RFC2136 questions
-
I've been working on setting up an rfc2136 dynamic dns arrangement using bind on my VPS host (because screw dyndns that's why :)
What I'm wondering is if there's any logging in pfsense related to the 2136 updating process? Is there a specific way to force an update, or does it automatically update when the rule is enabled?
Basically it doesn't appear to be working, and I have next to no information on either end of the "conversation" to help me figure out why. Does anyone have experience setting this up?
Thanks in advance.
-
Have you checked in the pfSense system log? (GUI: Status -> System Logs or pfSense shell command # clog /var/log/system.log to see rather more of the log than displayed through the GUI)
Does the interface selected in the pfSense Dynamic DNS configuration have a public IP address or a private IP address?
-
All the log shows is "check_reload_status: Syncing firewall" when I disable/enable the 2136 rule. I noticed one of the discussions further down has php entries in their log for "normal" dyndns stuff, but I don't see anything like that, nor have I found any "detail" type log settings.
The interface is WAN with a public IP, albeit provided by "dmzplus" from AT&T's crappy uverse device; it hasn't caused me problems before. I suppose for something like a dns update that infernal gadget could cause a problem, but to start with I need a way to see what pfsense is even trying to do.
It's entirely possible that my bind config is incorrect on the other end, but that's beyond the scope of this forum.
Thanks for the help.
-
I use dynamic DNS registration with DNS-O-Matic to update registration with OpenDNS and DynDNS. I don't use RFC2136. The Dynamic DNS client regularly reports in the system log like:
Apr 28 07:40:11 pfsense check_reload_status: Updating all dyndns
Apr 28 07:43:24 pfsense php: : DynDns: updatedns() starting
Apr 28 07:43:24 pfsense php: : DynDns debug information: x.x.x.170 extracted from local system.
Apr 28 07:43:24 pfsense php: : DynDns: Current WAN IP: x.x.x.170 Cached IP: x.x.x.161
Apr 28 07:43:24 pfsense php: : DynDns debug information: DynDns: cacheIP != wan_ip. Updating. Cached IP: x.x.x.161 WAN IP: x.x.x.170
Apr 28 07:43:24 pfsense php: : DynDns: DynDns _update() starting.
Apr 28 07:43:25 pfsense php: : DynDns: updatedns() starting
Apr 28 07:43:30 pfsense php: : DynDns: DynDns _checkStatus() starting.
Apr 28 07:43:30 pfsense php: : DynDns: Current Service: dnsomatic
Apr 28 07:43:30 pfsense php: : DynDns debug information: x.x.x.170 extracted from local system.
Apr 28 07:43:30 pfsense php: : phpDynDNS: updating cache file /conf/dyndns_wandnsomatic'all.dnsomatic.com'.cache: 120.29.18.170
Apr 28 07:43:31 pfsense php: : DynDns debug information: x.x.x.170 extracted from local system.
Apr 28 07:43:31 pfsense php: : DynDns: Current WAN IP: x.x.x.170 Cached IP: x.x.x.170
Apr 28 07:43:31 pfsense php: : phpDynDNS: No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
Apr 28 10:12:24 pfsense php: : DynDns: updatedns() starting
Apr 28 10:12:24 pfsense php: : DynDns debug information: x.x.x.53 extracted from local system.
Apr 28 10:12:24 pfsense php: : DynDns: Current WAN IP: x.x.x.53 Cached IP: x.x.x.170
Apr 28 10:12:24 pfsense php: : DynDns debug information: DynDns: cacheIP != wan_ip. Updating. Cached IP: x.x.x.170 WAN IP: x.x.x.53
Apr 28 10:12:24 pfsense php: : DynDns: DynDns _update() starting.
Apr 28 10:12:29 pfsense php: : DynDns: DynDns _checkStatus() starting.
Apr 28 10:12:29 pfsense php: : DynDns: Current Service: dnsomatic
Apr 28 10:12:29 pfsense php: : DynDns debug information: 120.29.18.53 extracted from local system.
