OpenWrt Forum Archive

Topic: luci-app-ddns / ddns-scripts : I'm working on enhancements

The content of this topic has been archived between 23 Mar 2018 and 4 May 2018. Unfortunately there are posts – most likely complete pages – missing.

Hi,

I'm currently working on the enhancement of the existing ddns-scripts and luci-app.

My current ideas:

- IPv6 Support
Some german providers offers only changing prefixes to private clients
I'm personal using ipv4 with 6to4 tunnel, so I need it too.
Some providers like dyndns.org or spdns.de offer the update for IPv4 and IPv6

- Proxy-Support
I've seen requests that there are some situtaions where it make sense to use a proxy for http/https request when updating

- DNS-Server Support
I've seen requests that if using URL to detect current "external" IP it might by nessesary to ask a differnt DNS in state of using the systems default

- allow force_interval = 0
I've seen requests that want to run the updater script only once (not as deamon).
i.e. run it via cron

- Start/Stop script
/etc/init.d/ddns stop will kill all update-scripts but
/etc/init.d/ddns start will start nothing
only possible to start again via restarting the affected interface

- hotplug script
the existing hotplug script ignores if ddns service is disabled
via /etc/init.d/ddns enable or disable

- scripts in general
extension for the above listed
do not update if interface address could not be detect because netifd has not finished setting ipadresses
verify if send update was recognised by the internet
don't start deamon if critical errors exists (possible you set "wan" to detect IPv6 but there is none because it's on "wan6")

- luci-app-ddns
- split into "Overview" and "Details" page (like luci-app-openvpn and others)
- extensions for the listed above
- setting if using HTTP or HTTPS including ca-certificate directory or file  or "IGNORE" if you want to run https but not want to verifing servers certificate   (I know that's unsecure)
- setting for logging to syslog
- setting "monitor" network (uci option "interface") because currently only "wan" is supported but it could be any other
- restart ddns service if "save + apply" to reflect changes

- general
- the existing uci options will be untouched
- the existing services file will be untouched there will be a "services_ipv6" only for IPv6
- new scripts will work with old uci config (without IPv6 support)
- new luci-app will work with old uci config and old scripts (without IPv6 support and other extensions to the scripts)

Anything missing
who could support me in testing before

discussions welcome

chris5560

I'd love to see many of these enhancements, one more thing I'd throw into the mix is update stats on the LuCI configuration page itself, for example:

Current IP: 49.212.153.21
Last check: IP address for myhost.ddns.org was 49.212.153.21 at 20:25 on 05/06/2014
Last update: We tried to set the IP address to 49.212.153.21 at 10:15 on 04/06/2014
Last output: Success

This would allow a simple method of verifying DDNS is working without having to log to syslog (but great to have it as a config option for people who are experiencing problems when configuring DDNS).

I have been looking at how to store the relevant values in /tmp and read them back using the LUCI app, but I have no idea how to read simple strings from the filesystem and add them to a LUCI page.

M

the script on router
/usr/lib/ddns/dynamic_dns_updater.sh
located in build env at trunk/feeds/packages/net/ddns-scripts/files/...
writes systems uptime into a file /var/run/dynamic_dns/$service_id.update
starting line 265 ff
this could be changed into current date or you only display time since last update and time left until next update

I found a good sample on how to read content of a file into luci cbi in luci-app-openvpn
/usr/lib/lua/luci/model/cbi/openvpn.lua
build env at trunk/feeds/luci/applications/luci-openvpn/luasrc/model/cbi
starting line 75 ff
it also calls a shell command and verifies it's output

chris5560

Ready for community testing !
hopefully without errors ;-)

I create a ticket
https://dev.openwrt.org/ticket/17139
with a zip-file attached with all needed files and
README_FIRST, CHANGES and HOWTO included.

Tested by myself on 10.03.1, 12.09 and 14.07-rc1 base-builds downloaded from openwrt download page on WNDR3800 and VirtualBox x86 hardware.

LuCI application will use existing app-ddns language files which are currently incomplete or might have errors.
The next step from my side will be to correct german translation and building patch files for openwrt build system.

feedback welcome !

Enjoy
chris5560

First: Thanks for working on these changes chris - it's very much appreciated.

However: please post your changes to the mailing list as a patch series.
To get your code accepted you have to "sign off" on it too.
Then all OpenWrt users could enjoy your improvements and not only those that build their own images.

Almost all enhancement tickets on the bugtracker are closed with
"please read https://dev.openwrt.org/wiki/SubmittingPatches "
It's very likely it will happen to your ticket too

Chris,

I need to say Thank You, Thank You, Thank You.

This functionality is something I desperately needed.  My ISP is Hughes.  It is satellite based.  They no longer offer a public IPv4 address, everything runs through their NAT.  They do however, offer native IPv6.  The only downside to their implementation to the IPv6 I've found so far, is that the prefix changes.  They also run all their http(s) traffic through a proxy.  Going to sites that read back the IP of the system connecting to them, reports the address of the proxy, rather than my host.  This feature can be disabled in the Hughes modem, but will be reenabled upon a restart of the modem.  I needed something that would update the IPv6 address when it changed.

My Address Source IPv6 selection is Network and my Network IPv6 selection is wan6.

I am running arokh's r41683 trunk build on a WNDR3700v2.  I followed your instructions in your HOWTO for the 14.07-rc1 build.  Although I found a couple of typos in your instructions, I made it through and now it seems to work.

I first tested this with dnsexit.com.  It appeared as if some errors were encountered.  Their website, and the entry in the services file, show updating a XX.XX.XX.XX address.  Your script would not update the record.  In your HOWTO, you mention there may be a different link to update IPv6.  I sent an email to dnsexit.com, describing my inability to update my IPv6 address and asking them if they had a separate link for IPv6.  Their answer to me was:

" IPv6 no need to get updated dynamically.

Jack
DNS Exit"

So based upon their response, I assume they don't support automated updating of an IPv6 address (I was able to do it manually via their website).

I then established an account with Hurricane Electric (https://dns.he.net).  Copying the entry for he.net from the services file and putting it into the services_ipv6 file, I am now able to update my address.

At this point, my prefix has not changed.  For testing purposes, I have manually made an address change in the HE nameservers, then waited to see what would happen.  So far, it doesn't appear that my address gets updated, when the script is running and the address in the nameserver is different than my address.  However, if I reboot the router, it will go and change the address in the nameserver.

After a reboot, logread shows "user.notice ddns-scripts[1846]: myddns: Update successful - RegisteredIP:" followed by my current interface address.  executing an nslookup, shows that the address has changed in the nameserver.  Without a reboot, logread shows "user.notice ddns-scripts[1846]: myddns: Running IP check ...".
nslookup confirms that an update has not taken place.

I don't understand why the address does not get updated, when the nameserver holds an address that is different than my address without a reboot.

Unfortunately for me, I'm not skilled in reading or writing scripts, so on my own, I can't seem to figure out what is happening.

Once again, thank you for this.

Thanks for your feedback.

During my test I used spdns.de as DDNS provider and interface wan6 and URL using http://checkipv6.dyndns.com to detect my current IP.
It takes up to 4 minutes until nslookup using resolver1.opendns.com sees my new address.
DNS caches !?

Did you see any error/retrys in syslog ?

try to start the script from console
> cd /usr/lib/ddns
> ./dnamic_dns_updater.sh myddns 1
myddns = your service configuration name
1 = show verbose logging

running on console with verbose logging you get much more output.
all steps the script is running including output of wget/curl sending the update.
please try to find out what happen in detail.

If the script detects, that CurrentIP (on the interface) is different from nslookup (RegisteredIP) it will send an update.
After 60 seconds (hardcoded) it will recheck nslookup
if still different it retrys to update after 60 seconds (default)
/etc/config/ddns parameters:
    retry_count    number of retrys    (default "5" if not given)
    retry_interval and retry_unit    ("60" "seconds" if not given)

running on console with errors the scripts finishes automatically after retry_count (5 retrys)
if everything goes ok (hopefully after retry) you need to break the script with [STRG]+C

try http://checkipv6.dyndns.com in your browser that's the IPv6 seen by the world for your browsers box (or the WEB-Proxy outside address you are using)
try: wget http://checkipv6.dyndns.com on routers console. You will see your address seen from the network, possibly proxys outside address if there is a proxy configured either on your router or somewhere at your ISP.

Are you using the LuCI interface ?
Did you also install my modifications to luci-app-ddns ? (It's not required by the scripts)
What is showing "Next Update" on "Status"-"Overview" at DynamicDNS ?

Thanks for you help to find out what is going wrong.

(Last edited by chris5560 on 22 Jul 2014, 21:30)

Chris,
I did install the stuff for the Luci interface.  While the script is running, you will see a button labeled stop with a red octagon icon.  If the program is not running, the button will be labeled start with a green icon.  I noticed that for the instant of time the script wakes up and checks the address, it will change from a red stop to a green start.  To the left of the button, below the column labeled Process ID Next Update, it displays PID: with the process id number, below that it shows a count down of time remaining until the next forced update.

