DynDNS with ddclient

[enigmo]

Just running through OpnSense setup for the first time.
Is there any issue with DynDNS.com support in ddclient? I've set up the service much as I had previously on pfsense but I'm seeing some odd errors:
Service: DynDNS.com
Username: <entered>
Password: <client key>
Wildcard: Unchecked
Hostname: <hostname.dyn.com>
Check IP Method: Interface
Check IP Timeout: 10
ForceSSL: Checked
Interface to monitor: WAN

Current IP never gets updated, or a last updated time appear. Also errors in debug log:
FAILED: was not updated because protocol <undefined> is not supported.
FAILED: updating : unexpected status (0)
WARNING: updating : nochg: No update required; unnecessary attempts to change to the current address are considered abusive
FAILED: updating hostname.dyn.com unexpected status (12)
WARNING: found neither IPv4 nor IPv6 address
FAILED: updating hostname.dyn.com: Could not connect to members.dyndns.org.

Has anyone got this working or do people still rely on the older dyndns plugin?

[BISI Sysadmin]

It is my own experience that ddclient does *not* work with paid accounts at dyn.com on OPNSense.  I have 15 clients using the os-dyndns plugin, and have been so doing for many years (long pre-dating opnsense).

I have become increasingly jumpy about the notices in the opnsense updates that the os-dyndns plugin will be discontinued (it is not being updated, from what I can determine), and have made sporadic attempts to get the supposedly-supported ddclient working on my clients' machines, and have always had to give up in favour of actually working code.

I have another deployment at hand that will require dynamic DNS, and have yet again tried and failed to get ddclient working (OPNSense 23.1.3).  My logs show similar failures to your own.  This is the only thread that references both dyndns (the actual service) and ddclient, other than my forlorn post in December.  There are indications that freebsd users have had success, but that has a whole lot of extra flexibility, not available to OPNSense users (like being able to persist some of the troubleshooting parameters in the ddclient.conf file).  Anyway, if I'm not called away by other priorities, I'll try yet again and document what I've done here, and perhaps we can get a little closer to a functional plugin.

There *is* another post in January from franko, one of those that makes me jumpy...
https://forum.opnsense.org/index.php?topic=32081.0

[sToRmInG]

Just running through OpnSense setup for the first time.
Is there any issue with DynDNS.com support in ddclient? I've set up the service much as I had previously on pfsense but I'm seeing some odd errors:
Service: DynDNS.com
Username: <entered>
Password: <client key>
Wildcard: Unchecked
Hostname: <hostname.dyn.com>
Check IP Method: Interface
Check IP Timeout: 10
ForceSSL: Checked
Interface to monitor: WAN

Current IP never gets updated, or a last updated time appear. Also errors in debug log:
FAILED: was not updated because protocol <undefined> is not supported.
FAILED: updating : unexpected status (0)
WARNING: updating : nochg: No update required; unnecessary attempts to change to the current address are considered abusive
FAILED: updating hostname.dyn.com unexpected status (12)
WARNING: found neither IPv4 nor IPv6 address
FAILED: updating hostname.dyn.com: Could not connect to members.dyndns.org.

Has anyone got this working or do people still rely on the older dyndns plugin?

It seems that the protocol is not defined.

Can you check your ddclient.conf (/usr/local/etc/ddclient.conf) for the created entry?

It might be that you have to manually adjust the config.

Here's an example I use for desec.io:

Code Select Expand

syslog=yes                  # log update msgs to syslog
pid=/var/run/ddclient.pid   # record PID in file.
ssl=yes


use=if, if=igb0, \
protocol=dyndns2, \
server=update.dedyn.io, \
login=USERNAME, \
password=PASSWORD \
<DOMAIN>.dedyn.io


You could try either protocol=dyndns1 or protocol=dyndns2.

[chemlud]

...have a look here:

https://forum.opnsense.org/index.php?topic=32355

always check on your dyndns providers side for successful updates, don't trust the logs of the ddns plugin (currently...).

apparently there is a python script to update with dydns2 protocol, didn'T have a look yet and duuno if there is any documentation on this (third option for updating dyndns services) currently available.

https://forum.opnsense.org/index.php?topic=32355.msg157031#msg157031

https://forum.opnsense.org/index.php?topic=32355.msg157587#msg157587

[BISI Sysadmin]

if anybody else is trying to figure out ddclient with dyndns.com, I have figured out what was stopping my very vanilla configuration from working.  See this thread:
https://forum.opnsense.org/index.php?topic=35897
and this:
https://sourceforge.net/p/ddclient/mailman/message/20439031/
Essentially it was the poor password handling of ddclient that broke my >20 year history with dyn(dns).com.  Make sure your password has no spaces and no special characters.  Otherwise ddclient works out of the box.

If you are looking for some fine tuning, and your situation allows it, I would also recommend editing /usr/local/etc/ddclient.conf to use the WAN I/F as the source of the ip address, rather than spamming the dyn.com members server. You would need the WAN port connected directly to the internet, and not behind some other router for this to be useful to you.

When I get a production OPNSense host re-configured (I built a freebsd box as part of the troubleshooting), I will try to remember to update the opnsense 23.7 forum post with an example of what a successful connection looks like from the debug perspective. Knowing *that* would have saved me dozens (or more) hours of fruitless troubleshooting time.

And if anybody figures out how to check dyn.com's logs for their view of the transactions, please let us know (ha ha ha ha ha ha...). Posted their reply to my request for help (which had essentially the same information as the 23.7 forum posting).