Show Posts
1
23.1 Legacy Series / ddclient does not respect nochg after update to opnsense 23.1.4_1
« on: March 28, 2023, 08:38:12 am »
I have been using opnsense for a while now, including the old dyndns and recently also the ddclient dyndns service.
After the latest update to 23.1.4_1, I got a notification from my dyndns provider (do.de), that I have been temporarily blocked due to a rate limit on unnecessary updates.
The used general configuration is:
It is enabled and set to verbose, IPv6 is not enabled, the interval is set to 300 and the backend is set to ddclient
The used account is set to the following values:
Service: Custom
Protocol: DynDns2
Server: ddns.do.de
resourceId: <Empty>
Username: <My do.de flexDNS username>
Password: ***
Wildcard: Not set
Hostnames: <My hostname as configured with do.de>
Check ip method: Interface
Check ip timeout: 10
Force SSL: Yes
Interface to monitor: WAN
Description: -
I know that the parameters are correct in the sense of I can see that username and password match as do.de logs the requests. But all of these requests repeat the (already set) IP.
The logs in the Dynamic DNS section of opnsense show (read from bottom to top):
Prior to the update I just got messages confirming that the IP address is already set and no update is performed in the log.
Directly after the update I see an additional:
Even with the leftover ddclient cache file I would expect ddclient to only try to update once, receive the nochg and update the cache file. Sadly it seems like it does not parse and understand the response correctly and although it even prints a warning that the update was not required after receiving the nochg, it still fails and does not store the state.
This repeats every 5min (300s) until do.de blocks my IP from further updates due to the rate limit on nochg updates.
Has anyone experienced a similar issue? Is there anything I can do about it? Restarting the ddclient multiple times and updating the configuration did not change this behavior so far. While it seems like this would still update my IP every 12 hours (this is the timeout of do,de blocking me from updating the entries), I do not feel good about it beeing 12 hours and would also like to avoid all the unnecessary update messages.
I would be glad about any hints and would be happy to try any suggestions to find a solution to this issue.
After the latest update to 23.1.4_1, I got a notification from my dyndns provider (do.de), that I have been temporarily blocked due to a rate limit on unnecessary updates.
The used general configuration is:
It is enabled and set to verbose, IPv6 is not enabled, the interval is set to 300 and the backend is set to ddclient
The used account is set to the following values:
Service: Custom
Protocol: DynDns2
Server: ddns.do.de
resourceId: <Empty>
Username: <My do.de flexDNS username>
Password: ***
Wildcard: Not set
Hostnames: <My hostname as configured with do.de>
Check ip method: Interface
Check ip timeout: 10
Force SSL: Yes
Interface to monitor: WAN
Description: -
I know that the parameters are correct in the sense of I can see that username and password match as do.de logs the requests. But all of these requests repeat the (already set) IP.
The logs in the Dynamic DNS section of opnsense show (read from bottom to top):
Code: [Select]
2023-03-27T21:05:12 Notice ddclient[35604] 90378 - [meta sequenceId="30"] FAILED: was not updated because protocol <undefined> is not supported.
2023-03-27T21:05:12 Notice ddclient[35604] 88399 - [meta sequenceId="29"] FAILED: updating : unexpected status (0)
2023-03-27T21:05:12 Notice ddclient[35604] 85809 - [meta sequenceId="28"] WARNING: updating : nochg: No update required; unnecessary attempts to change to the current address are considered abusive
2023-03-27T21:05:12 Notice ddclient[35604] 83992 - [meta sequenceId="27"] FAILED: updating <My hostname>: unexpected status (12)
2023-03-27T21:05:12 Notice ddclient[35604] 82923 - [meta sequenceId="26"] RECEIVE:
2023-03-27T21:05:12 Notice ddclient[35604] 81489 - [meta sequenceId="25"] RECEIVE: 0
2023-03-27T21:05:12 Notice ddclient[35604] 79951 - [meta sequenceId="24"] RECEIVE: nochg <My public IP>
