Ubiquity Edgerouter X

The Ubiquity Edgerouter X is a very cheap but very powerful router with a lot of options. It’s based on EdgeOS, which is a linux based distro.
That basically allows you to do “anything” you want.

I got it from Alternate https://www.alternate.be/Ubiquiti/EdgeRouter-X/html/product/1289652, for around 54 Euros….

Dynamic DNS

I would like to finally setup a vpn solution, so I can safely access my systems from wherever. My Edgerouter X has these capabilities, so I was looking for a way to set it up.

The first thing to do, is look for a Dynamic DNS provider. In the past, I used https://dyndns.org (long, looong ago), but they don’t offer dynamic dns services anymore as far as I can tell.

I looked a several free Dynamic DNS providers, but couldn’t figure them out (it’s probably me) .

So I went looking what my ‘real’ dns provider has to offer (https://www.domaindiscount24.com) . It turns out, there is a dynamic dns service recently (27th december 2017) .

Dynamic DNS on domaindiscount24.com

Really simple to do : the UI has a new section ‘dynamic dns’, where you add a new subdomain. That subdomain is then listed in your regular subdomains.
I did seem to have problems when using longer passwords, but that may have been a different problem …

More information : https://www.domaindiscount24.com/faq/en/dynamic-dns

Dynamic DNS configuration on Edgerouter

DDClient

The Edgerouter uses a pretty standard ddclient package .

Web UI

Through the web ui, the options are limited. Specifically, the protocol, is limited to a subset of what ddclient has to offer, although the Service says “custom” …

Image:Custom dynamic dns on Ubiquity router with Domaindiscount24.com Bottomline, it doesn’t work , and is not as “custom” as I would like.

Console

The Edgerouter allows ssh access, I have configured it to use ssh keys for me .

There is a series of commands to configure the dynamic dns feature (like in the web ui), but although that offers a bit more options, it’s still not sufficient.

Custom ddclient

Luckily, ddclient is just a simple perl script, so it’s easy to modify. The problem with the code is that it contains hardcoded elements (like the /update.php? part in the update part)
There’s 3 sections to change :

  • variables
  • examples
  • update code

I copied the code from the duckdns sections and adapted it.

Open ddclient with a text editor, as root (sudo su -). The ddclient file is here :

/usr/sbin/ddclient  

Add keysystems definitions at the end of the %services section (after woima, in my case) :

},  
 'woima' => {  
   'updateable' => undef,  
   'update'   => \&nic_woima_update,  
   'examples'  => \&nic_woima_examples,  
   'variables' => merge(  
     $variables{'woima-common-defaults'},  
     $variables{'woima-service-common-defaults'},  
   ),  
 },  
 'keysystems' => {
    'updateable' => undef,
    'update' => \&nic_keysystems_update,
    'examples'  => \&nic_keysystems_examples,
    'variables' => merge(
            $variables{'keysystems-common-defaults'},
            $variables{'service-common-defaults'},
            ),
 },  

Add the variables to the %variables object (somewhere at the end is fine):

'keysystems-common-defaults'    => {
        'server'       => setv(T_FQDNP, 1, 0, 1, 'dynamicdns.key-systems.net', undef),
        'login'        => setv(T_LOGIN, 0, 0, 0, 'unused',      undef),
    },  

Copy the example code and update code to the end of the file .

######################################################################  
## nic_keysystems_examples  
######################################################################  
sub nic_keysystems_examples {  
 return < o 'keysystems'  
  
The 'keysystems' protocol is used by the non-free  
dynamic DNS service offered by [www.domaindiscount24.com](www.domaindiscount24.com) and [www.rrpproxy.net/](www.rrpproxy.net/).  
Check [https://www.domaindiscount24.com/faq/en/dynamic-dns](https://www.domaindiscount24.com/faq/en/dynamic-dns) for API  
  
Configuration variables applicable to the 'keysystems' protocol are:  
protocol=keysystems        ##  
server=www.fqdn.of.service  ## defaults to dynamicdns.key-systems.net  
password=service-password  ## password (token) registered with the service  
non-fully.qualified.host     ## the host registered with the service.  
  
