Show Posts
1
22.1 Legacy Series / Re: os-ddclient
« on: March 16, 2022, 08:12:55 am »
Dear OPNsense team,
dear OPNsense users.
regarding the ddclient issue: i have a very bad feeling.
Let me start by this: i came here because a friend of mine referred me to m0n0wall on pcengines boards somewhen close after teh year 2000. I have been running m0n0 - pf -OPNsense since then.
I originally stayed witho an older deprecated version of m0n0, because Manuel back then decided - for some obscure reason - to outrun and drop support for openVPN. That in turn yanked m0n0 out on one of my customers, since they needed road warrior VPN, so openVPn went to the linux box, the m0n0 got replaced by a terribly complicated and therefore less secure (more prone to mistake) and expensive semi-professional router/firewall, sold by german telecom, who could not be arsed to set it up properly with all the needed features. Privately, i stayed with m0n0 as long as needed, and the switched to pf a.s.a.p.
Do not get me wrong: I am still thankful to Manuel for the years and years of support and work he gave to the world! The decision with openVPN was wrong _from my perspective_, i didn't discuss and didn't hear or see his side back then or now.
I got away from PFsense to opnsense, well, i am not alone here, eh?
Now with the ddclient, i have the fear i run into a bit similar situation like back then with openVPN.
I haven't gotten too far into testing ddclient. Thanks toxic for pointing this out:
I run multi-WAN.
I run ipv6 with He.net.
I run my dns with gandi.
I fear i am completely in the sh**s with ddclient.
The underlying issue seems to be that neither ddclient nor the "old" software as packages seem well funded and set up in a sustainable way from an open source project perspective? Am i right?
Now, since the functionality is at the very core of, or let's call it hard requirement, for a router/firewall system: i can understand that the OPNsense team does not want to rely on a project, that is not in a good shape.
I dare to expect, though, that the team then acknowledge and address the issues arising, and make sure their replacement covers at least all the use cases the old product had covered!
So, i'm all ok with deciso adopting whatever piece of dyn-dns project they decide to fit their process best. You need funding? I am willing to donate a bit. But only if i see gandi and HE.net, and with a reasonably smooth transition.
best regards to all
xlf
dear OPNsense users.
regarding the ddclient issue: i have a very bad feeling.
Let me start by this: i came here because a friend of mine referred me to m0n0wall on pcengines boards somewhen close after teh year 2000. I have been running m0n0 - pf -OPNsense since then.
I originally stayed witho an older deprecated version of m0n0, because Manuel back then decided - for some obscure reason - to outrun and drop support for openVPN. That in turn yanked m0n0 out on one of my customers, since they needed road warrior VPN, so openVPn went to the linux box, the m0n0 got replaced by a terribly complicated and therefore less secure (more prone to mistake) and expensive semi-professional router/firewall, sold by german telecom, who could not be arsed to set it up properly with all the needed features. Privately, i stayed with m0n0 as long as needed, and the switched to pf a.s.a.p.
Do not get me wrong: I am still thankful to Manuel for the years and years of support and work he gave to the world! The decision with openVPN was wrong _from my perspective_, i didn't discuss and didn't hear or see his side back then or now.
I got away from PFsense to opnsense, well, i am not alone here, eh?
Now with the ddclient, i have the fear i run into a bit similar situation like back then with openVPN.
I haven't gotten too far into testing ddclient. Thanks toxic for pointing this out:
I just wanted to list some of my gripes with the ddclient :
- there is no widget for it on the dashboard
- it does not provide a way to check that the public DNS has the proper IP
- it doesn't play nice with multi-WAN and NAT
- there is no way to force an update
- settings are less granular (general verbosity vs per account, same for checkip provider)
- not all checkip providers that were supported are still provided
I run multi-WAN.
I run ipv6 with He.net.
I run my dns with gandi.
I fear i am completely in the sh**s with ddclient.
The underlying issue seems to be that neither ddclient nor the "old" software as packages seem well funded and set up in a sustainable way from an open source project perspective? Am i right?
Now, since the functionality is at the very core of, or let's call it hard requirement, for a router/firewall system: i can understand that the OPNsense team does not want to rely on a project, that is not in a good shape.
I dare to expect, though, that the team then acknowledge and address the issues arising, and make sure their replacement covers at least all the use cases the old product had covered!
So, i'm all ok with deciso adopting whatever piece of dyn-dns project they decide to fit their process best. You need funding? I am willing to donate a bit. But only if i see gandi and HE.net, and with a reasonably smooth transition.
best regards to all
xlf