Synology Configure Synology DNS + DD-WRT to access my blog from both Intranet and Internet

My blog is hosted at home on my NAS and accessed using the fully qualified domain name www.beatificabytes.be. Configuring adequately the Synology’s DNS service and my Buffalo router running DD-WRT, I can access it both from Internet and my Intranet using that url.

Click to Read More

To make my blog accessible from Internet, I have configured the “DDNS” service of my Synology.  Thanks to this “DDNS” Service, “Synology” links a hostname like “myNas.Disktation.me” to the dynamic IP I get from my Internet Provider – currently “Belgacom”. Next, I have configured a CNAME “www.beatificabytes.be” at my Domain Provider “Servage.net” as an alias of this hostname “myNas.Disktation.me”.

My VDSL Modem being the device physically accessible with the dynamic IP obtained from my Internet Provider, it is configured to forward incoming Internet traffic to my Buffalo router. And this one is forwarding the traffic for my blog to my NAS.

It obviously works fine for accesses from Internet. But if I try to access my NAS with that hostname from my home network (my intranet), the VDSL Modem does not forward me to the NAS via the router. Instead, I am redirected by the DNS of my Internet Provider to a page (http://Intranet IP of my Modem/dns_error) displaying:

Your internet connection is up, please close your browser and restart it again.

Uw internetverbinding is hersteld, gelieve uw browser eerst te sluiten en
daarna opnieuw te starten.

Votre connection internet fonctionne correctement, veuillez fermer votre
navigateur et le redémarrer.

My previous solution was to define the hostname www.beatificabytes.be in the host file (under C:\Windows\System32\drivers\etc) of my PC. So, instead of being resolved into the dynamic IP got from my Internet Provider (reason why I was reaching my VDSL Modem), that hostname was resolved directly into the IP of my NAS.

Using the host file is however a real pain as it must be completed and maintained manually on all the devices. Also, it only works fine for Windows machines and not for my Phone, my Tablet, etc… So, I wanted a more global solution.

I found that I could configure a host file directly on my Buffalo Router as explained here: http://commonbits.wordpress.com/2013/03/26/using-dd-wrt-for-local-dns-and-dhcp/. More details here: http://www.dd-wrt.com/wiki/index.php/DNSMasq_as_DHCP_server.

I could also simply configure my Buffalo Router to provide each DHCP client with the IP of the ppen DNS of Google (8.8.8.8. and 8.8.4..4) instead of the DNS of my Internet Provider.

But I was interested in testing the DNS Server package of Synology. And I found that it’s not that hard to configure it to resolve the hostname locally instead of querying the DNS of my Internet Provider.

First, configure the NAS like this:

  1. Install and run the DNS Server Package via the Package Center
  2. Open the DNS Server Panel via DSM Start > DNS Server
  3. Select the “Zones” tab
  4. Click on “Create” and select “Master Zone”
  5. Select a “Domain type”: forward zone
  6. In “Domain name”, enter the domain name used by the blog
  7. In “Master DNS server”, enter the IP address of the NAS
  8. Keep other settings as by default and click “Ok”.
  9. Double click the new entry to edit its content. You should see two prefilled records respectively of type “A” and “NS”.
  10. Click on “Create” and add a new record of type “A”
    1. Name: (leave blank)
    2. TTL: (use the default)
    3. IP address: type the IP address of the NAS
  11. Also add another record of type “A” with Name “www”.

And that’s it for the DNS Server configuration. I didn’t change anything else, including in the “Resolution” tab, …

Next, configure the DD-WRT like this:

  1. Go to the tab Services
    1. Set “Used Domain” = WAN
    2. Set “LAN Domain” = Any name you want. It does not need to be the domain name of the blog. I am using my “Workgroup” (Yes, I still use a that)
    3. Check that the NAS has a static IP configured in the “Static Leases” table
    4. Set “DNSMasq” = Disabled
  2. Go to the tab Setup > Basic Setup
    1. Set “Connection Type” = Automatic Configuration – DHCP
    2. Set “Router Name” = SomeName
    3. Set “Hostname” = Same name as above
    4. Set “Domain Name” = (I kept it blank as I am not really working with a domain at home)
    5. Set “Local IP Address” = x.x.x.x (E.g.: 192.168.0.1)
    6. Set “Subnet Mask” = 255.255.255.0
    7. Set “Gateway” = local IP of the VDSL Modem (E.g.: 192.168.1.1)
    8. Set “Local DNS” = local IP of my NAS
    9. Set “DHCP Type” = DHCP Server
    10. Set “DHCP Server” = Enabled
    11. Set “Static DNS 1” = 0.0.0.0 (Later, I did set here the IP of my Adsl Modem which is configured to forward the DNS request to my Internet provider. I could also have use Google DNS: 8.8.8.8 or 8.8.4.4)
    12. Set “Static DNS 2” = 0.0.0.0
    13. Set “Static DNS 3” = 0.0.0.0
    14. Set “WINS” = 0.0.0.0
    15. Set “Use DNSMasq for DHCP” = unchecked
    16. Set “Use DNSMasq for DNS” = unchecked

This is working for me but DNSMasq being disabled, there is no caching on the DNS name resolution or even on the NetBios name (DNSMasq can intelligently add DHCP leases to its DNS database, providing local name lookups for any DHCP client, static or dynamic). And solving names seems to me precisely quite slow for the Browsers. So, I decided to try to enable DSNMasq.

