Please follow the below template, it will help us to help you!
Expected Behaviour:
Debian ddclient should update no-ip ddns with ip address for ppp0
Actual Behaviour:
Debian ddclient populates no-ip ddns with ip address for a server on paradisenetworks.net
Debug Token:
No debug token - There was an error uploading your debug log.
So, I have a low power server running Debian Bullseye that I use as a router/firewall,
asterisk pbx, file/print server, and PiHole ad-blocker. Some learning involved with the details, but now it is running very well and functions smoothly. I want to remotely view some webcams, so I am trying to enable ddns with no-ip. I should mention that I am using ufw/iptables and also use a commercial VPN (VyprVPN with openvpn client running on my server.
Here are some of the important ufw rules:
[ 1] Anywhere ALLOW IN 192.168.0.0/24
[ 2] 53 ALLOW IN 192.168.0.0/24
[ 3] 4711/tcp ALLOW IN 192.168.0.0/24
[ 4] 80/tcp ALLOW IN Anywhere
[ 5] 22/tcp ALLOW IN Anywhere
[ 6] 443/tcp ALLOW IN Anywhere
[ 7] 123/udp ALLOW IN Anywhere
[ 8] 67:68/tcp ALLOW IN Anywhere
[ 9] Anywhere ALLOW OUT Anywhere on tun0 (out)
[10] 53,1197/udp ALLOW OUT Anywhere on enp6s0 (out)
[11] 192.168.0.0/24 ALLOW OUT Anywhere on enp6s0 (out)
[12] 443/tcp ALLOW OUT Anywhere (out)
[13] 192.168.0.0/24 ALLOW OUT Anywhere on enp4s0 (out)
And here is a portion of before.rules:
-A POSTROUTING -s 192.168.0.0/24 -o enp4s0 -j MASQUERADE
-A POSTROUTING -s 192.168.0.0/24 -o tun0 -j MASQUERADE
enp4s0 is the router interface on my LAN side (192.168.0.0/24) with ip 192.168.0.10
enp6s0 is the router interface on the WAN side, with no ip configured
ppp0 gets my dynamic Centurylink ip
tun0 is the VyprVPN dhcp address assigned to my tunnel (dynamic ip)
us7.vyprvpn.com is the VyprVPN SanFrancisco server I usually use
Here is my ddclient.conf
/etc/ddclient.conf
#protocol=dyndns2
protocol=noip
use=if, if=ppp0
server=https://dynupdate.no-ip.com
#server=noip.com
login=myusername
password=mypassword
my-domain.net
Here are my defaults for ddclient:
/etc/default/ddclient
run_dhclient="false"
run_ipup="false"
run_daemon="true"
daemon_interval="300"
ip address:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: enp3s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
link/ether 00:13:3b:4a:51:d4 brd ff:ff:ff:ff:ff:ff
3: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:13:3b:4a:51:d5 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.10/24 brd 192.168.0.255 scope global enp4s0
valid_lft forever preferred_lft forever
4: enp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether d0:50:99:12:92:f8 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.55/24 brd 192.168.0.255 scope global noprefixroute enp6s0
valid_lft forever preferred_lft forever
5: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc fq_codel state UNKNOWN group default qlen 3
link/ppp
inet 97.113.236.98 peer 63.231.10.68/32 scope global ppp0
valid_lft forever preferred_lft forever
8: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
link/none
inet 10.2.2.62/24 brd 10.2.2.255 scope global tun0
valid_lft forever preferred_lft forever
enp3s0 is a currently unused NIC
ip route show:
0.0.0.0/1 via 10.2.2.1 dev tun0
default dev ppp0 scope link
default via 192.168.0.10 dev enp4s0 src 192.168.0.10 metric 203
default via 192.168.0.10 dev enp6s0 proto dhcp src 192.168.0.55 metric 204
10.2.2.0/24 dev tun0 proto kernel scope link src 10.2.2.62
63.231.10.68 dev ppp0 proto kernel scope link src 97.113.236.98
128.0.0.0/1 via 10.2.2.1 dev tun0
169.254.0.0/16 dev enp4s0 scope link metric 1000
192.168.0.0/24 dev enp4s0 proto dhcp scope link src 192.168.0.10 metric 203
192.168.0.0/24 dev enp6s0 proto dhcp scope link src 192.168.0.55 metric 204
209.99.95.18 dev ppp0 scope link
So, in the routing table, I'm confused by the 128.0.0.0 address (not sure I've seen this before).
As far as the paradisenetworks.net ip is concerned, I'm guessing that it's actually hosting the vyprvpn server, but not sure.
Anyway, there are several details here which I have not been able to comprehend fully.
Pihole is my local nameserver (/etc/resolv.conf nameserver 192.168.0.10),
as per VyprVPN there is no need to use the VyprVPN dns servers.
Pihole blocks ads correctly, and once I got the ufw/masquerade correct, there is an
effective kill switch for the VPN (local traffic can only go out to the internet through the tun0 interface).
I think I'll run into some more iptables details when I try to connect from outside the
local network (need to allow some incoming traffic from the internet), but it doesn't seem like that should be an issue for the ddns because the DUC (ddns update client) is just trying to send my ppp0 ip addreess to the no-ip server (so only outbound).
Any ideas for troubleshooting, or obvious errors in my setup?
Sorry to be so long winded....
Looking ove