DDNS client

DDNS stands for Dynamic DNS. Simply put, using this service gives a name to your IP. So if you're hosting something on your line, people would not have to bother typing your IP. They can just type in your domain name! It also helps when your IP changes. Users won't need to discover what your new IP is, they can simply type your domain name.

This guide will help you configure your DDNS service, so that your router auto-updates your IP to your DDNS provider. The simplest method possible would be through LuCI.

OpenWrt uses ddns-scripts which are shell scripts. There are other scripts and programs available in the web, also some DDNS providers offer their own programs. All of them are currently not ported and tested on OpenWrt.

ddns-scripts support other special communication functions to be used:

Run once, useful for usage with cron.
Set proxy with/without authentication for HTTP/HTTPS requests.
Set DNS server to use other than system default.
Binding to specific network if wget or to specific interface if curl installed.
Force the usage of either IPv4 or IPv6 communication only. Require either wget or curl AND bind-host
DNS requests via TCP, require either wget or curl AND bind-host.

First of all, you'll need to pick and register a DNS name with a compatible DDNS service provider. For a list of DDNS providers, see:

ddns-scripts support the following Dynamic DNS service providers out of the box:
3322.org	afraid.org ⁶⁾	changeip.com	cloudflare.com ^{2) 5) 6)}
core-networks.de ⁶⁾	ddnss.de ⁶⁾	dhis.org ⁶⁾	dnsdynamic.org
dnsexit.com	dnshome.de ⁶⁾	dnsmax.com	dnsomatic.com
dnspark.com	do.de ⁶⁾	dtdns.com	duckdns.org ⁶⁾
duiadns.net ⁶⁾	dy.fi	dyndns.org ⁶⁾ (dyn.com)	dyndnss.net
dyns.net	dynsip.org	dynu.com	dynv6.com ⁶⁾
easydns.com	editdns.net	goip.de ⁶⁾	google.com ^{5) 6)}
he.net ⁶⁾	joker.com	loopia.se ⁶⁾ (loopia.com)	mydns.jp ⁶⁾
myonlineportal.net ⁶⁾	mythic-beasts.com ⁶⁾	namecheap.com	nettica.com
no-ip.com ¹⁾ (noip.com)	no-ip.pl ⁶⁾	nsupdate.info ⁶⁾	nubem.com
ovh.com	regfish.de ⁶⁾	schokokeks.org	selfhost.de
sitelutions.com	spdyn.de ⁶⁾ (spdns.de)	strato.com	system-ns.com
thatip.com	twodns.de	variomedia.de ⁶⁾
zoneedit.com ⁵⁾			BIND nsupdate ^{3) 4) 6)}

Requires additional package ddns-scripts_no-ip_com to be installed.
Needs additional package ddns-scripts_cloudflare.com-v4 to be installed.
Directly updates a PowerDNS (or maybe bind server) via nsupdate.
Needs additional package ddns-scripts_nsupdate and bind-client to be installed.
SSL support required.
Supports IPv6.

If you have picked a DDNS service provider and create your host/domain name you need to note additional your username and password. Now you need to decide if you want to use secure communication with your DDNS provider or not. Some provider require secure HTTPS communication. Read their help pages for details and also read provider specific information below.

If you need support, found an issue or only want to request a new extension for the next release, please post your questions/issues/requests here:

OpenWrt Forum
Github-OpenWrt-Packages for ddns-scripts
Github-OpenWrt-LuCI for luci-app-ddns

A full list of supported settings, some not supported by LuCI:

UCI documentation → DDNS client configuration

Login into your router through your browser.
Navigate to LuCI → System → Software
Press button Update Lists to update internal lists of available packages.
Install the packages luci-app-ddns and ddns-scripts.
You might need to install provider specific packages ddns-scripts_* and LuCI language packages luci-i18n-ddns-*.
Refresh the page and navigate to LuCI → Services → Dynamic DNS.

To install ddns-scripts use the OPKG Package Manager. You might need to install provider specific packages ddns-scripts_xxxxx.

opkg update
opkg install ddns-scripts
opkg install ddns-scripts_xxxxx

By default ddns-scripts uses BusyBox built-in wget for DDNS updates over http, which does not support https (SSL). To perform DDNS updates over https (SSL), you will need to install the wget and ca-certificates, or curl and ca-bundle packages.

If both wget and curl are installed you can configure which one to prefer. Default is wget.

You can install either via LuCI from the menu select LuCI → System → Software and search for wget or curl or install via console using the following commands:

opkg update
opkg install wget ca-certificates
opkg install curl ca-bundle
opkg install ca-certificates

If you, also for other software, need all certificates in one file or you want to update CA certificates regularly, then do NOT install package. ca-certificates package is not always backported to older OpenWrt versions. Install latest CA certificates (in one file) using console:

mkdir -p /etc/ssl/certs
curl -o /etc/ssl/certs/ca-certificates.crt http://curl.haxx.se/ca/cacert.pem
wget --no-check-certificate -O /etc/ssl/certs/ca-certificates.crt http://curl.haxx.se/ca/cacert.pem

ddns-scripts are designed to update one host per configuration/section. To update multiple hosts or providers or IPv4 and IPv6 for the same host you need to define separate configurations/sections. Some providers offer to update multiple host within one update request. A possible solution for this option is to use –custom– service name settings. Have a look at Provider specifics.

