Dydns question

cjohnson

is there any way to set the no-ip client to update say every week even if the wan interface ip doesn't change?

stephenw10

There isn't and it's causing me a problem. Also using no-ip. 25 days has become too long, I assume No-IP have reduced their limits although the documentation still says 30 days (28 days?).

Steve

cjohnson

crap. i was hoping there was. it's kind of annoying getting that e-mail from them telling me that they're gonna' delete my dns name unless i tell them not to all because my client hasn't phoned home. (sigh)  :(

wanna' go in on a bounty with me stephen?  ;D

stephenw10

The value appears to be hard coded in /etc/inc/dyndns.class:

/*   use 2419200 for dyndns, dhs, easydns, noip, hn
*   zoneedit, dyns, ods
*/
$time = '2160000';

I guess the comment is old, 2160000 seconds is 25 days. As a work around you could probably just edit this file but it may well be overwritten by an update. It would be relatively easy to have this as a user entered variable, I wonder if there was some reason why it wasn't setup like that.  :-.

I'll try it and see what happens.

Steve

phil.davis

This pull request does the trick: https://github.com/bsdperimeter/pfsense/pull/430
It is against the 2.1 main branch.
If you are running 2.0.n then it might need integrating into the 2.0.n branch, if there is enough interest and Jimp and co are still taking changes for 2.0.3 then it could be easily backported.
I thought about adding a knob to the GUI so users can specify their own max cache age - that is more work!

stephenw10

I may have understood the logic of the dyndns updater incorrectly but it looks to me as though there is a further problem here. Having set the 'time' value to 172800, 2 days, the logs show that it sees the interval as being longer than that. However because the WAN address hasn't actually changed since it was last cached the update client does not run.

Logs are in reverse order, top is most recent.

Feb 22 17:48:25 	php: /services_dyndns_edit.php: phpDynDNS: (Success) IP address is current, no update performed.
Feb 22 17:48:25 	php: /services_dyndns_edit.php: phpDynDNS: updating cache file /conf/dyndns_wannoip'******.hopto.org'.cache: 146.90.***.***
Feb 22 17:48:25 	php: /services_dyndns_edit.php: DynDns debug information: 146.90.***.*** extracted from local system.
Feb 22 17:48:25 	php: /services_dyndns_edit.php: DynDns: Current Service: noip
Feb 22 17:48:25 	php: /services_dyndns_edit.php: DynDns: DynDns _checkStatus() starting.
Feb 22 17:48:25 	check_reload_status: Syncing firewall
Feb 22 17:48:25 	php: /services_dyndns_edit.php: DynDns: DynDns _update() starting.
Feb 22 17:48:25 	php: /services_dyndns_edit.php: DynDns debug information: DynDns: More than 2 days. Updating. 1361555305 - 1360117871 > 172800
Feb 22 17:48:25 	php: /services_dyndns_edit.php: DynDns: Current WAN IP: 146.90.***.*** Cached IP: 146.90.***.***
Feb 22 17:48:25 	php: /services_dyndns_edit.php: DynDns debug information: 146.90.***.*** extracted from local system.
Feb 22 17:48:25 	php: /services_dyndns_edit.php: DynDns: updatedns() starting

Logging into the No-IP web control panel seems to confirm this:

IP Address: 146.90.***.***   Last Update: 2013-02-05 18:31:01 PST

This seems wrong to me. The logic should be; if the interval 'time' has passed since last update then run the update client even if the cached IP is the same.
That's what No-IP requires.

Steve

phil.davis

case 0:
	$status = "phpDynDNS ({$this->_dnsHost}): (Success) IP address is current, no update performed.";
	$successful_update = true;
	break;

"noip" seems to return a "0" status in this case, which someone in the past has interpreted (seemingly correctly!) as meaning that "noip" already has that address (which it does) and is choosing not to update anything (including the 'last update' date).
This is probably the root cause of the problem - "noip" is not recording updates of the same address that are done in this automated fashion. It probably does let you go for 25 days without doing an update.
I guess that when you login interactively to the no-ip.com web interface and update our address, the no-ip system really takes the update, and records "now" as the last updated time.
A cludgy way around the problem would be for the dyndns.class code to first change the IP to something else that is rubbish (192.168.1.1), then change it back! That would make no-ip take notice.