2023-03-27T21:05:12 Notice ddclient[35604] 78542 - [meta sequenceId="23"] RECEIVE: 12
2023-03-27T21:05:12 Notice ddclient[35604] 77057 - [meta sequenceId="22"] RECEIVE:
2023-03-27T21:05:12 Notice ddclient[35604] 74365 - [meta sequenceId="21"] RECEIVE: Set-Cookie: coreSID=j2js2kn1f6kac3ub2vah2jikr7; path=/; secure; HttpOnly
2023-03-27T21:05:12 Notice ddclient[35604] 72050 - [meta sequenceId="20"] RECEIVE: Pragma: no-cache
2023-03-27T21:05:12 Notice ddclient[35604] 70777 - [meta sequenceId="19"] RECEIVE: Cache-Control: no-store, no-cache, must-revalidate
2023-03-27T21:05:12 Notice ddclient[35604] 68587 - [meta sequenceId="18"] RECEIVE: Expires: Thu, 19 Nov 1981 08:52:00 GMT
2023-03-27T21:05:12 Notice ddclient[35604] 66912 - [meta sequenceId="17"] RECEIVE: Vary: Accept-Encoding
2023-03-27T21:05:12 Notice ddclient[35604] 63853 - [meta sequenceId="16"] RECEIVE: Connection: close
2023-03-27T21:05:12 Notice ddclient[35604] 61415 - [meta sequenceId="15"] RECEIVE: Transfer-Encoding: chunked
2023-03-27T21:05:12 Notice ddclient[35604] 59381 - [meta sequenceId="14"] RECEIVE: Content-Type: text/html; charset=UTF-8
2023-03-27T21:05:12 Notice ddclient[35604] 57406 - [meta sequenceId="13"] RECEIVE: Date: Mon, 27 Mar 2023 21:05:12 GMT
2023-03-27T21:05:12 Notice ddclient[35604] 54512 - [meta sequenceId="12"] RECEIVE: Server: nginx
2023-03-27T21:05:12 Notice ddclient[35604] 52101 - [meta sequenceId="11"] RECEIVE: HTTP/1.1 200 OK
2023-03-27T21:05:11 Notice ddclient[35604] 49894 - [meta sequenceId="10"] SENDING:
2023-03-27T21:05:11 Notice ddclient[35604] 49894 - [meta sequenceId="9"] SENDING: Connection: close
2023-03-27T21:05:11 Notice ddclient[35604] 49894 - [meta sequenceId="8"] SENDING: User-Agent: ddclient/3.10.0
2023-03-27T21:05:11 Notice ddclient[35604] 49894 - [meta sequenceId="7"] SENDING: Authorization: Basic ***
2023-03-27T21:05:11 Notice ddclient[35604] 49894 - [meta sequenceId="6"] SENDING: Host: ddns.do.de
2023-03-27T21:05:11 Notice ddclient[35604] 49894 - [meta sequenceId="5"] SENDING: GET /nic/update?system=dyndns&hostname=<My hostname>&myip=<My public IP> HTTP/1.1
2023-03-27T21:05:11 Notice ddclient[35604] 47763 - [meta sequenceId="4"] CONNECTED: using SSL
2023-03-27T21:05:11 Notice ddclient[35604] 45780 - [meta sequenceId="3"] CONNECT: ddns.do.de
2023-03-27T21:05:11 Notice ddclient[35604] 44284 - [meta sequenceId="2"] UPDATE: updating <My hostname>
2023-03-27T21:05:11 Notice ddclient[35604] 42548 - [meta sequenceId="1"] INFO: setting IP address to <My public IP> for <My hostname>
I have replaced my hostname with <My hostname>, my IP address with <My public IP> in the log above and replaced the basic authorization string with ***.Prior to the update I just got messages confirming that the IP address is already set and no update is performed in the log.
Directly after the update I see an additional:
Code: [Select]
2023-03-27T07:24:11 Notice ddclient[33712] 46537 - [meta sequenceId="2"] INFO: forcing updating <My hostname> because no cached entry exists.
2023-03-27T07:24:11 Notice ddclient[33712] 41640 - [meta sequenceId="1"] WARNING: file /var/tmp/ddclient.cache, line 1: program version mismatch; ignoring /var/tmp/ddclient.cache
Even with the leftover ddclient cache file I would expect ddclient to only try to update once, receive the nochg and update the cache file. Sadly it seems like it does not parse and understand the response correctly and although it even prints a warning that the update was not required after receiving the nochg, it still fails and does not store the state.
This repeats every 5min (300s) until do.de blocks my IP from further updates due to the rate limit on nochg updates.
Has anyone experienced a similar issue? Is there anything I can do about it? Restarting the ddclient multiple times and updating the configuration did not change this behavior so far. While it seems like this would still update my IP every 12 hours (this is the timeout of do,de blocking me from updating the entries), I do not feel good about it beeing 12 hours and would also like to avoid all the unnecessary update messages.
I would be glad about any hints and would be happy to try any suggestions to find a solution to this issue.