dynamic dns client : "unsupported" mode

Support section for FREESCO v0.4.x

dynamic dns client : "unsupported" mode

Postby Island » Thu Apr 10, 2014 4:45 am

Following the news that dyndns is closing its free service, I wanted to use the dynamic dns client in 'unsupported' mode to update a new host record, for our FREESCO gateway on a dynamically assigned IP, in a DNS entry for a domain we already operate. The DNS provider that we use, GratisDNS in Denmark, allows us to remotely update our DNS records, over https, so we can use FREESCO's dynamic dns client to update this record that we've created. That's the plan, anyway.

I've created a new A record in our domain's DNS (with a temporary value of 127.0.0.1, as it happens, but this will change when the record is dynamically updated by the dynamic dns client on FREESCO).

The DNS provider's update command is
Code: Select all
https://ssl.gratisdns.dk/ddns.phtml?u = <username> & p = <password> & d = <domain> & h = <host> & i = <IP>


I've entered this - with the appropriate domain, host, $EXIP, usrname and password (and in the right order) - but the update fails.

Info log reports
Code: Select all
unsupported: failed to update '1.2.3.4'   # obfuscated for posting


(I don't seem to be able to see the actual transaction or its reply). The DynDNS applet in the control panel reports, for 'status', that the hostname is still set to 127.0.0.1 (so the host entry has propagated through the 'net), and notes that the entry should be 1.2.3.4 (obfuscated). 'Update now' from the control panel re-attempts the update, fails, and simply repeats the Info log entry, and the status remains as noted just now.

May I ask two questions?

1. The template offered while setting up the unsupported scheme gives an http example. Can the dynamic dns client also manage with https?

2. A user at GratisDNS (our DNS provider) suggested using wget as a single line command:
Code: Select all
wget 'https://ssl.gratisdns.dk/ddns.phtml?u = <username> & p = <password> & d = <domain> & h = <host> & i = <IP>'

Would this work in FREESCO's dynamic dns client?

Elsewhere, on a Debian list, someone mentioned using 'curl' in a similar notation; I am not familiar with curl so I am not sure whether this might be an option, either.

Grateful for any comments,

regards, Island
Last edited by Island on Sun Apr 13, 2014 5:29 am, edited 1 time in total.
User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm

Re: dynamic dns client : "unsupported" mode

Postby Lightning » Thu Apr 10, 2014 10:44 am

The standard dyndns script will not use https. However as you stated wget can be used and the dyndns script modified to use wget instead of snarf as it does now.

The first thing that I need to know is what version of FREESCO you are using and then I can give you the changes needed.

You will also need to load the wget package and the OpenSSL package on your system.
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12079
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: dynamic dns client : "unsupported" mode

Postby Island » Fri Apr 11, 2014 5:24 am

Lewis, thank you for the fast reply, which is clear.

We have two FREESCOs in use, these are 0.4.2 and 0.4.4 (and we have FRRESCO 0.4.5 on a development machine). The 0.4.2 machine is on a dynamic range and would most benefit from being able to use https for a dynamic ip update. (The 0.4.2 system is also used for fallback to 3G and, due to 3G line-of-sight needs to the cell tower, is in a relatively inaccessible position in the building, and difficult to update the OS which is why it is still at 0.4.2, despite the subsequent FREESCO releases.) Package updates are easy, though, with the package menu system served over SSH. So we'll proceed with wget and openssl.

DynDNS service is continuing until the end of April (I think), so there's some time yet.

Look forward to trying this out.

regards, Island
User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm

Re: dynamic dns client : "unsupported" mode

Postby Lightning » Fri Apr 11, 2014 3:12 pm

Make sure the wget and the openSSL packages are loaded on the system when you SSH into this machine and do the following.
Code: Select all
cd /boot/bin
snarf -n lewis.freesco.net/tmp/dyndns
chmod +x dyndns
cd /etc
snarf -n lewis.freesco.net/tmp/dyndns.cfg
dyndns setup

Add the following information into the configuration
CLIENT=unsupported
# fill in all of the different sections of the file for all of the unsupported entries
# for the host, domain, username and password.

