MikroTik

Hi,

Because I need OpenVPN today have migrated routerOS 6.x to 7.1.1

Well known script for dns-update on following line is responding "parameter missing"
/tool dns-update name=$ddnshost address=[:pick $ddnsip 0 [:find $ddnsip "/"] ] key-name=$ddnsuser key=$ddnspass

After adding for testing to command line " dns-server=45.79.87.114" getiing error :
"reply not signed"
(45.79.87.114 is primary dns for freeddns.com)

Anyone have idea what I can do to get dns-update working ?

Thank you in advance


BTW.
This is x86, don't tell me to use Ip/Cloud because option does not exists

Well, I've made this working but by my understanding :

- dns-update is broken
- still would like to understand where from is comming "reply not signed"

And for anyone who need to made this working, in my case for changeip, fetch is still working and on their web site is instruction how to use http://, so I've made this to work next way :
:local ddnsurl ("http://nic.ChangeIP.com/nic/update\3Fip=" . $ddnsip . "&hostname=" . $ddnshost)
/tool fetch url=$ddnsurl user=$ddnsuser password=$ddnspass dst-path=ddns-res.txt

From what I see, dns-update in v6 has undocumented support for changeip.com. You can omit "dns-server" and "zone" parameters and router then sends some request to https://nic.changeip.com, instead of doing regular DNS update (= request to DNS server on port 53). In v7, this was either removed, or "dns-server" and "zone" were made mandatory by mistake. Only MikroTik knows which one it is.

Yours look like correct solution, only you should rather use https://nic.changeip.com and check-certificate=yes, for which you need to import root certificate used by changeip.com. It's "USERTrust RSA Certification Authority", which you can get from https://sectigo.com/knowledge-base/deta ... 000000rfBO, or from your web browser, if you visit https://nic.changeip.com/nic/update and find it in website details.