DynDNS not always updating
-
Hi all,
new pfSense user here, please be patient ;)
I'm having an odd issue with DynDNS not always updating, as encountered today the WAN IP changes, pfSense notices it, but somehow the update fails.
This has happened already a couple of times, and searching through the Forum did not provide any usefull suggestions.
Anyway, this is what the logs shows (read bottom-up):Feb 17 11:36:32 php: : pfSense package system has detected an ip change 109.132.19.214 -> … Restarting packages.
Feb 17 11:36:32 php: : Creating rrd update script
Feb 17 11:36:32 kernel: ovpns1: link state changed to UP
Feb 17 11:36:31 kernel: ovpns1: link state changed to DOWN
Feb 17 11:36:31 php: : Resyncing OpenVPN instances for interface WAN.
Feb 17 11:36:27 check_reload_status: Reloading filter
Feb 17 11:36:25 php: : Curl error occurred: Couldn't resolve host 'members.dyndns.org'
Feb 17 11:36:25 php: : DynDns: Current Service: dyndns
Feb 17 11:36:25 php: : DynDns: DynDns _checkStatus() starting.
Feb 17 11:36:17 apinger: ALARM: GW_WAN(109.132.228.1) *** down ***
Feb 17 11:36:09 dnsmasq[41812]: ignoring nameserver 127.0.0.1 - local interface
Feb 17 11:36:09 dnsmasq[41812]: ignoring nameserver 127.0.0.1 - local interface
Feb 17 11:36:09 dnsmasq[41812]: using nameserver 195.238.2.22#53
Feb 17 11:36:09 dnsmasq[41812]: using nameserver 195.238.2.21#53
Feb 17 11:36:09 dnsmasq[41812]: reading /etc/resolv.conf
Feb 17 11:36:07 check_reload_status: Reloading filter
Feb 17 11:36:07 php: : DynDns: DynDns _update() starting.
Feb 17 11:36:07 php: : DynDns debug information: DynDns: cacheIP != wan_ip. Updating. Cached IP: 109.132.19.214 WAN IP: 109.132.228.224
Feb 17 11:36:07 php: : DynDns: Current WAN IP: 109.132.228.224 Cached IP: 109.132.19.214
Feb 17 11:36:07 php: : DynDns debug information: 109.132.228.224 extracted from local system.
Feb 17 11:36:07 php: : DynDns: updatedns() starting
Feb 17 11:36:07 apinger: Starting Alarm Pinger, apinger(33374)
Feb 17 11:36:06 apinger: Exiting on signal 15.
Feb 17 11:36:06 php: : ROUTING: setting default route to 109.132.228.1
Feb 17 11:36:04 dnsmasq[41812]: ignoring nameserver 127.0.0.1 - local interface
Feb 17 11:36:04 dnsmasq[41812]: ignoring nameserver 127.0.0.1 - local interface
Feb 17 11:36:04 dnsmasq[41812]: reading /etc/resolv.conf
Feb 17 11:35:59 check_reload_status: Rewriting resolv.conf
Feb 17 01:01:01 php: : phpDynDNS: No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.So, if I understand correctly there is something going wrong with accessing the dyndns site during the update (see red part of log with 'Curl' error …)?
When I go to "Services\Dynamic DNS", I see it still has the previous address in cache (in red).
Strange enough, if I go into the settings, and just save (without making any modifications), the update gets processed just fine and the address goes from red (wrong) to green (correct)?Feb 17 14:42:37 php: /services_dyndns_edit.php: phpDynDNS: (Success) IP Address Changed Successfully! (109.132.228.224)
Feb 17 14:42:37 php: /services_dyndns_edit.php: phpDynDNS: updating cache file /conf/dyndns_wandyndns'abc.dyndns.org'.cache: 109.132.228.224
Feb 17 14:42:37 php: /services_dyndns_edit.php: DynDns debug information: 109.132.228.224 extracted from local system.
Feb 17 14:42:37 php: /services_dyndns_edit.php: DynDns: Current Service: dyndns
Feb 17 14:42:37 php: /services_dyndns_edit.php: DynDns: DynDns _checkStatus() starting.
Feb 17 14:42:36 check_reload_status: Syncing firewall
Feb 17 14:42:36 php: /services_dyndns_edit.php: DynDns: DynDns _update() starting.
Feb 17 14:42:36 php: /services_dyndns_edit.php: DynDns debug information: DynDns: cacheIP != wan_ip. Updating. Cached IP: 109.132.19.214 WAN IP: 109.132.228.224
Feb 17 14:42:36 php: /services_dyndns_edit.php: DynDns: Current WAN IP: 109.132.228.224 Cached IP: 109.132.19.214
Feb 17 14:42:36 php: /services_dyndns_edit.php: DynDns debug information: 109.132.228.224 extracted from local system.
Feb 17 14:42:36 php: /services_dyndns_edit.php: DynDns: updatedns() startingAnyone an idea if this is configuration error (can't see directly how but I'm open for suggestions anyway) or just some undiscovered bug, or a know problem (just not know by me yet) ??? (no, don't think this is a dyndns issue, been using it with varia of software distributions since looooong time :) )
Almost forgot: version: 2.0.2-RELEASE (i386) built on Wed Dec 26 09:19:58 EST 2012 - FreeBSD 8.1-RELEASE-p13, running on Watchguard Firebox X e1250.TIA for reading through my post...
br, Benny.
