Table of Contents
Changed Ziggo IP
IPv6 change
When Ziggo change our IPv6 range/subnet, all server already received their new IP address via SLAAC (subnet delegation). Our most important external IPV6 address is our webserver (also needed for LetsEncrypt certificate renewal). When this changes the following updates need to be done on TransIP and our main router/firewall The following steps are required:
- Get the new IP address that our webserver assigned himself via SLAAC.
- Update the TransIP AAAA record with the new IP of the webserver
- On the router update: network/firewall/traffic rules –> Allow-HTTP-ipv6 to new address of webserver
- On the router update: network/firewall/traffic rules –> Allow-HTTPS-ipv6 to new address of webserver
Note that the routers IPv6 WAN address is different / outside of the Prefix Delegation (PD) range!
IPv4 change
When Ziggo change our IPv4 address. The following steps are required:
- Check via external website what our used IPv4 is
- Check if our router has this already new IP address: Network/Interfaces/WAN/IPv4
- Update the TransIP A record with the new IP of the webserver
Monitor
On the main OpenWRT router a script is running to monitor changed IP addresses. It compares the IPV4 and IPv6 address between:
- DNS as registered at TransIP with: nslookup -type=a oscardegroot.nl ns0.transip.net
- IP address as observed by external websites, with: wget -4 –quiet -O - https://www.transip.nl/ip-check/
OpenWRT prerequisites
For sending notification email install the following package on the router:
mailsend
ip-change-detect.sh
The following script is created on main OpenWRT router:
# nano /root/ip-change-detect.sh
------------------------------------
#!/bin/sh
#
# OdG 13/09/2024
#
DNS_1="192.168.178.1" # Use router DNSMasq as DNS server
DNS_2="192.168.178.83" # Use mailserver unbound as DNS server
DNS_3="ns0.transip.net" # Use TransIP DNS server
STATUS_V4="OK"
STATUS_V6="OK"
MAIL_FILE="/tmp/ip-mail-body.txt"
MAIL_HEADER=">> IP CHANGE DETECTED <<"
# Get the IPv4 DNS registrations & currenty used IP
IP4_DNS=$(nslookup -type=a oscardegroot.nl ${DNS_3} | awk '/^Address: / { print $2 }')
RESPONSE=$(wget -4 --quiet -O - https://www.transip.nl/ip-check/)
RESPONSE=${RESPONSE:19:16}
IP4_1=$(echo $RESPONSE | cut -d . -f 1 )
IP4_2=$(echo $RESPONSE | cut -d . -f 2 )
IP4_3=$(echo $RESPONSE | cut -d . -f 3 )
IP4_4=$(echo $RESPONSE | cut -d . -f 4 )
IP4_CURRENT=$IP4_1"."$IP4_2"."$IP4_3"."$IP4_4
# Get the IPv6 DNS registrations & currenty used IP
RESPONSE=$(nslookup -type=aaaa oscardegroot.nl ${DNS_3} | awk '/^Address: / { print $2 }')
IP6_DNS=${RESPONSE:0:14}
RESPONSE==$(wget -6 --quiet -O - https://www.transip.nl/ip-check/)
IP6_CURRENT=${RESPONSE:20:14}
if [[ $IP4_DNS != $IP4_CURRENT ]] ; then
STATUS_V4="ERROR"
fi
if [[ $IP6_DNS != $IP6_CURRENT ]] ; then
STATUS_V6="ERROR"
fi
#if [[ $STATUS_V4 == "ERROR" || $STATUS_V6 == "ERROR" ]] ; then
if [[ 1 ]] ; then
echo "-------- IPv4 --------" > $MAIL_FILE
echo "STATUS :"$STATUS_V4 >> $MAIL_FILE
echo "DNS :"$IP4_DNS >> $MAIL_FILE
echo "CURRENT :"$IP4_CURRENT >> $MAIL_FILE
echo "" >> $MAIL_FILE
echo "-------- IPv6 --------" >> $MAIL_FILE
echo "STATUS :"$STATUS_V6 >> $MAIL_FILE
echo "DNS :"$IP6_DNS >> $MAIL_FILE
echo "CURRENT :"$IP6_CURRENT >> $MAIL_FILE
mailsend -f root@openwrt -t oscar@oscardegroot.nl -smtp 192.168.178.83 -sub "$MAIL_HEADER" -cs "utf-8" -mime-type "text/plain" -msg-body "$MAIL_FILE"
rm $MAIL_FILE
fi
exit 0
Crontab Scheduling
Add the following line via the OpenWRT GUI (System/Scheduled tasks) or to the /etc/crontabs/root file:
0 0-23/3 * * * /root/ip-change-detect.sh
This runs the check every 3 hours between 0-23 hours every day