Script: Use GLDDNS behind another router [Testing!]

Hey there :wave:

since the GLDDNS isn’t capable of using the real IP address, it creates trouble when your device is behind another router. To get around this, I created Thanks to @SpitzAX3000 for the initial idea of updating the DDNS entry manually!


  • A GL.iNet router with the latest firmware version.
  • A working internet connection.
  • DDNS must be enabled and configured.
  • This script is non-permanent, you need to rerun it after firmware upgrades


You can find it in my GL.iNET forum repo located on GitHub:

:point_right: Direct link to the script

Quick run without downloading

You can run it without cloning the repository by using the following command:

wget -O && sh


The script will install a cron job to run every 30 minutes.
You can force a run by using /usr/bin/glddns-behind-another-router --cron


This script is provided as is and without any warranty. Use it at your own risk.

It may break your router, your computer, your network or anything else.
It may even burn down your house :fire: You have been warned!

Alternative way

Look here for an alternative way.


  1. crontab -l | grep -v "glddns-behind-another-router" | crontab -
  2. rm /usr/bin/glddns-behind-another-router

@japa182 Guess this could be something for you :wink:

1 Like

With this script can I create a network with a fixed IP to access my modem? without having that problem with the DDNS that keeps pulling the IP of this network that I created?

Yup. The script uses the real IP address, so it doesn’t matter what the Flint is telling you the IP on the WAN interface might be.

1 Like

How can I check if it’s working?

By… doing whatever you want to do by using DDNS?

Yes, but if I force the wan to restart and generate a new real IP, it will only update this IP after 30 minutes, correct?


And I can ignore this information, right? that as an error but your script “forces” the ddns update referring to my real IP correct?

That’s correct.

I hope so, that’s why it says [Testing!] in the thread title :laughing:
Or you can run /usr/bin/glddns-behind-another-router --cron to force it.

1 Like

Is there a way to make this script survive an update or backup?

Maybe later when more people test it.

1 Like

@admon GREAT work!


However I am a big fan of one linears.

The following one-linear runs every 5 minutes to update your public IP WITHOUT installing any packages/scripts on the system and does NOT require enabling the GLDDNS service from the Web GUI at all!

echo '*/5 * * * * curl --connect-timeout 4 -m4 "http://$(cat /proc/gl-hw-info/device_mac|tr -d ":"):$(cat /proc/gl-hw-info/device_sn)$(cat /proc/gl-hw-info/device_ddns)&myip=$(curl -s|jsonfilter -e @.ip)"' | crontab -

Note: the above cron job will survive across reboots!

And… if you need to manually update your public IP once, you can use the following one-linear:

curl --connect-timeout 4 -m4 "http://$(cat /proc/gl-hw-info/device_mac|tr -d ":"):$(cat /proc/gl-hw-info/device_sn)$(cat /proc/gl-hw-info/device_ddns)&myip=$(curl -s|jsonfilter -e @.ip)"

To verify that you Public IP has been bound correctly:

nslookup  $(cat /proc/gl-hw-info/device_ddns)

Will this command update the dynamic ip as soon as it changes?

It detects changes based on a 5 minute intervals, which should be sufficient!

1 Like

worked perfectly, thank you

It seems that it only works if you run the second command after the ip update, wireguard does not work, even though the real ip is correct in relation to ddns

curl --connect-timeout 4 -m4 "http://$(cat /proc/gl-hw-info/device_mac|tr -d ":"):$(cat /proc/gl-hw-info/device_sn)$(cat /proc/gl-hw-info/device_ddns)&myip=$(curl -s|jsonfilter -e @.ip)"

I’m going to give up on having a specific network for my modem and keep glddns activated as it has never caused any problems except when the server is attacked.

Explain clearly what do you mean ?!

Explain what do you mean?!

By the way, you original question was only about GLDDNS pulling the wrong public up when GL device is connected to upstream router! So all what admon and I have provided was to help you to automate things.

Even if you are right, you are not completely right :wink:
My script utilizes sudo -g nonevpn which will force all traffic through WAN instead of VPN. I guess that’s what @japa182 is talking about.

What difference does it make ?! You’re sending a single http packet to bind an IP. Whether you send it through a tunnel or not, once it reaches the server with the valid parameters, you get an ok.

Not clear what he means by wireguard !

I guess he wants to use WireGuard as VPN but still bind his dynamic ISP IP to DDNS.

exactly, I use ddns to link my real IP to use my wireguard server on the mt6000, so I can access my router from other devices such as cell phones and notebooks and also use my mt3000 as a wireguard client on the wireguard server made on the mt6000