The main settings you need to set are (all other normally work fine with the defaults):

Service name	the DDNS service provider to use
Host/Domain	your FQDN you want to update (used by ddns-scripts using nslookup to check if update has happened)
Username	username or other parameter to use as username (send urlencoded)
Password	password or other parameter to use as password (send urlencoded) *including BB 14.07* Ensure this password does not have “$1” or $ with any number following in it, as this breaks the script.
Interface	network name (i.e. wan, wan6) used by OpenWrt hotplug event system to start ddns-scripts

since DD (trunk) the following main settings need to be set:

Service name	the DDNS service provider to use
Lookup Host	ONE of your defined FQDNs you want to update (used by ddns-scripts using nslookup to check if update has happened)
Host/Domain	mostly same as `Lookup Host`, but now can also be used as “normal” parameter. i.e. as list of hosts to be updated
Username	username or other parameter to use as username (send urlencoded)
Password	password or other parameter to use as password (send urlencoded)
Interface	network name (i.e. wan, wan6) used by OpenWrt hotplug event system to start ddns-scripts

After fresh installation a configuration/section myddns and myddns_ipv4 and myddns_ipv6 exists ready to be modified for your needs. You could delete them and define your own.

Please heed the following important hints:

It is NOT allowed to use dash-sign “-” inside configuration/section names.
A full list of supported settings (some not supported by LuCI) you will find in UCI documentation!
Always keep in mind the Provider specific settings if there are any!
Don't forget to enable your configuration/section!
You need minimum one enabled configuration/section for ddns service to start!
You need to enable ddns service to enable updates being sent on reboot and hotplug events!
Although described elsewhere, it is not recommended to change the files /usr/lib/ddns/services or /usr/lib/ddns/services_ipv6 because they will be overwritten during system and package updates!

Log into your router through your browser.
From the menu select Services → Dynamic DNS.
Navigate to the configuration/section you like to change.
Modify the fields you need to change.
Don't forget to check the Enabled option!
Click Save & Apply button to save changes.

To add a new configuration/section:

Type the new name into the text entry box at the bottom of the page next to [Add] button.
Do not use a dash character “-” in a configuration/section name!
Click [Add] button.
Modify the fields you need to change.
Don't forget to check the Enabled option!
Click [Save & Apply] button to save changes.

Username and Password fields are required fields. If your provider does not require one or both of them, simply put in a character of your choice.

SSL support

Options to configure HTTPS communication are only available if wget or curl package is installed. (See Hints if shown.)

Check Use HTTP Secure option. Additional field Path to CA-Certificate is shown with it's default setting.
- If you have installed ca-certificates package leave the shown default! (/etc/ssl/certs)
- If you have installed CA certificates in one file from above set the value to: /etc/ssl/certs/ca-certificates.crt
- If you like to use other certificate you need to set here the full path to the certificate including file name. (/path/to/file.crt)
- If your certificates are stored in a different path, set here the path where your certificates are located. (/path/to/files)
Click [Save & Apply] button to save changes.

Custom service

If you want to use a DDNS provider currently not listed or you want to update multiple hosts within one configuration/section then you should do the following:

Choose –custom– as service. Additional field Custom update-URL is shown.
Fill in the URL you like to use. Please read URL syntax description below. Also have a look at Provider specifics.
Click [Save & Apply] button to save changes.

If you found a DDNS provider not listed or with additional IPv6 support or with changed update URL please open an issue at Github-OpenWrt-Packages so it can be included with the next release.

The easiest way to configure ddns-scripts via console is to edit the file /etc/config/ddns directly using build-in vi editor or any other editor you prefer. Other editors as vi needs to be installed separately.

A configuration/section looks like:

# /etc/config/ddns
config 'service' 'myddns'
	option 'service_name'	'example.org'
	option 'enabled'	'1'
	option 'domain'		'yourhost.example.org'
	option 'username'	'your_username'
	option 'password'	'your_password'
	option 'interface'	'wan'
	option 'ip_source'	'network'
	option 'ip_network'	'wan'

Alternatively you can use UCI command line interface. Example input:

uci set ddns.myddns.service_name="ddnsprovider.com"	# only use names listed in /usr/lib/ddns/services
							# or /usr/lib/ddns/services_ipv6 (since CC 15.05)
uci set ddns.myddns.domain="host.yourdomain.net"
uci set ddns.myddns.username="your_user_name"
uci set ddns.myddns.password="p@ssw0rd"
uci set ddns.myddns.interface="wan"	# network interface that should start this configuration/section
uci set ddns.myddns.enabled="1"
uci commit ddns				# don't forget this, otherwise data not written to configuration file

ddns.myddns.enabled=“1” means:

ddns is the configuration file to change (here /etc/config/ddns)
myddns is the configuration/section to change
enabled is the option to set/change
behind the equal-sign is the value to set. Set single- or double-quotes around the value and no space or whitespace around the equal-sign.

