search

troglobit / inadyn

In-a-Dyn is a dynamic DNS client with multiple SSL/TLS library support
https://troglobit.com/projects/inadyn/
GNU General Public License v2.0
982 stars 142 forks source link

IPv6 updates with dns.he.net #156

Closed ldir-EDB0 closed 7 years ago

ldir-EDB0 commented 7 years ago

To say I'm really confused as to whether inadyn can be used to update AAAA records on Hurricane Electrics dns.he.net service is an understatement.

Can it? How? An example config would be greatly appreciated 'cos I've not a clue!

troglobit commented 7 years ago

There's an example in the inadyn.conf (5) man page.

ldir-EDB0 commented 7 years ago

I'm not using the tunnelbroker (anymore) but I am using he's dns service. I don't see the example for that?

troglobit commented 7 years ago

I see, well I haven't tested that so unfortunately I don't know. If you figure out I'll be more than happy to include it.

troglobit commented 7 years ago

Apparently there's some old and untested support that I'd forgotten about. Have no idea if it works with IPv6 or if they've changed their API since last it was tested. Try this in a .conf file, e.g. my.conf:

period         = 300

provider dyndns@he.net {
    username   = account1
    password   = secret1
    hostname   = your.host.nm
}

Then run inadyn with the following arguments and check the syslog for details:

inadyn -1 -f my.conf -l debug -n
troglobit commented 7 years ago

Closing due to lack of activity.

iav commented 4 years ago

First — in inadyn no way to point to server "I want to update aaaa record". https://dns.he.net/docs.html :

Update requests can be sent over http or https. The site is currently using a self signed certificate that was generated by our security team.

The most basic example:
https://[your domain name]:[your password]@dyn.dns.he.net/nic/update?hostname=[your domain name]
Autodetect my IPv4/IPv6 address:
% curl -4 "https://dyn.example.com:password@dyn.dns.he.net/nic/update?hostname=dyn.example.com"                 
% curl -6 "https://dyn.example.com:password@dyn.dns.he.net/nic/update?hostname=dyn.example.com"                 

Specify my IPv4/IPv6 address:
% curl "https://dyn.example.com:password@dyn.dns.he.net/nic/update?hostname=dyn.example.com&myip=192.168.0.1"                   
% curl "https://dyn.example.com:password@dyn.dns.he.net/nic/update?hostname=dyn.example.com&myip=2001:db8:beef:cafe::1"
iav commented 4 years ago

Second — inadyn shows ssl error trying to check ipv4 address on dyn.dns.he.net:

# inadyn -n -f inadyn.2.conf -1 -l debug
inadyn[29970]: In-a-dyn version 2.5 -- Dynamic DNS update client.
inadyn[29970]: Cached IP# 999.999.999.999 for my.host.name from previous invocation.
inadyn[29970]: Last update of my.host.name on Fri Dec  6 06:44:27 2019
inadyn[29970]: Base64 encoded string: d2IuaWF2Lmx2Ojg3OWMxQmZXdTFzdmJlQlM=
inadyn[29970]: Get address for dyndns@he.net
inadyn[29970]: Checking for IP# change, connecting to checkip.dns.he.net([184.105.242.4]:443)
inadyn[29970]: Checking for IP# change, initiating HTTPS ...
inadyn[29970]: OpenSSL error: 2010139424:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:332:
inadyn[29970]: Failed to get IP address for dyndns@he.net, giving up!
inadyn[29970]: Update forced for alias my.host.name, new IP# 999.999.999.999
inadyn[29970]: Sending IP# update to DDNS server, connecting to dyn.dns.he.net([184.105.242.3]:443)
inadyn[29970]: Sending IP# update to DDNS server, initiating HTTPS ...
inadyn[29970]: SSL connection using ECDHE-RSA-AES256-GCM-SHA384
inadyn[29970]: Certificate OK
inadyn[29970]: SSL server cert subject: /CN=dyn.dns.he.net
inadyn[29970]: SSL server cert issuer: /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
inadyn[29970]: Sending alias table update to DDNS server: GET /nic/update?hostname=my.host.name&myip=999.999.999.999 HTTP/1.0
Host: dyn.dns.he.net
Authorization: Basic d2IuaWF2Lmx2Ojg3OWMxQmZXdTFzdmJlQlM=
User-Agent: inadyn/2.5 https://github.com/troglobit/inadyn/issues

inadyn[29970]: Successfully sent HTTPS request!
inadyn[29970]: Successfully received HTTPS response (266 bytes)!
inadyn[29970]: DDNS server response: HTTP/1.0 200 OK
Date: Fri, 06 Dec 2019 04:50:46 GMT
Server: dns.he.net v0.0.1
Email: DNS Administrator <dnsadmin@he.net>
Cache-Control: no-cache, must-revalidate
Expires: Sat, 05 Dec 2020 04:50:46 GMT
Content-Length: 19
Content-Type: text/html

nochg 999.999.999.999
inadyn[29970]: Successful alias table update for my.host.name => new IP# 999.999.999.999
inadyn[29970]: Updating cache for my.host.name

How to pass this error?

troglobit commented 4 years ago

@iav First, please don't use closed bug reports for general questions or support with new bugs.

Now, regarding your questions:

  1. In-a-dyn has very basic support for IPv6 today and it does not do any actual record updates, it only connects to DDNS provider APIs to notify them of IP address changes.
  2. The error seems to indicate that the checkip server, unlike the update server, doesn't support SSL/TLS. I believe this has been fixed on the Inadyn master branch, after v2.5 was released