Afraid.org DDNS Broken on a few of my routers

[BikeHelmet]

Howdy,

I guess it's router maintenance month. DDNS seems to be broken on a few of my routers. Nothing critical was depending on it, but it'd be nice to get it up and running again. Originally I had issues using the username/password, so I had set up the /jffs/scripts/ddns-start script on all three RT-AX56U's. Currently they all say "Request error! Please try again." on the DDNS page.

System Log:

Aug  3 01:26:17 ddns: Custom ddns update failed

It currently looks like this, but I also tried wget using the suggestions on their Dynamic page:

FreeDNS - Free subdomain AND domain hosting!

#!/bin/sh
curl -fs -o /dev/null "http://freedns.afraid.org/dynamic/update.php?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

if [ $? -eq 0 ]; then
    /sbin/ddns_custom_updated 1
else
    /sbin/ddns_custom_updated 0
fi

#!/bin/sh
wget -q --read-timeout=0.0 --waitretry=5 --tries=400 --background http://freedns.afraid.org/dynamic/update.php?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

if [ $? -eq 0 ]; then
    /sbin/ddns_custom_updated 1
else
    /sbin/ddns_custom_updated 0
fi

I am using HTTP since HTTPS had issues in the past.

What popped into my head was "Oh, maybe entware updated and broke stuff" - but then I remembered that entware isn't on one of them.

I have one router that is Dual-WAN, with entware and a ton of addons, one that is single WAN with entware, and one that is a plain RT-AX56U with only amtm and scMerlin. They're all on the latest 388.2_2 firmware, but I confirmed that one was already broken on 386.7_2

All three routers can resolve the IP according to the ping command, but fail to ping. I get errors like this when running curl or wget:

curl: (28) Failed to connect to freedns.afraid.org port 443 after 15047 ms: Couldn't connect to server


curl: (28) Failed to connect to freedns.afraid.org port 80 after 15031 ms: Couldn't connect to server


Resolving freedns.afraid.org... 174.128.246.100
Connecting to freedns.afraid.org|174.128.246.100|:80... failed: Connection timed out.

If I click anything on the Dynamic page, it instantly goes through. I can also wget or curl no problem from an Ubuntu VirtualBox VM and it instantly registers - so I'm not IP blocked or anything like that.

I also just checked my RT-AX68U, and although the IP was not correct at afraid.org, just going to the DDNS page on my router and clicking Apply was enough to get that one to successfully update - using the exact same script.

I'm either missing something really obvious due to my mundane linux knowledge, or my routers are just having trouble connecting to freedns.afraid.org for some reason? Thinking of similarities, they are all on DNS over TLS strict mode, and have 8.8.4.4 and 1.0.0.1 as their assigned WAN DNS - but so is the RT-AX68U. I'm running out of things to check... anyone got any ideas that might point me in the right direction?

Cheers,

 

[Martinski]

Howdy,

I guess it's router maintenance month. DDNS seems to be broken on a few of my routers. Nothing critical was depending on it, but it'd be nice to get it up and running again. Originally I had issues using the username/password, so I had set up the /jffs/scripts/ddns-start script on all three RT-AX56U's. Currently they all say "Request error! Please try again." on the DDNS page.
...

I have seen similar errors in the past with the FreeDNS update checks for the WAN IP address, so I ended up writing a custom script that gets called from the "/jffs/scripts/ddns-start" script. The custom script sends messages to the system log, and also outputs a separate log file along with an output file, which can provide a bit more info when a problem occurs.

The script makes a maximum of 4 attempts to request a DDNS WAN IP check. When it fails, there's a 20-second wait before the next attempt. I've used this method for at least 3 years now, and when the 1st attempt fails, the 2nd attempt has been successful in about 90%-95% of the failures and, so far, it has never gone beyond the 3rd attempt to succeed as long as there are no other problems interfering with the internet connection.

I'm not saying that this script will fix the issue that you're currently experiencing, but if you're interested in trying it with your routers to check it out let me know.

 

[BikeHelmet]

I have seen similar errors in the past with the FreeDNS update checks for the WAN IP address, so I ended up writing a custom script that gets called from the "/jffs/scripts/ddns-start" script. The custom script sends messages to the system log, and also outputs a separate log file along with an output file, which can provide a bit more info when a problem occurs.

The script makes a maximum of 4 attempts to request a DDNS WAN IP check. When it fails, there's a 30-second wait before the next attempt. I've used this method for at least 3 years now, and when the 1st attempt fails, the 2nd attempt has been successful in about 90%-95% of the failures and, so far, it has never gone beyond the 3rd attempt to succeed as long as there are no other problems interfering with the internet connection.

I'm not saying that this script will fix the issue that you're currently experiencing, but if you're interested in trying it with your routers to check it out let me know.

I'll definitely give it a try. At the very least, a more detailed error message could shine light on what's going on. Is there a link, or did you want to post it or message it privately?

 

[Martinski]

I'll definitely give it a try. At the very least, a more detailed error message could shine light on what's going on. Is there a link, or did you want to post it or message it privately?

OK, here you go. Attached is the custom shell script file (DDNS_IPcheck.sh - remove the TXT file extension).

You have the option to set the value of your own API "Authorization Token" to the existing variable "ddnsTokenStr" in the script itself:

ddnsTokenStr="XXX_API_TOKEN_STRING_XXX"

Or, you can pass your token string as the 1st parameter when calling the custom script. Note that the required API token string is *NOT* the 44-char token string given for version 1; instead, it's the 24-char token from version 2 of the dynamic update interface as provided in the following FreeDNS account page:

FreeDNS - Free subdomain AND domain hosting!

This is how the script can be called from "/jffs/scripts/ddns-start":

## Authorization Token is already set in the script ##
/jffs/scripts/DDNS_IPcheck.sh

OR

## Authorization Token is passed as the 1st parameter ##
/jffs/scripts/DDNS_IPcheck.sh  "XXX_API_TOKEN_STRING_XXX"

The extra files that get created by the custom script are the following:

/tmp/var/tmp/ipDDNScheck_FreeDNS.OUT
/tmp/var/tmp/ipDDNScheck_FreeDNS.LOG

These files may contain useful info if/when a failure occurs.

BTW, I misspoke previously; the custom script has a 20-second wait between calls to the DDNS IP check, not 30 seconds as mentioned before (I had forgotten that I changed that value some while ago).

HTH