Apr 28 10:12:29 pfsense php: : phpDynDNS: updating cache file /conf/dyndns_wandnsomatic'all.dnsomatic.com'.cache: 120.29.18.53
Apr 28 12:21:02 pfsense php: : DynDns: updatedns() starting
Apr 28 12:21:02 pfsense php: : DynDns debug information: 203.144.23.87 extracted from local system.
Apr 28 12:21:02 pfsense php: : DynDns: Current WAN IP: 203.144.23.87 Cached IP: 120.29.18.53
Apr 28 12:21:02 pfsense php: : DynDns debug information: DynDns: cacheIP != wan_ip. Updating. Cached IP: 120.29.18.53 WAN IP: 203.144.23.87
Apr 28 12:21:02 pfsense php: : DynDns: DynDns _update() starting.
Apr 28 12:21:08 pfsense php: : DynDns: DynDns _checkStatus() starting.
Apr 28 12:21:08 pfsense php: : DynDns: Current Service: dnsomatic
Apr 28 12:21:08 pfsense php: : DynDns debug information: x.x.x.87 extracted from local system.
Apr 28 12:21:08 pfsense php: : phpDynDNS: updating cache file /conf/dyndns_wandnsomatic'all.dnsomatic.com'.cache: 203.144.23.87
Apr 28 12:26:13 pfsense php: : DynDns: updatedns() starting
Apr 28 12:26:13 pfsense php: : DynDns debug information: x.x.x.110 extracted from local system.
Apr 28 12:26:13 pfsense php: : DynDns: Current WAN IP: x.x.x.110 Cached IP: x.x.x.87
Apr 28 12:26:13 pfsense php: : DynDns debug information: DynDns: cacheIP != wan_ip. Updating. Cached IP: x.x.x.87 WAN IP: x.x.x.110
Apr 28 12:26:13 pfsense php: : DynDns: DynDns _update() starting.
Apr 28 12:26:18 pfsense php: : DynDns: DynDns _checkStatus() starting.
Apr 28 12:26:18 pfsense php: : DynDns: Current Service: dnsomatic
Apr 28 12:26:18 pfsense php: : DynDns debug information: x.x.x.110 extracted from local system.
Apr 28 12:26:18 pfsense php: : phpDynDNS: updating cache file /conf/dyndns_wandnsomatic'all.dnsomatic.com'.cache: x.x.x.110
Apr 28 12:30:35 pfsense php: : DynDns: updatedns() starting
Apr 28 12:30:35 pfsense php: : DynDns debug information: x.x.x.24 extracted from local system.
Apr 28 12:30:35 pfsense php: : DynDns: Current WAN IP: x.x.x.24 Cached IP: x.x.x.110
Apr 28 12:30:35 pfsense php: : DynDns debug information: DynDns: cacheIP != wan_ip. Updating. Cached IP: x.x.x.110 WAN IP: x.x.x.24
Apr 28 12:30:35 pfsense php: : DynDns: DynDns _update() starting.
Apr 28 12:31:44 pfsense php: : DynDns: DynDns _checkStatus() starting.
Apr 28 12:31:44 pfsense php: : DynDns: Current Service: dnsomaticThe Dynamic DNS update check runs at 1AM and at interface IP address change if the interface IP address is a public IP address and on demand through the web page (disable/enable cycle).
-
Hi Bob, thanks for the input.. I knew you weren't doing rfc2136, I was just surprised that the 2136 pfsense code doesn't generate some similar log entries. I don't know where else to look to see if it's trying to connect, if it doesn't like the data I provided, or what it may be doing.
-
Just an update, I did get it working. I can confirm that pfsense attempts the update when the rule is enabled, so if you're trying to set this up your bind logs should show the attempts.
I considered writing it up for the wiki, but a) it doesn't seem you can just sign up and edit and b) it's mostly bind config anyway, the pfsense part is pretty self explanatory.
Useful links:
http://ocw.novell.com/suse-linux-enterprise-server-engineers/suse-linux-network-services/3057_01_manual.pdf Section 1 page 36
http://www.shakabuku.org/writing/dyndns.html#listing_2