Cloudflare DynDNS update error

LucaTNT · Jan 21, 2020, 10:38 AM

Hello everybody,
last night my PPPoE WAN changed its IP, the 2 DynDNS services I configured with Cloudflare failed to get the updated IP.
The first one is a regular A record, and I found this in the System logs:

/services_dyndns_edit.php: phpDynDNS (vr): PAYLOAD: { "result": null, "success": false, "errors": [ { "code": 9021, "message": "Invalid TTL. Must be between 120 and 2,147,483,647 seconds, or 1 for automatic" } ], "messages": [] }

According to Cloudflare's V4 API documentation, the ttl parameter is required, and pfSense does not supply it. Updating records used to work, so I think Cloudflare changed its API or corrected a but which prevented the TTL parameter requirement from being enforced.
I was able to patch /etc/inc/dyndns.class to add the missing parameter at line 799:

799c799,800
< 								"name" => "{$this->_dnsHost}"
---
> 								"name" => "{$this->_dnsHost}",
> 								"ttl" => 1

The second one is the A record at the root of a domain, and Cloudflare seems to have disabled the API to update that kind of record:

PAYLOAD: { "error": "Use of this API has been limited to the Cloudflare Dashboard." }

Is anybody else experiencing this kind of issues?

jimp · Jan 21, 2020, 1:17 PM

https://redmine.pfsense.org/issues/10196

jimp · Jan 21, 2020, 2:04 PM

Try applying the change in this diff and see if it works for you: Updated cf-ttl.diff

EDIT: Updated diff

LucaTNT · Jan 21, 2020, 1:50 PM

@jimp said in Cloudflare DynDNS update error:

https://redmine.pfsense.org/issues/10196

My Google-fu has failed me!

@jimp said in Cloudflare DynDNS update error:

Try applying the change in this diff and see if it works for you: cf-ttl.diff

I reverted my patch and tried to apply this one, but it failed to update the address with the following log:

/services_dyndns_edit.php: phpDynDNS (vr): PAYLOAD: { "result": null, "success": false, "errors": [ { "code": 1000, "message": "There was an unknown error." } ], "messages": [] }

The Cloudflare API requires an integer for the ttl, so I changed your patch this way and it worked:

"ttl" => empty($this->_dnsTTL) ? 1 : int($this->_dnsTTL)

jimp · Jan 21, 2020, 1:52 PM

OK, I'll change it that way. Thanks!

jimp · Jan 21, 2020, 1:56 PM

Actually it looks like that should be (int) $this->_dnsTTL or intval($this->_dnsTTL).

LucaTNT · Jan 21, 2020, 1:58 PM

You're right. I think int("123") is deprecated.

jimp · Jan 21, 2020, 2:04 PM

I updated the diff in my previous post above

Overlord · Jan 21, 2020, 2:07 PM

Is it also working for manually update? I tried to "Save and force update" again and I have stillt the same issue. I used this diff:

https://redmine.pfsense.org/attachments/2922/cf-ttl.diff

/services_dyndns_edit.php: phpDynDNS (@): UNKNOWN ERROR - Invalid TTL. Must be between 120 and 2,147,483,647 seconds, or 1 for automatic

jimp · Jan 21, 2020, 2:16 PM

It should not matter how it is triggered. Make sure that diff actually applied (edit /etc/inc/dyndns.class and see if the TTL line is there)

LucaTNT · Jan 21, 2020, 2:19 PM

@jimp said in Cloudflare DynDNS update error:

I updated the diff in my previous post above

Thanks.
(it appears the changes on Redmine still has the old non-integer ttl, though).

jimp · Jan 21, 2020, 2:22 PM

@LucaTNT said in Cloudflare DynDNS update error:

(it appears the changes on Redmine still has the old non-integer ttl, though).

That's the initial commit -- that will never update. There is an additional commit below which makes the integer change.

LucaTNT · Jan 21, 2020, 2:24 PM

@jimp TIL. Thanks for the quick help!

vajonam · Jan 21, 2020, 5:03 PM

This post is deleted!

Sergei_Shablovsky · Feb 5, 2020, 3:26 PM

Is this cloudflare-ddns-update.sh in case running by cron able to solving Your problem?

Any comments from @jimp ?

jimp · Feb 5, 2020, 4:20 PM

That is not relevant to pfSense. The problem stated in this thread is solved in our repository.