Improving the accessibility of my server

mepi0011 · 11 October 2025 06:28

Hello, I need the community’s power to solve a problem!

I have the following setup:

I have openWRT running on my router and all connections are forwarded to IPFire. Dynamic DNS is also configured in IPFire (see image). A reverse proxy server (SWAG, from linuxserver.io) runs on the server itself under Docker, which forwards to the corresponding subdomains, also Docker containers.

My configuration usually works very well. I can access the servers externally from the internet as well as internally from the green network.

Sometimes I have no connection to my server, either externally or internally. When this happens, it’s usually enough to reconnect to the Internet, which assigns me a new external IP address. I’ve also noticed that when I access my server from the green network using my browser, I often get network timeouts and I have to refresh the page several times before it loads. My guess is that something is wrong with the routing.

Where can I start to improve accessibility?

bonnietwin · 11 October 2025 21:15

One thing that I see from your Dynamic DNS WUI page is that your current host with duckdns.org is disabled and therefore will not be getting updated.

You need to tick the checkbox next to the pencil under the Action column.

Your hostname is shown in blue and this indicates that the DDNS hostname is disabled. If enabled and OK it will be shown in green. If it is in red then some sort of update is required.
See the documentation.
https://www.ipfire.org/docs/configuration/services/dyndns#hostname-colors

hvacguy · 12 October 2025 19:20

Did you add the names in Edit hosts file?

I use it to point to my reverse proxy server. NPM

mepi0011 · 26 October 2025 12:51

I have tick the checkbox next to the pencil to enable the Dynamic DNS.

No I don’t. My Server has a fix IP Address.

As I wrote in my first post, I only have problems sometimes. Most of the time, everything works fine and I can connect to the server.

Duck DNS shows me that my domain has the IP address: 79.245.185.xxx:

This IP address shows my router, too!

When I try to ping my server address, the address is resolved to a different (wrong) IP address.

ping https://<my_domain>.duckdns.org
PING https\058\047\047<my_domain>.duckdns.org (93.195.208.246) 56(84) Bytes an Daten.

--- https\058\047\047<my_domain>.duckdns.org Ping-Statistiken ---
9 Pakete übertragen, 0 empfangen, 100% packet loss, time 8097ms

ping <my_domain>.duckdns.org
PING <my_domain>.duckdns.org (93.195.208.246) 56(84) Bytes an Daten.

--- <my_domain>.duckdns.org Ping-Statistiken ---
9 Pakete übertragen, 0 empfangen, 100% packet loss, time 8095ms

I get the same ping result when I use a computer outside my network.

How can it happen that the IP address is resolved incorrectly?
This means that the DNS servers have not been updated correctly!

tphz · 26 October 2025 13:43

You can check DNS propagation on the following page

https://dnschecker.org

edit

Other useful online tools

mepi0011 · 26 October 2025 14:34

dnschecker.org shows that for my server different IP addresses are resolved.

nickh · 26 October 2025 15:35

Shouldn’t you be pinging just the domain without the https://?

hvacguy · 26 October 2025 21:10

logs are found here.

under logs system menu

bonnietwin · 27 October 2025 11:32

This shows different DNS servers around the world are having a different IP for the same domain name.

From my understanding the 79.245.185.xxx IP is your current one. Can you confirm that the 93.195.208.246 was an IP for your connection with your ISP previously?

If yes, then the only reason I can think of to have the old IP still linked to some DNS servers is that the TTL (Time To Live) has been set too high for the IP associated with that domain in duckdns. You should be able to check what the TTL is set to for your ddns entry for that domain.

Normally, with the default TTL that ddns providers set up a change to the IP should get propagated across all DNS servers within a relatively short period.

I have a ddns domain with Dynu and the TTL for that is set at 120 seconds so after any IP change the new IP for that domain should get propagated within a couple of minutes.

mepi0011 · 6 January 2026 17:37

The last months I have been monitoring the issue and I have noticed that duckdns sometimes fails to update the DNS servers with my new IP addresses. In the meantime, I have added the settings to my openWRT router and also set up a dyndns service with desec. Both are set up in parallel in my openWRT router. Only with duckdns have I seen that the IP addresses differ.

Today, I observed for the first time with duckdns that very few DNS servers around the world have been assigned my IP address at all.

Both pictures are from the same day / time!
duckdns.org

dedyn.io