I killed the current running process.  Then from the command line with my address equal to the address in the nameserver, this is the output:

root@OpenWrt ddns# ./dynamic_dns_updater.sh myddns 1

   update_prog: /usr/bin/wget -nv -O - -6 --no-check-certificate
    update_url: https://[DOMAIN]:[PASSWORD]@dyn.dns.he.net/nic/update?hostname=[DOMAIN]&myip=[IP]
force interval: 259200 seconds
check interval: 600 seconds
retry interval: 60 seconds
retry counter: 5 times
old Process Id:
   last update: 3 hours ago

Running IP check ...
     system ip: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa
registered ip: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa
update unnecessary
time since last update = 3 hours
the time is now Tue Jul 22 16:44:30 CDT 2014

Running IP check ...
     system ip: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa
registered ip: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa
update unnecessary
time since last update = 3 hours
the time is now Tue Jul 22 16:54:30 CDT 2014

I then went to the Hurricane Electric DNS website and changed the address of the AAAA listing.
Verifying that the update has been accepted using nslookup:

$ nslookup -type=aaaa ayankeeindixie.com ns1.he.net
Server:        ns1.he.net
Address:    216.218.130.2#53

ayankeeindixie.com    has AAAA address 2001:XXXX:XXXX:XXXX::41d

I ran the script again, this is the output
root@OpenWrt ddns# ./dynamic_dns_updater.sh myddns 1

   update_prog: /usr/bin/wget -nv -O - -6 --no-check-certificate
    update_url: https://[DOMAIN]:[PASSWORD]@dyn.dns.he.net/nic/update?hostname=[DOMAIN]&myip=[IP]
force interval: 259200 seconds
check interval: 600 seconds
retry interval: 60 seconds
retry counter: 5 times
old Process Id:
   last update: 4 hours ago

Running IP check ...
     system ip: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa
registered ip: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa
update unnecessary
time since last update = 4 hours
the time is now Tue Jul 22 17:08:16 CDT 2014

This indicates to me one of two things, either it is not checking the address in the nameserver or it is using the address in dnsmasq instead of checking the Hurricane Electric nameserver.


With my ISP's proxy enabled, this is the result of wget:
root@OpenWrt ddns# wget http://checkipv6.dyndns.com
--2014-07-22 17:14:30--  http://checkipv6.dyndns.com/
Resolving checkipv6.dyndns.com... 2600:2004:0:1::1
Connecting to checkipv6.dyndns.com|2600:2004:0:1::1|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 129 [text/html]
Saving to: 'index.html'

100%[============================================================>] 129         --.-K/s   in 0s     

2014-07-22 17:14:32 (2.57 MB/s) - 'index.html' saved [129/129]
root@OpenWrt ddns# cat index.html
<html><head><title>Current IP Check</title></head><body>Current IP Address: 2001:5b0:2d5a:ac50:280:aeff:fe3f:44b4</body></html>

The address listed in the response is not the address of my machine, so I'll assume it is the address of the ISP's proxy.

If I disable the ISP's proxy and do it again, this is what I get:
root@OpenWrt ddns# wget http://checkipv6.dyndns.com
--2014-07-22 17:19:50--  http://checkipv6.dyndns.com/
Resolving checkipv6.dyndns.com... 2600:200d:0:1::1
Connecting to checkipv6.dyndns.com|2600:200d:0:1::1|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 130 [text/html]
Saving to: 'index.html'

100%[============================================================>] 130         --.-K/s   in 0s     

2014-07-22 17:19:52 (2.60 MB/s) - 'index.html' saved [130/130]

root@OpenWrt ddns# cat index.html
<html><head><title>Current IP Check</title></head><body>Current IP Address: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa</body></html>

This second response, with the proxy disabled, shows the correct address of my machine.  This is the type of behavior, that I spent several days with the ISP confirming, is what the ISP considers to be correct.

One problem I had with dnsexit.com, was that if an attempt to update the record was received without a "proper" address, they substituted they address of the connection, which in my case was the proxy.  So anything that uses http(s) in one form or another, to compare the address that is being sent with the address of the sender, will never be correct (they'll see the proxy) and I can't use it.

And, as I said, if I reboot the router, it will go to the Hurricane Electric Nameserver, and correctly update the AAAA record with the address equal to the address of wan6.

Oh, one last thing I tried.  From the Luci interface, I unchecked the enable check-box and saved and applied that setting.  Then I rebooted the router.  When it came back up, from the Luci interface, I checked the enable check-box and again, saved and apply.

Then I went to the console window and ran it again, this is the output:
root@OpenWrt ddns# ./dynamic_dns_updater.sh myddns 1

   update_prog: /usr/bin/wget -nv -O - -6 --no-check-certificate
    update_url: https://[DOMAIN]:[PASSWORD]@dyn.dns.he.net/nic/update?hostname=[DOMAIN]&myip=[IP]
force interval: 259200 seconds
check interval: 600 seconds
retry interval: 60 seconds
retry counter: 5 times
   last update: 144 hours ago

Running IP check ...
     system ip: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa
registered ip: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 --no-check-certificate  https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa

Update failed (4):
Unable to establish SSL connection.
retry #1 in 60 seconds - CurrentIP: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa - RegisteredIP: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa

Running IP check ...
     system ip: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa
registered ip: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 --no-check-certificate  https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa

Verify IP update in 60 seconds ...

Registered IP: 2001:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa
Update Output:
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
good 2001:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa2014-07-22 17:48:28 URL:https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:XXXX:XXXX:XXXX:XXXX:XXXX:f0fa [43/43] -> "-" [1]
update complete, time is: Tue Jul 22 17:49:28 CDT 2014

You can see that the first time it runs, after a reboot, it correctly updates the address.  (Yes I do have use https enabled, with the IGNORE option.)

I hope this is the info you were looking for and I hope it helps.

Edited to say
I just reread your questions again.  The information above about Luci was from the Services Dynamic DNS page.  I missed the part about the Overview page.

On the Overview page, from left to right:  Configuration shows myddns; Next Update shows time counting down until the next forced update; Domain shows the domain name I have entered; Registered IP shows the address of my wan6 interface; Network shows IPv6/wan6.

(Last edited by billmc on 23 Jul 2014, 00:35)

After rebooting the router and starting the script from the command line, I let it run awhile.  This is the output.  Note, I did not change the address in the HE nameserver.


root@OpenWrt ddns# ./dynamic_dns_updater.sh myddns 1

   update_prog: /usr/bin/wget -nv -O - -6 --no-check-certificate
    update_url: https://[DOMAIN]:[PASSWORD]@dyn.dns.he.net/nic/update?hostname=[DOMAIN]&myip=[IP]
force interval: 259200 seconds
check interval: 600 seconds
retry interval: 60 seconds
retry counter: 5 times
   last update: 144 hours ago

Running IP check ...
     system ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 --no-check-certificate  https://ayankeeindixie.com:flv75zsg@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa

Update failed (4):
Unable to establish SSL connection.
retry #1 in 60 seconds - CurrentIP: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa - RegisteredIP: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa

Running IP check ...
     system ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 --no-check-certificate  https://ayankeeindixie.com:flv75zsg@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa

Verify IP update in 60 seconds ...

Registered IP: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
Update Output:
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
good 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa2014-07-22 17:48:28 URL:https://ayankeeindixie.com:flv75zsg@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa [43/43] -> "-" [1]
update complete, time is: Tue Jul 22 17:49:28 CDT 2014


Running IP check ...
     system ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
update unnecessary
time since last update = 0 hours
the time is now Tue Jul 22 17:59:28 CDT 2014

Running IP check ...
     system ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
update unnecessary
time since last update = 0 hours
the time is now Tue Jul 22 18:09:29 CDT 2014

Running IP check ...
     system ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
update unnecessary
time since last update = 0 hours
the time is now Tue Jul 22 18:19:29 CDT 2014

Running IP check ...
     system ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
update unnecessary
time since last update = 0 hours
the time is now Tue Jul 22 18:29:29 CDT 2014

Running IP check ...
     system ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
update unnecessary
time since last update = 0 hours
the time is now Tue Jul 22 18:39:29 CDT 2014

Running IP check ...
     system ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
update unnecessary
time since last update = 1 hours
the time is now Tue Jul 22 18:49:29 CDT 2014

Running IP check ...
     system ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:f0fa
update unnecessary
time since last update = 1 hours
the time is now Tue Jul 22 18:59:29 CDT 2014

Hi,

there are still some things I did not understand:
- Where did your local wan6 interface get it's address from (DHCP or static) ?
    - I never see a change on it inside your post
- What is your IPv6 inside LuCI Status-Overview-IPv6 WAN Status ?
- Did local addr change, if you change the record at he.net ?
    - it not looks like !

Looking on the outputs you send, everything looks fine.
Your local address on the interface is detected as ..:f0fa
Your address in the internet is also detected as ..:f0fa (except he.net where you change by hand)
so there is no update needed.

try to use an independend public DNS-Server in your settings like
    google-public-dns-a.google.com
    google-public-dns-b.google.com

After reboot an update is forced because update time is stored inside local file after successful update
    /var/run/dynamic_dns/$SERVICE_ID.update.
Because /var linked to /tmp by default and mounted to tmpfs (Memory) this file is lost on reboot.

By the way: you should change your password at he.net because you publish it with your postings inside the update string.

Chris,

- Where did your local wan6 interface get it's address from (DHCP or static) ?
My local wan6 address.  My ISP does not use DHCPv6, but they do issue a /61 prefix.  In Luci, these are my settings for wan6:
Protocol - DHCPv6 client; Request IPv6-address - try; Request IPv6-prefix of length - automatic

So where does my address come from?  I'm not sure, I would guess its SLACC because DHCP is not offered.

- I never see a change on it inside your post
My local address never did change.  I manually changed the address on the HE server.  I've made the assumption, which might be wrong, that the address in the nameserver would be compared to the address of the interface.  If they did not match, then an update would be initiated.  Its easier for me to change the address on the nameserver, so that's what I did.


- What is your IPv6 inside LuCI Status-Overview-IPv6 WAN Status?
The IPv6 address displayed in the Status Overview equals the address that is displayed under Network Interfaces which equals the address returned by ifstatus wan6 which equals the address displayed by the update script.

- Did local addr change, if you change the record at he.net ?
    - it not looks like !
The local address never changed.  With a reboot, the address at the HE server would be changed to match the local address.

Thanks for the reminder about the password, I remembered to filter it in the first post, but forgot to do it in the second.