[update]
might be interesting to know: the WAN is a PPPoE, and the used build is a non-signed from JIMP (pfSense-2.0.2-RELEASE-4g-i386-nanobsd-upgrade-20121226-0919.img.gz) because of issues with DNS (see http://forum.pfsense.org/index.php/topic,57020.0.html) -
well… had again the same issue today, don't have to repost the system log as the error is exactly the same, just different time (5pm17 CET).
The daily cron at 01:01 would probably fix it, but that's way too late. So it's happening often enough to seriously bother me...
After re-reading my post, and google'ing around a bit, no luck. Similar error found in pfsense bugtracker: http://redmine.pfsense.org/issues/943 but it cannot tell if it has the same origin. The fix isn't available anyway, seems to be an update in a beta distribution, not what I'm using.I can hardly imagine I'm the only pfSense user having this issue? (Unless most of you are blessed with a fixed ip :D)
Anyway, back to the problem. I'm guessing because the issue occurs is right after an IP change (WAN), and my DNS servers are dynamic assigned as well, I 'm thinking the members.dyndns.org doesn't get resolved in a timely fashion, causing the 'curl error'. Or it can also be, the DNS addresses are updated anyway (even if they don't change) and there's simply no DNS server available yet making this a very stupid timing/sequential error. Unfortunately the logs aren't in depth enough... (even if they did, there's still the chance that I don't have enough freebsd knowledge to properly analyse them :-\ )
my 1st attempt for fixing this issue: I added a static record in the "DNS Forwarder\Host override" for members.dyndns.org. This under the assumption that the bound IP won't change. If next update happens, pfSense should read the internal table first before querying a DNS server.
If that doesn't work out, next step will be to manually set my DNS servers instead of letting them get updated. I might revert back to the signed image instead of the one I took from JIMP's site, but that will be my least preferred path as that's more hassle...Since this is starting to be a monologue ::) , I'll update the post with whatever workaround will solve my issue... maybe it can be useful for others.
br, Benny.
-
Yes, I suspect that the timing somewhere means that DN resolution is not working properly yet when the dyndns update starts looking for members.dyndns.org - I install the cron package and use it to edit the daily dyndns update job so it runs every 15 minutes - http://forum.pfsense.org/index.php/topic,58085.msg310852.html#msg310852
-
Feb 17 11:36:17 apinger: ALARM: GW_WAN(109.132.228.1) *** down *** Feb 17 11:36:09 dnsmasq[41812]: ignoring nameserver 127.0.0.1 - local interface Feb 17 11:36:09 dnsmasq[41812]: ignoring nameserver 127.0.0.1 - local interface Feb 17 11:36:09 dnsmasq[41812]: using nameserver 195.238.2.22#53 Feb 17 11:36:09 dnsmasq[41812]: using nameserver 195.238.2.21#53 Feb 17 11:36:09 dnsmasq[41812]: reading /etc/resolv.confBecause the IP address changed the system thinks the link is down. In this snippet it's trying to resolve the DNS and cannot reach the nameservers. Then, apinger declares the link down. Tickling the interface renews the IP or route information. I didn't have this problem, but when my IP changed on occasion the link would remain down.
Try this: Go to System->Routing. Select your gateway, and change the monitor IP to something close to you on the Internet (I used 8.8.8.8). For some reason since my monitor IP was the Gateway IP DHCP never renewed properly and the link never came back. So I decided to use a custom monitor IP and the problem has not occurred again.
Also, I'm on the 2.0.3 PRERELEASE, but I don't think that fixed the problem. Try changing your monitor IP on your gateway and see if that resolves the issue.
-
First of all, tnx for the feedback.
What I tried so far: I added the IP as fixed dsn entry. I also changed the monitor IP to one of my provider's dns servers (they remain the same).
Unfortunately, neither fix solved the problem. Yesterday it went fine, but during today's update apinger still declared the link down & my dyndns update failed >:(
I'll change the monitor IP to something else than my providers' addresses, but I'm guessing it won't make much difference.Maybe I'll give the cron way a try… Why o why... such a simple feature that never gave me issues on cisco/dd-wrt/clearos :(
Still open for other suggestions...
-
My next recommendation is to update to the 2.0.3 PRERELEASE. It's stable and might just do the trick. That's why I mentioned it in my post that I was using it.
-
update: last couple of days it seems to be going ok.
Did not update yet to 2.0.3 prerelease, also reverted back from all previous modifications.What seems to be working: in "System\Routing\GW_WAN" under 'Advanced' I increased the value 'Down' to 60 (default was 10). This action seem to have helped for the dyndns update, I haven't had the nasty 'curl' error anymore since modification. So either it actually helped, OR I have been lucky until' now. I still sometimes see the GW as Offline, so maybe I should double it. (maybe I need some better understanding of the apinger mechanism :-[ )
As 2nd backup mod, I installed the cron package & modified the nightly scheduled DynDns check to run every 30 minutes. It does pollute the system log a bit, but good side effect is I can check how it is working, and so far it seems I haven't needed the cron mod yet.
before I forget: Tnx Tim & Phil for the given suggestions! Really appreciated…