# at the bottom of the file you will see this line
UNSUPPORTED="https://ssl.gratisdns.dk/ddns.phtml"
Save the new setup and see if it works by using

dyndns

Just as an FYI, I also will be dropping my dyndns account and lewys-spot.dyndns.org will no longer be working. I have migrated to http://freedns.afraid.org/ and they are supported in the new client. They are a free dyndns provider and they provide service for all freesco.net accounts.
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12079
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: dynamic dns client : "unsupported" mode

Postby Island » Sat Apr 12, 2014 5:06 am

Received an HTTP 403 rejection from the server when fetching the new dyndns.cfg:

Code: Select all
[root@router42] cd /boot/bin
/mnt/bootdev/router/bin
[root@router42] snarf -n lewis.freesco.net/tmp/dyndns
http://lewis.freesco.net/tmp/dyndns (3K)
dyndns                    [########################]       3K |   15.01K/s
4058 bytes transferred in 0.26 sec (15.00k/sec)
[root@router42] chmod +x dyndns
[root@router42] cd /etc
[root@router42] snarf -n lewis.freesco.net/tmp/dyndns.cfg
error: HTTP error from server: HTTP/1.1 403 Forbidden
[root@router42]


Tried a second time, but with the same result.

I'll have a go with a direct wget command, to make sure the syntax is correct, anyway, and that our DNS provider will accept the command as described. I'd like to try with the proper dyndns.cfg file, though, as well, so that updates can happen dynamically.

I should already have said that FREESCO is behind another router so we are also using the 'remote' detection scheme for the current IP; mentioned in case that affects the changes you've introduced.

regards, Island
User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm

Re: dynamic dns client : "unsupported" mode

Postby Island » Sat Apr 12, 2014 5:10 am

Lightning wrote:Just as an FYI, I also will be dropping my dyndns account and lewys-spot.dyndns.org will no longer be working. I have migrated to http://freedns.afraid.org/ and they are supported in the new client. They are a free dyndns provider and they provide service for all freesco.net accounts.


You've mentioned http://freedns.afraid.org/ before. It might be worth putting a separate thread up to announce your change of arrangements for freesco.net because I am sure a number of folk will be wondering what to do, themselves; DynDNS was a popular and effective service.

Island
User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm

Re: dynamic dns client : "unsupported" mode

Postby Lightning » Sat Apr 12, 2014 11:52 am

Sorry about the cfg file. I have changed the file permissions now so that it can be downloaded. However it did bring up an issue that will need to be done once the file is in place. Insert the following commands.
Code: Select all
cd /boot/bin
snarf -n lewis.freesco.net/tmp/dyndns
chmod +x dyndns
cd /etc
snarf -n lewis.freesco.net/tmp/dyndns.cfg
# add this
chown root.root dyndns.cfg
chmod 0600 dyndns.cfg
dyndns setup

This will prevent others from being able to see the passwords and such.
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12079
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: dynamic dns client : "unsupported" mode

Postby Island » Sat Apr 12, 2014 1:23 pm

SSH into FREESCO 0.4.2 as root, and executed the command sequence. At this last step

Lightning wrote:
Code: Select all
dyndns setup



FREESCO replied with

Code: Select all
[root@router42] dyndns setup
/etc/dyndns.cfg: 55: Syntax error: Unterminated quoted string


Obviously just something missing in the cfg file, and I can fix that. Thanks for the support.

regards, Island
User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm

Re: dynamic dns client : "unsupported" mode

Postby Island » Sat Apr 12, 2014 1:41 pm

Lightning wrote:Add the following information into the configuration
CLIENT=unsupported
# fill in all of the different sections of the file for all of the unsupported entries
# for the host, domain, username and password.

