[Solved] DDNS on LEDE behind ISP router detects private ip

moretocome · December 7, 2017, 4:49am

I have a LEDE 17.01.04 router behind my ISP router on its own subnet.

I want to set up DDNS on LEDE (I have followed the guide for OpenWrt at DuckDNS), but even though I have set IP address source [IPv4] to URL and URL to detect [IPv4] to https://myexternalip.com/raw I can see in the log, that updates continuously fail, because the private IP is detected instead of the public:

  002217       : Detect local IP on 'web'
 002217       : Local IP '192.168.x.x' detected on network 'wan'
 002217       : Update needed - L: '192.168.x.x' <> R: '8.8.8.8'
 002217 ERROR : No or private or invalid IP '192.168.x.x' given! Please check your configuration

(I have manually set the ip with DukDNS to 8.8.8.8, so I will see when it is successfully updated)

I feel I have tried endless combinations of the settings, but no madder what I try I can not seem to fetch the right, public ip from the LEDE router. Any tips?

Thanks in advance

ximibaba · December 7, 2017, 7:36am

Your router is behind the ISP router hence its wan interface only has local IP assigned.

psherman · December 7, 2017, 8:40am

Make sure you have installed wget so that the https request can be handled correctly.

Post your /etc/config/ddns file for review.

moretocome · December 7, 2017, 7:49pm

@ximibaba Yes, that is why I set IP address source [IPv4] to URL, which should retrieve the ip from a website. Visiting https://myexternalip.com/raw or https://ipv4.wtfismyip.com/text from a browser or executing curl https://ipv4.wtfismyip.com/text from the LEDE terminal all correctly displays my public IP.

@psherman Thanks for your tips. Both wget and curl are installed on the LEDE router.
My /etc/config/ddns:

config service "duckdns"
option enabled "1"
option domain "[host].duckdns.org"
option username "[host]"
option password "[duckdns token]"
option ip_source "network"
option ip_network "wan"
option force_interval "72"
option force_unit "hours"
option check_interval "10"
option check_unit "minutes"
#option ip_source "interface"
#option ip_interface "eth0.1"
option ip_source "web"
option ip_url "https://ipv4.wtfismyip.com/text"
option update_url "http://www.duckdns.org/update?domains=[USERNAME]&token=[PASSWORD]&ip=[IP]"
option use_https "1"
option cacert "/etc/ssl/certs/cacert.pem"

Thank you in advance

Per · December 7, 2017, 9:37pm

Try removing the lines
option ip_source "network"
option ip_network "wan"

Also, have you checked if /etc/ssl/certs/cacert.pem exists? I'm using /etc/ssl/certs/ca-certificates.crt from ca-bundle.

psherman · December 7, 2017, 10:48pm

+1 to what @Per said. That might be messing things up. I'd also recommend removing the 2 lines that are commented out (just in case they are not being ignored for some reason or another).

in my config, I have the following interface and IP definitions (obviously the url itself is specific to my config):

option ip_source 'web'
option ip_url 'http://ip.changeip.com'
option interface 'wan'

Also, if you don't already have it, there is a LuCI app for ddns. IIRC, it has a wizard for configuration that generally works well for many service. Further, it can be useful for debugging.

moretocome · December 7, 2017, 11:21pm

Thanks for your reply, you nailed it!

There was a spelling error in the DuckDNS guide for the certificate, and commenting out those two options did the trick, so it now works.

Have a great day!