phil.davis

Logging into the No-IP web control panel

I logged into my no-IP free account, but I can't see where it will display the last update date. Exactly how do you get that data?
http://support.no-ip.com/customer/portal/articles/375698-why-is-my-host-not-updating-or-why-is-it-pending-deletion-
This implies that, for free accounts, when the client goes to update the IP address, if the IP address has not changed then the last update date does not get updated.
Thus, if your IP address remains the same for 30 days, you have to manually login online to no-IP and do an update.
The "fix" in that article is to buy a paid account.
When pfSense detects no change for more than [7|25] days on a no-IP account, it could purposely change the IP address to something else, then change it back.

stephenw10

Ah, I see. Expected behaviour. Seems a bit ****!  ::)
I guess my line is getting more reliable then. Maybe time to switch to another dyndns provider.

It took me a while to find the cached IP date/time on the No-IP  but I remembered having seen it the last time they threatened to cancel my host.

Login to the site.
Click 'Hosts/Rediercts', top left.
Click 'Manage Hosts'.
Then click the 'modify' button next to the host name.
The last update time/date is listed.

Steve

phil.davis

Thanks - found it. If I change the IP on the No-IP site to some rubbish, then 5 minutes later force an update from pfSense, the last updated time is correct. Then after another 5 minutes force an update again, the last updated time is not updated (No-IP sees that the IP is not actually changed, and does not update "last updated").
So, the workaround is, when the cache age is 25 days, for the dyndns.class code to change the IP registration to some other value (like 192.168.1.1 to avoid accidentally pointing it to someone else's valid public IP/server), then a minute later change it back to the correct IP.
This will make people's server/whatever unavailable for a few minutes - but those using the free service probably don't have 99.999% uptime contracts to meet:) It would be best to add a new Dynamic DNS provider to the list - "noipfree" - for which this behaviour happens. Those using "noip" can get the same behaviour as now, which works cleanly from the paid accounts.

cjohnson

sheesh! what a pain in the lower o-ring! i think i'm gonna' go with stephen's idea and switch to another provider.

"let's make the free service good and painful to use. that way when people get tired of it and the user base drops way down, we can justify killing it altogether because noone's using it".

::)

at any rate, thanks to everyone for the help/interest.

stan-qaz

I've had these two free ones both being updated by pfSense and they seem to be happy.

DNS-O-Matic - https://www.dnsomatic.com/

DynDNS - http://dyn.com/

phil.davis

I made some code changes that do work - https://github.com/bsdperimeter/pfsense/pull/436
But it has to be a bit of a kludge, changes the IP to 192.168.1.1 then 10 seconds later changes it back to the actual public IP. That does successfully force the "last updated" timestamp to be updated on the No-IP site. There is a little window when the name points to an invalid place. But people who are using just the free service, it will be for home or very small single-office use, so a little window like this every 25 days should be acceptable.
The code is based on 2.1 - if you are running 2.0.n then you would have to backport it a bit.

stephenw10

Pretty sure I can live with 10 seconds of downtime every 25 days.  ;)
Thanks Phil.

Steve

phil.davis

The code change was committed a couple of days ago. So support for No-IP free accounts is in recent 2.1-BETA1 snapshots. You have to select "No-IP (free)" as your Dynamic DNS provider to get the special behaviour. It is working for me.

deltalord

Just for the record, another user reported the same issue.

pquesinb

This is awesome… thanks Phil!  (I'm the guy who initially pointed out the annoying no-ip behavior) but hey it's free, right?  Oh wait a second... pfSense is free too but there's no annoying behavior.  :)

IIRC, the cron job in pfSense does these updates at 1:00am or so.  If that is indeed the case then it's very unlikely to adversely impact anyone.

As for alternatives, I've found FreeDNS to be quite useful.  DNS-O-Matic does look interesting and since it's an OpenDNS service, I would expect that there's almost no chance of this sort of "monkey business" cropping up in the future.

Thanks again,

• Phil