# ddclient and wrong IP address

## Luc484

Hi! It's been some time since I started to have this problem: it seems ddclient is not upgrading correctly my IP address. This is what I find in my logs:

```
May 21 02:06:33 cluca pppd[18632]: Connection terminated.

May 21 02:06:33 cluca pppd[18632]: Exit.

May 21 02:06:34 cluca pppd[19058]: Plugin passwordfd.so loaded.

May 21 02:06:34 cluca pppd[19058]: Plugin rp-pppoe.so loaded.

May 21 02:06:34 cluca pppd[19058]: RP-PPPoE plugin version 3.3 compiled against pppd 2.4.4

May 21 02:06:34 cluca pppd[19061]: pppd 2.4.4 started by root, uid 0

May 21 02:06:34 cluca /etc/init.d/net.ppp0[18857]: WARNING: net.ppp0 has started, but is inactive

May 21 02:06:34 cluca pppd[19061]: PPP session is 2

May 21 02:06:34 cluca pppd[19061]: Using interface ppp0

May 21 02:06:34 cluca pppd[19061]: Connect: ppp0 <--> eth0

May 21 02:06:34 cluca pppd[19061]: PAP authentication succeeded

May 21 02:06:34 cluca pppd[19061]: peer from calling number 00:90:1A:A0:44:A2 authorized

May 21 02:06:35 cluca pppd[19061]: local  IP address 87.0.177.177

May 21 02:06:35 cluca pppd[19061]: remote IP address 151.99.13.67

May 21 02:06:35 cluca pppd[19061]: primary   DNS address 85.37.17.6

May 21 02:06:35 cluca pppd[19061]: secondary DNS address 85.38.28.89

May 21 02:09:11 cluca ddclient[19600]: CONNECT:  ipdetect.dnspark.com

May 21 02:09:12 cluca ddclient[19600]: CONNECTED:  using HTTP

May 21 02:09:12 cluca ddclient[19600]: SENDING:  GET / HTTP/1.0

May 21 02:09:12 cluca ddclient[19600]: SENDING:   Host: ipdetect.dnspark.com

May 21 02:09:12 cluca ddclient[19600]: SENDING:   User-Agent: ddclient/3.7.3

May 21 02:09:12 cluca ddclient[19600]: SENDING:   Connection: close

May 21 02:09:12 cluca ddclient[19600]: SENDING:   

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  HTTP/1.0 200 OK

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  Connection: close

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  X-Powered-By: PHP/5.2.5

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  Content-type: text/html

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  Date: Wed, 21 May 2008 00:09:12 GMT

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  Server: lighttpd/1.4.18

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  <html>

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  <head>

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  <meta http-equiv="Expires" content="Tues, 04 Dec 1996 21:00:00 GMT">

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  <meta http-equiv="pragma" content="no cache">

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  <title>IPDetect.DNSPark.com</title>

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  </head>

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  <body>

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  Current Address: 79.11.182.128

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  </body>

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  </html>

May 21 02:09:12 cluca ddclient[19600]: CONNECT:  checkip.dyndns.org

May 21 02:09:12 cluca ddclient[19600]: CONNECTED:  using HTTP

May 21 02:09:12 cluca ddclient[19600]: SENDING:  GET / HTTP/1.0

May 21 02:09:12 cluca ddclient[19600]: SENDING:   Host: checkip.dyndns.org

May 21 02:09:12 cluca ddclient[19600]: SENDING:   User-Agent: ddclient/3.7.3

May 21 02:09:12 cluca ddclient[19600]: SENDING:   Connection: close

May 21 02:09:12 cluca ddclient[19600]: SENDING:   

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  HTTP/1.1 200 OK

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  Content-Type: text/html

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  Server: DynDNS-CheckIP/1.0

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  Connection: close

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  Cache-Control: no-cache

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  Pragma: no-cache

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  Content-Length: 105

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  

May 21 02:09:12 cluca ddclient[19600]: RECEIVE:  <html><head><title>Current IP Check</title></head><body>Current IP Address: 79.11.182.128</body></html>

May 21 02:09:12 cluca ddclient[19600]: CONNECT:  checkip.dyndns.org

May 21 02:09:13 cluca ddclient[19600]: CONNECTED:  using HTTP

May 21 02:09:13 cluca ddclient[19600]: SENDING:  GET / HTTP/1.0

May 21 02:09:13 cluca ddclient[19600]: SENDING:   Host: checkip.dyndns.org

May 21 02:09:13 cluca ddclient[19600]: SENDING:   User-Agent: ddclient/3.7.3

May 21 02:09:13 cluca ddclient[19600]: SENDING:   Connection: close

May 21 02:09:13 cluca ddclient[19600]: SENDING:   

May 21 02:09:13 cluca ddclient[19600]: RECEIVE:  HTTP/1.1 200 OK

May 21 02:09:13 cluca ddclient[19600]: RECEIVE:  Content-Type: text/html

May 21 02:09:13 cluca ddclient[19600]: RECEIVE:  Server: DynDNS-CheckIP/1.0

May 21 02:09:13 cluca ddclient[19600]: RECEIVE:  Connection: close

May 21 02:09:13 cluca ddclient[19600]: RECEIVE:  Cache-Control: no-cache

May 21 02:09:13 cluca ddclient[19600]: RECEIVE:  Pragma: no-cache

May 21 02:09:13 cluca ddclient[19600]: RECEIVE:  Content-Length: 105

May 21 02:09:13 cluca ddclient[19600]: RECEIVE:  

May 21 02:09:13 cluca ddclient[19600]: RECEIVE:  <html><head><title>Current IP Check</title></head><body>Current IP Address: 79.11.182.128</body></html>

May 21 02:10:01 cluca cron[19757]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )
```

