Last Updated on August 15, 2022 by Thiago Crepaldi
DuckDNS is a simple and free Dynamic DNS (aka DDNS) service that is supported as a custom configuration on your pfSense, but still very stable and easy to get it running with the right steps.
DuckDNS account
Go to duckdns.org and sign-up using one of the many supported authentication methods. In particular, I find it very handy to use GitHub or Google accounts for this purpose. Once you are logged in, take note of your account and token to use on pfSense configuration later. Finally, at the Domains section, add a sub domain and click on Add domain. If the name is available, you will get a notification and from that moment own, yoursubdomain.duckdns.org is yours!
pfSense Setup
Now that you have a sub-domain, account and token from duckdns.org, on your pfSense, go to Services >> Dynamic DNS page. Click on Add button and fill in the form as follows:
- Disabled: unchecked
- Service type: Custom
- Interface to monitor: WAN
- Interface to send update from: WAN
- Verbose logging: unchecked
- HTTP API DNS Options: unchecked
- HTTP API SSL/TLS Options: checked
- Username: leave empty
- Password: leave empty
- Update URL: This is the tricky part. The URL should be https://www.duckdns.org/update?domains=mysubdomain&token=mytoken&ip=%IP%. Replace mysubdomain with the subdomain you created, without the duckdns.org suffix. If you have more than one subdomain, you can update all by separating each with a comma (e.g. domain1,domain2,domain3). mytoken must be replaced by the token you got from duckpins.org, including the dashes in between (e.g. XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX)
- Result match: OK
- Description: Any descriptive message will do
Click on Save. If you entered all correct information, right after saving, you will be redirected to the Dynamic DNS clients page and see your public IP set on Cached IP column. If it shows 0.0.0.0, something went wrong. Click on edit button, check the Verbose logging box, click on Save and force uudate and go to Status >> System Logs to get the error message. You probably got a typo and the log will show more details. Once you get running, don’t forget to edit your configuration one more time to disable Verbose logging! That is it!
You thing that you may have noticed is that pfSense does not allow you to set an interval update time… But rest assured, pfSense does everything under the hood for you!
OPTIONAL: Redirect DuckDNS URL to your Domain’s
Although it is good enough to have subdomain.duckdns.org returning your router’s public IP, it is even cooler to have ddns.mydomain.com pointing to your router!
In order to do so, all you have to do is to create a CNAME record on your DNS provider. Type ddns or whatever name you prefer as subdomain and as use your full DuckDNS URL as the Target/Content (e.g. mysubdomain.duckdns.org). TTL can be as short as 15 min. If you are using Cloudflare, change Proxy type to DNS only. After creating this entry, it should take a couple minutes until ddns.mydomain.com starts redirecting to mysubdomain.duckdns.org which will point to your pfSense’s public IP in turn. Pretty cool, huh?