Let me ask you a question.  As I said I'm not good with scripting, but you do have good comments, so at least I could understand what was suppose to happen.
$dns_server, where does this value come from?  The only place I can see where it might be defined is #config_get dns_server    $SERVICE_ID    dns_server    ### NEW ###.

I ask because of my assumption of the local address being compared to the HE nameserver.  I had the domain name specified in the local dnsmasq.  I think I may have also had it to be set as authoritative.

Below, the system ip does not match the registered ip; but the system ip does match the ip contained in the nameserver.  So I guess maybe a better question would be, Where does the Registered IP come from?

I have since set dnsmasq to the default setting.  Today my address is different from the posts yesterday (router has been rebooted numerous times and re-flashed).  For this post, I ran nslookup on my laptop, while at the same time started the update script on the router.  Here are the results:

(in this case it picked up the local address, so I assume it was answered by dnsmasq.  dnsmasq configured as default.)
# nslookup
> set q=any
> ayankeeindixie.com
Server:        2001:xxxx:xxxx:7d8::1
Address:    2001:xxxx:xxxx:7d8::1#53

Non-authoritative answer:
ayankeeindixie.com
    origin = ns1.he.net
    mail addr = hostmaster.he.net
    serial = 2014072301
    refresh = 10800
    retry = 1800
    expire = 604800
    minimum = 86400
ayankeeindixie.com    has AAAA address 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa
ayankeeindixie.com    nameserver = ns1.he.net.
ayankeeindixie.com    nameserver = ns2.he.net.
ayankeeindixie.com    nameserver = ns3.he.net.
ayankeeindixie.com    nameserver = ns4.he.net.
ayankeeindixie.com    nameserver = ns5.he.net.

Authoritative answers can be found from:
ayankeeindixie.com    nameserver = ns5.he.net.
ayankeeindixie.com    nameserver = ns1.he.net.
ayankeeindixie.com    nameserver = ns2.he.net.
ayankeeindixie.com    nameserver = ns3.he.net.
ayankeeindixie.com    nameserver = ns4.he.net.
ns1.he.net    internet address = 216.218.130.2
ns2.he.net    internet address = 216.218.131.2
ns2.he.net    has AAAA address 2001:470:200::2
ns3.he.net    internet address = 216.218.132.2
ns3.he.net    has AAAA address 2001:470:300::2
ns4.he.net    internet address = 216.66.1.2
ns4.he.net    has AAAA address 2001:470:400::2
ns5.he.net    internet address = 216.66.80.18
ns5.he.net    has AAAA address 2001:470:500::2


root@OpenWrt ddns# date;./dynamic_dns_updater.sh myddns 1
Wed Jul 23 21:47:34 CDT 2014

   update_prog: /usr/bin/wget -nv -O - -6 --no-check-certificate
    update_url: https://[DOMAIN]:[PASSWORD]@dyn.dns.he.net/nic/update?hostname=[DOMAIN]&myip=[IP]
force interval: 259200 seconds
check interval: 600 seconds
retry interval: 60 seconds
retry counter: 5 times
old Process Id:
   last update: 144 hours ago

Running IP check ...
     system ip: 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:3560:xxxx:xxxx:xxxx:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 --no-check-certificate  https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa

Verify IP update in 60 seconds ...
Update failed (0):
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
nochg 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa2014-07-23 21:48:01 URL:https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa [43/43] -> "-" [2]
retry #1 in 60 seconds - CurrentIP: 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa - RegisteredIP: 2001:xxxx:xxxx:3560:xxxx:xxxx:xxxx:f0fa

Running IP check ...
     system ip: 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:3560:xxxx:xxxx:xxxx:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 --no-check-certificate  https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa

Verify IP update in 60 seconds ...
Update failed (0):
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
nochg 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa2014-07-23 21:50:48 URL:https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa [43/43] -> "-" [1]
retry #2 in 60 seconds - CurrentIP: 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa - RegisteredIP: 2001:xxxx:xxxx:3560:xxxx:xxxx:xxxx:f0fa

Running IP check ...
     system ip: 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:3560:xxxx:xxxx:xxxx:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 --no-check-certificate  https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa

Verify IP update in 60 seconds ...
Update failed (0):
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
nochg 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa2014-07-23 21:53:35 URL:https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa [43/43] -> "-" [1]
retry #3 in 60 seconds - CurrentIP: 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa - RegisteredIP: 2001:xxxx:xxxx:3560:c63d5:c7ff:fe97:f0fa

Running IP check ...
     system ip: 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:3560:xxxx:xxxx:xxxx:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 --no-check-certificate  https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa

Verify IP update in 60 seconds ...
Update failed (0):
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
nochg 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa2014-07-23 21:56:24 URL:https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa [43/43] -> "-" [3]
retry #4 in 60 seconds - CurrentIP: 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa - RegisteredIP: 2001:xxxx:xxxx:3560:xxxx:xxxx:xxxx:f0fa

Running IP check ...
     system ip: 2001:b0:2d5a:7d0:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:3560:xxxx:xxxx:xxxx:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 --no-check-certificate  https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa

Verify IP update in 60 seconds ...
Update failed (0):
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
WARNING: cannot verify dyn.dns.he.net's certificate, issued by '/C=US/ST=CA/L=Fremont/O=Hurricane Electric/OU=Secure Services/CN=dyn.dns.he.net/emailAddress=dnsadmin@he.net':
  Self-signed certificate encountered.
nochg 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa2014-07-23 21:59:12 URL:https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa [43/43] -> "-" [1]
retry #5 in 60 seconds - CurrentIP: 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa - RegisteredIP: 2001:xxxx:xxxx:3560:xxxx:xxxx:xxxx:f0fa

Running IP check ...
     system ip: 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa
registered ip: 2001:xxxx:xxxx:3560:xxxx:xxxx:xxxx:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 --no-check-certificate  https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa

Verify IP update in 60 seconds ...
CRITICAL ERROR - Update Error (0) - CurrentIP: 2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa - RegisteredIP: 2001:xxxx:xxxx:3560:xxxx:xxxx:xxxx:f0fa - EXITING
root@OpenWrt ddns#

The reason this update is failing is because the Registered IP is not changing.  The IP address of the wan6 interface equals the address that is in the HE nameservers.

Hi,

the new parameter dns_server in /etc/config/ddns which can be set via LuCI interface
is read by the script and used when trying to detect the registered IP
    REGISTERED_IP=$(nslookup $domain $dns_server 2>/dev/null | .......
It defines the DNS server to use for nslookup instead the one defined as default on the local system.

I think the first thing to check is (without scripts) what happen if you change by hand your ip at he.net
- how long does it take, until "nslookup ayankeeindixie.com google-public-dns-a.google.com" shows "new" address?
- are there any entrys inside he.net's error logs?
    many ddns provider block updates, if there are send more then "x" updates in interval "y"

You can try to change your ip without script by "wget" as you see in verbose_log (update command):
>/usr/bin/wget -nv -O - -6 --no-check-certificate https://ayankeeindixie.com:mypassword@dyn.dns.he.net/nic/update?hostname=ayankeeindixie.com&myip=2001:xxxx:xxxx:7d0:xxxx:xxxx:xxxx:f0fa
All in one line without space between ...he.net/nic/update...

Normally he.net should accept any IPv6 address you like to send.
In theory he.net should accept i.e. Google's IPv6 address, because nothing goes wrong in the net.
The only thing happen is that anybody trying to connect to ayankeeindixie.com will go to Googles Servers.
So please check if he.net accept updates via wget to the IPv6 you like.
Check the time how long it takes until the rest of internet shows the changes.

You could run wget on the console of you router an monitor changes inside LuCI-System-Overview-DynamicDNS.
RegisteredIP is reread every 5 seconds with the same nslookup and $dns_server as the script does,
no matter if ddns-service is enabled or script is running.
- stop and disable ddns (so a change on interfacce or config could not start script)
    >/etc/init.d/ddns stop
    >/etc/init.d/ddns disable
    or via LuCI System-Startup
- kill all dynamic_ddns_updater scripts (there should be none after stopping ddns)
- setup the a dns_server of your choice inside LuCI config and save/apply (no script should start because service disabled)
- check if "wget ..." will change your registered IP to the one you send and how long does it take.

Good Luck

Chris,

It is 11:40 as I begin to write this.  I have thunderstorms moving in.  One of the downsides of satellite based ISP is that it is affected by weather, causing loss of service.  I'll post more information when I can.

I have made a mistake.  I chose use secure http, when I was not able to update my address (I don't think I had that selected when the address did update).  I do not know how to incorporate into the services_ipv6 file the directions from Hurricane Electric's website.  https://dns.he.net/  The following comes from their site.

If you want to tell me what I should have in the services_ipv6 file for using https, I'll add that in.

HE states that their web UI is very basic for the moment.  I don't know how to access their error logs, or if it is even possible to do that.
----------------------------------------------------------------------------------------------------------------------------------------------
Dynamic DNS Support

    We've added Dynamic DNS support!
    We're working on smoothing out how it's represented in the UI and writing something that resembles documentation, but thought we'd push out what we have so it can get a little use. It's a pretty basic implementation and should work well for most applications. It works with 'ddclient' (or dyndns compatible clients), and with any of the command line examples. We'll update this page when the documentation is ready. (we're hoping to have it written soon...). If you have any feedback on this new feature, please send them along to <dnsadmin@he.net>


Here are a few examples to get you started (manual testing)

http://[your domain name]:[your password]@dyn.dns.he.net/nic/update?hostname=[your domain name]

Autodetect my IPv4/IPv6 address:
% curl -4 "http://dyn.example.com:password@dyn.dns.he.net/nic/update?hostname=dyn.example.com"                   
% curl -6 "http://dyn.example.com:password@dyn.dns.he.net/nic/update?hostname=dyn.example.com"                   

Specify my IPv4/IPv6 address:
% curl "http://dyn.example.com:password@dyn.dns.he.net/nic/update?hostname=dyn.example.com&myip=192.168.0.1"                   
% curl "http://dyn.example.com:password@dyn.dns.he.net/nic/update?hostname=dyn.example.com&myip=2001:db8:beef:cafe::1"


Here are a couple more examples that allow sending the password in the URL

Note: The username is also the hostname. The password is sent using 'password='. This skips HTTP basic auth.