As you can see I have this warning:

```
May 21 02:06:34 cluca /etc/init.d/net.ppp0[18857]: WARNING: net.ppp0 has started, but is inactive
```

when trying to start my net.ppp0 script. I already posted a thread for this but I can't understand if this is the problem or not. If I'm reading correctly the log, it tries to determine my IP address but it finds a wrong IP, which is then set... That's why it is not working... If I try to run pppoe-start it works immediately... Is there anyone who is able to tell me what's going on here? Is the warning responsible for the ddclient malfunctioning?

Thanks guys!

----------

## Wormo

The warning does look pretty suspicious to me too.

Looking in the /etc/init.d/net.* scripts, see that they call themselves "inactive" if called in the background. So, it seems your net.ppp0 is getting called in the background, which could cause confusion if it was setting up the network in parallel with ddclient using network info. That would be a race condition, where a little change in timing (say faster response from the server ddclient talks to) might cause things to suddenly break.

Solution would be to enforce proper ordering by running net.ppp0 in the foreground so it finishes before ddclient gets to run. Do you know why net.ppp0 is currently running in the background -- do you have RC_PARALLEL_STARTIP enabled in conf.d/rc for instance?

----------

## Luc484

Well, I'm using baselayout 2 so I think RC_PARALLEL_STARTUP now is this:

```
rc_parallel="NO"
```

which I found in /etc/rc.conf. So I don't think I have parallel startup. Anyway, the problem shows even if I try to start net.ppp0 and ddclient after a while.

The thread I started regarding this problem of the inactive service is https://forums.gentoo.org/viewtopic-t-690344-highlight-.html . It seems I'm not the only one who is experiencing this issue. I'm really not able to fix this. Any ideas?

Thanks for the help!

----------

## Wormo

Are you saying that you can start net.ppp0, wait until you see a new ip address and route established, now start ddclient, and ddclient still sees your previous dynamic ip?? 

If so, is your old ip still assigned as one of multiple ips, i.e. do you see both old and new when running 'ip addr list' ?

