[SOLVED] DDNS updater error with OpenDNS/DNS-O-Matic

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page 1, 2  Next
Author Message
siege
DD-WRT User


Joined: 23 Dec 2016
Posts: 90

PostPosted: Thu Jul 30, 2020 18:41    Post subject: [SOLVED] DDNS updater error with OpenDNS/DNS-O-Matic Reply with quote
Something is going on with the DDNS updater. I've had a stable setup for years using OpenDNS' DNS-O-Matic service, but in the last week or so something has changed and is now causing an error.

Other people are seeing this also: https://support.opendns.com/hc/en-us/community/posts/360071971352-DDNS-updater-getting-server-moved-error-

My setup is attached and the specific results I'm seeing now are as follows:
Code:
Thu Jul 30 13:21:24 2020: INADYN: Started 'INADYN Advanced version 1.96-ADV' - dynamic DNS updater.
Thu Jul 30 13:21:25 2020: I:INADYN: IP address for alias 'all.dnsomatic.com' needs update to '50.{redacted}'
Thu Jul 30 13:21:26 2020: W:INADYN: Response Code: 1
Thu Jul 30 13:21:26 2020: W:INADYN: Error validating DYNDNS svr answer. Check usr,pass,hostname! (HTTP/1.0 301 Moved Permanently
location: https://updates.dnsomatic.com/nic/update?hostname=all.dnsomatic.com
date: Thu, 30 Jul 2020 18:21:25 GMT
server: opendns
connection: close
content-length: 0

d>Current IP Address: 50.{redacted}
)

Is anyone else seeing this?


Last edited by siege on Mon Aug 24, 2020 22:43; edited 1 time in total
Sponsor
speed0flight
DD-WRT Novice


Joined: 05 Aug 2020
Posts: 1

PostPosted: Wed Aug 05, 2020 19:30    Post subject: Reply with quote
I'm having the exact same issue. Was working fine for several years until a couple of weeks ago.

Running: Firmware: DD-WRT v24-sp2 (07/24/13) giga

Wed Aug 5 19:25:08 2020: W:INADYN: Error validating DYNDNS svr answer. Check usr,pass,hostname! (HTTP/1.0 301 Moved Permanently
location: https://updates.dnsomatic.com/nic/update?hostname=all.dnsomatic.com
date: Wed, 05 Aug 2020 19:25:07 GMT
server: opendns
connection: close
content-length: 0
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6856
Location: Romerike, Norway

PostPosted: Sat Aug 15, 2020 8:19    Post subject: Reply with quote
Have you tried to change http: to https: in the URL?
siege
DD-WRT User


Joined: 23 Dec 2016
Posts: 90

PostPosted: Tue Aug 18, 2020 23:16    Post subject: Reply with quote
Per Yngve Berg wrote:
Have you tried to change http: to https: in the URL?

Yes, I've tried that, and I still get the same error.

It seems that In-a-Dyn might need to be updated (current version is 2.7, and DD-WRT is on 1.96) and https will need to be used.

As a workaround, I've added this command to my cron:
Code:
0 0 * * 0 /usr/bin/curl -k --silent -u "my_user_name:my_password" "https://updates.dnsomatic.com/nic/update?hostname=all.dnsomatic.com" >/dev/null 2>&1

I also added the command to my startup commands (minus the cron numerics).
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Wed Aug 19, 2020 10:45    Post subject: Reply with quote
Asked more than once:

https://svn.dd-wrt.com/ticket/7156

Feel free to close and reopen and add your findings

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
mac913
DD-WRT Guru


Joined: 02 May 2008
Posts: 1848
Location: Canada

PostPosted: Sat Aug 22, 2020 21:34    Post subject: Reply with quote
siege wrote:
Per Yngve Berg wrote:
Have you tried to change http: to https: in the URL?

Yes, I've tried that, and I still get the same error.

It seems that In-a-Dyn might need to be updated (current version is 2.7, and DD-WRT is on 1.96) and https will need to be used.

As a workaround, I've added this command to my cron:
Code:
0 0 * * 0 /usr/bin/curl -k --silent -u "my_user_name:my_password" "https://updates.dnsomatic.com/nic/update?hostname=all.dnsomatic.com" >/dev/null 2>&1

I also added the command to my startup commands (minus the cron numerics).


That's a good workaround, if used disable GUI DDNS. Just a note about my_user_name, if it is your email address eg. user@yahoo.com use user%40yahoo.com

_________________
Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9

Off Site 1

R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4

Off Site 2

R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531


YAMon 3.4.6 | DNSCrypt-Proxy V2
siege
DD-WRT User


Joined: 23 Dec 2016
Posts: 90

PostPosted: Mon Aug 24, 2020 22:39    Post subject: Problem solved! Reply with quote
OpenDNS support got back to me today. They said this:
Quote:
Can you try updating your router/application to send updates to updates.dnsomatic.com using port 443 (https://updates.dnsomatic.com)? We no longer allow updates to this service using port 80.

Leaving everything else as-is, adding port 443 in the URL works like a champ. (https://updates.dnsomatic.com:443/nic/update?hostname=) No more need for cron or startup scripts.

I've attached a screen shot for posterity. Hope this helps in the future.
mac913
DD-WRT Guru


Joined: 02 May 2008
Posts: 1848
Location: Canada

PostPosted: Tue Aug 25, 2020 15:14    Post subject: Reply with quote
Great news that the old 1.96 GUI does work with https.

We need the Wiki to be updated...
https://wiki.dd-wrt.com/wiki/index.php/DNS-O-Matic

Thanks for Posting!

