Apparent internal DNS issue

[dslamguy]

I have a brandy new RT6600ax which I have just installed to replace my old Netgear Router. I have a DS216+ running DSM 7.1 on this network and it runs AD, DHCP, and DNS servers. The DS216+ is 192.168.1.20 and it forwards dns requests to the router at 192.168.1.1. I am running a DNS server on the router and it in-turn forwards dns requests to 9.9.9.9 and 1.1.1.1.

Everything on the network seems to be working well.

But, the SRM will not synchronize time using Control Panel->System->Regional Options to time.nist.gov or any named ntp server. However, if I type in 192.168.1.20, the address of my DS216+, it will synch time perfectly. I can only assume that the SRM is not resolving dns internally. Does anyone have any ideas of how to fix this? Since I want to enable 2FA, I would prefer not to have it depend on the NAS, since the router is really the center of the network. I want it to go to an outside NTP server.

 

[fredbert]

SRM requires you to configure the Network Center’s Internet page for the OS itself. Here you will find the DNS server fields that are used by SRM for its own purposes, e.g. NTP server resolution and Package Center.

The DNS server package on SRM is for client use, though you could set SRM network parameters to use it by setting the primary DNS server to 192.168.1.1.

 

[dslamguy]

This is how I have it provisioned. So I don't think this is the problem (or this is not where the SRM is getting its DNS for internal use).

 

[Gerard]

View attachment 10335
This is how I have it provisioned. So I don't think this is the problem (or this is not where the SRM is getting its DNS for internal use).

Looks good. Now go to lan and what’s the settings there, specifically what’s giving out dhcp and the dns information

 

[dslamguy]

The router has DHCP disabled on the LAN. It's the NAS that is hosting DHCP. There is no reason why the router needs to be the DHCP server, although I admit this is non-traditional. I would guess this is where the bug is. The router does not broadcast for DHCP as a client if the router's DHCP server is disabled, nor does it use the LAN-side configured DNS values.

 

[Gerard]

The router has DHCP disabled on the LAN. It's the NAS that is hosting DHCP. There is no reason why the router needs to be the DHCP server, although I admit this is non-traditional.

Ok so nas is the dhcp, just confirm again what is the dns server of your network, the router or the nas?

 

[dslamguy]

Yes. Because the router DNS server is running.

BTW, I was set up this way with my Netgear router without a problem, although there was nothing internal to the Netgear that required name resolution.

 

[Gerard]

Yes. Because the router DNS server is running.

BTW, I was set up this way with my Netgear router without a problem, although there was nothing internal to the Netgear that required name resolution.

I don’t have one of those routers. Is there a diagnostics page where you can run pings? Can you ping outside ip addresses vs can you ping outside dns addresses?

-- post merged: 3. Aug 2022 --

Can you post a screenshot of the screen where the router local IP address is set, on there should also be the dns field what is that set to?

 

[dslamguy]

Yes, there is even Traceroute on the Synology router and it does not work properly with names. It cannot resolve names. The old Netgear did not have this capability. The Synology is a much superior router, which is why I upgraded. But this is annoying.

 

[Gerard]

Can you post a screenshot of the screen where the router local IP address is set, on there should also be the dns field what is that set to?

 

[dslamguy]

There is no place to enter the DNS if the DHCP is disabled. But DNS is entered on the WAN side (one of the first images I shared).

 

[Gerard]

View attachment 10359
View attachment 10360
There is no place to enter the DNS if the DHCP is disabled. But DNS is entered on the WAN side (one of the first images I shared).

The ipv4 dhcp is not the right place. That is if you want the router to provide dhcp services.

There should be another screen where you can configure the IP address of just the router, should have 192.168.1.1 and then there should be the other fields for dns. I’d like to see that specifically.

-- post merged: 3. Aug 2022 --

There’s 3 places to enter dns information. 1) wan side 2) if you setup dhcp service for a lan and 3) the local ip settings of the router itself. # 3 is where we need to rule out

 

[dslamguy]

Sorry, there is no #3. There is no place to enter local IP address dns settings.

-- post merged: 3. Aug 2022 --

I wonder if I could telnet to router?

 

[Gerard]

Sorry, there is no #3. There is no place to enter local IP address dns settings.
View attachment 10363

-- post merged: 3. Aug 2022 --

I wonder if I could telnet to router?

Are you running the synology firewall on:

The nas?
The router?

 

[dslamguy]

Nope. Can't telnet.

That graphic is very low resolution, but I can see it just well enough. This is an RT6600ax, which is a very new router. It does not have that screen. You must be looking at one of the other Synology routers.

Yes, I am running the firewall on the router. I don't think there is an option to turn it off.

 

[Gerard]

That graphic is very low resolution, but I can see it just well enough.

Disregard the graphic. The drop down above was actually for dhcp of the ip4 network, therefore I deleted that post. I’m not sure out of the box what is needed for the synology router to resolve dns. You have the dns entries set on the wan side, I’m not sure if the router uses that, which I assume it would. Very strange I’m out of ideas.

-- post merged: 3. Aug 2022 --

Where is the router connected to on the wan side. Directly to your isp modem? Is it an isp modem/router combo?

 

[dslamguy]

I have opened a ticket with Synology, but so far their tech support is just providing stupid comments like use 8.8.8.8 for the WAN side DNS instead of 9.9.9.9 and see if it works.

-- post merged: 3. Aug 2022 --

But thanks for your help!!!

-- post merged: 3. Aug 2022 --

The router is connected on the WAN side to a Verizon ONT for FIOS.

 

[Gerard]

I have opened a ticket with Synology, but so far their tech support is just providing stupid comments like use 8.8.8.8 for the WAN side DNS instead of 9.9.9.9 and see if it works.

-- post merged: 3. Aug 2022 --

But thanks for your help!!!

-- post merged: 3. Aug 2022 --

The router is connected on the WAN side to a Verizon ONT for FIOS.

I would deff try using a dns server such as 8.8.8.8 just to rule things in or out and to help determine where this is hiccuping at.

 

[dslamguy]

Yes, I went through the motions. No difference.

 

[Gerard]

Yes, I went through the motions. No difference.

What dns is your client devices using for dns? Are they pointing to the synology nas?

If so can you point the router to the nas for dns? What’s the result?

This is one of those things where I’d be able to figure out but I’d have to be on it and just look everywhere. I feel like it’s something small and stupid.

-- post merged: 3. Aug 2022 --

This is right from SRM’s manual. Can you go to this location (primary interface) and poke around all around those pages. Is there anything about setting up the IP address of the router and dns?

2 Configure basic network settings:
• Decide how your Synology Router obtains the IP address (at Network Center > Internet > Connection > Primary Interface > Connection Type).

-- post merged: 3. Aug 2022 --

Sorry, there is no #3. There is no place to enter local IP address dns settings.
View attachment 10363

-- post merged: 3. Aug 2022 --

I wonder if I could telnet to router?

Looking back at this I wonder if this is just setting the interface network which is then assigned to a router port. If so this is not the routers’ configuration page of where the IP address of the router is set.