----------

## Luc484

Well, yes. That's what I'm saying. Look, here it is what I can do. This is my state with everything working:

```
ppp0      Link encap:Point-to-Point Protocol  

          inet addr:82.56.122.67  P-t-P:151.99.13.67  Mask:255.255.255.255

          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1

          RX packets:9 errors:0 dropped:0 overruns:0 frame:0

          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:3 

          RX bytes:473 (473.0 B)  TX bytes:54 (54.0 B)
```

Now, I stop the connection and start my net.ppp0. This is the new situation:

```
ppp0      Link encap:Point-to-Point Protocol  

          inet addr:87.0.178.64  P-t-P:151.99.13.67  Mask:255.255.255.255

          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1

          RX packets:22 errors:0 dropped:0 overruns:0 frame:0

          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:3 

          RX bytes:984 (984.0 B)  TX bytes:54 (54.0 B)
```

Now I start my ddclient with verbose parameter. This is the output:

```
cluca luca # ddclient -verbose -query

use=if, if=eth0 address is 192.168.1.3

use=if, if=eth1 address is 192.168.0.1

use=if, if=lo address is 127.0.0.1

use=if, if=ppp0 address is 87.0.178.64

CONNECT:  ipdetect.dnspark.com

CONNECTED:  using HTTP

SENDING:  GET / HTTP/1.0

SENDING:   Host: ipdetect.dnspark.com

SENDING:   User-Agent: ddclient/3.7.3

SENDING:   Connection: close

SENDING:   

RECEIVE:  HTTP/1.0 200 OK

RECEIVE:  Connection: close

RECEIVE:  X-Powered-By: PHP/5.2.5

RECEIVE:  Content-type: text/html

RECEIVE:  Date: Wed, 21 May 2008 23:06:00 GMT

RECEIVE:  Server: lighttpd/1.4.18

RECEIVE:  

RECEIVE:  <html>

RECEIVE:  <head>

RECEIVE:  <meta http-equiv="Expires" content="Tues, 04 Dec 1996 21:00:00 GMT">

RECEIVE:  <meta http-equiv="pragma" content="no cache">

RECEIVE:  

RECEIVE:  <title>IPDetect.DNSPark.com</title>

RECEIVE:  </head>

RECEIVE:  <body>

RECEIVE:  

RECEIVE:  Current Address: 87.5.176.159

RECEIVE:  </body>

RECEIVE:  </html>

use=web, web=dnspark address is 87.5.176.159

CONNECT:  checkip.dyndns.org

CONNECTED:  using HTTP

SENDING:  GET / HTTP/1.0

SENDING:   Host: checkip.dyndns.org

SENDING:   User-Agent: ddclient/3.7.3

SENDING:   Connection: close

SENDING:   

RECEIVE:  HTTP/1.1 200 OK

RECEIVE:  Content-Type: text/html

RECEIVE:  Server: DynDNS-CheckIP/1.0

RECEIVE:  Connection: close

RECEIVE:  Cache-Control: no-cache

RECEIVE:  Pragma: no-cache

RECEIVE:  Content-Length: 104

RECEIVE:  

RECEIVE:  <html><head><title>Current IP Check</title></head><body>Current IP Address: 87.5.176.159</body></html>

use=web, web=dyndns address is 87.5.176.159

CONNECT:  checkip.dyndns.org

CONNECTED:  using HTTP

SENDING:  GET / HTTP/1.0

SENDING:   Host: checkip.dyndns.org

SENDING:   User-Agent: ddclient/3.7.3

SENDING:   Connection: close

SENDING:   

RECEIVE:  HTTP/1.1 200 OK

RECEIVE:  Content-Type: text/html

RECEIVE:  Server: DynDNS-CheckIP/1.0

RECEIVE:  Connection: close

RECEIVE:  Cache-Control: no-cache

RECEIVE:  Pragma: no-cache

RECEIVE:  Content-Length: 104

RECEIVE:  

RECEIVE:  <html><head><title>Current IP Check</title></head><body>Current IP Address: 87.5.176.159</body></html>

use=web, web=checkip.dyndns.org/ address is 87.5.176.159
```

I don't know where 87.5.176.159 comes from, maybe it was an old IP address I had.