Example to create/add a new configuration/section “newddns”:

uci set ddns.newddns="service"
uci set ddns.newddns.service_name="ddnsprovider.com"	# only use names listed in /usr/lib/ddns/services
							# or /usr/lib/ddns/services_ipv6 (since CC 15.05)
uci set ddns.newddns.domain="host.yourdomain.net"
uci set ddns.newddns.username="your_user_name"
uci set ddns.newddns.password="p@ssw0rd"
uci set ddns.newddns.interface="wan"	# network interface that should start this configuration/section
uci set ddns.newddns.enabled="1"
uci commit ddns				# don't forget this, otherwise data not written to configuration file
/etc/init.d/ddns restart

SSL support

You need to add the following entries to the desired section in /etc/config/ddns file using ca-certificates package:

# /etc/config/ddns
config 'service' 'myddns'
	...
	option 'use_https'	'1'
	option 'cacert'		'/etc/ssl/certs'

using single file (ie. as descriped above):

# /etc/config/ddns
config 'service' 'myddns'
	...
	option 'use_https'	'1'
	option 'cacert'		'/etc/ssl/certs/ca-certificates.crt'
#	option 'cacert'		'/full/path/to/file.crt'

Above options can also be set via LuCI. The options are only shown if wget or curl package is installed!

Custom service

Following changes need to be done if you use a DDNS provider currently not listed or to update multiple hosts within one configuration/section. Edit /etc/config/ddns.

# /etc/config/ddns
config 'service' 'myddns'
	...
#	option 'service_name'	'example.org'		# comment out "#" or delete
	option 'update_url'	'http://your.update.url...[USERNAME]...[PASSWORD]...[DOMAIN]...[IP]'

or use UCI command line interface

uci delete ddns.myddns.service_name
uci set ddns.myddns.update_url="http://your.update.url...[USERNAME]...[PASSWORD]...[DOMAIN]...[IP]"
uci commit ddns		# don't forget this, otherwise data not written to configuration file

URL Syntax

No need to set https://, it is replaced automatically if SSL support is activated.
The entries [USERNAME] [PASSWORD] [DOMAIN] [IP] are replaced by ddns-scripts just before update.
[USERNAME] is replaced by content of option username from configuration file.
[PASSWORD] is replaced by content of option password from configuration file.
[DOMAIN] is replaced by content of option domain from configuration file.
[IP] is replaced by the current IP address of your OpenWrt system.

Carefully set option domain in your configuration, also used to detect if the update was successfully done.
This entry is the DNS name your OpenWrt system will be reachable from the internet.
Have a look at Provider specifics for samples.

If you found a DDNS provider not listed or with additional IPv6 support or with changed update URL please open an issue at Github-OpenWrt-Packages so it can be included with the next release.

Here a list (without preferences) of URLs to detect your current public ip used by your system:

Dual-Stack	IPv4-only	IPv6-only	Server Location
http://checkip.dns.he.net/	-	-	US
http://checkip.freedyn.org/	-	-	DE
http://bot.whatismyipaddress.com/	-	-	US
http://whatismyip.org/	-	-	US
http://myexternalip.com/raw	-	-	DE
http://wtfismyip.com/text	-	-	US
http://domains.google.com/checkip	-	-	part of Google
http://icanhazip.com/	http://ipv4.icanhazip.com/	http://ipv6.icanhazip.com/	US
http://checkip.feste-ip.net/	http://v4.checkip.feste-ip.net/	http://v6.checkip.feste-ip.net/	DE
http://ident.me/	http://ipv4.ident.me/	http://ipv6.ident.me/	UK
http://ddnss.de/meineip.php	http://ip4.ddnss.de/meineip.php	http://ip6.ddnss.de/meineip.php	DE
http://checkip.spdyn.de/	http://checkip4.spdyn.de/	http://checkip6.spdyn.de/	DE
http://ifcfg.me/ip	http://4.ifcfg.me/ip	http://6.ifcfg.me/ip	FR
http://nsupdate.info/myip	http://ipv4.nsupdate.info/myip	http://ipv6.nsupdate.info/myip	DE
http://checkip.zerigo.com	http://checkip4.zerigo.com/	http://checkip6.zerigo.com/	US
-	http://checkip.dyndns.com/ ¹⁾	http://checkipv6.dyndns.com/ ¹⁾	US + UK
-	http://checkip.dyndns.com:8245/	http://checkipv6.dyndns.com:8245/	US + UK
-	http://checkip.dyn.com/ ^{1) 2)}	http://checkipv6.dyn.com/ ^{1) 2)}	US + UK
-	http://ipv4.myip.dk/api/info/IPv4Address	http://ipv6.myip.dk/api/info/IPv6Address	US
-	http://ipv4.ipogre.com/linux.php	http://ipv6.ipogre.com/linux.php	US
-	http://v4.ipv6-test.com/api/myip.php	http://v6.ipv6-test.com/api/myip.php	FR
-	http://ipecho.net/plain	-	NL
-	http://ipinfo.io/ip	-	part of Amazon AWS
-	http://ifconfig.me/ip	-	JP
-	http://checkip.amazonaws.com	-	part of Amazon AWS
-	http://myip.dtdns.com	-	US
-	http://ip.changeip.com	-	US
-	http://freedns.afraid.org/dynamic/check.php	-	?
-	http://freedns.afraid.org:8080/dynamic/check.php	-	?

