DynDNS Update problem (and at the moment working solution) with Gateway Group
I've some pfS setups with 2 WANs (DSL and Cable).
To be able to administer pfS remotely most of the time I configured a seperate dynDNS hostname for each one.
So far so easy.
I then also configured a third dynDNS hostname for the (Failover) Gateway Group of the two WANs which is intended for the OVPN Clients to connect to.
This was where the trouble started, as it often (not always) did not update properly to the active WAN, where the WAN itself updated just fine.
A forced dynDNS Update worked.
After monitoring the problem some time, hoping to find a pattern triggering the problem, I dug into the /etc/inc/dyndns.class and found some points which might help you as well if you experience a similar problem:
If your WAN is not a modem or bridge with a public IP (like here in Germany with any Cable Provider, you only get a router and are forced to use it) pfS is not directly aware of an IP change and has to monitor it externaly. Therefor it checks your IP with the URL checkip.dyndns.org, no matter which dynDNS provider you configured.
This URL is the main reason for trouble, as it is extremly slow (at least from my location) and sometimes doesn't respond at all. In addition to that it seems there is a maximum for querys per IP per period. I read somewhere about once every 10 minutes.
I worked around that in setting up a very simple php page () on my web server and now check against my own URL with no restrictions.
To make that work with the dyndns.class I had to remove the conversion of the host to IP, which I didn't understand anyways and changed the RegEx to match the first ip address.
It would be great if there was an option directly in the WebGUI to set the URL to check against, then it would not be necessary to hack the code.
Hope this saves you some time and trouble,