Authentication and Updating using GET
% curl "https://dyn.dns.he.net/nic/update?hostn … 92.168.0.1"
% curl "https://dyn.dns.he.net/nic/update?hostn … ef:cafe::1"

Authentication and Updating using a POST
% curl "https://dyn.dns.he.net/nic/update" -d "hostname=dyn.example.com" -d "password=password" -d "myip=192.168.0.1"
% curl "https://dyn.dns.he.net/nic/update" -d "hostname=dyn.example.com" -d "password=password" -d "myip=2001:db8:beef:cafe::1"

----------------------------------------------------------------------------------------------------------------------------------------------

Also, I could not find, in LuCI, the entry for dns_server.  I think I may be introducing to many variables by using a Community Release.  I have only the one router.  I intend to flash the router with 14.07-rc1, so we will be working with the same software.  I think this will eliminate other possible variables.  Once the script has been determined to work, I can switch back to the Community Release and try again.

As I mentioned before, I'm not good with scripts, but this is what I've put together to quickly reload your information.  Maybe you can validate it, to ensure I've correctly followed your installation instructions.

----------------------------------------------------------------------------------------------------------------------
#! /bin/sh

mkdir -p /etc/config
mkdir -p /etc/hotplug.d/iface
mkdir -p /etc/uci-defaults
mkdir -p /usr/lib/ddns
mkdir -p /usr/lib/lua/luci/controller
mkdir -p /usr/lib/lua/luci/model/cbi/ddns
mkdir -p /usr/lib/lua/luci/view/admin_status/index
mkdir -p /usr/lib/lua/luci/view/ddns

cp etc+config-14.07-RC1/* /etc/config/
cp etc+hotplug.d+iface/* /etc/hotplug.d/iface/
cp etc+uci-defaults/* /etc/uci-defaults/
cp usr+lib+ddns/* /usr/lib/ddns/
cp usr+lib+ddns+14.07-RC1/* /usr/lib/ddns/
cp usr+lib+lua+luci+controller/* /usr/lib/lua/luci/controller/
cp usr+lib+lua+luci+model+cbi+ddns/* /usr/lib/lua/luci/model/cbi/ddns/
cp usr+lib+lua+luci+view+admin_status+index/* /usr/lib/lua/luci/view/admin_status/index/
cp usr+lib+lua+luci+view+ddns/* /usr/lib/lua/luci/view/ddns/

chmod 775 /usr/lib/ddns/*.sh
chmod 775 /etc/init.d/ddns
chmod 775 /etc/uci-defaults/luci-ddns

rm -r /tmp/luci-indexcache /tmp/luci-modulecache/*

/etc/uci-defaults/luci-ddns

opkg update
opkg install curl wget

------------------------------------------------------------------------------------------------------
I realize that in some cases I'm creating directories that are already there, but I didn't think it would cause any damage.


I was trying to follow your instructions from the last post, and I was having trouble.  Possibly because of weather, possibly because of using a different build, and most likely because I did something wrong.  Thus the reason for switching to a build that you used.

I'll let you know what happens.
Bill

Hi Bill,

I tested my LuCI and script modifications with 10.03.1, 12.09 and 14.07-rc1 images downloaded from downloads.openwrt.org,
so it should work with your current version if it is 10.03.1 or above.
No need to reflash !! "(never) touch your running system" if you only have ONE.

The setting for dns_server can only be reached in your settings,
if you edit /etc/config/ddns files putting in:
    option dns_server "dns.server.you.like" or "ip.address.you.like"
Single or double quoted please see the other options listed in the file.

Opps. Thanks for testing ! I found a bug inside my LuCI file not showing DNS server to you.
If you want to fix yourself, delete the following two lines in /usr/lib/lua/luci/model/cbi/ddns/detail.lua
    dns:depends("ipv4_source", "web")    -- IPv4
    dns:depends("ipv6_source", "web")    -- or IPv6
or comment out with 2 -- at the beginning of the line
at line 587 and 588. After modify you need to
>rm -r /tmp/luci-indexcache /tmp/luci-modulecache/*
to clear LuCI cashes.

The syntax of services_ipv6 is the same as in services file.
So you could copy the 2 lines for "# Hurricane Electric Dynamic DNS" into services_ipv6.
All entrys are setup with "http://...". The change to "https://..." is done in the scripts (sed), if use_https enabled.

Because I googled some entrys saying that various services offer different update-urls for IPv4 and IPv6 I decided to create service_ipv6 file.
I don't know, if HE uses the same url for IPv4 and IPv6 updates.
Please verify for HE.

If you login to your HE account, there should be something like an update history or error log.
Check if HE blocks if there are to many updates in a given time.
I'm using selfhost.de and spdns.de and they offer an update history showing sucess and errors and
selfhost.de blocks on to many updates also written in update history as error.

A word about your "install script", it looks ok.
You need to install only one: curl or wget.
The script (and I) prefere wget because curl (libcurl) is compiled without proxy support in current trunk and 14.07-rc1.

Christian

(Last edited by chris5560 on 24 Jul 2014, 19:29)

Chris,
I did find one problem with my script, I failed to copy the /etc/init.d/ddns file.  I've since corrected the script.

I'm not really afraid of reflashing the router.  I've been doing it quit a bit over the past couple of weeks.  I had already reflashed by the time I saw your last post.  Because you say the script prefers wget, I will flash again to arokh's build.  I receive this error when trying to install wget into the rc1 build.

BusyBox v1.22.1 (2014-07-11 02:34:04 CEST) built-in shell (ash)
Enter 'help' for a list of built-in commands.

  _______                     ________        __
|       |.-----.-----.-----.|  |  |  |.----.|  |_
|   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
|_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
-----------------------------------------------------
BARRIER BREAKER (14.07-rc1, r41580)
-----------------------------------------------------
  * 1/2 oz Galliano         Pour all ingredients into
  * 4 oz cold Coffee        an irish coffee mug filled
  * 1 1/2 oz Dark Rum       with crushed ice. Stir.
  * 2 tsp. Creme de Cacao
-----------------------------------------------------
root@OpenWrt:~# uname -a
Linux OpenWrt 3.10.44 #3 Sat Jul 12 16:42:11 CEST 2014 mips GNU/Linux
root@OpenWrt:~# opkg update
Downloading http://downloads.openwrt.org/barrier_br … ckages.gz.
Updated list of available packages in /var/opkg-lists/barrier_breaker.
root@OpenWrt:~# opkg install wget
Unknown package 'wget'.
Collected errors:
* opkg_install_cmd: Cannot install package wget.

oot@OpenWrt:/usr/lib/ddns# opkg search *wget*
base-files - 155-r41580
busybox - 1.22.1-2

From the Services page in LuCi:
cURL is installed, but libcurl was compiled without proxy support.
You should install GNU Wget or replace libcurl.
cURL/libcurl in OpenWrt is compiled without proxy support by default.

The script chooses to use curl, so I assume that
root@OpenWrt:/usr/lib/ddns# which wget
/usr/bin/wget
is not the GNU wget version.

I did not have this installation isuue with arokh's build.  Ttrying your suggested manual commands without wget, doesn't work to well.

I did make the changes to the detail.lua file.  Once I did that, under the advance settings tab of the DDNS configuration, I now have a box to be able to change from the default dns server.

I'm still not sure what the default dns server is though.  When I do an nslookup from either the google server or the HE server, they both show the correct address, while using the "default" server, the Registered IP is wrong.

I added 8.8.8.8 to the box on the advanced tab.  When I run the script, it still shows a different registered ip.  I also tried adding  option dns_server 'google-public-dns-a.google.com' to the /etc/config/ddns file manually and the registered ip still had not changed.

I need to go out this afternoon, I may not be able to get back to this until latter this evening.  I'm in the UTC-6 timezone, so I'm not exactly sure how much of a time difference there is between us.

As they used to say in the military "Standby to standby"
Bill

Hi Bill,

I'm sitting on UTC + 2 (German summertime) so 8 hours before.

I put the following entries into my ddns config file

config service 'test_nodns'
        option enabled '0'
        option use_ipv6 '1'
        option domain 'ayankeeindixie.com'
        option ip_source 'web'
        option ip_url 'http://check.dyndns.com/'
        option interface 'wan6'
        option check_interval '10'
        option check_unit 'minutes'
        option force_interval '0'
        option force_unit 'hours'
        option retry_count '1'
        option retry_interval '60'
        option retry_unit 'seconds'
        option use_syslog '0'
        option update_url 'http://ipv6.google.com'

config service 'test_google'
        option enabled '0'
        option use_ipv6 '1'
        option domain 'ayankeeindixie.com'
        option ip_source 'web'
        option ip_url 'http://checkipv6.dyndns.com/'
        option interface 'wan6'
        option dns_server 'google-public-dns-a.google.com'
        option check_interval '10'
        option check_unit 'minutes'
        option force_interval '0'
        option force_unit 'hours'
        option retry_count '1'
        option retry_interval '60'
        option retry_unit 'seconds'
        option use_syslog '0'
        option update_url 'http://ipv6.google.com'

config service 'test_he'
        option use_ipv6 '1'
        option domain 'ayankeeindixie.com'
        option ip_source 'network'
        option interface 'wan6'
        option ip_network 'wan6'
        option dns_server 'ns1.he.net'
        option check_interval '10'
        option check_unit 'minutes'
        option force_interval '0'
        option force_unit 'hours'
        option retry_count '1'
        option retry_interval '60'
        option retry_unit 'seconds'
        option use_syslog '0'
        option enabled '0'
        option update_url 'http://ipv6.google.com'

knowing that no update is possible.
Reason for this I want to check if there is a difference between LuCI Status,
RegisteredIP from script and from nslookup on the console or any to the router connected box.
There should be no difference or somthing goes wrong with nslookup.
The console commands:

  • nslookup ayankeeindixie.com

  • nslookup ayankeeindixie.com google-public-dns-a.google.com

  • nslookup ayankeeindixie.com ns1.he.net

I test on my router and on my windows box connected all the same addresses.