- Users reported timeout problems, use links in the line below (…:8245). - Alias of *.dyndns.com.

If your WAN interface has the IP you want to propagate, this approach has the advantage of not depending on external services or even a working DNS resolution.

Create the script:

cat << "EOF" > /etc/ddns/getwanip
#!/bin/sh
. /lib/functions/network.sh
network_flush_cache
network_find_wan NET_IF
network_find_wan6 NET_IF6
network_get_ipaddr NET_ADDR "${NET_IF}"
network_get_ipaddr6 NET_ADDR6 "${NET_IF6}"
echo "${NET_ADDR}"
echo "${NET_ADDR6}"
EOF
chmod +x /etc/ddns/getwanip

Use it in the DDNS configuration by issuing these UCI commands:

uci set ddns.NAMEOFYOURSERVICE.ip_source="script"                 #Change NAMEOFYOURSERVICE to yours
uci set ddns.NAMEOFYOURSERVICE.ip_script="/etc/ddns/getwanip"     #Change NAMEOFYOURSERVICE to yours

Or by editing these lines in /etc/config/ddns:

config service 'NAMEOFYOURSERVICE'                 #Change NAMEOFYOURSERVICE to yours
        option ip_source 'script'
        option ip_script '/etc/ddns/getwanip'

Enable minimum one configuration/section and ddns service!

Normally no user actions are required because ddns-scripts starts when hotplug ifup event happens. This will happen automatically at system startup when the named interface comes up. Event ifup also happens when a dialup network comes up. ddns-scripts regularly check if there is a difference between your IP address at DNS and your interface. If different an update request is sent to DDNS provider.

Whenever you Save & Apply an Enabled configuration/section from LuCI the corresponding script is automatically restarted.
If you modify /etc/config/ddns configuration file from CLI, you need to restart ddns-scripts (see below) to apply changes.

To check if ddns-scripts are running you could check with LuCI → Status → Processes or via console running

pgrep -f -a dynamic

You should find something like … /bin/sh /usr/lib/ddns/dynamic_dns_updater.sh myddns 0 for every configuration/section you configured and enabled, where myddns shows your configuration/section name.

Inside LuCI also exists a section Dynamic DNS → Status → Overview page showing the current status of your DDNS configurations.

Web interface

To check running ddns-scripts processes from the menu go to Status → Processes. Look for something like /bin/sh /usr/lib/ddns/dynamic_dns_updater.sh myddns 0.

To stop a desired process press the Terminate or Kill button. The process should remove from the list.

You can enable/disable and start/stop ddns-scripts from System → Startup menu. Look for service ddns and press the button for the desired action.

You can additionally enable/disable and start/stop individual configuration/section from Overview → Services → Dynamic DNS.

Command-line interface

From console command line you could create an ifup hotplug event for the desired network interface. This will start all enabled ddns configurations/sections monitoring this interface. Keep in mind that also other service processes (i.e. firewall) might be (re-)started via ifup hotplug event! For INTERFACE, type the specified ddns-scripts interface name (the interface name from /etc/config/network, usually 'wan')

ACTION=ifup INTERFACE=wan /sbin/hotplug-call iface

To start only one ddns-scripts configuration/section (here myddns):

/usr/lib/ddns/dynamic_dns_updater.sh myddns 0 &

To start all ddns-scripts configurations configured for one interface (the interface name from /etc/config/network, usually 'wan'):

sh /usr/lib/ddns/dynamic_dns_functions.sh	# note the leading period followed by a space
start_daemon_for_all_ddns_sections wan

To stop one configuration/section you need to list running ddns processes with:

killall dynamic_dns_updater.sh
pgrep -f -a dynamic
pkill dynamic

Using scheduler

Each configuration/section of ddns-scripts can be configured to run once including retry on error so it is guaranteed that the update is sent to the provider.