If I stop net.ppp0 and I run pppoe-start, I get:

```
ppp0      Link encap:Point-to-Point Protocol  

          inet addr:82.58.161.152  P-t-P:151.99.13.67  Mask:255.255.255.255

          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1

          RX packets:5 errors:0 dropped:0 overruns:0 frame:0

          TX packets:23 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:3 

          RX bytes:129 (129.0 B)  TX bytes:13717 (13.3 KiB)
```

and then:

```
cluca luca # ddclient -verbose -query

use=if, if=eth0 address is 192.168.1.3

use=if, if=eth1 address is 192.168.0.1

use=if, if=lo address is 127.0.0.1

use=if, if=ppp0 address is 82.58.161.152

CONNECT:  ipdetect.dnspark.com

CONNECTED:  using HTTP

SENDING:  GET / HTTP/1.0

SENDING:   Host: ipdetect.dnspark.com

SENDING:   User-Agent: ddclient/3.7.3

SENDING:   Connection: close

SENDING:   

RECEIVE:  HTTP/1.0 200 OK

RECEIVE:  Connection: close

RECEIVE:  X-Powered-By: PHP/5.2.5

RECEIVE:  Content-type: text/html

RECEIVE:  Date: Wed, 21 May 2008 23:03:45 GMT

RECEIVE:  Server: lighttpd/1.4.18

RECEIVE:  

RECEIVE:  <html>

RECEIVE:  <head>

RECEIVE:  <meta http-equiv="Expires" content="Tues, 04 Dec 1996 21:00:00 GMT">

RECEIVE:  <meta http-equiv="pragma" content="no cache">

RECEIVE:  

RECEIVE:  <title>IPDetect.DNSPark.com</title>

RECEIVE:  </head>

RECEIVE:  <body>

RECEIVE:  

RECEIVE:  Current Address: 82.58.161.152

RECEIVE:  </body>

RECEIVE:  </html>

use=web, web=dnspark address is 82.58.161.152

CONNECT:  checkip.dyndns.org

CONNECTED:  using HTTP

SENDING:  GET / HTTP/1.0

SENDING:   Host: checkip.dyndns.org

SENDING:   User-Agent: ddclient/3.7.3

SENDING:   Connection: close

SENDING:   

RECEIVE:  HTTP/1.1 200 OK

RECEIVE:  Content-Type: text/html

RECEIVE:  Server: DynDNS-CheckIP/1.0

RECEIVE:  Connection: close

RECEIVE:  Cache-Control: no-cache

RECEIVE:  Pragma: no-cache

RECEIVE:  Content-Length: 105

RECEIVE:  

RECEIVE:  <html><head><title>Current IP Check</title></head><body>Current IP Address: 82.58.161.152</body></html>

use=web, web=dyndns address is 82.58.161.152

CONNECT:  checkip.dyndns.org

CONNECTED:  using HTTP

SENDING:  GET / HTTP/1.0

SENDING:   Host: checkip.dyndns.org

SENDING:   User-Agent: ddclient/3.7.3

SENDING:   Connection: close

SENDING:   

RECEIVE:  HTTP/1.1 200 OK

RECEIVE:  Content-Type: text/html

RECEIVE:  Server: DynDNS-CheckIP/1.0

RECEIVE:  Connection: close

RECEIVE:  Cache-Control: no-cache

RECEIVE:  Pragma: no-cache

RECEIVE:  Content-Length: 105

RECEIVE:  

RECEIVE:  <html><head><title>Current IP Check</title></head><body>Current IP Address: 82.58.161.152</body></html>

use=web, web=checkip.dyndns.org/ address is 82.58.161.152
```

which seems ok to me... Isn't this strange? Am I doing something wrong? I don't see the old IP address, only the current.

----------

## PaulBredbury

Perhaps you need in /etc/sysctl.conf

```
net.ipv4.ip_dynaddr = 1
```

----------

## Luc484

I changed it and rebooted. After the boot net.ppp0 was started and I checked with:

```
ddclient -verbose -query
```

and the IP adress was still the old one, not the current.

----------

## Wormo

Ok, this is a real puzzle. PaulBredbury's suggestion was a good one; too bad it didn't work. 