Example ${program}.conf file entries:  
## single host update  
protocol=keysystems,                    \\\\  
password=prettypassword          \\\\  
myhost  
  
EoEXAMPLE  
}  
  
######################################################################  
## nic_keysystems_update  
## by Tom Bosmans  
## response contains "code 200" on succesfull completion  
######################################################################  
sub nic_keysystems_update {  
 debug("\nnic_keysystems_update -------------------");  
  
 ## update each configured host  
 ## should improve to update in one pass  
 foreach my $h (@_) {  
   my $ip = delete $config{$h}{'wantip'};  
   info("KEYSYSTEMS setting IP address to %s for %s", $ip, $h);  
   verbose("UPDATE:","updating %s", $h);  
  
   # Set the URL that we're going to to update  
   my $url;  
   $url = "[http://$config](http://$config/){$h}{'server'}/update.php";  
   $url .= "?hostname=";  
   $url .= $h;  
   $url .= "&password=";  
   $url .= $config{$h}{'password'};  
   $url .= "&ip=";  
   $url .= $ip;  
     
   # Try to get URL  
   my $reply = geturl(opt('proxy'), $url);  
  
   # No response, declare as failed  
   if (!defined($reply) || !$reply) {  
     failed("KEYSYSTEMS updating %s: Could not connect to %s.", $h, $config{$h}{'server'});  
     last;  
   }  
   last if !header_ok($h, $reply);  
  
   if ($reply =~ /code = 200/)  
   {  
       $config{$h}{'ip'}   = $ip;  
       $config{$h}{'mtime'} = $now;  
       $config{$h}{'status'} = 'good';  
       success("updating %s: good: IP address set to %s", $h, $ip);  
    }  
    else  
    {  
       $config{$h}{'status'} = 'failed';  
       failed("updating %s: Server said: '$reply'", $h);  
    }  
 }  
}

Save the file and restart the ddclient service.

sudo service ddclient restart  

This just checks if the code is fine. Now the configuration.

We need 2 files:

/etc/ddclient.conf  
/etc/ddclient/ddclient_eth0.conf  

Note that you can generate the second file, by using the webui of Edgerouter, or the console commands . The values in the webui or console command don’t matter, you will delete everything anyway.
You need to edit these files as root (sudo su - )

/etc/ddclient.conf

# Configuration file for ddclient generated by debconf  
#  
# /etc/ddclient.conf  
  
protocol=keysystems,  
server=dynamicdns.key-systems.net,  
password='yourpassword'  

/etc/ddclient/ddclient_eth0.conf

The important variables here are the password , and the last line, your hostname you defined in the Domaindiscount24 web interface.

#  
# autogenerated by vyatta-dynamic-dns.pl on Fri Jan 5 12:58:19 UTC 2018  
#  
daemon=5m  
syslog=yes  
ssl=yes  
pid=/var/run/ddclient/ddclient_eth0.pid  
cache=/var/cache/ddclient/ddclient_eth0.cache  
use=if, if=eth0  
  
protocol=keysystems,
server=dynamicdns.key-systems.net,  
password='yourpassword'  
your.hostname.tld  

Save both files.

You can now force an update of the ddns, but issuing a EdgeOS command :

update dns dynamic interface eth0  

You can put a tail on the messages log, to see the results :

tail -f /var/log/messages

The result should be something like this :

Jan 5 15:20:06 ubnt ddclient[10616]: SUCCESS: updating yourhostname.domain.com: good: IP address set to 1.2.3.4
Jan 5 16:39:02 ubnt ddclient[13381]: SUCCESS: updating yourhostname.domain.com: good: IP address set to 5.6.7.8

Of course, instead of editing the files directly on your router, you could actually copy them using scp …. and editing them on your own desktop machine .

Supportability

Alas, no supportability. EdgeOS updates will likely wipe the changes away.,
Also, using the webui or console to update the dynamic dns settings, will wreak havoc on the configuration. I am working on getting the updates in Source forge (https://sourceforge.net / https://sourceforge.net/p/ddclient/git/merge-requests/ ), but don’t hold your breath for these changes to make it all the way down to Ubiquity .
So the solution is not ideal, but it works for now …