To configure your configuration/section to run once you need to set option force_interval 0. Setting of option force_unit is ignored. Inside LuCI set Force Interval in Timer Settings tab of your desired configuration or edit /etc/config/ddns on console.

# /etc/config/ddns
config 'service' 'myddns'
	...
	option 'force_interval'	'0'

If you set ddns service to enable then all configurations/sections are started during interface ifup. The configuration/section configured to run once will stop after successful update. To guarantee that your configurations only run once not looking for an interface event you need to disable ddns service. To start your configuration via build in crond use the following entry as command inside crontab configuration (replace myddns with the name of your configuration/section):

/usr/lib/ddns/dynamic_dns_updater.sh myddns 0 &

Syslog

The option use_syslog (also in LuCI) allows to define the level of events logged to syslog:

Value	Reporting
0	disable
1	info, notice, warning, errors
2	notice, warning, errors
3	warning, errors
4	errors
Critical errors forcing ddns-scripts to break (stop) are always logged to syslog

Logfile

ddns-scripts have built-in logfile support. Logfiles are automatically truncated to a settable number of lines (default 250 lines).

Inside LuCI you could enable logfile in Advanced Settings tab of desired configuration/section. From console you need to edit the config file:

# /etc/config/ddns
config 'service' 'myddns'
	...
	option 'use_logfile'	'1'

In case your device has enough built in memory or if you are using Extroot, you might want to store the ddns logs persistently. To achieve this, you need to change the log file location by adding the following line in the global section of /etc/config/ddns:

# /etc/config/ddns
config 'ddns' 'global'
	...
	option 'ddns_logdir'	'<your_custom_log_dir>'

This option must be defined in the global section of the /etc/config/ddns file. If the option is defined at config service level, it will be ignored by the /usr/lib/ddns/dynamic_dns_functions.sh script and the log location will be defaulted to /var/log/ddns.

To view logfile content from LuCI select the Log File Viewer tab of desired configuration/section and press the Read / Reread log file button. From console you should change to the ddns log directory, default /var/log/ddns. You will find a logfile for every configuration/section.

cat /var/log/ddns/myddns_ipv4.log
cat /var/log/ddns/myddns_ipv6.log

To debug what's going on, you can run ddns-scripts in verbose mode. Following verbose level are defined:

Level	Description
0	Non verbose, no output
1	Output to console (default)
2	Output to console and logfile, run once WITHOUT retry on error
3	Output to console and logfile, run once WITHOUT retry on error, sending NO update to DDNS service

Before starting debugging stop all running ddns-scripts processes:

/etc/init.d/ddns stop
/etc/init.d/ddns disable

validate that no ddns-scripts processes running:

pgrep -f -a dynamic

Now you can start one configuration/section for debugging. To stop/break running script press [CTRL]+C. Replace myddns with your desired configuration/section name and level with the desired verbose level.

/usr/lib/ddns/dynamic_dns_updater.sh myddns level

You will get full description of errors and the output of programs like wget, nslookup etc. used by ddns-scripts.

Network and name resolution problems

Check your communication settings with the following commands:

nslookup google-public-dns-a.google.com
 
ping -c 5 google-public-dns-a.google.com
ping -c 5 -4 google-public-dns-a.google.com	# (-4) force IPv4 communication
ping -c 5 -6 google-public-dns-a.google.com	# (-6) force IPv6 communication if installed
 
wget -O- http://checkip.dyndns.com		# for IPv4
wget -d -O- http://checkipv6.dyndns.com		# for IPv6 needs wget package and IPv6 to be installed
curl -v http://checkipv6.dyndns.com		# for IPv6 needs curl package and IPv6 to be installed

HTTPS/SSL problems

Check if your DDNS provider ONLY supports secure requests and enable HTTPS option use_https in your configuration. Packages wget or curl not installed to support secure communication. wget/curl could not access/validate SSL certificates. Check certificate installation and run wget or curl in verbose/debug mode:

ls -a -R -l /etc/ssl
 
wget -d -O /tmp/wget.out https://www.google.com --ca-certificate=/etc/ssl/certs/ca-certificates.crt	# single certificate file
wget -d -O /tmp/wget.out https://www.google.com --ca-directory=/etc/ssl/certs		# certificate directory
wget -d -O /tmp/wget.out https://www.google.com --no-check-certificate			# ignore certificate !!! INSECURE !!!
 
curl -v -o /tmp/curl.out https://www.google.com --cacert /etc/ssl/certs/ca-certificates.crt	# single certificate file
curl -v -o /tmp/curl.out https://www.google.com --capath /etc/ssl/certs		# certificate directory
curl -v -o /tmp/curl.out https://www.google.com --insecure			# ignore certificate !!! INSECURE !!!

