Route53v1 Script Error

ctempleton3 · May 13, 2023, 12:12am

I am getting the following error in ddns-scripts-route53. I know I have the service key and user key right because i worked thru that error. Also I worked thru the permissions on the IAM so I am sure there is something else going on. I can't figure it out. Can anybody help with this?

How do I see the formatted XML file it is sending so i can see what it is trying to set?

<ErrorResponse xmlns="https://route53.amazonaws.com/doc/2013-04-01/"><Error><Type>Sender</Type><Code>InvalidChangeBatch</Code><Message>[Invalid Resource Record: 'FATAL problem: ARRDATAIllegalIPv4Address (Value is not a valid IPv4 address) encountered with ''']</Message></Error><RequestId>93dacbcb-bdd6-4d78-a9b4-e7e17874b925</RequestId></ErrorResponse>
 000914 ERROR : IP update not accepted by DDNS Provider

andyboeh · May 13, 2023, 8:40am

Which IP address are you trying to update? Are you sure you don't have CGNAT but a public IP?

To me, the error message reads as if you were trying to send a private IP address to route53 which it doesn't accept.

This is the source, looks like there isn't much logging implemented: https://github.com/openwrt/packages/blob/openwrt-22.03/net/ddns-scripts/files/usr/lib/ddns/update_route53_v1.sh

ctempleton3 · May 13, 2023, 8:50am

Follow up. I figured out how to edit the script so that it output a file of what it was sending. Turns out that it is sending a blank value for the IP address. I am not sure what else to change in the script to get it working.

RECORD_VALUE="${LOCAL_IP}"

The variable RECORD_VALUE is set by LOCAL_IP. I can't figure out what sets the variable LOCAL_IP.

d687r02j8g · May 13, 2023, 9:45am

Can you post the output of the following

cat /etc/config/ddns

How are you running the ddns script?

Have you reviewed

ctempleton3 · May 13, 2023, 11:02am

Yes i have reviewed the Wiki for DDNS client. Route53 isn't on the wiki at all. I had to dig into the script to find the right inputs for domain (hosted zone id), username (access key) and password (secrete key). I was having errors with this not authenticating correctly. Then I had issues with the permissions on the IAM user i am using. Got that fixed now I am having problems with the script sending a blank value for the IP address for the A record.

As requested here is the cat /etc/config/ddns/ heavily redacted.

config ddns 'global'
        option ddns_dateformat '%F %R'
        option ddns_loglines '250'
        option ddns_rundir '/var/run/ddns'
        option ddns_logdir '/var/log/ddns'
        option use_curl '1'

config service 'myddns_ipv4'
        option service_name 'route53-v1'
        option lookup_host 'home.example.com'
        option enabled '0'
        option use_ipv6 '0'
        option domain '<HOSTED DOMAIN ID>'
        option username '<IAM USER ACCESS KEY>'
        option password '<IAM USER SECRETE KEY>'
        option ip_source 'network'
        option interface 'wan'
        option use_syslog '2'
        option check_unit 'minutes'
        option force_unit 'minutes'
        option retry_unit 'seconds'
        option use_https '1'
        option cacert '/etc/ssl/certs'
        option ip_network 'wan'

Here is the redacted XML it is sending. As you can see it is sending nothing for value.

<?xml version="1.0" encoding="UTF-8"?>
 <ChangeResourceRecordSetsRequest xmlns="https://route53.amazonaws.com/doc/2013-04-01/">
 <ChangeBatch>
    <Changes>
       <Change>
          <Action>UPSERT</Action>
          <ResourceRecordSet>
             <Name>home.example.com.</Name>
             <Type>A</Type>
             <TTL>300</TTL>
             <ResourceRecords>
                <ResourceRecord>
                   <Value></Value>
                </ResourceRecord>
             </ResourceRecords>
          </ResourceRecordSet>
       </Change>
    </Changes>
 </ChangeBatch>
 </ChangeResourceRecordSetsRequest>

Any idea if I have something set wrong.

d687r02j8g · May 13, 2023, 11:24am

What is the output of

/usr/lib/ddns/dynamic_dns_updater.sh -S myddns_ipv4 -v1 start

Also is your public IP listed against the wan interface?

ctempleton3 · May 13, 2023, 11:37am

Here is the output:

