Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rfc2136: Failed nsupdate breaks cache #4055

Open
3 tasks done
perryflynn opened this issue Jun 23, 2024 · 4 comments
Open
3 tasks done

rfc2136: Failed nsupdate breaks cache #4055

perryflynn opened this issue Jun 23, 2024 · 4 comments

Comments

@perryflynn
Copy link

Important notices
Before you add a new report, we ask you kindly to acknowledge the following:

Describe the bug

Similar to #2752, updating my DynDNS Domain via the rfc2136 plugin does not work. I added some log lines to the plugin code and it looks like the update fails at rc.bootup because the internet connection is not established yet. Later on rc.newwanip the plugin reports the IP was not changed and the nsupdate call is skipped.

To Reproduce

  • Use pppoe connection
  • Create rfc2136 IPv4 entry for the pppoe interface
  • reboot

Expected behavior

The plugin should not create a cache file when the nsupdate fails and should retry the nsupdate when the router is finally online.

Relevant log files

2024-06-23T22:46:00	Error	opnsense	/usr/local/etc/rc.rfc2136: Dynamic DNS: Not updating ddns.example.com A record because the IP address has not changed.	
2024-06-23T22:38:43	Error	opnsense	/usr/local/etc/rc.newwanip: Dynamic DNS: result: 0;	
2024-06-23T22:38:43	Error	opnsense	/usr/local/etc/rc.newwanip: Dynamic DNS: update cmd: /usr/local/bin/nsupdate -k /var/etc/nsupdatekey1 -v /var/etc/nsupdatecmds1	
2024-06-23T22:38:43	Error	opnsense	/usr/local/etc/rc.newwanip: Dynamic DNS: update script: server ns1.dns42.de; update delete ddns.example.com. A; update add ddns.example.com. 60 A my.ip.add.ress; ;	
2024-06-23T22:38:43	Error	opnsense	/usr/local/etc/rc.newwanip: Dynamic DNS: updating cache file /var/cache/rfc2136_opt9_ddns.example.com_ns1.dns42.de.cache: my.ip.add.ress	
2024-06-23T22:37:08	Error	opnsense	/usr/local/etc/rc.bootup: Dynamic DNS: update failed, delete cache files	
2024-06-23T22:37:08	Error	opnsense	/usr/local/etc/rc.bootup: Dynamic DNS: result: ; Communication with my.dns.ser.ver#53 failed: operation canceled; could not reach any name server; 1;	
2024-06-23T22:37:08	Error	opnsense	/usr/local/etc/rc.bootup: Dynamic DNS: update cmd: /usr/local/bin/nsupdate -k /var/etc/nsupdatekey1 -v /var/etc/nsupdatecmds1	
2024-06-23T22:37:08	Error	opnsense	/usr/local/etc/rc.bootup: Dynamic DNS: update script: server ns1.dns42.de; update delete ddns.example.com. A; update add ddns.example.com. 60 A my.ip.add.ress; ;	
2024-06-23T22:37:08	Error	opnsense	/usr/local/etc/rc.bootup: Dynamic DNS: updating cache file /var/cache/rfc2136_opt9_ddns.example.com_ns1.dns42.de.cache: my.ip.add.ress

Additional context

My workaround is to delete the cache files when the exit code of the nsupdate command is not zero.

My change in /usr/local/etc/inc/plugins.inc.d/rfc2136.inc:

        if ($need_update) {
            @file_put_contents("/var/etc/nsupdatecmds{$i}", $upinst);
            unset($upinst);

            /* invoke nsupdate */
            $cmd = "/usr/local/bin/nsupdate -k {$keyfile}";
            if (isset($dnsupdate['usetcp'])) {
                $cmd .= " -v";
            }
            $cmd .= " /var/etc/nsupdatecmds{$i}";

            //mwexec_bg($cmd);
            $out = shell_exec($cmd." 2>&1; echo $?");
            $status = ((int)trim(end(explode("\n", trim($out)))));

            log_error("Dynamic DNS: update script: ".str_replace("\n", "; ", file_get_contents("/var/etc/nsupdatecmds".$i))>
            log_error("Dynamic DNS: update cmd: ".$cmd);
            log_error("Dynamic DNS: result: ".str_replace("\n", "; ", $out));

            if ($status > 0) {
                @unlink($cacheFile);
                @unlink($cacheFile6);
                log_error("Dynamic DNS: update failed, delete cache files");
            }

            unset($cmd);
            unser($out);
        }

Environment
Software version used and hardware type if relevant.
e.g.:

OPNsense 24.1.9_4-amd64
FreeBSD 13.2-RELEASE-p11
OpenSSL 3.0.14

Manufacturer: PC Engines
Product Name: apu4
@AdSchellevis
Copy link
Member

When possible, please open a pull-request. currently the nsupdate action seems to be backgrounded, if you make it blocking, it might stall the boot process. (with a pull-request we can review and offer feedback)

@perryflynn perryflynn mentioned this issue Jun 24, 2024
Open
@perryflynn
Copy link
Author

PR is opened.

@perryflynn
Copy link
Author

@AdSchellevis ddclient also supports nsupdate. But as it looks like that protocol is not yet exposed to the OPNSense UI. Does it maybe make sense to replace the rfc2136 plugin with os-ddclient?

https://sourceforge.net/p/ddclient/wiki/protocols/#nsupdate

@AdSchellevis
Copy link
Member

@perryflynn it might be worth a try if that works better, but my advise would be to first install ddclient (without our plugin package) and test it out. If it works as expected, just let me know what it needs so we can discuss how to implement it there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@perryflynn @AdSchellevis