Remember to read how to configure a custom service. At provider specific settings, only parameters that needs to be changed are described. The relevant parameters to use together with a custom settings are:

UCI option	LuCI description	Explanatory note
service_name	DDNS Service provider	Inside LuCI set to –custom– or delete from `/etc/config/ddns` if you need to use custom update URL
update_url	Custom update-URL	Copy from description below, if necessary
domain	Hostname/Domain	The already registered name at your DDNS provider. Must be your public FQDN because used by nslookup command to check if the send IP update was recognized by your provider and published around World Wide DNS
username	Username	Normally your username but possibly used with different settings
password	Password	Normally your password but possibly used with different settings

If you find a at a provider description below, please support the ddns-scripts maintainer to test and update this page. Please post a support request if something is not working as described or needs to be updated.

If you find problem “Failed writing HTTP request: Bad file descriptor” in some server / wget version (see: https://bugzilla.redhat.com/show_bug.cgi?id=912358), it is worth to try changing:

# /etc/config/ddns
- http://[USERNAME]:[PASSWORD]path_to_your_provider_and_other_things
+ --user=[USERNAME] --password:[PASSWORD] http://path_to_your_provider_and_other_things
 
# /usr/lib/ddns/dynamic_dns_updater.sh
- update_output=$( $retrieve_prog "$final_url" )
+ update_output=$( $retrieve_prog $final_url )

Last updated: 2020-08-31

Homepage

To use subdomains (CNAME or A records), use the format below when filling your credentials:

domain		{subdomain}@[zone]

Examples:

If the hostname is “sample.example.com”, the “domain” field would be “sample@example.com”
If the hostname is “dev1.sample.example.com”, the “domain” field would be “dev1.sample@example.com”
If using Cloudflare's “Subdomain Support”, your zone may already be “foo.example.com”, so if the DDNS hostname is “bar.foo.example.com” the domain field would be “bar@foo.example.com”

The version of ddns-scripts in the master branch of the packages feed supports the use of API tokens. API Tokens provide a new way to authenticate with the Cloudflare API. They allow for scoped and permissioned access to resources and use the RFC compliant Authorization Bearer Token Header. For more information on Token vs Key see the Cloudflare v4 API documentation.

service_name	cloudflare.com-v4
domain		[Your domain, here: example.com]
username	Bearer
password	[Your API token]

Last updated: 2020-01-06

DNS-O-Matic provides you a free and easy way to announce your dynamic IP changes to multiple services with a single update. Using DNS-O-Matic allows you to pick and choose what Dynamic DNS services you want to notify, all from one easy to use interface. From dns-o-matic homepage – Documentation

You need to change your OpenDNS password to one that doesn't contain HTML special characters On dnsomatic username and password

To update all services registered with DNS-O-Matic in one configuration/section use the following settings in /etc/config/ddns:

# /etc/config/ddns
config service 'DNSoMATIC'
        option lookup_host   'anotherddns.com'             # It must be a FQDN that is active on dns-o-matic dashboard to be refreshed by it
        option interface     'wan'                         # Set it to the network interface to be monitored on changes
        option ip_source     'web'
        option ip_url        'http://checkip.amazonaws.com/'
        option use_https     '1'
        option service_name  'dnsomatic.com'
        option domain        'all.dnsomatic.com'            # It will instruct dns-o-matic to update all services set on its dashboard
        option username      'OPENDNSusername'              # dns-o-matic uses OpenDNS login credentials
        option password      'OPENDNSpassword'              # It must not contain html reserved characters
        option enabled       '1'

Alternatively, you can issue uci commands:

uci add ddns dnsomatic
uci set ddns.dnsomatic.lookup_host='DDNSchangedBYdnsomatic.com'  ##Change it to yours
uci set ddns.dnsomatic.interface='wan'                           ##Change it to yours
uci set ddns.dnsomatic.ip_source='web'
uci set ddns.dnsomatic.ip_url='http://checkip.amazonaws.com/'
uci set ddns.dnsomatic.use_https='1'
uci set ddns.dnsomatic.service_name='dnsomatic.com'
uci set ddns.dnsomatic.domain='all.dnsomatic.com'
uci set ddns.dnsomatic.username='OPENDNSusername'                ##Change it to yours
uci set ddns.dnsomatic.password='OPENDNSpassword'                ##Change it to yours
uci set ddns.dnsomatic.enabled='1'
uci commit
/etc/init.d/ddns reload

Last updated: 2015-07-14

Homepage – Installation instructions – FAQ

There is another description here. I take over the link during rewriting this wiki page.

Inside LuCI web UI select –custom– and fill in the other options accordingly. Be sure you install ssl support.

