A simple yet effective RouterOS script that updates a deSEC.io domain name with the latest WAN IPv4 and IPv6 addresses. It uses deSEC’s API to push updates.
▶️ deSEC DDNS script for Mikrotik RouterOS
▶️ deSEC DDNS script for Shell
Added for future usage. Mainly for limited Linux OS.
The script may require recent RouterOS to work properly. Make sure you have the latest updates installed before you begin.
The deSEC DNS name must have at least an appropriate IPv4 or IPv6 address before the script is run.
For Shell
Curl
,Dig
,Awk
,Logger
#--- MODIFY THE NEXT VALUES IN THE SCRIPT AS NEEDED ---
# deSEC domain
:local desecDomain "## DOMAIN NAME ##"
# deSEC DNS Token
:local desecToken "## DESEC TOKEN ##"
# WAN interface name
:local wanInterface "## WAN INTERFACE NAME ##"
/system/script/add
./system/script/add name=deSEC_DDNS policy=test,read source={## COPY THE CONTENTS INBETWEEN THESE BRACES ##}
System
> Scripts
Add
(➕) button
Name
the script deSEC_DDNS
read
and test
source
boxOK
deSEC DDNS
.Sample:
[@MikroTik] > log/print where message~"deSEC DDNS"
03-25 00:23:43 script,info deSEC DDNS: dedyn.io DDNS Update START
03-25 00:23:43 script,warning deSEC DDNS: "domain.name" IPv4 (X.X.X.X) differs from current WAN IPv4 (Y.Y.Y.Y) - Sending update
03-25 00:23:45 script,info deSEC DDNS: "domain.name" updated successfully to Y.Y.Y.Y - Y:Y:Y::Y
03-25 00:23:45 script,info deSEC DDNS: dedyn.io DDNS Update END
03-25 00:30:00 script,info deSEC DDNS: dedyn.io DDNS Update START
03-25 00:30:00 script,info deSEC DDNS: "domain.name" IPv4 (Y.Y.Y.Y) equals to current WAN IPv4 (Y.Y.Y.Y) - Update not required
03-25 00:30:00 script,info deSEC DDNS: dedyn.io DDNS Update END
⚠️ The script can only update one IP stack at a time. The provided WAN interface must have only one valid IPv4 and one global IPv6.
⚠️ If the DNS name exists, but with no appropriate IP, the script will fail due to a limited resolve
command from RouterOS. Set the first IP manually.
⚠️ The domain’s IPv6 address will not be validated due to a restricted resolve
command from RouterOS.
⚠️ The script does not recognize HTTP error codes due to a restricted fetch
command from RouterOS. Authentication failures are not detected.