How to use dyndns with both IPv6 and IPv4?

I have been using desec.io dyndns service for over a year without problems from my IPv4 only residential line.

Recently, I got IPv6 support on my residential line. Since then, my dyn dns stopped working… That is: services hosted on my residential line did no longer respond… I debugged this down to the fact that dyn dns seems to now resolve to my IPv6 address and no longer my IPv4 address.

I suppose this happens because my update call (curl "https://update.dedyn.io/?hostname=${hostname}" --header "Authorization: Token ${token_usage}") seems to come from my IPv6 address because an IPv6 route to update.dedyn.io is availalbe…

Is there a way to either force the dyndns to IPv4 or alternatively to have it resolve to both somehow? (not sure how that would work? Possibly by setting both an A and an AAAA record?)

For now I have disabled IPv6 but I would really like to be able to use this…

Hi @LydolfSleipner,

I would give this a read IP Update API — deSEC DNS API documentation

What DynDNS client are you using?

You basically have two options.

1. Use two curl calls, one IPv4 only, the other IPv6 only, both with the preserve option.
2. Set the IPs in the update URL

The second one is a little bit nicer, since you only have to make one call and it will also delete your A or AAAA record, in case your host looses IPv4 or IPv6 for whatever reason.

If you need a simple shell script for the second option, here is a shameless plug of my script that is looking for testers besides fiwswe

Thanks. So does this mean that I basically needs to do these two calls:

curl --ipv4 "https://update.dedyn.io/?hostname=${hostname}" --header "Authorization: Token ${token_usage}"
curl "https://update6.dedyn.io/?hostname=${hostname}&myipv4=preserve" --header "Authorization: Token ${token_usage}"

First setting the ipv4, second setting the ipv6 while preserving ipv4?

That is one option (just make sure to have at least 1min delay between the two(rate limit)).

Another option would be to set the IPs in the URL. That way you only need one curl call. Something like this:
curl “https://update.dedyn.io/?hostname=${hostname}&myipv4=1.1.1.1&myipv6=2001::1” --header “Authorization: Token ${token_usage}”

Another option would be to use my script, which basically does the same as the curl above, with the difference that it checks for changes and only then issues the update curl.

If you can find the addresses locally and set them like @KapernMagIchNicht described, then that is more secure. In case someone can NAT your traffic, that attacker can make your update request appear to come from a different address and redirect your inbound traffic via your dynamic DNS that way. The encryption doesn’t prevent that kind of manipulation if the address isn’t sent with the update request and has to be derived from the client’s source address.

@LydolfSleipner you can set ipv4 only if your ipv6 setup is not working. Just include ipv6= (empty value) in the url of the curl call and include the ip parameter with your actual current ipv4 address. This would work no matter the route your request is taking.

I did not try this approach, it’s my understanding from the documentation.

Edit: Oh, and with your approach of forcing curl to using a v4 route, you could probably skip the ip parameter. So only the first of your proposed requests, but with the parameter&value ipv6=:

curl --ipv4 "https://update.dedyn.io/?hostname=${hostname}&ipv6=" --header "Authorization: Token ${token_usage}"

Setting an emtpy value for IPv6 while doing an IPv4 update call, will delete the AAAA record (and vice versa).

But OP is asking for both, an A and an AAAA record.