# /usr/lib/ddns/dynamic_dns_updater.sh -S myddns_ipv4 -v1 start
 112645       : ************ ************** ************** **************
 112645  note : PID '15538' started at 2023-05-13 11:26
 112645       : ddns version  : 2.8.2-37
 112645       : uci configuration:
ddns.myddns_ipv4.cacert='/etc/ssl/certs'
ddns.myddns_ipv4.check_unit='minutes'
ddns.myddns_ipv4.domain='<HOSTED DOMAIN ID>'
ddns.myddns_ipv4.enabled='0'
ddns.myddns_ipv4.force_unit='minutes'
ddns.myddns_ipv4.interface='wan'
ddns.myddns_ipv4.ip_network='wan'
ddns.myddns_ipv4.ip_source='network'
ddns.myddns_ipv4.lookup_host='home.example.com'
ddns.myddns_ipv4.password='<IAM USER SECRETE KEY>'
ddns.myddns_ipv4.retry_unit='seconds'
ddns.myddns_ipv4.service_name='route53-v1'
ddns.myddns_ipv4.use_https='1'
ddns.myddns_ipv4.use_ipv6='0'
ddns.myddns_ipv4.use_syslog='2'
ddns.myddns_ipv4.username='<IAM USER ACCESS KEY>'
ddns.myddns_ipv4=service
 112645       : verbose mode  : 1 - run normal, console mode
 112645  WARN : Service section disabled! - TERMINATE
 112645  WARN : PID '15538' exit WITH ERROR '1' at 2023-05-13 11:26

If you do an output if ifconfig you see that the IP is actually on the bridge for the wan (br-wan) not for the wan itself. I changed this and I am still getting the same error.

# /usr/lib/ddns/dynamic_dns_updater.sh -S myddns_ipv4 -v1 start
 113435       : ************ ************** ************** **************
 113435  note : PID '18880' started at 2023-05-13 11:34
 113435       : ddns version  : 2.8.2-37
 113435       : uci configuration:
ddns.myddns_ipv4.cacert='/etc/ssl/certs'
ddns.myddns_ipv4.check_unit='minutes'
ddns.myddns_ipv4.domain='<HOSTED DOMAIN ID>'
ddns.myddns_ipv4.enabled='1'
ddns.myddns_ipv4.force_unit='minutes'
ddns.myddns_ipv4.interface='br-wan'
ddns.myddns_ipv4.ip_interface='br-wan'
ddns.myddns_ipv4.ip_source='interface'
ddns.myddns_ipv4.lookup_host='home.example.com'
ddns.myddns_ipv4.password='<IAM USER SECRETE KEY>'
ddns.myddns_ipv4.retry_unit='seconds'
ddns.myddns_ipv4.service_name='route53-v1'
ddns.myddns_ipv4.use_https='1'
ddns.myddns_ipv4.use_ipv6='0'
ddns.myddns_ipv4.use_syslog='1'
ddns.myddns_ipv4.username='<IAM USER ACCESS KEY>'
ddns.myddns_ipv4=service
 113435       : verbose mode  : 1 - run normal, console mode
 113435       : check interval: 600 seconds
 113435       : force interval: 4320 seconds
 113435       : retry interval: 60 seconds
 113435       : retry max count : 0 times
 113435       : No old process
 113435       : last update: never
 113435       : Detect registered/public IP
 113435       : #> /usr/bin/nslookup home.example.com  >/var/run/ddns/myddns_ipv4.dat 2>/var/run/ddns/myddns_ipv4.err
 113435       : Registered IP '<OLD IP>' detected
 113435  info : Starting main loop at 2023-05-13 11:34
 113435       : Detect current IP on 'interface'
 113436       : #> ip -o addr show dev br-wan scope global >/var/run/ddns/myddns_ipv4.dat 2>/var/run/ddns/myddns_ipv4.err
 113436       : Current IP '<CORRECT NEW>' detected on interface 'br-wan'
 113436       : Update needed - L: '68.113.209.238' <> R: '3.143.74.52'
 113436       : parsing script '/usr/lib/ddns/update_route53_v1.sh'
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   976  100   375  100   601    637   1021 --:--:-- --:--:-- --:--:--  1831
 113436       : <?xml version="1.0"?>
<ErrorResponse xmlns="https://route53.amazonaws.com/doc/2013-04-01/"><Error><Type>Sender</Type><Code>InvalidChangeBatch</Code><Message>[Invalid Resource Record: 'FATAL problem: ARRDATAIllegalIPv4Address (Value is not a valid IPv4 address) encountered with ''']</Message></Error><RequestId>c359777e-63d7-4cd4-ac48-c848109ba613</RequestId></ErrorResponse>
 113436 ERROR : IP update not accepted by DDNS Provider

d687r02j8g · May 13, 2023, 11:52am

On line 16 in update_route53_v1.sh, can you change LOCAL_IP to __IP and see if that helps please?

Can you post the output of the following after the change.

/usr/lib/ddns/dynamic_dns_updater.sh -S myddns_ipv4 -v1 start

ctempleton3 · May 13, 2023, 11:57am

That worked it updated, does somebody need to post a bug to the package?

d687r02j8g · May 13, 2023, 12:11pm

Perhaps. I need to learn how to submit changes to packages.

I suppose the change needs to be tested for both ipv4 and ipv6 though. Curious the script isn't on the wiki.

system · May 23, 2023, 12:11pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.