# at the bottom of the file you will see this line
UNSUPPORTED="https://ssl.gratisdns.dk/ddns.phtml"


Lewis, the provider is fairly strict about lockouts if secure access goes wrong so, before I do this, could I cross check something with you? Where we have the "https ..." line in the cfg file, have I to add the parameter items in the normal way? Prior to this variant, I think the instructions required the command to be fully crafted here, such as :
Code: Select all
"https://ssl.gratisdns.dk/ddns.phtml?u=$unsupportedNAME &p=$unsupportedPASS &d=$unsupportedDNCNT &h=$unsupportedHOST &i=$EXIP"


I presume these should be added to the basic https line that is already in the cfg file?

regards, Island
User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm

Re: dynamic dns client : "unsupported" mode

Postby Lightning » Sat Apr 12, 2014 9:22 pm

presume these should be added to the basic https line that is already in the cfg file?

No, absolutely NOT. The reason it is done this way is because the $EXIP variable and the other variables are already included inside the dyndns script. So rather than putting different variables in different locations I put them directly into the scripting as it is much simpler that way. If you look at line #19 in the dyndns script you will see the actual command line that is going to be sent. This is not a generic dyndns script as it is custom made specifically for your need. Be aware as well that the command line you are posting has spaces in it and the actual command line to be sent must never have spaces, just something to be clear on.

Also the missing quote is on line 25 of the cfg file.

On a secondary note, it would be a simple matter to create a package that will support this DNS provider. All I really need is a name to call it?
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12079
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: dynamic dns client : "unsupported" mode

Postby Island » Sun Apr 13, 2014 5:13 am

I think it is working; it works if I manually invoke it, but I don't think I've set up the automatic nature, correctly. I deduce that because when I rebooted, the DDNS didn't get updated from its (wrong, and only for test) value of 127.0.0.1 to its real dynamically assigned IP. However it did update after I issued the
Code: Select all
dyndns

command directly.

Here's what I did. Executed all the commands you had given, updated the new dyndns.cfg with the necessary usernames, passwords, domains, etc, and saved. The new dyndns script was in /boot/bin, but the old script remained in /bin (it's distinguishable because it employs snarf for unsupported, as you explained earlier). In mc, both dyndns scripts are listed as
Code: Select all
*dyndns

At this point, when I executed
Code: Select all
/etc # dyndns

nothing happened, the prompt just came back after about a second, the DDNS entry at the DNS provider hadn't changed, but the recent log showed a DNS resolution request for myip.dtdns.com, though no request for the DNS provider's IP address.

Next, I rebooted, thinking that the script copy in /boot/bin hadn't found its way into /bin. On reboot, again, no update took place, though the myip.dtdns.com resolution request occurred again. I then remembered that I had turned 'off' the dynamic dns server in 'setup', so I re-enabled that (and did not alter the cron section, because I wasn't exactly sure what to do for that, which is my next question, below). Once rebooted, though, and enabled in the setup, executing
Code: Select all
dyndns

directly resulted in the wget transaction dialogue showing, DNS resolution requests logged for both myip.dtdns.com and ssl.gratisdns.dk, the info log reporting
Code: Select all
unsupported: updated '1.2.3.4' # obfuscated

followed 11 mins later with
Code: Select all
unsupported: last updated 'Sun Apr 13 09:49:18 BST 2014'

and the DNS record (visible throughout the internet) resolving to the dynamic IP address within a couple of minutes of the update.

So, I think it's basically working, but may I ask

(i) FREESCO hadn't updated automatically on reboot (though the dyndns setup was set to 'off', anyway). How does FREESCO check for whether the dynamically assigned IP has changed, or needs to be set? Is that what the cron section of the dyndns setup is doing? And, irrespective of the cron entry, will FREESCO check, anyway, each time it is restarted (whether through reboot, or though change of 'mode')?

