DDNS doesn't update after Opt1(WAN2) recovery

trmentry

Hello All,

I have a little pfSense fw that has the following
WAN = isp1
LAN = LAN
Opt1 = isp2

I have routing setup so that if isp1 fails.. will route via isp2. And visa versa. I have my work vlan on the lan side routing for primary out isp2 as it has better peering in my area to get to my work vpn.

Anyway... I was hooking up a new UPS and I unplugged the wrong cable modem. isp2 dropped. isp1 stayed up.

the fail over worked fine. however ddns freaked out

I have 3 ddns setups.

isp1.domain.com = WAN
isp2.domain.com = Opt1
remote.domain.com = WanGroup1 with isp1 being primary

I only put isp1 and isp2 so that I know what they are if I'm out and about. remote is my main thing I use for VPN, etc.

Anyway.. when isp2 dropped... it failed over .. and ddns did update to the IP of isp1 with no issue.
so isp1 and isp2 were equal.

When isp2 recovered.... ddns wouldn't update. It kept the isp1 ip in red.
i tried to force update... but no joy.
i deleted the cache file /cf/conf/ ... it changed to a N/A but still wouldn't update to the right ip. even trying another save and force.

I rebooted the fw begrudgingly and everything worked after that.

But I can't figure out why this happened or how to fix without a reboot the next time.

Hopefully I made sense.

Can someone point me in the right direction please on where to go next time?

Thanks

trmentry

Forgot to mention that the DDNS service that wasn't updating was Cloudflare.

stephenw10

There are two open issues that might apply here:
https://redmine.pfsense.org/issues/12877
and
https://redmine.pfsense.org/issues/12870

Are you seeing similar errors logged to either of those?

Steve

trmentry

@stephenw10

Thank you for the reply. I'm def hitting the #12870 issue.

As to the #12877, my error isn't quite the same.

It shows it changes the IP when my cable modem was unplugged to the IP on WAN but it's configured to only look at Opt1/WAN2 interface. Not sure why it would update to the other when not supposed to.

Mar 22 16:41:25 firewall php-fpm[17459]: /rc.dyndns.update: phpDynDNS (isp2): (Success) isp2 updated to 50.x.x.x

When I blew away the cache file it saw that. It wouldn't recreate the cache file even after doing a save and force update. Which would give me the ngix time out in the other issue. Everything in DDNS gives that one if I make a change.

It took a reboot to get things to play nicely.

Mar 22 17:23:07 firewall check_reload_status[409]: Updating all dyndns
Mar 22 17:23:12 firewall php-fpm[370]: /rc.dyndns.update: phpDynDNS: updating cache file /conf/dyndns_opt1cloudflare'isp2.domain'1.cache: 70.x.x.x
Mar 22 17:23:12 firewall php-fpm[370]: /rc.dyndns.update: phpDynDNS (isp2): (Success) isp2 updated to 70.x.x.x

stephenw10

Are you actually seeing the same errors?

trmentry

@stephenw10

Mar 23 09:05:58 firewall php-fpm[371]: /services_dyndns_edit.php: phpDynDNS: updating cache file /conf/dyndns_wandreamhost'isp1.domain'5.cache: 50.x.x.x

Mar 23 09:05:58 firewall php-fpm[371]: /services_dyndns_edit.php: phpDynDNS (isp1.domain): (Success) IP Address Changed Successfully!

Mar 23 09:06:43 firewall nginx: 2022/03/23 09:06:43 [error] 89511#100550: *1220 upstream timed out (60: Operation timed out) while reading response header from upstream, client: 172.x.x.x, server: , request: "POST /services_dyndns_edit.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "172.x.x.1", referrer: "http://172.x.x.1/services_dyndns_edit.php"

This was this morning when I was adding a Dreamhost DDNS setup. It updated fine.. but still got the web page time out.
My cloudflare are still active.

stephenw10

Mmm, OK looks like that bug then. Updates will be on the report as they are found/patched.