Additional use update_url and settings from below:

update_url	http://www.duckdns.org/update?domains=[USERNAME]&token=[PASSWORD]&ip=[IP]
domain		[Your FQDN]
username	[Your Host without ".duckdns.org"]
password	[Your token]
use_https	1
cacert		[path to certificate file or directory]

Last updated: 2015-07-15

Homepage – FAQ

Option 1:

service_name	afraid.org-v2-token
domain		[Your FQDN]
username	[NOT used. Set to a character of your choice, because LuCI does not accept empty field]
password	[Your authorisation token, NOT your account password]

To find your authorisation token, go to http://freedns.afraid.org/dynamic/, login, click “Direct URL”. On the location bar of your browser, copy the authorisation token, which is the part after http://freedns.afraid.org/dynamic/update.php? URL and paste it in the password field. The URL to update IP result in error 404， need to change source code.

Option 2: (Taken from here)

service_name	delete / --custom--
update_url	[Your direct URL updater from your freedns.afraid.org account]
domain		[Your FQDN]
username	[NOT used. Set to a character of your choice, because LuCI does not accept empty field]
password	[NOT used because already part of direct URL. Set to a character of your choice, because LuCI does not accept empty field]

Option 3

service_name	afraid.org-v2-basic or afraid.org-basicauth
domain		[Your FQDN]
username	[your username of afraid.org]
password	[Your account password]

Option 4 Prefer

service_name	afraid.org-keyauth
domain		[Your FQDN]
username	[NOT used. Set to a character of your choice, because LuCI does not accept empty field]
password	[Your authorisation token, NOT your account password]

domains.google.com

Last updated: 2016-04-20

Google Domains allows for dynamic names to be set up in the section called Synthetic Records. To access it, log in to https://domains.google.com and go to Configure DNS for the domain in question, then scroll down to Synthetic Records and add a new one. It will issue a specific username and password for this hostname. Google requires HTTPS for updates, so be sure to also install package wget or curl in order to allow this. Use the following settings:

service_name	--custom--
update_url	http://[USERNAME]:[PASSWORD]@domains.google.com/nic/update?hostname=[DOMAIN]&myip=[IP]
domain		[Your defined hostname]
username	[assigned username for hostname]
password	[assigned password for hostname]
http_secure	Enabled
ca_path		Set to "IGNORE" or download certs and provide path

Last updated: 2015-07-20

Homepage (Danish only)

Taken from OpenWrt forum

GratisDNS.dk is only supported by ddns-scripts using custom service settings and requires to install and configure SSL support.

service_name	delete / --custom--
update_url	https://ssl.gratisdns.dk/ddns.phtml?u=[USERNAME]&p=[PASSWORD]&d=Mydomain&h=[DOMAIN]&i=[IP]
		!!! replace "Mydomain" in this url with domain part of your FQDN.
		Sample: your FQDN: host.example.com -> "Mydomain" set to example.com
		Sample: https://ssl.gratisdns.dk/ddns.phtml?u=[USERNAME]&p=[PASSWORD]&d=example.com&h=[DOMAIN]&i=[IP]
domain		[Your FQDN]
username	[Your username]
password	[Your password]

Last updated: 2015-07-15

Homepage

There is another description here. I take over the link during rewriting this wiki page.

Use the following settings:

service_name	he.net
domain		[Your FQDN]
username	[Your FQDN]
password	[Your password]

Last updated: 2015-07-20

Homepage – Support

Looking on description at “Use Mythic Beasts Dynamic DNS with your OpenWRT router” and on the existing source code I found out that there must be issues updating Dynamic DNS. I have gone in contact with support of mythic-beasts.com. I will update as soon a solution is available.

Last updated: 2015-07-21

Homepage – Knowledgebase

Note that with the namecheap protocol, the username option is translated to the host argument in the update request. Therefore, it should be the host-part on the DNS record, not the username that you use to log into the namecheap.com site. To update multiple hosts you might need to define separate configuration/section for each host. To get your password, log into the namecheap.com site, enter the management console for the domain, and click the Dynamic DNS menu option.

Currently ddns-scripts only supports the case where your dynamic subdomain has the same IP address as for your unqualified domain. Otherwise you will send updates to namecheap.com every “option check_interval” 10 minutes (default) because your FQDN is not validated. Proposed solution here, which you can easily implement yourself. This may only be an issue for ddns-scripts 2.4.

Let assume you define two FQDN at your domain “example.com”: “www.example.com” and “ftp.example.com”. To update only your domain record “example.com”:

service_name	namecheap.com
domain		[Your domain, here: example.com]
username	@
password	[Your password]

To update for example only your “ftp.example.com” host:

service_name	namecheap.com
domain		[Your domain, here: example.com]
username	ftp
password	[Your password]

To update all to the same IP address:

NOTE: For namecheap updating multiple subdomains is NOT working nowadays, you have to make one request per subdomain, so configure one section per subdomain. https://www.namecheap.com/support/knowledgebase/article.aspx/29/11/how-do-i-use-a-browser-to-dynamically-update-the-hosts-ip#comment-936527059:

service_name	namecheap.com
domain		[Your domain, here: example.com]
username	@ -a www -a ftp
		!!! @ stands for your domain, www for www.example.com, ftp for ftp.example.com
password	[Your password]

Last updated: 2015-07-21

Homepage – SupportCenter

Install the ddns-scripts_no-ip_com package.