From here you must continue yourself:
Set all option enable '1' by editing ddns config without LuCI and no (re)starting ddns.
Start the dynamic_dns_updater.sh from the console.
Have a look on RegisteredIP and CurrentIP output.
test_nodns  should show RegisteredIP from above nslookup and
            no CurrentIP and break with error "could not detect current ip" or something like that
test_google should show RegisteredIP from above nslookup and
            hopefully CurrentIP is the same it is taken by the script with wget -O - http://checkipv6.dyndns.com/
test_he        should show RegisteredIP from above nslookup and
            and CurrentIP as currently configured on you wan6 interface (LuCI Status-Overview-IPv6 WAN Status)

Where is the difference ? If everything is fine here we could go the next steps.

For the curl/wget problem on 14.07.rc1 remove libcurl from LuCI System-Software it will also remove curl.
Download wget from trunk to your router (link for netgear wndr3700/wndr3800)
- http://downloads.openwrt.org/snapshots/ … ar71xx.ipk
change to download dir and type

  • rm -R /tmp/wget*

  • rm -R /var/log/wget*

  • rm -R /var/opkg-lists/*

  • opkg install ./wget_1.15-1_ar71xx.ipk

Thanks for testing we need to test now step by step because I currently don't see where to look for the problem.

Christian

Chris,

Below, you will see that all three nslookup run from the openwrt console, report the same address.  This is the address that is current in the HE nameservers.  This address always appears as the registered ip.  This is the address my router had yesterday.  It is not the current address of the router.  Only the test_he correctly reports the current ip of the routers wan6.

Running nslookup from my Linux laptop, it querries dnsmasq on the router and can't find a listing.

I ran ifstatus wan6 so you could see the actual address.  I think I know where the problem is.  It has to do with either option ip_url or option update_url.  Because option ip_url is not in all 3 test cases, I'll suspect it is option update_url.

Is this a case that is unique to Hughes or not, I can't say.  But if you recall, I mentioned that Hughes sends all their http(s) traffic through a proxy.  So asking any site via http for an address, will return the address of the proxy.  I am going to disable the Hughes proxy and try running the three tests again.

root@OpenWrt ddns# nslookup ayankeeindixie.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

Name:      ayankeeindixie.com
Address 1: 2001:5b0:2d5a:7d0:c63d:c7ff:fe97:f0fa
root@OpenWrt ddns# nslookup ayankeeindixie.com google-public-dns-a.google.com
Server:    8.8.8.8
Address 1: 8.8.8.8 google-public-dns-a.google.com

Name:      ayankeeindixie.com
Address 1: 2001:5b0:2d5a:7d0:c63d:c7ff:fe97:f0fa
root@OpenWrt ddns# nslookup ayankeeindixie.com ns1.he.net
Server:    216.218.130.2
Address 1: 216.218.130.2 ns1.he.net

Name:      ayankeeindixie.com
Address 1: 2001:5b0:2d5a:7d0:c63d:c7ff:fe97:f0fa
root@OpenWrt ddns#


I'm running Linux Mint Debian Edition (LMDE) on my laptop.  It is supposed to be equvalent to Debian Testing.

bill@sligo:~$ nslookup ayankeeindixie.com
Server:        192.168.1.1
Address:    192.168.1.1#53

Non-authoritative answer:
*** Can't find ayankeeindixie.com: No answer

bill@sligo:~$ nslookup ayankeeindixie.com google-public-dns-a.google.com
Server:        google-public-dns-a.google.com
Address:    8.8.8.8#53

Non-authoritative answer:
*** Can't find ayankeeindixie.com: No answer

bill@sligo:~$ nslookup ayankeeindixie.com ns1.he.net
Server:        ns1.he.net
Address:    216.218.130.2#53

Non-authoritative answer:
*** Can't find ayankeeindixie.com: No answer

Extra step to verify my wan6 address

root@OpenWrt config# ifstatus wan6
{
    "up": true,
    "pending": false,
    "available": true,
    "autostart": true,
    "uptime": 20323,
    "l3_device": "eth1",
    "proto": "dhcpv6",
    "device": "eth1",
    "updated": [
        "routes"
    ],
    "metric": 0,
    "delegation": true,
    "ipv4-address": [
       
    ],
    "ipv6-address": [
        {
            "address": "2001:5b0:2d5a:f380:c63d:c7ff:fe97:f0fa",
            "mask": 64,
            "preferred": 13,
            "valid": 283
        },

I've mv ddns to ddns.orig.
I've copied your file into my /etc/config/ddns
I used vi to edit /etc/config/ddns to change option enabled '1' in all three sections.
I have not stopped, started, or otherwise ddns.


root@OpenWrt ddns# ./dynamic_dns_updater.sh test_nodns 1

   update_prog: /usr/bin/wget -nv -O - -6
    update_url: http://ipv6.google.com
force interval: 0 seconds
check interval: 600 seconds
retry interval: 60 seconds
retry counter: 1 times
   last update: 0 hours ago

Running IP check ...
     system ip: 2001:5b0:2d5a:f380:280:aeff:fe3f:44b4
registered ip: 2001:5b0:2d5a:7d0:c63d:c7ff:fe97:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 http://ipv6.google.com

Verify IP update in 60 seconds ...
Update failed (0):

retry #1 in 60 seconds - CurrentIP: 2001:5b0:2d5a:f380:280:aeff:fe3f:44b4 - RegisteredIP: 2001:5b0:2d5a:7d0:c63d:c7ff:fe97:f0fa
^C
root@OpenWrt ddns#


Here is the Google Test
root@OpenWrt ddns# ./dynamic_dns_updater.sh test_google 1

   update_prog: /usr/bin/wget -nv -O - -6
    update_url: http://ipv6.google.com
force interval: 0 seconds
check interval: 600 seconds
retry interval: 60 seconds
retry counter: 1 times
   last update: 0 hours ago

Running IP check ...
     system ip: 2001:5b0:2d5a:f380:280:aeff:fe3f:44b4
registered ip: 2001:5b0:2d5a:7d0:c63d:c7ff:fe97:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 http://ipv6.google.com

Verify IP update in 60 seconds ...
Update failed (0):

retry #1 in 60 seconds - CurrentIP: 2001:5b0:2d5a:f380:280:aeff:fe3f:44b4 - RegisteredIP: 2001:5b0:2d5a:7d0:c63d:c7ff:fe97:f0fa
^C
root@OpenWrt ddns#


The test_he
root@OpenWrt ddns# ./dynamic_dns_updater.sh test_he 1

   update_prog: /usr/bin/wget -nv -O - -6
    update_url: http://ipv6.google.com
force interval: 0 seconds
check interval: 600 seconds
retry interval: 60 seconds
retry counter: 1 times
   last update: 0 hours ago

Running IP check ...
     system ip: 2001:5b0:2d5a:f380:c63d:c7ff:fe97:f0fa
registered ip: 2001:5b0:2d5a:7d0:c63d:c7ff:fe97:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 http://ipv6.google.com

Verify IP update in 60 seconds ...
Update failed (0):

retry #1 in 60 seconds - CurrentIP: 2001:5b0:2d5a:f380:c63d:c7ff:fe97:f0fa - RegisteredIP: 2001:5b0:2d5a:7d0:c63d:c7ff:fe97:f0fa
^C
root@OpenWrt ddns#

################################################################################################################################
These are the results with the Hughes proxy disabled.

root@OpenWrt ddns# ./dynamic_dns_updater.sh test_nodns 1

   update_prog: /usr/bin/wget -nv -O - -6
    update_url: http://ipv6.google.com
force interval: 0 seconds
check interval: 600 seconds
retry interval: 60 seconds
retry counter: 1 times
old Process Id:
   last update: 0 hours ago

Running IP check ...
     system ip: 2001:5b0:2d5a:f380:c63d:c7ff:fe97:f0fa
registered ip: 2001:5b0:2d5a:7d0:c63d:c7ff:fe97:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 http://ipv6.google.com

Verify IP update in 60 seconds ...
Update failed (0):



root@OpenWrt ddns# ./dynamic_dns_updater.sh test_google 1

   update_prog: /usr/bin/wget -nv -O - -6
    update_url: http://ipv6.google.com
force interval: 0 seconds
check interval: 600 seconds
retry interval: 60 seconds
retry counter: 1 times
old Process Id:
   last update: 0 hours ago

Running IP check ...
     system ip: 2001:5b0:2d5a:f380:c63d:c7ff:fe97:f0fa
registered ip: 2001:5b0:2d5a:7d0:c63d:c7ff:fe97:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 http://ipv6.google.com

Verify IP update in 60 seconds ...
^C
root@OpenWrt ddns#



root@OpenWrt ddns# ./dynamic_dns_updater.sh test_he 1

   update_prog: /usr/bin/wget -nv -O - -6
    update_url: http://ipv6.google.com
force interval: 0 seconds
check interval: 600 seconds
retry interval: 60 seconds
retry counter: 1 times
old Process Id:
   last update: 0 hours ago

Running IP check ...
     system ip: 2001:5b0:2d5a:f380:c63d:c7ff:fe97:f0fa
registered ip: 2001:5b0:2d5a:7d0:c63d:c7ff:fe97:f0fa
update necessary, performing update ...
update command: /usr/bin/wget -nv -O - -6 http://ipv6.google.com

Verify IP update in 60 seconds ...
^C
root@OpenWrt ddns#


With Hughes' proxy server disabled, http(s) traffic does not pass through the proxy but instead bypasses the proxy.  The result of this is the correct address of the router being reported as the system ip.