If I were you, I would definitely be pulling out wireshark to do a couple of network captures: one for the situation where ddclient fails, and one where it works.

----------

## Luc484

Ok, I can do it, but what should I look for? I don't know how ddclient works. Where does ddclient take the current IP address? This is something I can't understand.

I noticed something else: if I try to set the IP manually using the web interface of dyndns.com, there is a link where you can click to set the current IP address which is determined some way, instead of manually writing it. That is wrong too, just like the one which is found by ddclient. Where is that IP taken from? Anyone knows?

----------

## Wormo

 *Luc484 wrote:*   

> Ok, I can do it, but what should I look for? I don't know how ddclient works. Where does ddclient take the current IP address? This is something I can't understand.
> 
> I noticed something else: if I try to set the IP manually using the web interface of dyndns.com, there is a link where you can click to set the current IP address which is determined some way, instead of manually writing it. That is wrong too, just like the one which is found by ddclient. Where is that IP taken from? Anyone knows?

 

ddclient uses http request to special cgi urls such as checkip.dyndns.com. The cgi sends back the ip address of the client who made the request by looking at the source address of the packets. This is supposed to let ddclient see what your ip address looks like from the outside, e.g. when the host has a private ip but is behind a NATing router with public ip then you need the router's public ip to get registered with the hostname (not the private ip of the host itself). I'm sure the web interface you're talking about does the equivalent thing as checkip.dyndns.com, so it's no wonder that it comes up with the same wrong ip. 

It really sounds like when you run net.ppp0, some packets are getting sent out with a stale ip before the network is properly reconfigured. Looking at network packets in wireshark should tell you if this theory is correct...

----------

## Luc484

Ok, this is strange, maybe I gave you wrong information. I just rebooted and now it seems connection is not working correctly. Maybe I was mistaken because I see that when I start pppoe net.ppp0 is started as well, maybe from some services. It is interesting because it seems incoming packets reach the ethernet layer but not ppp0. Systems behind NAT are working correctly but not Gentoo, which runs NAT. Wireshark shows no packet reaches ppp0 when using net.ppp0 (it seems some reach it, but only a few, I mean 1 per minute, no more, and the web is almost impossible to use). Using pppoe-start hundreds of packets reach ppp0.

If I try to use net.ppp0 and capture packets on eth0 I see the packets which go to ipdetect.dnspark.com and the source address is 192.168.1.3, which is the address of the interface eth0.

----------

## Wormo

It sounds like you've got something not quite right with your PPP configuration in /etc/conf.d/net, but /etc/ppp/pppoe.conf was set up correctly for the older PPoE method via ppoe-start, which still works for now (you've rp-ppoe installed right?)

Maybe you'd like to post the relevant section of conf.d/net ?

----------

## Luc484

I tried almost any possible configuration, this is what I have now:

```
link_ppp0="eth0"

 plugins_ppp0="pppoe"

 username_ppp0='user'

 password_ppp0='passwd'

 pppd_ppp0="

 noauth

 defaultroute

 usepeerdns

 holdoff 3

 child-timeout 60

 lcp-echo-interval 15

 lcp-echo-failure 3

 noaccomp noccp nobsdcomp nodeflate nopcomp novj novjccomp"

 depend_ppp0() {

  need net.eth0

 }
```

eth1 is configured this way:

```
config_eth1="192.168.0.1 netmask 255.255.255.0"
```

----------

## mrness

Starting net.pppX only puts the service in the inactive state. Transitions between inactive to active states (and vice-versa) are performed by pppd through execution of /etc/ppp/ip-{up,down} scripts, scripts which are executed when the actual PPP link goes up/down.

----------

## Luc484

It seems those scripts can be executed without errors in the output. Does this mean those are ok?

----------

## mrness

Those scripts must be executed with some parameters to actually do something. But you are not supposed to run them by hand; if you are curious when the scripts are executed and which code do they return, just add "debug" to your pppd_pppX. 

Anyway, I don't think is anything wrong with your PPP link. I suspect you have a transparent web proxy between you and ipdetect.dnspark.com. If they also have their pages available through https, try to use this instead http.

----------

