DDNS Client DuckDNS

This article assumes you have ddns-scripts installed. See DDNS client.

• Following the link under the “Hints” header can show you if there are any changes that might be helpful, including features that aren't always present in busybox.
• Installing the “ca-certificates” package will automatically add a general collection of certificates to the directory /etc/ssl/certs/ and enables verification of SSL certificates by any program that uses this as a default, including ddns-scripts.

The smallest set of changes making the biggest difference are:

	#option service_name	"duckdns.org"
	option interface	"wan"	#assuming wan is the public network
	option domain		"<subdomain>.duckdns.org"
	option username		"<subdomain>"
	option update_url	"http://www.duckdns.org/update?domains=[USERNAME]&token=[PASSWORD]&ip=[IP]"
	option use_https	"1" #uses /etc/ssl/certs/ (populated by "ca-certificates"), or "option cacert"

• Remove the service_name option, which is mutually exclusive with update_url, and not specified for service (IPv4 and IPv6) “duckdns.org”
• The interface option tells ddns to update when this network changes status, namely when it goes up.
• The domain option is the domain held by the client, and 'nslookup $DOMAIN' should succeed and point to the client (or router it's behind) when everything is up to date; this is used as the check to see if $DOMAIN points to the clients public IP.
• The username option is used where the domain option was used before, this is also reflected in the change to update_url
• Turning on https, because encryption is our friend.

Replace <subdomain> and <duckdns-token> with proper values.

config service "duckdns"
	option enabled		'1'
	option interface	'wan'
	option username		'<subdomain>'
	option domain		'<subdomain>.duckdns.org'
	option password		'<duckdns-token>'
	option ip_source	'network'
	option ip_network	'wan'
	option check_interval	'1'
	option check_unit	'hours'
	option update_url	'http://www.duckdns.org/update?domains=[USERNAME]&token=[PASSWORD]&ip=[IP]'
	option use_https	'1'

This will update anytime the 'wan' network goes up, or the check (every hour) notices an inconsistency, and will force the ip to the value detected on the 'wan' network (remove the &ip=[IP] and duckdns will auto-detect). The 'force_interval' and 'force_unit' options are unnecessary as duckdns does not expire listings if they aren't refreshed periodically.

If you want to view or edit the service in LuCI (via luci-app-ddns), it is also necessary to add these options to the config:

        option lookup_host	'<subdomain>.duckdns.org'
        option use_ipv6		'0'
        option cacert		'/etc/ssl/certs'

• Dynamic DNS Client Configuration - All the settable options for ddns-scripts. Includes information on IPv6 (not supported by duckdns), proxies, and more.
• Duck DNS - Duck DNS itself, this page also lists your domains and your token.
• Duck DNS - Install - the install page of Duck DNS for various devices.
• ddns-scripts package - package listing on Github.
• Reddit thread - the reddit launch thread (archived, but viewable), with plenty of interesting information.