_________________
Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9

Off Site 1

R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4

Off Site 2

R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531


YAMon 3.4.6 | DNSCrypt-Proxy V2
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14125
Location: Texas, USA

PostPosted: Tue Aug 25, 2020 15:30    Post subject: Reply with quote
Wiki should be updated, unless someone mucks with my edit.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
lolcocks
DD-WRT User


Joined: 31 May 2013
Posts: 137

PostPosted: Sat Oct 03, 2020 11:18    Post subject: Re: Problem solved! Reply with quote
siege wrote:
OpenDNS support got back to me today. They said this:
Quote:
Can you try updating your router/application to send updates to updates.dnsomatic.com using port 443 (https://updates.dnsomatic.com)? We no longer allow updates to this service using port 80.

Leaving everything else as-is, adding port 443 in the URL works like a champ. (https://updates.dnsomatic.com:443/nic/update?hostname=) No more need for cron or startup scripts.

I've attached a screen shot for posterity. Hope this helps in the future.



Thank you so much! Works great!

Any idea why this issue has started occurring in the first place?
HalfBit
DD-WRT Guru


Joined: 04 Sep 2009
Posts: 776
Location: AR, USA

PostPosted: Sat Aug 07, 2021 19:42    Post subject: Re: Problem solved! Reply with quote
siege wrote:
OpenDNS support got back to me today. They said this:
Quote:
Can you try updating your router/application to send updates to updates.dnsomatic.com using port 443 (https://updates.dnsomatic.com)? We no longer allow updates to this service using port 80.

Leaving everything else as-is, adding port 443 in the URL works like a champ. (https://updates.dnsomatic.com:443/nic/update?hostname=) No more need for cron or startup scripts.

I've attached a screen shot for posterity. Hope this helps in the future.

Confirmed working for me as well! THANK YOU!

_________________
R7000 Nighthawk - DD-WRT v3.0-r50308
R7000 Nighthawk - DD-WRT v3.0-r50308
~~~~~~~~~~Dismantled for learning opportunities~~~~~~~~~~
WRT54Gv2
WRT54Gv8.2
~~~~~~~~~~Other Settings~~~~~~~~~
https://nextdns.io/?from=2d3sq39x
https://pi-hole.net/
https://github.com/DNSCrypt/dnscrypt-proxy
marbss
DD-WRT Novice


Joined: 13 Jul 2007
Posts: 26

PostPosted: Fri Oct 08, 2021 12:31    Post subject: Reply with quote
if you are having problems with dnsomatic you can also try http but specify port 443. This is what worked for me.

http://updates.dnsomatic.com:443/nic/update?hostname=

Quote:
glli80
September 25, 2021 11:22
coski_da,

you can try replacing https://updates.dnsomatic.com:443/nic/update?hostname= with

http://updates.dnsomatic.com:443/nic/update?hostname= ( change https to http):


source: https://support.opendns.com/hc/en-us/community/posts/360071971352-DDNS-updater-getting-server-moved-error-?page=3#comments
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14125
Location: Texas, USA

PostPosted: Fri Oct 08, 2021 14:40    Post subject: Reply with quote
This was discussed elsewhere in the Marvell forum. Thanks for the update and input.

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=330218

_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
TedCheeze
DD-WRT User


Joined: 01 Feb 2016
Posts: 53
Location: Oregon, U.S.

PostPosted: Fri Feb 03, 2023 7:52    Post subject: Reply with quote
I know this is resurrecting a really old topic, but I have finally obtained some rather useful information in regards to DNS-O-MATIC.
I stumbled across what makes DNSOMATIC work consistently and reliably while trying to resolve a NTP issue.

There are just three simple rules that must be satisfied in order for update requests to be accepted.
    1) Update requests must be sent using HTTPS/SSL to port 443.
    2) updates.dnsomatic.com must be resolved using OPENDNS servers. No exceptions.
    3) You must add OPENDNS as one of your services to be updated.

    NOTE: myip.dnsomatic.com must be resolved using OPENDNS servers, if you are using one of their update clients.

Rule #1 is pretty self explanatory - You send your update requests to PORT 443 using SSL.
Rule #2 Cisco added a layer of validation so only Cisco Umbrella or OpenDNS users are able to use dns-o-matic. Update requests are validated by checking the IP of the request against DNS requests at OPENDNS servers. If corresponding DNS request is not found, the update request is dropped.
Rule #3 is fairly straight forward also. You need to add the OPENDNS service to DNSOMATIC account. If you do not it means you are not a OPENDNS customer and your updates will be dropped. You don't have to use OPENDNS, you just need to update it.


So how do you make it work?

Easy! If you are not using OPENDNS as your primary DNS just add these two lines to your DNSMASQ Additional Options in the GUI:
Code:
server=/myip.dnsomatic.com/208.67.222.222 (resolver1.opendns.com)
server=/updates.dnsomatic.com/208.67.222.222


You could also use 208.67.220.220 (resolver2.opendns.com)

It struck me while trying to get the NTP client to resolve 'time-c-b.nist.gov' using encrypted DNS with the wrong system time at bootup, which doesn't work. Then I saw a thread that said to use an IP address or add server=/[NTP URL}/{DNS IP} line to resolve the NTP URL using unencrypted dns. Hmmmm? Could I use that to make DNSMASQ use OPENDNS to resolve the DNSOMATIC URL's without changing my primary DNS. And it worked.

Basically I was trying to solve one problem and stubbed my toe on the solution to another.
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14125
Location: Texas, USA

PostPosted: Fri Feb 03, 2023 16:55    Post subject: Reply with quote
The bulk of this thread applied to pre-inadyn update to current status, but thanks for the input and information.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum