RouterOS的IPv6 DDNS自用脚本
2025-09-23 10:01:49

使用cloudflare托管域名

获取dnsid,ZONEID,TOKEN 使用你自己的即可 toekn只需要dns权限即可

curl --request GET \
  --url "https://api.cloudflare.com/client/v4/zones/ZONEID/dns_records?type=AAAA&name=xxx.xxx.com" \
  --header "Content-Type: application/json" \
  --header "Authorization: Bearer TOKEN"

这个脚本必须命名为”ddns” 因为它会把之前的IP存在COMMENT注释里

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
:local token "";
:local zoneId "";
:local dnsId "";
:local domain "";

#从v6 dhcp客户端获取ipv6地址前缀
:local ip [/ipv6 dhcp-client get pppoe-out1 prefix];

#过滤出v6地址并且放入脚本comment注释
:set $ip [:pick $ip 0 [:find $ip "/"]];
:local lastIp [/system script get ddns comment];

#拼接参数组成请求体
:local address "https://api.cloudflare.com/client/v4/zones/$zoneId/dns_records/$dnsId";
:local header "Authorization: Bearer $token,Content-Type:application/json";
:local body "{\"type\":\"AAAA\",\"name\":\"$domain\",\"content\":\"$ip\",\"ttl\":120,\"proxied\":false}";

#判断注释ip与获取ip是否不相等,结果true即可执行更新请求,并将新ip写到注释
:if ($lastIp != $ip) do={
    :put $address;    
    /tool fetch url=$address  http-method=put output=none http-header-field=$header http-data=$body;
    /system script set ddns comment=$ip;
#此两条是配合wireguard使用的防火墙规则,允许v6地址的指定端口链接
#    /ipv6 firewall address-list reset [fin list=WireGuardList] address=$ip
#    /ipv6 firewall address-list comment [fin list=WireGuardList] comment="WireGuard IPV6 IP List"
}

先运行一次,可以看到更新成功了,再运行一次没反应,说明从Comment里读到IP并认为相同,不需要更新。

参考 https://velaciela.ms/routeros-using-cloudflare-update-ddns-ipv6-only

2025-09-23 10:01:49
Next