[Solved] DDNS on LEDE behind ISP router detects private ip

I have a LEDE 17.01.04 router behind my ISP router on its own subnet.

I want to set up DDNS on LEDE (I have followed the guide for OpenWrt at DuckDNS), but even though I have set IP address source [IPv4] to URL and URL to detect [IPv4] to https://myexternalip.com/raw I can see in the log, that updates continuously fail, because the private IP is detected instead of the public:

  002217       : Detect local IP on 'web'
 002217       : Local IP '192.168.x.x' detected on network 'wan'
 002217       : Update needed - L: '192.168.x.x' <> R: '8.8.8.8'
 002217 ERROR : No or private or invalid IP '192.168.x.x' given! Please check your configuration

(I have manually set the ip with DukDNS to 8.8.8.8, so I will see when it is successfully updated)

I feel I have tried endless combinations of the settings, but no madder what I try I can not seem to fetch the right, public ip from the LEDE router. Any tips?

Thanks in advance :slight_smile:

Your router is behind the ISP router hence its wan interface only has local IP assigned.

Make sure you have installed wget so that the https request can be handled correctly.

Post your /etc/config/ddns file for review.

@ximibaba Yes, that is why I set IP address source [IPv4] to URL, which should retrieve the ip from a website. Visiting https://myexternalip.com/raw or https://ipv4.wtfismyip.com/text from a browser or executing curl https://ipv4.wtfismyip.com/text from the LEDE terminal all correctly displays my public IP.

@psherman Thanks for your tips. Both wget and curl are installed on the LEDE router.
My /etc/config/ddns:

config service "duckdns"
option enabled "1"
option domain "[host].duckdns.org"
option username "[host]"
option password "[duckdns token]"
option ip_source "network"
option ip_network "wan"
option force_interval "72"
option force_unit "hours"
option check_interval "10"
option check_unit "minutes"
#option ip_source "interface"
#option ip_interface "eth0.1"
option ip_source "web"
option ip_url "https://ipv4.wtfismyip.com/text"
option update_url "http://www.duckdns.org/update?domains=[USERNAME]&token=[PASSWORD]&ip=[IP]"
option use_https "1"
option cacert "/etc/ssl/certs/cacert.pem"

Thank you in advance :slight_smile:

Try removing the lines
option ip_source "network"
option ip_network "wan"

Also, have you checked if /etc/ssl/certs/cacert.pem exists? I'm using /etc/ssl/certs/ca-certificates.crt from ca-bundle.

+1 to what @Per said. That might be messing things up. I'd also recommend removing the 2 lines that are commented out (just in case they are not being ignored for some reason or another).

in my config, I have the following interface and IP definitions (obviously the url itself is specific to my config):

option ip_source 'web'
option ip_url 'http://ip.changeip.com'
option interface 'wan'

Also, if you don't already have it, there is a LuCI app for ddns. IIRC, it has a wizard for configuration that generally works well for many service. Further, it can be useful for debugging.

1 Like

Thanks for your reply, you nailed it! :slight_smile:

There was a spelling error in the DuckDNS guide for the certificate, and commenting out those two options did the trick, so it now works.

Have a great day!