Configure Synology DNS + DD-WRT to access my blog from both Intranet and Internet

My blog is hosted at home on my NAS and accessed using the fully qualified domain name www.beatificabytes.be. Configuring adequately the Synology’s DNS service and my Buffalo router running DD-WRT, I can access it both from Internet and my Intranet using that url.

Click to Read More

To make my blog accessible from Internet, I have configured the “DDNS” service of my Synology.  Thanks to this “DDNS” Service, “Synology” links a hostname like “myNas.Disktation.me” to the dynamic IP I get from my Internet Provider – currently “Belgacom”. Next, I have configured a CNAME “www.beatificabytes.be” at my Domain Provider “Servage.net” as an alias of this hostname “myNas.Disktation.me”.

My VDSL Modem being the device physically accessible with the dynamic IP obtained from my Internet Provider, it is configured to forward incoming Internet traffic to my Buffalo router. And this one is forwarding the traffic for my blog to my NAS.

It obviously works fine for accesses from Internet. But if I try to access my NAS with that hostname from my home network (my intranet), the VDSL Modem does not forward me to the NAS via the router. Instead, I am redirected by the DNS of my Internet Provider to a page (http://Intranet IP of my Modem/dns_error) displaying:

Your internet connection is up, please close your browser and restart it again.

Uw internetverbinding is hersteld, gelieve uw browser eerst te sluiten en
daarna opnieuw te starten.

Votre connection internet fonctionne correctement, veuillez fermer votre
navigateur et le redémarrer.

My previous solution was to define the hostname www.beatificabytes.be in the host file (under C:\Windows\System32\drivers\etc) of my PC. So, instead of being resolved into the dynamic IP got from my Internet Provider (reason why I was reaching my VDSL Modem), that hostname was resolved directly into the IP of my NAS.

Using the host file is however a real pain as it must be completed and maintained manually on all the devices. Also, it only works fine for Windows machines and not for my Phone, my Tablet, etc… So, I wanted a more global solution.

I found that I could configure a host file directly on my Buffalo Router as explained here: http://commonbits.wordpress.com/2013/03/26/using-dd-wrt-for-local-dns-and-dhcp/. More details here: http://www.dd-wrt.com/wiki/index.php/DNSMasq_as_DHCP_server.

I could also simply configure my Buffalo Router to provide each DHCP client with the IP of the ppen DNS of Google (8.8.8.8. and 8.8.4..4) instead of the DNS of my Internet Provider.

But I was interested in testing the DNS Server package of Synology. And I found that it’s not that hard to configure it to resolve the hostname locally instead of querying the DNS of my Internet Provider.

First, configure the NAS like this:

  1. Install and run the DNS Server Package via the Package Center
  2. Open the DNS Server Panel via DSM Start > DNS Server
  3. Select the “Zones” tab
  4. Click on “Create” and select “Master Zone”
  5. Select a “Domain type”: forward zone
  6. In “Domain name”, enter the domain name used by the blog
  7. In “Master DNS server”, enter the IP address of the NAS
  8. Keep other settings as by default and click “Ok”.
  9. Double click the new entry to edit its content. You should see two prefilled records respectively of type “A” and “NS”.
  10. Click on “Create” and add a new record of type “A”
    1. Name: (leave blank)
    2. TTL: (use the default)
    3. IP address: type the IP address of the NAS
  11. Also add another record of type “A” with Name “www”.

And that’s it for the DNS Server configuration. I didn’t change anything else, including in the “Resolution” tab, …

Next, configure the DD-WRT like this:

  1. Go to the tab Services
    1. Set “Used Domain” = WAN
    2. Set “LAN Domain” = Any name you want. It does not need to be the domain name of the blog. I am using my “Workgroup” (Yes, I still use a that)
    3. Check that the NAS has a static IP configured in the “Static Leases” table
    4. Set “DNSMasq” = Disabled
  2. Go to the tab Setup > Basic Setup
    1. Set “Connection Type” = Automatic Configuration – DHCP
    2. Set “Router Name” = SomeName
    3. Set “Hostname” = Same name as above
    4. Set “Domain Name” = (I kept it blank as I am not really working with a domain at home)
    5. Set “Local IP Address” = x.x.x.x (E.g.: 192.168.0.1)
    6. Set “Subnet Mask” = 255.255.255.0
    7. Set “Gateway” = local IP of the VDSL Modem (E.g.: 192.168.1.1)
    8. Set “Local DNS” = local IP of my NAS
    9. Set “DHCP Type” = DHCP Server
    10. Set “DHCP Server” = Enabled
    11. Set “Static DNS 1” = 0.0.0.0 (Later, I did set here the IP of my Adsl Modem which is configured to forward the DNS request to my Internet provider. I could also have use Google DNS: 8.8.8.8 or 8.8.4.4)
    12. Set “Static DNS 2” = 0.0.0.0
    13. Set “Static DNS 3” = 0.0.0.0
    14. Set “WINS” = 0.0.0.0
    15. Set “Use DNSMasq for DHCP” = unchecked
    16. Set “Use DNSMasq for DNS” = unchecked

This is working for me but DNSMasq being disabled, there is no caching on the DNS name resolution or even on the NetBios name (DNSMasq can intelligently add DHCP leases to its DNS database, providing local name lookups for any DHCP client, static or dynamic). And solving names seems to me precisely quite slow for the Browsers. So, I decided to try to enable DSNMasq.

  1. Back into the Tab “Services”,
    1. Set “DNSMasq” = Enabled
    2. Set “Local DNS” = Disabled (If I enable it, I lose access to the Synology DSN ?!)
    3. Set “No DNS Rebind” = Enable
    4. Set “Additional DNSMasq Options” = (I kept it blank but was hesitating to enforce a strict order on the DNS to be used to resolves name):
      1. strict-order
      2. dhcp-option=6,<NAS IP comes here>,8.8.8.8,8.8.4.4 (ex.: I use here the open DNS of Google).
  2. Finally, in the tab Setup > Basic Setup
    1. Set “Use DNSMasq for DHCP” = checked
    2. Keep “Use DNSMasq for DNS” = unchecked (If I check it, I lose access to the Synology DSN ?!)
    3. Set “DHCP-Authoritative” = checked.

I am actually not convinced this is correct and improving the resolution in any way. So,”to be continued”… But in the meantime, I can access my blog with its fully qualified domain name from both my Intranet and Internet and now a bit more about DNS configuration :p

Notice:  You can have a lot of troubles while testing the various settings on the DD-WRT as many values are cached either on the Synology, or on your PC. Ideally, you should reboot all the devices after each change in the router settings. At least, reset the network interface of your NAS (telnet as root and execute /etc/rc.network restart) and renew your PC network settings (ipconfig /release and ipconfig /renew). Best would be to do that after a Router reboot (telenet as root and execute reboot)

Loading


Categories:

Tags:


Comments

4 responses to “Configure Synology DNS + DD-WRT to access my blog from both Intranet and Internet”

  1. Valery Letroye Avatar

    After the upgrade to DSM 5.0, I was unable to connect to Internet anymore from my NAS. I had various error message like “Download failed”, “Connection failed”, “Check your Internet Connection”, “Cannot Resolve the IP address of the Server”…

    I did solve it by simply enabling the “Resolution Service” in the “DNS Server”. Nothing else (I didn’t “enable forwarders”).
    [Edit] 2017: I did enable the forwarders as some sub-domains are not hosted on my NAS anymore:
    – forward 1: 8.8.8.8
    – forward 2: 8.8.8.4
    – forward policy: forward first

    1. Valery Letroye Avatar

      After the update of my DSM 5.0 with the latest security fixes, I had again the same connectivity issue… Details are here: /wordpress/update-dsm-5-0-with-the-latest-fixes/

  2. Sachin Gopal Avatar

    Hi,
    Got a strange problem, the forwarding seems not to work for me for port 80. For all other ports it works. Any input ?

    –Sachin Gopal

    1. Valery Letroye Avatar

      Usually this is due to the internet provider blocking port 80. But, although mine didn’t block it, it happened to me a few weeks ago that the port 80 was not forwarded anymore. I solved this issue with a reset factory of my modem (not my router).

      V.

Leave a Reply

Your email address will not be published. Required fields are marked *