CustomDynDNS as CronJob.

eagle61

Currently i do use Services -> Dynamic DNS -> Dynamic DNS Clients to update via Custom (v6) the IPv6-Prefix of one of my LAN-Interfaces (OPT3). I do use a Update-URL that do update simply the IPv6-Prefix of OPT3 (... &ipv6prefix=auto&onlyprefix). It works but it works with an time delay of up to one hour between getting new IPv6-Prefix (what happen every 24 hours) and the update of the DynDNS-Entry ond my DynDNS-Service.

I do seek a solution for this problem. One might be a CronJob.
But i do have no idea how to configure such a CronJob to update DynDNS. Services -> Cron is already installed.

Any suggestions?

Thank's in advance

stephenw10

The WAN update doesn't trigger the dyndns update script?

eagle61

@stephenw10

The Update of the WAN-IP works fine. Reconnect was this morning 04:58. The WAN-IP's (v4 and v6) was updated immediately, but not the IPv6-Prefix of the OPT3-Interface (DMZ).

The update of the IPv6-Prefix was happen at 06:00.
I just update the v6-Prefic of Interface OPT3, not its IPv6-Adress itself, because i just need the Prefix.

Here is the pfsense-Log from today 04:58 till 06:00 am as xls
pfsense-Log2025-01-20.xls
(verbose logging of Ipv6-Prefix updating OPT3 was enabled)

Gertjan

@eagle61

Who/what initiates this prefix change ?
Afaik, only dhcp6c does this period requesting.

Get a copy of the actual dhcp6c config file, and switch over to :

Where "/a file" is you dhcp6c config file.

Now, of to the dhcp6c man pages, and there you'll find that you can inform dhcp6c to execute "a script" when it did it's thing.
Like starting your Dyndns.

Edit : really, a prefix that changes often ? That s#cks.

eagle61

@Gertjan said in CustomDynDNS as CronJob.:

Edit : really, a prefix that changes often ? That s#cks.

Yes ts what called in Germany "Zwangstrennung". Lots of Germans ISP forces in private customer contracts a reconnect every 24h. Some of them don't even deliver IPv4-Adresses anymore in private customer contracts. The use CG-NAT or DS-Lite instead in private customer contracts. So i am quite lucky in still have a private customer contract with a dedicated public IPv4-Adressand not CG-NAT or DS-Lite.

This is my current DHCPv6c config:

I don't use Configuration Override, because if i do so it will override well running configuration and I have no idea what the result will be and how to manage such a file.

I can't even find this file on pfsense to opy it since find does not work like expected and find files in subdirectories like it do with debian.

[2.7.2-RELEASE][admin@pfSense.localdomain]/root: find / -type f -name dhcp6c*
find: No match.

Gertjan

@eagle61 said in CustomDynDNS as CronJob.:

[2.7.2-RELEASE][admin@pfSense.localdomain]/root: find / -type f -name dhcp6c*
find: No match.

It's here /var/etc/dhcp6c.conf

Copy it to so save place, for example /root/ and then

Everything (dhcp6c) should still work from now on.
And if so, now you can see how to have it call your own scripts when needed.

Btw, maybe not 'the' solution, just 'a' solution.

edit : had a look at my file.

interface ix3 {
	send ia-na 0;	# request stateful address
	send ia-pd 0;	# request prefix delegation
	request domain-name-servers;
	request domain-name;
	script "/var/etc/dhcp6c_wan_script.sh"; # we'd like some nameservers please
};
id-assoc na 0 { };
id-assoc pd 0 {
	prefix-interface igc0 {
		sla-id 0;
		sla-len 0;
	};
};

So it already does what I was telling you about.

@eagle61 said in CustomDynDNS as CronJob.:

The use CG-NAT or DS-Lite instead

Here in France, the biggest ISP, Orange, just started to update their routers so the can also de CGNAT etc .... great. But what can we do, IPv4 is a rare resource these days.

eagle61

@Gertjan
thank you so much for your help. I do not do what you suggest today. I just found out how the DynDNS-Update works. There is a file /etc/rc.dyndns.update that starts the DynDNS-Update. Also there are files in /cf/conf/ named dyndns_*.cache. Those files contains the current cached IP-Adresses. The file dyndns_opt3custom-v6''3_v6.cache is that one for Interface OPT3 and IPv6.