(ii) I think I have a general problem with my 0.4.2 installation (and probably due to my habit of copying configs back and forth to preserve configurations across FREESCO versions - I think I had a 3G problem due to that a year or so ago) because things that perhaps might be symlinks seem not to always be (I'd had a different problem with the emailblock package recently, which arose because a file I was using wasn't the file that the system needed; that's resolved and is outside this thread). However, I do seem to be seeing different dyndns script files in different places, and wonder whether the dyndns server relies on files being correctly symlinked. In particular, I am not sure how FREESCO will know it must execute dyndns from /boot/bin, and not from /bin. Should I re-create any symlinks so that the revised script continues to work dependably after reboots or config changes, and so on?

Finally, very many thanks for creating what is a bespoke script applicable for our DNS provider. It is very kind of you to take that trouble. It would be nice to think that the methods you've developed could be used in a more general case to employ https for more of the dynamic dns services, something that may become more widespread as more and more concerns arise over the dependability and authentication of the transport and routing layers underpinning everything. But, even if these edits remain applicable only to GratisDNS, I'd like to thank you for your help. You mention giving it a name - it would be quite useful, actually, to distinguish it from FREESCO's standard script. GratisDNS do not use the abbreviation 'dyn', they tend to use 'DDNS' in their documentation so, perhaps, a name such as 'ddns-gratisdns' might be appropriate?

regards, Island
User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm

Re: dynamic dns client : "unsupported" mode

Postby Island » Sun Apr 13, 2014 8:15 am

In the dyndns setup, FREESCO offers a cron edit, of which these lines I didn't understand:

Code: Select all
# If you have a dynamic dns account and you have a semi permanent IP.
# For remote IP change the below "1" to a "*".
0 * * * *Idyndns >/dev/null 2>&1


We have both a 'dynamically assigned' IP address, and we need to employ 'remote IP address detection' because FREESCO is behind another router.

Essentially, my query is, how should this be set to
(a) detect the IP address from behind another router?
(b) detect a change in the IP address when it happens (or near to when)
(c) should it also have a 'restart' entry so that it also detects and updates if necessary after restart?

regards, Island
User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm

Re: dynamic dns client : "unsupported" mode

Postby Lightning » Sun Apr 13, 2014 8:44 am

Glad it is working and I will explain a couple of things that may be helpful.
First with regards to configuration files, /etc is the location of all system files that are in use. However that directory is in the ramdisk and so nothing survives a reboot. So the question becomes where do these files come from?
The answer to that question is multi sided. The first thing that happens is the system generates a default set of files from within it's self. The system then copies all of /boot/etc/ into /etc so that any user defined files overwrite the default files. Then the system scans the /pkg/etc and symlinks any files from that directory into /etc

So when I said to use the "dyndns setup". What actually happened is that it edited "/etc/dyndns.cfg" and when it was done editing that file it copied it to /boot/etc/ to survive a reboot. All of the system does this for every configuration file automatically. So if you ever edit a file manually be aware that the /etc/ files MUST be copied to /boot/etc/ when you are finished editing them. Unless they are a symlink in which case you are most likely editing a file in /pkg/etc and it is already a hard copy.

With regards to the dyndns system. Even from a command line it will just exit and not run if the system is not enabled for dyndns. If it is enabled at boot time the system checks the /etc/dyndfns.cur file and figures out if the IP address that is in that file is the one that is currently the outside IP address and at the same time it checks the date it was updated. If the IP address is different it will update or if the date is older than 28 days. Also any time the system gets a new external IP address the dyndns script is ran again.

Essentially, my query is, how should this be set to
(a) detect the IP address from behind another router?
(b) detect a change in the IP address when it happens (or near to when)
(c) should it also have a 'restart' entry so that it also detects and updates if necessary after restart?

In the dyndns.cfg script you need to enable the remoteIP section at the bottom the the configuration "dyndns setup". There is already a DNS service provider that will work fine for your purposes. Then in cron put in a time limit of how often you want to check for a changed IP address. Most of the time a limit of a few minutes is a workable solution. All the command needs to do is to call the dyndns script and with the remoteIP enabled the script will check the external IP against what it resolves to in the dyndns.cur file and if there is a mismatch it will update the correct one.