Hughes has the proxy configured on by default, and that setting can not be changed by the customer.  The customer can turn the proxy off, but the next reboot will re-enable the proxy.  This happens when Hughes pushes out a software update, or if I experience a power failure, or I manually reboot the router.  Many people on the Hughes forum complain about this.  There is also no way to know if the proxy has been re-enabled, unless you take the time and check yourself.

If other ISPs are using a similar feature, then other folks will have similar experiences.  As I've said, I'm no good with scripting, so I don't know if this is possible.  Couldn't you pull the address from the interface on the router, then compare that to the information contained in the nameserver, without using any kind of http protocol?  In my case, I'm using Hurricane Electric.  I need to select the service I'm using.  If I know which service I'm using, it seems to me, that I would know the name of the nameserver that goes along with that service.  Afterall, I did have to establish a record in that nameserver.  So if you provided a place for me to input the nameserver I use, you could perform an nslookup on that server, then compare the result with the address of the interface.  Similar to what you have provided when the wan6 interface is selected as the address source.

I can't find, on Hurricane Electric's website, if they compare the address trying to be set, to the address of connection trying to make the change.  dnsexit.com did this.  From looking at the offerings Hurricane Electric has, I suspect they do not compare the two.

I would tend to think, that anyone attempting to use OpenWRT, then try to employ DDNS, would have enough knowledge to be aware of the need for the nameserver name.  The folks that wouldn't know this, in all likelyhood, would either not be using OpenWRT or would not be using DDNS to begin with.

Over here, its called Daylight Savings Time rather than Summer Time, so its adjusted by an hour.  Even though I'm in the UTC-6 timezone, during Daylight Savings Time, its like being in UTC-5, so I guess we are 7 hours apart.  I know Germany is east of Greenwich England, but I didn't know how far.  I'll be going to bed soon, you're probably getting up soon.  Here, its still today.  But where you are at, looking at me, its yesterday.

Bill

Hey, one more question.  How did you put that scroll box into your post?

Hi Bill,

for special effects in postings have a look at https://forum.openwrt.org/help.php?section=bbcode
On the right side of the posting window there is: You may use: BBCode Images Smilies

Sorry I forgot: nslookup on Debian, LMDE, Ubuntu ... living in the past (no IPv6 support)
Don't know on other Distro's. There are other funny things in WS-Distro's (i.e. DHCP problems, DNS problems, IPv6 support....)
That's one reason why I still prefere Windows (but never Win 8).

Back to the problem.
What I read out of your listings:
1.) Registered IP (what the internet see) everything is fine in scripts, Luci, console and workstation (on my side)
2.) CurrentIP detected via wan6 works ok
3.) CurrentIP detected via http://checkipv6.dyndns.com works fine as long your providers proxy is disabled.
4.) The HE's url entry in /usr/lib/ddns/services is correct and can be used for IPv6 also (copy to services_ipv6)

So the next things to do:
You stated that you could set AAAA record at HE by hand.
Try to set your AAAA record at HE by hand to Google's IPv6 (ipv6.google.com) addr (without ddns scripts running)
Or use any other IPv6 addr you like.
Check how long it takes until the 3 test entrys in /etc/config/ddns show this address in LuCI status pages.
"test_he" should show quickly (I think inside 1 minute) because we use HE's dns server.
If not please check with HE why.

As long as we don't know how long it takes until the internet recognise the new address, it make no sence to continue.
And it has nothing to do with you providers proxy for the moment.

Good luck
Christian

Chris,

If I understand what you want me to do correctly, this is what I've done.

There are no ddns processes running.
root@OpenWrt config# ps | grep ddns
22417 root      1532 S    grep ddns

This I copied from the Dynamic DDNS page in Luci.

Overview
Below is a list of configured DDNS configurations and their current state
Configuration    Host / Domain
Registered IP    Enabled    Process ID
Next Update    Start / Stop    
                   
test_nodns   
ayankeeindixie.com
2001:5b0:2d5a:3820:c63d:c7ff:fe97:f0fa
run once
   
test_google
ayankeeindixie.com
2001:5b0:2d5a:3820:c63d:c7ff:fe97:f0fa
run once
   
test_he
ayankeeindixie.com
2001:5b0:2d5a:3820:c63d:c7ff:fe97:f0fa
run once

Each of those are reporting the Registered IP as being the current wan6 IP   

root@OpenWrt config# ifstatus wan6
{
    "up": true,
    "pending": false,
    "available": true,
    "autostart": true,
    "uptime": 2469,
    "l3_device": "eth1",
    "proto": "dhcpv6",
    "device": "eth1",
    "metric": 0,
    "delegation": true,
    "ipv4-address": [
       
    ],
    "ipv6-address": [
        {
            "address": "2001:5b0:2d5a:3820:c63d:c7ff:fe97:f0fa",
            "mask": 64,
            "preferred": 10,
            "valid": 280
        },


I looked up the address of ipv6.google.com
sligo bill # dig aaaa ipv6.google.com

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> aaaa ipv6.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6805
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;ipv6.google.com.        IN    AAAA

;; ANSWER SECTION:
ipv6.google.com.    1200    IN    CNAME    ipv6.l.google.com.
ipv6.l.google.com.    300    IN    AAAA    2607:f8b0:4007:802::1002



I made the change, by hand in the HE nameserver.  The webpage reported that the address had been updated.  Hurricane Electric's mailing address is in California.  It looks like their servers are set to Pacific Time (UTC-8).  I made the change at :05 minutes past the hour.

Raw AXFR output from ns1.he.net

; ayankeeindixie.com Dumped Fri Jul 25 10:05:17 2014
;
ayankeeindixie.com.    86400    IN    SOA    ns1.he.net. hostmaster.he.net. (
                    2014072501    ;serial
                    10800        ;refresh
                    1800        ;retry
                    604800        ;expire
                    86400    )    ;minimum
ayankeeindixie.com.    86400    IN    NS    ns1.he.net.
ayankeeindixie.com.    86400    IN    NS    ns2.he.net.
ayankeeindixie.com.    86400    IN    NS    ns3.he.net.
ayankeeindixie.com.    86400    IN    NS    ns4.he.net.
ayankeeindixie.com.    86400    IN    NS    ns5.he.net.
ayankeeindixie.com.    300    IN    AAAA    2607:f8b0:4007:802::1002


Running nslookup interactively on my laptop, shows the update has taken place.

sligo bill # nslookup
> server ns1.he.net
Default server: ns1.he.net
Address: 216.218.130.2#53
> set q=any
> ayankeeindixie.com
Server:        ns1.he.net
Address:    216.218.130.2#53

ayankeeindixie.com    nameserver = ns3.he.net.
ayankeeindixie.com    has AAAA address 2607:f8b0:4007:802::1002
ayankeeindixie.com    nameserver = ns4.he.net.
ayankeeindixie.com
    origin = ns1.he.net
    mail addr = hostmaster.he.net
    serial = 2014072501
    refresh = 10800
    retry = 1800
    expire = 604800
    minimum = 86400
ayankeeindixie.com    nameserver = ns2.he.net.
ayankeeindixie.com    nameserver = ns1.he.net.
ayankeeindixie.com    nameserver = ns5.he.net.
>

Running nslookup from a console window of the router

root@OpenWrt config# date;nslookup ayankeeindixie.com
Fri Jul 25 12:09:05 CDT 2014
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

Name:      ayankeeindixie.com
Address 1: 2001:5b0:2d5a:3820:c63d:c7ff:fe97:f0fa ayankeeindixie.com
root@OpenWrt config# date;nslookup ayankeeindixie.com ns1.he.net
Fri Jul 25 12:09:24 CDT 2014
Server:    216.218.130.2
Address 1: 216.218.130.2 ns1.he.net

Name:      ayankeeindixie.com
Address 1: 2001:5b0:2d5a:3820:c63d:c7ff:fe97:f0fa


I've allowed the router to sit while I watched it, waiting for a change in the status of the Registered IP shown in Luci.  It has been over 1/2 hour and Luci shows no change.

(I'm writing this response off-line.  Weather is affecting my internet service, this is why you'll see a big difference in time stamps.)

My network connection has been out of service for over an hour.  Once it was restored, it appears that the router is now seeing the change.  Weather radar is showing the storms moving out of the area.  Once the weather has cleared, I'll reboot the router, change the address again in the HE servers and wait to see how long, it takes the router to update.

root@OpenWrt config# date;nslookup ayankeeindixie.com ns2.he.net
Fri Jul 25 13:51:55 CDT 2014
Server:    216.218.131.2
Address 1: 216.218.131.2 ns2.he.net

Name:      ayankeeindixie.com
Address 1: 2607:f8b0:4007:802::1002 lax17s01-in-x02.1e100.net
root@OpenWrt config#

Overview
Below is a list of configured DDNS configurations and their current state
Configuration    Host / Domain
Registered IP    Enabled    Process ID
Next Update    Start / Stop                   
test_nodns
ayankeeindixie.com
2001:5b0:2d5a:86c0:c63d:c7ff:fe97:f0fa
run once
   
test_google
ayankeeindixie.com
2607:f8b0:4007:802::1002
run once
   
test_he
ayankeeindixie.com
2607:f8b0:4007:802::1002
run once
   
Bill

Chris,

I seem to recall folks complaining on the Hughesnet forums, about slow access to web pages.  The solution was to reboot the router, to clear its cache.  I don't know if that affected the time it took to update or not.  Also, I had restored a backup config file into the router this morning, this made dnsmasq authoratative again, with the wan6 address being assigned to the ayankeeindixie.com domain name.

