thank deSEC for its lovely service. I bumped into strange problems.
I use ddclient version 3.10.0 to update IP in A-record but suddenly (I didn’t touch a thing!) ddclient fails
Nov 01 21:11:14 pi4 ddclient[19371]: WARNING: Wait at least 5 minutes between update attempts.
Nov 01 21:11:14 pi4 ddclient[19373]: WARNING: skipping update of kruggel.social from to 87.166.147.166.
Nov 01 21:11:14 pi4 ddclient[19373]: WARNING: last updated but last attempt on Wed Nov 1 21:08:13 2023 failed.
Nov 01 21:11:14 pi4 ddclient[19373]: WARNING: Wait at least 5 minutes between update attempts.
Nov 01 21:11:14 pi4 ddclient[19375]: WARNING: skipping update of nettegedanken.de from to 87.166.147.166.
Nov 01 21:11:14 pi4 ddclient[19375]: WARNING: last updated but last attempt on Wed Nov 1 21:08:13 2023 failed.
Nov 01 21:11:14 pi4 ddclient[19375]: WARNING: Wait at least 5 minutes between update attempts.
Nov 01 21:11:14 pi4 ddclient[19377]: WARNING: skipping update of nettergedanke.de from to 87.166.147.166.
Nov 01 21:11:14 pi4 ddclient[19377]: WARNING: last updated but last attempt on Wed Nov 1 21:08:13 2023 failed.
Nov 01 21:11:14 pi4 ddclient[19377]: WARNING: Wait at least 5 minutes between update attempts.
I had no idea where to look what is going wrong with ddclient. As I got a FRITZ!Box that encounters no problem updating the IP for another domain knowscore.social I thought easiest workaround is to set A-record using the web-browser but …
Your log says that the last failed updates for various domains were all in the same second (Nov 1, 21:08:13). That suggests that ddclient attempts to update several domains in one request, with an update URL path like /nic/update?system=dyndns&hostname=domain1.com,domain2.net,domain3.de&myip=1.2.3.4.
This syntax is not supported by deSEC: only one domain can be updated per request.
(The reason for this is that DNS changes are committed to the nameserver backend per domain, and if some but not all domains in one request would fail, then it’s unclear how to handle that error, which error code to return etc. Better to keep things separate that are separate.)
You will have to configure ddclient to not set multiple domains in one request. I’m not sure how to do that; perhaps others in the forum know. (It’s the first time I hear of this problem though; perhaps you did a ddclient update and this is new functionality? – In any case, we never supported this, and if your updates used to work, then certainly something changed on your side.)
The reason for this is most likely that your record has a TTL of 60, while the default minimum TTL records at deSEC is 3600 seconds. You should be able to change the IP address is you set the TTL to at least 3600. (The dynDNS update method is exempt from this restriction.)
Reconfigured ddclient’s approval is still pending. ddclient’s version itself did not change but I really changed the count of domains from the initial first on (knowscore.de) to quite some more in ddclient’s config. So I rolled back to the initial one and only and restarted ddclient - hope to see him working well soon.
Assumed that it will there is only one thing left: tell ddclient to carry out single requests for each and every domain. Might turn tricky because friendly clever guys are rare (even on the internet).
curl instead of ddclient - as another chapter of infamous “amateur’s delight” I’d like to offer my bash-script that finally does this trick for me, my pi and some domains. It does not need ddclient anymore:
current_ip=$( curl https://checkipv4.dedyn.io/ )
ip_file="/home/pi/ip.txt"
old_ip=$( cat $ip_file )
if [ "$current_ip" = "$old_ip" ]; then
echo "no change, still got $old_ip"
else
echo "updating to $current_ip ..."
curl --ipv4 https://update.dedyn.io/?hostname=domain1.social --header "Authorization: Token 1234"
curl --ipv4 https://update.dedyn.io/?hostname=domain2.de --header "Authorization: Token 1234"
curl --ipv4 https://update.dedyn.io/?hostname=domain3.de --header "Authorization: Token 1234"
echo "saving $current_ip to $ip_file"
echo "$current_ip" > $ip_file
fi
