Error with Route53 Dynamic DNS ipv6 update
-
Hi there,
Trying to get an IPv6 WAN address to update to Route53 using the Dynamic DNS route63 (ipv6) service. Updates work fine with IPv4 when configured to monitor the LAN interface and an appropriate Check IP service. For ipv6 I am monitoring the WAN interface but the update fails with a curl "failed to connect to server" error (some data hidden with '****'):
Feb 4 09:13:00 php-fpm 38547 /services_dyndns_edit.php: Dynamic DNS route53-v6 (****.com): _update() ending. Feb 4 09:13:00 php-fpm 38547 /services_dyndns_edit.php: Curl error occurred: Failed to connect to route53.amazonaws.com port 443 after 281 ms: Couldn't connect to server Feb 4 09:13:00 php-fpm 38547 /services_dyndns_edit.php: Dynamic DNS route53-v6 (****.com): _checkStatus() starting. Feb 4 09:13:00 php-fpm 38547 /services_dyndns_edit.php: Response Data: Feb 4 09:13:00 php-fpm 38547 /services_dyndns_edit.php: Response Header: Feb 4 09:13:00 php-fpm 38547 /services_dyndns_edit.php: XMLPOST: <?xml version="1.0" encoding="UTF-8"?><ChangeResourceRecordSetsRequest xmlns="https://route53.amazonaws.com/doc/2013-04-01/"><ChangeBatch><Changes><Change><Action>UPSERT</Action><ResourceRecordSet><Name>****.com</Name><Type>AAAA</Type><TTL>60</TTL><ResourceRecords><ResourceRecord><Value>2602:****::</Value></ResourceRecord></ResourceRecords></ResourceRecordSet></Change></Changes></ChangeBatch></ChangeResourceRecordSetsRequest> Feb 4 09:13:00 php-fpm 38547 /services_dyndns_edit.php: Header: Authorization: AWS4-HMAC-SHA256 Credential=****/20240204/us-east-1/route53/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=**** Feb 4 09:13:00 php-fpm 38547 /services_dyndns_edit.php: Header: X-Amz-Date: 20240204T171300Z Feb 4 09:13:00 php-fpm 38547 /services_dyndns_edit.php: Header: Content-Type: text/xml Feb 4 09:13:00 php-fpm 38547 /services_dyndns_edit.php: Sending request to: https://route53.amazonaws.com/2013-04-01/hostedzone/****/rrset Feb 4 09:13:00 php-fpm 38547 /services_dyndns_edit.php: Dynamic DNS route53-v6 (****.com): _update() starting.
If I switch it to monitor the LAN interface the update works fine except that it updates with the (public) IPv6 address of the LAN interface (configured to track the WAN interface) which is not what I want. I am using a Check IP service that returns both ipv4 and ipv6 addresses but I am not sure in this case that the ipv6 address that it returns is even used. IPv6 on my firewall's WAN port is configured with a 6rd tunnel to my ISP; not sure that is relevant or not.
This is somewhat similar to the error reported here for ipv4 but in my case I am unable to use the posted workaround.
Is this a bug or am I doing something wrong or not understanding it correctly (I am an admitted ipv6 newbie)?
Cheers,
Tom