overview

the other day duckdns was all sorts of wonky and there’s no real status update from anyone in the mailers or the google groups. which, is not cool. turns out that the cloudflare API does all of the necessary bits to do dynamic dns and it’s already been integrated into the ddns scripts available in openwrt.

misc. steps required

  • create an API key in the cloudflare dashboard that has perms for the necessarly zone.

  • create an A record entry for desired ddns entry. set the TTL to something reasonably low (2 minutes seems about right). this should be seeded with something reasonably silly (e.g. 1.1.1.1) so that it gets updated on the first hit of the client.

    a side note here, if there’s nothing to seed the lookup, the ddns scripts are unhappy. i.e., they don’t seem to gracefully handle an NXDOMAIN response. seeding with a value bootstraps the process in a workable manner.

  • install the cloudflare ddns scripts in openwrt (ddns-scripts-cloudflare and luci-app-ddns)

  • refresh interface

  • create a new DDNS entry in the config (services » dynamic dns)

  • make sure that the necessary CA certs are installed and use HTTPS for API interactions

  • fill in the necessary fields in the luci interface

    • make sure to set the username to Bearer, as that’s the token type that was created in the API key generation phase.

  • make sure that the address detection is something reasonably reliable. not that if you’re using the WAN interface you’ll likely need to reference the actual underlying interface e.g., eth0.101 or whatever the underlaying WAN interface is on the openwrt installation. notably, it is not the firewall zone. (though, i supppose that the network associated with the zone might do the trick)

  • there may be a need to kick the ddns service via a restart to keep things on track.

meta

  • tags: cloudflare, ddns, openwrt
  • location: Duluth, MN
  • weather: 66°F and Sunny