With regards to scripting the first thing to understand is the system PATH. In any system there is a PATH that determines what directory to look in and the order they are checked. In FREESCO the order is this

PATH=/boot/bin:/usr/bin:/usr/sbin:/pkg/rc:/rc:/bin:/sbin:/etc:.:%builtin

So any binary or script in /boot/bin will always be the one that is used over any standard system script or binary. So the dyndns script in the /bin directory in your system is not what will be used. If you ever wonder what binary or script is in use, try the "which" command.

which dyndns

If you have any other questions don't hesitate to ask. :wink:
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12079
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: dynamic dns client : "unsupported" mode

Postby Island » Sun Apr 13, 2014 9:43 am

Lightning wrote:First with regards to configuration files, /etc is the location of all system files that are in use. However that directory is in the ramdisk and so nothing survives a reboot.

[...]

So when I said to use the "dyndns setup". What actually happened is that it edited "/etc/dyndns.cfg" and when it was done editing that file it copied it to /boot/etc/ to survive a reboot. All of the system does this for every configuration file automatically. So if you ever edit a file manually be aware that the /etc/ files MUST be copied to /boot/etc/ when you are finished editing them. Unless they are a symlink in which case you are most likely editing a file in /pkg/etc and it is already a hard copy.

Hmmm. I did the wrong thing. I edited the newly downloaded /etc/dyndns.cfg directly, and later ran dyndns setup but only to check that it was using that cfg file. I could see the cfg file content it used, and I checked it was all there. But, I didn't then alter it or add anything, so it didn't ask if it wanted to save or anything. It hasn't perhaps had any need to 'copy back' to /boot/etc. I'd better set it up again, properly; I'll turn dyndns 'off', reboot, and run dyndns setup straightaway, and turn dyndns service back 'on'.

Essentially, my query is, how should this be set to
(a) [...]
(b) detect a change in the IP address when it happens (or near to when)
(c) [...]

[...]
Then in cron put in a time limit of how often you want to check for a changed IP address. Most of the time a limit of a few minutes is a workable solution. All the command needs to do is to call the dyndns script and with the remoteIP enabled the script will check the external IP against what it resolves to in the dyndns.cur file and if there is a mismatch it will update the correct one.

Understood. Is the existing cron entry the one where I should make this change, or should I add a new cron entry to call dyndns? (I'm guessing that 10 mins would do for our use cases which, primarily, are for offsite access back into our system for email etc).
With regards to scripting the first thing to understand is the system PATH. In any system there is a PATH that determines what directory to look in and the order they are checked. In FREESCO the order is this

PATH=/boot/bin:/usr/bin:/usr/sbin:/pkg/rc:/rc:/bin:/sbin:/etc:.:%builtin

So any binary or script in /boot/bin will always be the one that is used over any standard system script or binary. So the dyndns script in the /bin directory in your system is not what will be used. If you ever wonder what binary or script is in use, try the "which" command.

which dyndns

If you have any other questions don't hesitate to ask. :wink:


Well. Very helpful sumary, indeed. The longer I stay in this game, the less I seem to know. Which is odd because you would expect wisdom to accumulate over the years; when I was a youngster I knew everything.

Island
User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm

Re: dynamic dns client : "unsupported" mode

Postby Lightning » Sun Apr 13, 2014 11:13 am

Just modify the existing dyndns entry. In essence the system should not be any different than it was before. As for the cfg file, the dyndns script does not ever ask if you want to save the file. It just copies it to /boot/etc regardless.
Also ju8st to be sure, when making changes to "cron" use "crontab -e" and it will use the defined editor.
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12079
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Next

Return to FREESCO Support for v0.4.x

Who is online

Users browsing this forum: No registered users and 2 guests

cron