OPNsense Forum
English Forums => 23.7 Legacy Series => Topic started by: rfox on August 01, 2023, 02:13:51 pm
-
I was using the legacy client before the upgrade to 23.7 - de-installed it and installed the ddclient version before the upgrade. After upgrade, if I use ddclient backend - the service does not start ?!? If I use opnsense backend - it starts, but nothing happens with my DynDNS account (nothing updates and no log information) - Something is broken . . .
-
Full Ack at my side
(https://forum.opnsense.org/index.php?topic=34460.0) But I don't want to hijack this.
Perhaps it is better to discuss this topic here instead of my old post.
-
If you don't see logs or the service doesn't start it's very likely misconfigured which could be due to any number of things. The best is to make a precise bug report. We are already fixing reported problems for every release, but it's also perfectly possible to get both backends to run successfully already.
Cheers,
Franco
-
Dear Franco,
where can I find the logs for backend opnsense? In GUI-Logs (services->dyndns->logs) there are "0" entries
Can I find better (verbose) logs for backend dd-client somewhere else - here I can find some entries but nothing on how the external IP was determined and nothing about starting issues.
Just as a short follow-up: I deactivated both entries in my dyndns settings and reacivated them afterwards (without changing anything - just deactivate and activate). After that, backend opnsense works again (but I think with errors - I will have a look in the evening)
-
Just give a full configuration for ddclient (including which backend) with password/api key scrubbed. It should be 100% reproducible if the service does not start / refuses logging.
I've found a few such as this one: https://github.com/opnsense/plugins/commit/1bb755686884
Also one problem is if you move between backends your configuration can become invalid because not all services are available in the other backend.
Cheers,
Franco
-
Okay - which backend do you recommend ddclient or opnsense? (when switching between both could lead to errors I want to test with the recommended one).
-
Pick one that supports your provider, if both are available I recommend OPNsense backend (going to be called "native" in the next update 23.7.2 for clarity).
Delete ALL service entries, add one that you think doesn't work and see if the service starts / starts logging.
If not let me know the details of how this was set up and I will try to reproduce it.
Cheers,
Franco
-
Dear Franco,
my ddclient.json looks like this:
{
"general": {
"enabled": true,
"verbose": false,
"allowipv6": false,
"daemon_delay": 300
},
"accounts": [
{
"id": "02fda82b-84dd-44df-bdf1-f6dfca902ce6",
"service": "custom",
"protocol": "dyndns2",
"server": "dyndns.kasserver.com",
"resourceId": "",
"username": "ABC",
"password": "ABC",
"hostnames": "test.ABC.de",
"wildcard": false,
"zone": "",
"checkip": "if",
"checkip_timeout": 30,
"force_ssl": true,
"interface": "vmx1_vlan200",
"description": "All-inkl DDNS Test"
}
]
}
service is started and no log is produced (force_ssl true as well as false).
Backend: opnsense/native :-)
GUI: Fields "updated: 1970-01-01T01:00:00+01:00" "Current IP: empty"
(But it seems to update the IP.)
-
You may want to check it out after 23.7.2 comes out in the next 24/48 hours as seems to be the case.
-
"checkip": "if",
"interface": "vmx1_vlan200",
So here is the deal: if you select the address of the interface it will only update using a global address. As soon as NAT is involved here on IPv4 your address for "vmx1_vlan200" is very likely not global. Use "freedns" service instead and set "interface" to "none" (it works with force_ssl for extra security).
Cheers,
Franco
-
Use "freedns" service instead and set "interface" to "none" (it works with force_ssl for extra security).
Dear Franco,
thanks a lot. I will test this (also with 23.7.2) and report.
One question in advance - I have 2 WAN interfaces as well as 1 VPN tunnel (which is possibly a third gateway). I want to use external IP of gateway/interface A (connected to the selected interface). How can I achieve this when deselecting interface?
Thanks a lot.
-
Ok, well, if you use multi-WAN it's possible to use the "Interface" selection which does get passed to the curl command underneath:
https://github.com/opnsense/plugins/blob/dc06d5837f38e80308ec1abb5bceb65422504020/dns/ddclient/src/opnsense/scripts/ddclient/lib/address.py#L79-L81
BUT be aware that this is more or less binding on the outgoing address, but doesn't mean it will go out the correct interface depending on how policy based routing, default gateway switching or FRR daemon is set up.
Cheers,
Franco
-
After Update I have some log-entries
(Warning ddclient Account ABC [custom - a.a.io] no global IP address detected, check config if warning persists)
GUI "Updated" and "Current IP" is still empty.
-
https://forum.opnsense.org/index.php?topic=35142.msg172567#msg172567
-
... okay, seems to work now ...
I'll observe it the next days...
Thanks a lot
-
:)