The default is to use your username and password as normal inside ddns-scripts together with service_name no-ip.com or noip.com.

If you want to update multiple hosts inside one configuration/section you need the following settings:

service_name	delete / --custom--
update_url	http://[USERNAME]:[PASSWORD]@dynupdate.no-ip.com/nic/update?myip=[IP]&hostname=

		!!! After the 'hostname=' fill in a comma separated list of hosts to update.
		Sample: host1.example.com,host2.example.com,host3.example.com without any spaces in between.
		Sample: http://[USERNAME]:[PASSWORD]@dynupdate.no-ip.com/nic/update?myip=[IP]&hostname=host1.example.com,host2.example.com,host3.example.com

domain		[Only ONE of your defined hostnames, i.e. host1.example.com]
username	[Your username]
password	[Your password]

Last updated: 2016-08-02

Homepage – Wiki/FAQ (German only)

The web-pages of spdns.de are now reachable at spdyn.de. Currently updates send to update.spdns.de pages are still handled but produce warnings in DDNS update log at the provder. Created accounts and domains at spdns.de are still working without any problems.

The default is to use your username and password as normal inside ddns-scripts together with service_name spdyn.de. If you want to use Update-Token, keep in mind that this token can only update the host it is generated for. Use this settings:

service_name	spdyn.de
domain		[Your defined hostname at spdyn.de]
username	[Your defined hostname at spdyn.de]
password	[The token generated for this hostname]

If you want to update multiple hosts inside one configuration/section you need the following settings (Update-Token doesn't work):

service_name	delete / --custom--
update_url	http://[USERNAME]:[PASSWORD]@update.spdyn.de/nic/update?myip=[IP]&hostname=

		!!! After the 'hostname=' fill in a comma separated list of hosts (max. 20) to update.
		Sample: host1.spdyn.de,host2.spdyn.de,host3.spdyn.de without any spaces in between.
		Sample: http://[USERNAME]:[PASSWORD]@update.spdyn.de/nic/update?myip=[IP]&hostname=host1.spdyn.de,host2.spdyn.de,host3.spdyn.de

domain		[Only ONE of your defined hostnames i.e. host3.spdyn.de]
username	[Your username at spdyn.de]
password	[Your password at spdyn.de]

Hurricane Electric provides a free IPv6inIPv4 tunnel through Tunnel Broker that demands a permanent IP or a real-time updated one. From its homepage: “Our free tunnel broker service enables you to reach the IPv6 Internet by tunneling over existing IPv4 connections from your IPv6 enabled host or router to one of our IPv6 routers. To use this service you need to have an IPv6 capable host (IPv6 support is available for most platforms) or router which also has IPv4 (existing Internet) connectivity.”

Apply the following patch to include that service on OpenWRT DDNS

grep -q -e "ipv4\.tunnelbroker\.net" /etc/ddns/services \
&& echo -e "\"tunnelbroker.net\"\t\"http://[USERNAME]:[PASSWORD]@ipv4.tunnelbroker.net/nic/update?hostname=[DOMAIN]&myip=[IP]\"\t\"good|nochg\"" >> /etc/ddns/services

Now you can configure your tunnelbroker ddns:

# /etc/config/ddns
config service 'HE6in4'
        option service_name  'tunnelbroker.net'
        option lookup_host   'hostToCheck.com'             #Change it to yours. It should be a hostname updated by a DDNS with the current IP.
        option ip_source     'web'
        option ip_url        'http://checkip.amazonaws.com/'
        option interface     'wan'                         #Change it to yours
        option username      'tunnelbrokerUSERname'        #Change it to yours. It's the same tunnelbroker login.
        option password      'tunnelbrokerDDNSpassword'    #Change it to yours. It's not the same tunnelbroker login.
        option domain        'tunnelbrokerDDNSnumber'      #Change it to yours. It's only numbers.
        option enabled       '1'

Instead of using a web service, that has the risk of being eventually offline, to detect the public IP, you can detect the WAN public IP by this script.

DDNS client

Introduction

Features

Requirements

Support

Installation

Web interface

Command-line interface

SSL support

Configuration

Basics

Web interface

SSL support

Custom service

Command-line interface

SSL support

Custom service

URL Syntax

Detecting WAN IP

Detecting WAN IP with script

Operation

Basics

Run manually

Web interface

Command-line interface

Using scheduler

Monitoring

Syslog

Logfile

Debugging

Common errors

Network and name resolution problems

HTTPS/SSL problems

Provider specifics

Overview

cloudflare.com

dnsomatic.com

duckdns.org

freedns.afraid.org

domains.google.com

gratisdns.dk

he.net

mythic-beasts.com

namecheap.com

noip.com

spdyn.de (old spdns.de)

tunnelbroker.net