I've removed those settings from dnsmasq.  The storms have cleared out.  I'm rebooting the Hughes modem and I'm rebooting the OpenWRT router, and starting the tests again.


Address changed at HE nameservers, new address fe80::2a

Raw AXFR output from ns1.he.net

; ayankeeindixie.com Dumped Fri Jul 25 13:28:35 2014
;
ayankeeindixie.com.    86400    IN    SOA    ns1.he.net. hostmaster.he.net. (
                    2014072503    ;serial
                    10800        ;refresh
                    1800        ;retry
                    604800        ;expire
                    86400    )    ;minimum
ayankeeindixie.com.    86400    IN    NS    ns1.he.net.
ayankeeindixie.com.    86400    IN    NS    ns2.he.net.
ayankeeindixie.com.    86400    IN    NS    ns3.he.net.
ayankeeindixie.com.    86400    IN    NS    ns4.he.net.
ayankeeindixie.com.    86400    IN    NS    ns5.he.net.
ayankeeindixie.com.    300    IN    AAAA    fe80::2a
   

nslookup interactive on laptop shows the address updated.

sligo bill # nslookup
> server ns1.he.net
Default server: ns1.he.net
Address: 216.218.130.2#53
> set q=any
> ayankeeindixie.com
Server:        ns1.he.net
Address:    216.218.130.2#53

ayankeeindixie.com
    origin = ns1.he.net
    mail addr = hostmaster.he.net
    serial = 2014072503
    refresh = 10800
    retry = 1800
    expire = 604800
    minimum = 86400
ayankeeindixie.com    nameserver = ns2.he.net.
ayankeeindixie.com    nameserver = ns5.he.net.
ayankeeindixie.com    has AAAA address fe80::2a
ayankeeindixie.com    nameserver = ns4.he.net.
ayankeeindixie.com    nameserver = ns3.he.net.
ayankeeindixie.com    nameserver = ns1.he.net.
>

nslookup run on the router does not show the change yet.

root@OpenWrt ~# date;nslookup ayankeeindixie.com
Fri Jul 25 15:29:18 CDT 2014
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

Name:      ayankeeindixie.com
Address 1: fe80::b6b5:2fff:fe92:862a
root@OpenWrt ~# date;nslookup ns1.he.net ayankeeindixie.com
Fri Jul 25 15:29:50 CDT 2014
Server:    fe80::b6b5:2fff:fe92:862a
Address 1: fe80::b6b5:2fff:fe92:862a

nslookup: bad address 'ayankeeindixie.com'

Dynamic DDNS page from Luci; does not show change yet.

Overview
Below is a list of configured DDNS configurations and their current state
Configuration    Host / Domain
Registered IP    Enabled    Process ID
Next Update    Start / Stop    
                   
test_nodns
ayankeeindixie.com
fe80::b6b5 2fff:fe92:862a
run once
   
test_google
ayankeeindixie.com
fe80::b6b5 2fff:fe92:862a
run once
   
test_he
ayankeeindixie.com
fe80::b6b5 2fff:fe92:862a
run once
   
-----------------------------------------------------
root@OpenWrt ~# date;nslookup ayankeeindixie.com
Fri Jul 25 16:18:12 CDT 2014
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

Name:      ayankeeindixie.com
Address 1: fe80::b6b5:2fff:fe92:862a


Its been almost 50 minutes.  The addresses displayed in Luci have not changed.  nslookup on the router is still pointing at the old address.

I'm going to reboot the Hughes modem, once more.



During the Hughes reboot the Luci interface did not show an IP address.

Overview
Below is a list of configured DDNS configurations and their current state
Configuration    Host / Domain
Registered IP    Enabled    Process ID
Next Update    Start / Stop    
                   
test_nodns
no IP found
run once
   
test_google
no IP found
run once
   
test_he
no IP found
run once
   
   

As soon as the Hughes modem came back on line, the Luci interface updated with the new address and nslookup from the router reported the new address.


Overview
Below is a list of configured DDNS configurations and their current state
Configuration    Host / Domain
Registered IP    Enabled    Process ID
Next Update    Start / Stop    
                   
test_nodns
ayankeeindixie.com
fe80::2a
run once
   
test_google
ayankeeindixie.com
fe80::2a
run once
   
test_he
ayankeeindixie.com
fe80::2a
run once
   
   
root@OpenWrt ~# date;nslookup ayankeeindixie.com
Fri Jul 25 16:18:12 CDT 2014
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

Name:      ayankeeindixie.com
Address 1: fe80::b6b5:2fff:fe92:862a
root@OpenWrt ~# date;nslookup ayankeeindixie.com
Fri Jul 25 16:22:01 CDT 2014
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

Name:      ayankeeindixie.com
Address 1: fe80::2a
   
   
It looks like I need to find out how to point the router's dns (dnsmasq I assume) at nameservers other than the one catched in the Hughes modem.

Bill

Chris,

I've added these lines to the dnsmasq.conf file:

all-servers
server=85.159.112.212    # ns2.he.net
server=8.8.8.8        # google
server=2001:470:300::2    # ns3.he.net

The all-servers switch is to make dnsmasq querry all available nameservers and use the first answer.  Looking at my logfile, it seems to me that this is working, bypassing the nameserver in the Hughes modem.  I'll try the tests one more time.

Raw AXFR output from ns1.he.net

; ayankeeindixie.com Dumped Fri Jul 25 15:18:36 2014
;
ayankeeindixie.com.    86400    IN    SOA    ns1.he.net. hostmaster.he.net. (
                    2014072504    ;serial
                    10800        ;refresh
                    1800        ;retry
                    604800        ;expire
                    86400    )    ;minimum
ayankeeindixie.com.    86400    IN    NS    ns1.he.net.
ayankeeindixie.com.    86400    IN    NS    ns2.he.net.
ayankeeindixie.com.    86400    IN    NS    ns3.he.net.
ayankeeindixie.com.    86400    IN    NS    ns4.he.net.
ayankeeindixie.com.    86400    IN    NS    ns5.he.net.
ayankeeindixie.com.    300    IN    AAAA    fe80::ffff:2a
   


bill@sligo:~$ nslookup
> server ns1.he.net
Default server: ns1.he.net
Address: 216.218.130.2#53
> set q=any
> ayankeeindixie.com
Server:        ns1.he.net
Address:    216.218.130.2#53

ayankeeindixie.com    nameserver = ns3.he.net.
ayankeeindixie.com    nameserver = ns5.he.net.
ayankeeindixie.com    nameserver = ns1.he.net.
ayankeeindixie.com
    origin = ns1.he.net
    mail addr = hostmaster.he.net
    serial = 2014072504
    refresh = 10800
    retry = 1800
    expire = 604800
    minimum = 86400
ayankeeindixie.com    nameserver = ns4.he.net.
ayankeeindixie.com    nameserver = ns2.he.net.
ayankeeindixie.com    has AAAA address fe80::ffff:2a

Luci is not updating the Registered IP.

Here is a portion of my dnsmasq.log.  It looks like ayankeeindixie.com is being saved in the cache of 127.0.0.1.

Jul 25 17:24:54 dnsmasq[1414]: query[A] ayankeeindixie.com from 127.0.0.1
Jul 25 17:24:54 dnsmasq[1414]: forwarded ayankeeindixie.com to 2001:470:300::2
Jul 25 17:24:54 dnsmasq[1414]: forwarded ayankeeindixie.com to 8.8.8.8
Jul 25 17:24:54 dnsmasq[1414]: forwarded ayankeeindixie.com to 85.159.112.212
Jul 25 17:24:54 dnsmasq[1414]: forwarded ayankeeindixie.com to 192.168.0.1
Jul 25 17:24:54 dnsmasq[1414]: forwarded ayankeeindixie.com to fd0d:edc3:e12a::1
Jul 25 17:24:54 dnsmasq[1414]: query[PTR] a.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa from 127.0.0.1
Jul 25 17:24:54 dnsmasq[1414]: forwarded a.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa to 2001:470:300::2
Jul 25 17:24:54 dnsmasq[1414]: forwarded a.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa to 8.8.8.8
Jul 25 17:24:54 dnsmasq[1414]: forwarded a.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa to 85.159.112.212
Jul 25 17:24:54 dnsmasq[1414]: forwarded a.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa to 192.168.0.1
Jul 25 17:24:54 dnsmasq[1414]: forwarded a.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa to fd0d:edc3:e12a::1
Jul 25 17:24:54 dnsmasq[1414]: query[PTR] a.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa.lan from 127.0.0.1
Jul 25 17:24:54 dnsmasq[1414]: config a.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa.lan is NXDOMAIN
Jul 25 17:24:55 dnsmasq[1414]: query[AAAA] ns1.he.net from 127.0.0.1
Jul 25 17:24:55 dnsmasq[1414]: forwarded ns1.he.net to 2001:470:300::2
Jul 25 17:24:55 dnsmasq[1414]: forwarded ns1.he.net to 8.8.8.8
Jul 25 17:24:55 dnsmasq[1414]: forwarded ns1.he.net to 85.159.112.212
Jul 25 17:24:55 dnsmasq[1414]: forwarded ns1.he.net to 192.168.0.1
Jul 25 17:24:55 dnsmasq[1414]: forwarded ns1.he.net to fd0d:edc3:e12a::1
Jul 25 17:24:55 dnsmasq[1414]: query[A] ns1.he.net from 127.0.0.1
Jul 25 17:24:55 dnsmasq[1414]: cached ns1.he.net is 216.218.130.2
Jul 25 17:24:55 dnsmasq[1414]: query[AAAA] google-public-dns-a.google.com from 127.0.0.1
Jul 25 17:24:55 dnsmasq[1414]: cached google-public-dns-a.google.com is 2001:4860:4860::8888
Jul 25 17:24:55 dnsmasq[1414]: query[A] google-public-dns-a.google.com from 127.0.0.1
Jul 25 17:24:55 dnsmasq[1414]: cached google-public-dns-a.google.com is 8.8.8.8
Jul 25 17:24:56 dnsmasq[1414]: query[AAAA] ayankeeindixie.com from 127.0.0.1
Jul 25 17:24:56 dnsmasq[1414]: cached ayankeeindixie.com is fe80::2a


/etc/resolv.conf is a link to /tmp/resolv.conf, this file contains the entry nameserver 127.0.0.1

I don't know where the "real" file that /tmp/resolv.conf come from.  Its my understanding that /tmp is erased on each reboot.  If I can get the router to bypass the cached info in 127.0.0.1, I think we might see updates in Luci.

