Differences

This shows you the differences between two versions of the page.

--- networking:ziggo:changed-ip [2024/09/13 06:35] – created oscar
+++ networking:ziggo:changed-ip [2025/09/04 16:03] (current) – [IPv6 change] oscar
@@ Line 1: / Line 1: @@
 ====== Changed Ziggo IP ======
-===== IP V6 change =====
+===== IPv6 change =====
-When Ziggo change our IP range/subnet, all server already received their new IP address via SLAAC (subnet delegation). Our most important external IPV6 address is our webserver (also needed for LetsEncrypt certificate renewal). When this changes the following updates need to be done on TransIP and our main router/firewall
+When Ziggo change our IPv6 range/subnet, all server already received their new IP address via SLAAC (subnet delegation). Our most important external IPV6 address is our webserver (also needed for LetsEncrypt certificate renewal). When this changes the following updates need to be done on TransIP and our main router/firewall
 The following steps are required:
   - Get the new IP address that our webserver assigned himself via SLAAC.
@@ Line 8: / Line 8: @@
   - On the router update: network/firewall/traffic rules --> Allow-HTTPS-ipv6 to new address of webserver
-===== IP V4 change =====
+Note that the routers IPv6 WAN address is different / outside of the Prefix Delegation (PD) range!
+===== IPv4 change =====
+When Ziggo change our IPv4 address. The following steps are required:
+  - Check via external website what our used IPv4 is
+  - Check if our router has this already new IP address: Network/Interfaces/WAN/IPv4
+  - Update the TransIP A record with the new IP of the webserver
+====== Monitor ======
+On the main OpenWRT router a script is running to monitor changed IP addresses. It compares the IPV4 and IPv6 address between:
+  * DNS as registered at TransIP with: nslookup -type=a  oscardegroot.nl ns0.transip.net
+  * IP address as observed by external websites, with: wget -4 --quiet -O - https://www.transip.nl/ip-check/
+===== OpenWRT prerequisites =====
+For sending notification email install the following package on the router:
+  mailsend
+===== ip-change-detect.sh =====
+The following script is created on main OpenWRT router:
+<code>
+# nano /root/ip-change-detect.sh
+------------------------------------
+#!/bin/sh
+#
+# OdG  13/09/2024
+#
+DNS_1="192.168.178.1"    # Use router DNSMasq as DNS server
+DNS_2="192.168.178.83"   # Use mailserver unbound as DNS server
+DNS_3="ns0.transip.net"  # Use TransIP DNS server
+STATUS_V4="OK"
+STATUS_V6="OK"
+MAIL_FILE="/tmp/ip-mail-body.txt"
+MAIL_HEADER=">> IP CHANGE DETECTED <<"
+# Get the IPv4 DNS registrations & currenty used IP
+IP4_DNS=$(nslookup -type=a  oscardegroot.nl ${DNS_3} | awk '/^Address: / { print $2 }')
+RESPONSE=$(wget -4 --quiet -O - https://www.transip.nl/ip-check/)
+RESPONSE=${RESPONSE:19:16}
+IP4_1=$(echo $RESPONSE | cut -d . -f 1 )
+IP4_2=$(echo $RESPONSE | cut -d . -f 2 )
+IP4_3=$(echo $RESPONSE | cut -d . -f 3 )
+IP4_4=$(echo $RESPONSE | cut -d . -f 4 )
+IP4_CURRENT=$IP4_1"."$IP4_2"."$IP4_3"."$IP4_4
+# Get the IPv6 DNS registrations & currenty used IP
+RESPONSE=$(nslookup -type=aaaa  oscardegroot.nl ${DNS_3} | awk '/^Address: / { print $2 }')
+IP6_DNS=${RESPONSE:0:14}
+RESPONSE==$(wget -6 --quiet -O - https://www.transip.nl/ip-check/)
+IP6_CURRENT=${RESPONSE:20:14}
+if [[ $IP4_DNS != $IP4_CURRENT ]] ; then
+       STATUS_V4="ERROR"
+fi
+if [[ $IP6_DNS != $IP6_CURRENT ]] ; then
+        STATUS_V6="ERROR"
+fi
+#if [[ $STATUS_V4 == "ERROR" || $STATUS_V6 == "ERROR" ]] ; then
+if [[ 1 ]] ; then
+        echo "-------- IPv4 --------" > $MAIL_FILE
+        echo "STATUS  :"$STATUS_V4    >> $MAIL_FILE
+        echo "DNS     :"$IP4_DNS      >> $MAIL_FILE
+        echo "CURRENT :"$IP4_CURRENT  >> $MAIL_FILE
+        echo "" >> $MAIL_FILE
+        echo "-------- IPv6 --------" >> $MAIL_FILE
+        echo "STATUS  :"$STATUS_V6    >> $MAIL_FILE
+        echo "DNS     :"$IP6_DNS      >> $MAIL_FILE
+        echo "CURRENT :"$IP6_CURRENT  >> $MAIL_FILE
+        mailsend -f root@openwrt -t oscar@oscardegroot.nl -smtp 192.168.178.83 -sub "$MAIL_HEADER" -cs "utf-8" -mime-type "text/plain" -msg-body "$MAIL_FILE"
+        rm $MAIL_FILE
+fi
+exit 0
+</code>
+===== Crontab Scheduling =====
+Add the following line via the OpenWRT GUI (System/Scheduled tasks) or to the **/etc/crontabs/root** file:
+0-23/3 * * * /root/ip-change-detect.sh
+This runs the check every 3 hours between 0-23 hours every day