Dynamic DNS doesn't work

StajStaj
in Firebox - Networking, Multi-Wan, VLAN, NAT, SD-WAN

Dynamic DNS for either DynDNS or Dynu doesn't work on M500 cluster [12.6.2] or XTM33 [12.1.3], regardless of external interface status. Relevant domains can be resolved fine in Network Tools in WSM on each device. XTM33 is on a completely different network and on 4G.

M500 log entries:
2020-10-13 20:52:17 YBLT-ACA-M500-2 dyndns Could not resolve server: api.dynu.com msg_id="5A00-0007" Debug
2020-10-13 20:52:17 YBLT-ACA-M500-2 dyndns Could not resolve server: members.dyndns.org msg_id="5A00-0007" Debug

XTM33 log entries [Although it has one external interface failed, should still work on remaining]:
2020-10-13 20:52:38 dyndns Could not connect to api.dynu.com / 162.216.241.241, Network is unreachable id="5A00-0008" Debug

Any ideas?

Comments

  • Bruce_BriggsBruce_Briggs

    Can you ping or tracert to 162.216.241.241?

  • StajStaj

    Sure can. I've also:

    • Removed the DDNS configuration and saved to the Firebox, and then reconfigured DDNS and saved it again. Tried this for each member in FireCluster.
    • Restarted the entire FireCluster
    • Upgraded FireCluster to unreleased 12.6.2 U2 B630388

    I have an outstanding case open but figured it might be worth a shot asking on here.

  • Bruce_BriggsBruce_Briggs

    I have DYNDNS set up on my T20w using dynu.com, and I have not seen this.
    I'm running V12.6.2 U2. I upgraded to U2 from U1 via WG Cloud.
    However, since you also have this issue with 12.1.3, it seems like a connectivity issue to me.

    You could turn on Logging for packets sent from the firewall, which may show something to help.

  • StajStaj
    edited October 2020

    The XTM33 was on completely separate network, on 4G, in another state.
    Logging, and even tcpdump, haven't been helpful. I only get those messages, that's it.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Based on the log message: dyndns Could not resolve server: members.dyndns.org

    It looks like the firewall is having DNS trouble.

    Is a DNS server configured in the DNS/WINS tab of network configuration?

    -James Carson
    WatchGuard Customer Support

  • StajStaj

    Yes, as I said in original post, network resolution works in Network Tools for devices in WSM. No other features are impacted.

    According to support it's:
    ID: FBX-16568
    Description: Backup Master keeps trying to resolve DynDNS Provider

    I asked:
    "If Master is resolving it properly then why doesn't it continue on in its process and update the record at the relevant Dynamic DNS provider? The record at either DynDNS or Dynu remains unchanged."
    -and got not response

Sign In to comment.