  1. Back into the Tab “Services”,
    1. Set “DNSMasq” = Enabled
    2. Set “Local DNS” = Disabled (If I enable it, I lose access to the Synology DSN ?!)
    3. Set “No DNS Rebind” = Enable
    4. Set “Additional DNSMasq Options” = (I kept it blank but was hesitating to enforce a strict order on the DNS to be used to resolves name):
      1. strict-order
      2. dhcp-option=6,<NAS IP comes here>,8.8.8.8,8.8.4.4 (ex.: I use here the open DNS of Google).
  2. Finally, in the tab Setup > Basic Setup
    1. Set “Use DNSMasq for DHCP” = checked
    2. Keep “Use DNSMasq for DNS” = unchecked (If I check it, I lose access to the Synology DSN ?!)
    3. Set “DHCP-Authoritative” = checked.

I am actually not convinced this is correct and improving the resolution in any way. So,”to be continued”… But in the meantime, I can access my blog with its fully qualified domain name from both my Intranet and Internet and now a bit more about DNS configuration :p

Notice:  You can have a lot of troubles while testing the various settings on the DD-WRT as many values are cached either on the Synology, or on your PC. Ideally, you should reboot all the devices after each change in the router settings. At least, reset the network interface of your NAS (telnet as root and execute /etc/rc.network restart) and renew your PC network settings (ipconfig /release and ipconfig /renew). Best would be to do that after a Router reboot (telenet as root and execute reboot)

Hardwares Upgrade firmware of Buffalo WZR-HP-G300NH

Buffalo WZR-HP-G300NH v1

Buffalo WZR-HP-G300NH v1

I have upgraded the firmware of my Buffalo WZR-HP-G300NH (v1) with the latest version of dd-wrt… seamlessly !

Click to Read More

My Buffalo bought end of 2010 was pre-installed with a version of dd-wrt (a.k.a the “Pro” firmware of Buffalo which was installed by default as of the second half of 2010 instead of their ‘friendly’ firmware).

  1. In the dd-wrt router database, I have searched for WZR-HP-G300H and found it was supported by v24-preSP2.
  2. I went to the file server where dd-wrt firmwares v24-preSP2 are available.
  3. On that file server, I went to the more recent sub-folder (/2013/02-11-2013-r20675) and looked for the folder “buffalo_wzr-hp-g300nh” and fetched the firmware “wzr-hp-g300nh-dd-wrt-webupgrade-MULTI.bin” (The other one “buffalo_to_ddwrt_webflash-MULTI.bin” is to upgrade from the Buffalo ‘Friendly’ firmware – which used to be installed by default before the second half of 2010).
  4. Using my laptop connected via wifi, I went to the “firmware update” page of my Buffalo, via its web interface menu “Administration > Firmware Upgrade”.
  5. I chose “don’t reset”  after flashing, selected the firmware downloaded previously on my laptop and clicked “Upgrade”. It took quite a few minutes.
  6. Next, the countdown being completed, I have refreshed my browser and the new interface appeared. The previous one was red with “Buffalo” displayed on top. The new one is mainly black/blue and yellow without Buffalo displayed anymore.

Everything was still working fine immediately after the upgrade, without any lost of settings. I.e. mainly (from my point of view):

  • The Buffalo IP address, which was a custom one, didn’t change.
  • The Port Forwarding where still configured in NAT/QoS > Port Forwarding.
  • The wol addresses where still available in Administration > Wol.
  • The Static Leases of the DHCP Server where still configured in Services > Services.

dd-wrt wiki for WZR-HP-G300NH : http://www.dd-wrt.com/wiki/index.php/Buffalo_WZR-HP-G300NH

Buffalo : http://www.buffalotech.com/products/wireless/single-band-wireless-routers/airstation-highpower-n300-gigabit-dd-wrt-wireless-router

Synology Buffalo + DD-WRT: Disable “Cross Site Action detected”

I have so many devices and services on my LAN that I can’t remember all their Urls: IP Camera, VDSL modem, Network Printer, Router, File Server, Backup Server, VMWare Server, NAS, Blog, etc… So, I did create an administration page (php) on my NAS to list them with their intranet or internet address depending on the variable $_SERVER[‘SERVER_NAME’].

Unfortunately, when clicking on the link to my Router’s web interface (a Buffalo WZR-HP-G300NH with DD-WRT v24SP2), this one returns the message “Cross Site Action detected”.

As the purpose is not for me to copy the Url manually, I did look how to disable this protection on the Buffalo and here is the tip: Click to read more

  1. Run a telnet or ssh console
  2. Log on as ‘root’ even if you changed the default username via the web interface (the default password is ‘admin’ but I hope you did change it).
  3. And type the following commands:
  • nvram set no_crossdetect=1
  • nvram commit

That’s it.

P.S.: more information on SSH/Telnet and the CLI here.