Bill

Hi Bill,
I just come home from a party and read your posting.
I want to give you a short feedback what my windows box can see.

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Alle Rechte vorbehalten.

C:\Users\christianb>nslookup ayankeeindixie.com
Server:  CS09-Router.cshome.lan
Address:  fd43:5368:6f6d:6500::1

Name:    ayankeeindixie.com
Address:  fe80::ffff:2a


C:\Users\christianb>nslookup ayankeeindixie.com google-public-dns-a.google.com
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    ayankeeindixie.com
Address:  fe80::ffff:2a


C:\Users\christianb>nslookup ayankeeindixie.com ns1.he.net
Server:  ns1.he.net
Address:  216.218.130.2

Name:    ayankeeindixie.com
Address:  fe80::ffff:2a


C:\Users\christianb>time
Aktuelle Zeit:  0:41:36,11
Geben Sie die neue Zeit ein:
C:\Users\christianb>date
Aktuelles Datum: 26.07.2014
Geben Sie das neue Datum ein: (TT-MM-JJ)
C:\Users\christianb>

I'll continue tomorrow to think about.

Christian

Hi Bill,

I wrote a little script dynamic_ddns_diaghelper.sh, which will be extended and part of release (if acceppted).

#!/bin/sh
#set -vx    # script-debugger

### Please uncomment the line with the NAMESERVER to use or edit on
### no spaces around "=" and don't forget double quotes around name or ip address
# NAMESERVER=""                    # take the systems default
# NAMESERVER="localhost"            # local machine
# NAMESERVER="resolver1.opendns.com"        # opendns public dns
# NAMESERVER="google-public-dns-a.google.com"    # Google public dns
# NAMESERVER="ordns.he.net"            # Hurricane Electric public dns
# NAMESERVER="ns1.he.net"            # not a public dns-server
NAMESERVER="palmnut-dns.exetel.com.au"        # Australian DNS server

### Put here the data from your DDNS Provider (between double quotes)
DOMAIN="ayankeeindixie.com"
USERNAME=""
PASSWORD=""
### IP to send to your provider - Valid IPv4 or IPv6 address
IP=""    

# Hurricane Electric Dynamic DNS
URL="http://$DOMAIN:$PASSWORD@dyn.dns.he.net/nic/update?hostname=$DOMAIN&myip=$IP" 

# Securepoint Dynamic-DNS-Service    (http://www.spdns.de)
# URL="http://$USERNAME:$PASSWORD@update.spdns.de/nic/update?hostname=$DOMAIN&myip=$IP"

##### PLEASE NO CHANGES BLOW THIS LINE #########################################

IP_REGEX="[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}"
IPV4=$(echo $IP | grep -m 1 -o "$IP_REGEX")
[ -z "$IPV4" ] && IP_REGEX="\(\([0-9A-Fa-f]\{1,4\}:\)\{1,\}\)\(\([0-9A-Fa-f]\{1,4\}\)\{0,1\}\)\(\(:[0-9A-Fa-f]\{1,4\}\)\{1,\}\)"

TIME=0
echo ""
/usr/bin/wget -q -O - "$URL" || {
    echo -e "\n\tERROR updating your DDNS provider ! Check parameters !\n"
    exit 1    # exit on error
}

echo -e "\n\tWaiting for IP change of '$DOMAIN' on nameserver '$NAMESERVER'"
START_IP=$(nslookup $DOMAIN $NAMESERVER) || {
    echo -e "\n\tERROR in nslookup ! Please check error message !\n"
    exit 1    # exit on error
}
START_IP=$(echo "$START_IP" | sed '1,2d' | grep -o "Name:\|Address.*" | grep -m 1 -o "$IP_REGEX")

echo -e "\tCurrentIP: $START_IP"
[ -z $START_IP ] && exit 1

STOP_IP=$START_IP
until [ "$START_IP" != "$STOP_IP" ]; do
    sleep 1
    STOP_IP=`nslookup $DOMAIN $NAMESERVER 2>/dev/null | sed '1,2d' | grep -o "Name:\|Address.*" | grep -m 1 -o "$IP_REGEX"`
    TIME=$(( $TIME + 1 ))
    echo -n -e "\b\b\b\b\b\t$TIME"
done

echo -n -e "\b\b\b\b\b"
echo -e "\t    NewIP: $STOP_IP"
echo -e "\t     Time: $TIME loops (1 second wait time)\n"

Attention:
No linebreak in line 31: [ -z "$IPV4" ] && IP_REGEX=
No linebreak in line 53: STOP_IP=`nslookup ....

Functionality:
You set your account data at USER="", PASSWORD="", DOMAIN=""
You set an NEW IPv4/IPv6 addr (of your choise) inside IP=""
The script send the update to HE (NO HTTPS !!! no additional problems / works with BusyBox wget inside openwrt basebuild)
Reads current IP from network
Wait 1 second
Reread
loop until address changed

I checked with my provider spdns.de
It takes up to 190 loops/seconds with various NAMESERVER until change was seen on the network.
Luci shows update as soon the scripts finish.
I modified ddns config to use various dns_server for the same service and I see that Luci updates NOT on the same time.
Using Google's dns server I found out that the update is not constant after the first correct detection.
This might be a problem of multihomed servers not yet in sync, but after around 3 minutes it stabilize.

Using nslookup should not involve local dnsmasq if a NAMESERVER is given.
So no need to change resolve.conf.
ns??.he.net servers are not public, so I test the public one and all went good.
I think you should not use non-public servers.
I also disable cache and modify ttl settings of dnsmasq => no effect on nslookup from routers console.

Possibly your ISP routes dns/nslookup requests to other (there own) servers ?
(providing filters, familiy friendly, no "sex", no "crime" and so on.)

Try
Christian

Chris,

When you told me that it should not matter which version of OpenWRT I use and that your script prefered wget over curl; I flashed back to arokh's OpenWrt Barrier Breaker r41683 / LuCI Trunk (svn-r10459).  All the results I sent yesterday were using this build.  In addition to the changes to the dnsmasq.conf file I made yesterday, I also add in the -R switch so that dnsmasq would not look at the /etc/resolv.conf file.

Today, I've copied your script.  You did not provided specifics, so I copied it into /usr/lib/ddns.  I chmod 755.

I killed any running ddns scripts that were running.  I then logged into the HE website and changed the address of ayankeeindixie.com to 2001:4860:4860::8888, google's nameserver address.

From my laptop, I verified the change had taken effect

bill@sligo:~$ nslookup -type=aaaa ayankeeindixie.com
Server:        2001:5b0:2d5a:8fcc::1
Address:    2001:5b0:2d5a:8fcc::1#53

ayankeeindixie.com    has AAAA address 2001:4860:4860::8888

I added my username and password to your script as indicated.  I left the nameserver as you had set; palmnut-dns.exetel.com.au.

From a console window of the router:
root@OpenWrt ddns# ./dynamic_ddns_diaghelper.sh


    ERROR updating your DDNS provider ! Check parameters !

I did not not how long this took, but it was not immediate.
I then changed the nameserver to ns1.he.net and ran it again.

root@OpenWrt ddns# ./dynamic_ddns_diaghelper.sh


    ERROR updating your DDNS provider ! Check parameters !

I then decided to check the condition of my Hughes modem.  The proxy server was enabled.  I disabled the proxyserver and ran the script again, still with the ns1.he.net nameserver setting.  This time

root@OpenWrt ddns# ./dynamic_ddns_diaghelper.sh

good 2001:5b0:2d5a:8fc0:c63d:c7ff:fe97:f0fa
    Waiting for IP change of 'ayankeeindixie.com' on nameserver 'ns1.he.net'
    CurrentIP: 2001:4860:4860::8888
        420

When the counter reached about 300, I checked the status of the HE nameserver, the change had been applied.  I failed to note the time that I started the script, but I think it was less than 2 minutes when the change happened.
Raw AXFR output from ns1.he.net

; ayankeeindixie.com Dumped Sat Jul 26 11:27:48 2014
;
ayankeeindixie.com.    86400    IN    SOA    ns1.he.net. hostmaster.he.net. (
                    2014072601    ;serial
                    10800        ;refresh
                    1800        ;retry
                    604800        ;expire
                    86400    )    ;minimum
ayankeeindixie.com.    86400    IN    NS    ns1.he.net.
ayankeeindixie.com.    86400    IN    NS    ns2.he.net.
ayankeeindixie.com.    86400    IN    NS    ns3.he.net.
ayankeeindixie.com.    86400    IN    NS    ns4.he.net.
ayankeeindixie.com.    86400    IN    NS    ns5.he.net.
ayankeeindixie.com.    300    IN    AAAA    2001:5b0:2d5a:8fc0:c63d:c7ff:fe97:f0fa

however, the script kept counting and the Luci Overview has not reflected the change having taken place.

For some reason I don't understand, I lost communication with that console window, so I opened another, then killed the running script.  At this time, Luci is still not reporting an update having happened.

Bill

Sorry, posts 26 to 25 are missing from our archive.