Different DNS Servers in SRM?

Currently reading
Different DNS Servers in SRM?

144
32
jonohunt.design
NAS
DS1621+, DS1019+, DS218+
Operating system
  1. Linux
  2. macOS
  3. other
Mobile operating system
  1. iOS
In SRM's Network Center under Internet there's a 'Manually Configure DNS Server' option where we can add our Preferred DNS Server and an Alternative DNS Server.
Under Local Network > DHCP Server there's also fields to add Primary DNS and Secondary DNS.

What's the difference between the one under Internet, and the one under DHCP Server in Local Network settings? 🤔
 

fredbert

Moderator
NAS Support
Subscriber
4,075
1,614
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
  3. RT6600ax
Operating system
  1. macOS
Mobile operating system
  1. iOS
The Internet settings are for the router itself; the Local Network sets up the DHCP service for LAN/WLAN clients. In the DHCP server settings of SRM there's an option to add known DNS servers (i.e. the Internet setting's info). This gives you more configurability than some Internet routers.

When Safe Access first started it was possible to by-pass the DHCP configured DNS servers (e.g. if you had an internal DNS server resolving your own domain) if the 'add known' was enabled and those pointed to Internet DNS. It was a bit of a pain since SA wanted local devices to point to the SRM local IP for DNS and then intercept the requests. I got it working by setting Internet DNS to be the internet DNS server too. Haven't thought about if it has changed since then as I've got it working.

Internet DNS:
- primary: internal NAS DNS server
- secondary: Cloudflare 1.1.1.1

SRM's DHCP server:
- primary: SRM local IP
- secondary: internal NAS DNS server
- don't add known DNS

NAS DNS server:
- resolve my domain
- foward first to OpenDNS and then Cloudflare

It used to be common to configure Internet firewalls to block DNS 53/TCP requests and only allow 53/UDP, to stop zone transfers since UDP can't handle as much data.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

What you posted is correct, Rusty! The same type of Thing occurred in Tektronix, Ampex and Sony...
Replies
4
Views
352
I spoke repeatedly with tier 1 technical who eventually had me allow tier 2 to SSH in and poke around...
Replies
3
Views
321
Replies
26
Views
1,431
I've configured the OpenVPN server in SRM (in vpn plus server), and I've checked the 'allow clients to...
Replies
0
Views
659
Thank you for the answers. It is runninig now without that one line. Will look later if I really need this.
Replies
28
Views
8,007
Yep, thats what I'm doing as wel. Would be nice if Synology would come up with something like Microsoft IPAM.
Replies
6
Views
1,541
There was some changes to DNS and Safe Access, with people wanting to use their own internal pi-hole...
Replies
1
Views
1,303

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Top