr/bin/wget-ssl --hsts-file=/tmp/.wget-hsts -nv -t 1 -O /var/run/ddns/Cloudflare.dat -o /var/run/ddns/Cloudflare.err --no-proxy 'https://cloudflare.com/cdn-cgi/trace'
 184439       : Local IP '173.75.59.197' detected on web at 'https://cloudflare.com/cdn-cgi/trace'
 184439       : Forced Update - L: '173.75.59.197' == R: '173.75.59.197'
 184439       : parsing script '/usr/lib/ddns/update_cloudflare_com_v4.sh'
 184439       : #> /usr/bin/curl -RsS -o /var/run/ddns/Cloudflare.dat --stderr /var/run/ddns/Cloudflare.err --noproxy '*' --header 'X-Auth-Email: flowersrj'  --header 'X-Auth-Key: ***PW***'  --header 'Content-Type: application/json'  --request GET 'https://api.cloudflare.com/client/v4/zones?name=richnpeg.us'
 184440  WARN : CloudFlare reported an error:
 184440       : {"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6102,"message":"Invalid format for X-Auth-Email header"},{"code":6103,"message":"Invalid format for X-Auth-Key header"}]}],"messages":[],"result":null}
 184440 ERROR : IP update not accepted by DDNS Provider
 184440       : Waiting 900 seconds (Check Interval)

It seems to be telling you the email address format is wrong. I see X-Auth-Email: flowersrj, guessing that might be what you put in the username field in Luci? Try putting your full email address that you use with Cloudflare in the username field instead.

Still same results after trying my eMail address

Mine look like this, just in case it helps:

 060047  info : Rerun IP check at 2020-06-22 06:00
 060047       : Detect local IP on 'interface'
 060047       : #> ip -o addr show dev eth0 scope global >/var/run/ddns/my_home_ipv4.dat 2>/var/run/ddns/my_home_ipv4.err
 060047       : Local IP '180.150.42.147' detected on interface 'eth0'
 060047       : Forced Update - L: '180.150.42.147' == R: '180.150.42.147'
 060047       : parsing script '/usr/lib/ddns/update_cloudflare_com_v4.sh'
 060047       : #> /usr/bin/curl -RsS -o /var/run/ddns/my_home_ipv4.dat --stderr /var/run/ddns/my_home_ipv4.err --capath /etc/ssl/certs --noproxy '*' --header 'X-Auth-Email: atrezo@gmail.com'  --header 'X-Auth-Key: ***PW***'  --header 'Content-Type: application/json'  --request GET 'https://api.cloudflare.com/client/v4/zones?name=mirandolotodo.com'
 060048       : #> /usr/bin/curl -RsS -o /var/run/ddns/my_home_ipv4.dat --stderr /var/run/ddns/my_home_ipv4.err --capath /etc/ssl/certs --noproxy '*' --header 'X-Auth-Email: atrezo@gmail.com'  --header 'X-Auth-Key: ***PW***'  --header 'Content-Type: application/json'  --request GET 'https://api.cloudflare.com/client/v4/zones/ab8508fceca638da2f71042187d96094/dns_records?name=home.mirandolotodo.com&type=A'
 060048       : IPv4 at CloudFlare.com already up to date
 060048  info : Forced update successful - IP: '180.150.42.147' send

My situation might be unique.
"richnpeg.us" resolves to an AWS location" for a website
"home.richnpeg.us" resolves to my WAN IP.
I am using Cloudflare to manage them both.

In OW, I have these relevant values ...

under Services->Dynamic DNS->Basic settings
Lookup Hostname: home.richnpeg.us
DNS service provider [IVP4]: cloudflare.com-v4
Domain: richnpeg.us

under Services->Dynamic DNS->Advanced settings
IP address source [IPV4]: URL
URL to detect: https://cloudflare.com/cdn-cgi/trace
Event network [IPV4]: wan
DNS-server: 1.1.1.1

See anything you don't like?

I guess it should be like this:

Domain: home.richnpeg.us
URL to detect: http://checkip.dyndns.com/
1 Like

Hey, @flowersrj,

@AndrewZ is right. In previous post I gave you the URL he is giving you in his post, and no, your scenario is not unique, it is exactly mine. In any case, I think the problem is something else, as your computer is reporting a local IP.

Do you mind to flick me your config file, please? Cleary, something is wrong on your side. Are you in a double NAT scenario by any chance?

amteza,

OpenWrt is on a LAN router (wan side=192.168.1.2, lan side=192.168.2.1) behind a FIOS gateway router(lan side=192.168.1.1). So, I would say yes. everything else seem to be fine.

AndrewZ,

I don't have dyndns.com.

Me too. That is completely unrelated.

Hi, mate,

Here is mine, just do the same, and yes, you are using double NAT. Anyways, this configuration is working, your option domain clause is wrong, check mine:

config service 'Cloudflare cuantufatu.com example'
	option lookup_host 'home.cuantufatu.com'
	option service_name 'cloudflare.com-v4'
	option use_https '1'
	option domain 'home@cuantufatu.com'
	option username 'user@gmail.com'
	option password '6bbd01c2548ed9934b84c215472e7674efd3'
	option enabled '1'
	option use_ipv6 '0'
	option cacert '/etc/ssl/certs'
	option check_unit 'minutes'
	option force_unit 'minutes'
	option retry_unit 'seconds'
	option interface 'eth0'
	option ip_source 'web'
	option ip_url 'http://checkip.dyndns.com'
1 Like

It was Deleted.

So, there is something different:

 065301       : #> /usr/bin/wget-ssl --hsts-file=/tmp/.wget-hsts -nv -t 1 -O /var/run/ddns/my_home_ipv4.dat -o /var/run/ddns/my_home_ipv4.err --ca-directory=/etc/ssl/certs --no-proxy 'http://checkip.dyndns.com'

I am using wget for it, if you are using SSL you have to install ca-bundle and ca-certificates, and to mimic my config it will not hurt to install wget, just in case.

Fixed. Turns out it was the password. I was using my :grinning:account password not the global API token.

Thanks for everyone's help.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.