If i replace /cf/conf/dyndns_opt3custom-v6''3_v6.cache contaning current cached IPv6 Address of OPT3 with an empty /cf/conf/dyndns_opt3custom-v6''3_v6.cache (File size 0B) and then execute /etc/rc.dyndns.update on command line of pfsense i can force an Update of the IPv6-Prefix of OPT3 on my DnyDNS-Service.

So before create a shell script an add it to be executed in the dhcp6c.conf i will test it for tomorrow in a simple cronJob at 05:01 am. Another cronJob will force the 24h Reconnect at 04:58 am.

If all works fine tomorrow morning i will do the Shell-Script for the Conf-File.

Gertjan

@eagle61 said in CustomDynDNS as CronJob.:

There is a file /etc/rc.dyndns.update that starts the DynDNS-Update. Also there are files in /cf/conf/ named dyndns_*.cache. Those files contains the current cached IP-Adresses. The file dyndns_opt3custom-v6''3_v6.cache is that one for Interface OPT3 and IPv6.

If i replace /cf/conf/dyndns_opt3custom-v6''3_v6.cache contaning current cached IPv6 Address of OPT3 with an empty /cf/conf/dyndns_opt3custom-v6''3_v6.cache (File size 0B) and then execute /etc/rc.dyndns.update on command line of pfsense i can force an Update of the IPv6-Prefix of OPT3 on my DnyDNS-Service.

That's who and why the dyndns update works.
The very first time, there is no 'history' of cache file, so the update will take place.
From now on, when an interface used by a DyndNSD setup, changes, /etc/rc.dyndns.update is called.
If the actual (WAN) IP matches with what is stored in the cache file, then no update is needed.
If the catual (WAN) IP changed, then it's difreent from the cache file, and an update will take place.
and the cache file will be updated with the current IP.

A cron task :

will do the same test. Just to make sue that if an IP change happened unnoticed ?

And last but not least, if the cache file is 30 (or so) days old, an up^date will happen regardless.
and the cache file will be updated with the current IP - as the IP didn't really changed, the time stamp of the cache file will get updated.

Normally, it doesn't make sens to delete the cache file.
If the content of the cache file doesn't match the current IP WAN (because the cache contains 'nothing' as you've deleted it), the update will happen. Sure.
If the WAN IP was changed, the the real issue / question is : why wasn't /etc/rc.dyndns.update triggered ? The new WAN IP wouldn't match the stored (known) IP in the cache file : un update will happen.
If you update with the same IP that was already set on the DynDNS side, that's considered 'bad' (abusive).

Btw : I'm talking about IP addresses, v4or v6. Not sure if the same story works also fro IPv6 prefixes ...

eagle61

@Gertjan said in CustomDynDNS as CronJob.:

Not sure if the same story works also fro IPv6 prefixes

Yes, a saw the entry in my CronJobs too:

Its the default config and also this explains why the update take happen at 06:00 am. By default it' just done every 6 hours.
Also by default pfsense trigger an update only of WAN-Adress DynDNS if a reconnect was happen by ISP. But i do need to update the DynDNS of OPT3 and that seems not to be triggered if WAN was reconnected and got new IPv6-Address and IPv6-Prefix.
As you can see here my IPv6 Configuration Type is set to Track Interface.

So if my ISP delvers in the night a new IPv6-Adress also the Prefix of the LAN-Interfaces will change. This means all Server in LAN-Interfaces (in my case the OPT3 one) will get a new IPv6-Address as well, based on new IPv6-Prefix.
I could let update each Server its own IPv6-Adress every night. But i decided to just Update the IPv6-Prefix of the Interface and create the full IPv6-Address of Servers by using AAAA-Records in Format: "Interface-ID" (ex. ::6743:12::f9aa::44a1). So i need just one Update to create valid IPv6-Adresses of several Servers. The DynDNS-Service adds the delivered IPv6-Prefix to each Interface-ID of Servers so it will become a valid full /128 IPv6-Address.

And yes, you are right. The empty file dyndns_opt3custom-v6''3_v6.cache is not needed. I just did so for testing and find out how it works.

Finally: it makes no sense to update full IPv6 of OPT3. It makes no sense that a LAN-Interface of pfsense will get a DynDNS-Address. So i do not do that.

The annoying thing for me is that pfsense unfortunately only immediately after reconnect update DynDNS for WAN-IP-Addresses, but not that of LAN's depending on the WAN-Prefix.

I think that is something need to be fixed by Netgate soon with an update of pfsense.