Solved Run AdGuard as DNS on my NAS through Docker

Currently reading
Solved Run AdGuard as DNS on my NAS through Docker

Mnl-

Mnl-

20
4
Hi there,

Very happy to find this place where I might get some precious help!
I'm running through docker and docker-compose, AdGuard (kind of PiHole) on my Synology NAS.
My NAS is up to date.

As I want to use it as DNS on my router, I need it run on the port 80 (as not all devices can manage a DNS with a specific port).
To be able to do that, I have create a docker macvlan network following a nice tutorial found online.

Nevertheless, a macvlan can be accessed by all devices on the network expect by the host (my NAS) itself.
I learned that today while search how to solve my issue for hours :(

I would like to find a way to solve this for the following reasons:
  • It's annoying
  • I can't access it from other containers
  • My Syno can't use the DNS
  • The reverse proxy from the Syno can't go its job to provide HTTPS as it cant access it
Leads I have tried to dig:
  • Free 80/443 of my Syno, don't really like forcing stuff and didn't work
  • Using ipvlan instead of macvlan but Synology current Docker version seems to not support it

I have attached here the Reverse Proxy settings + the docker compose file.

Thanks for reading this. I hope someone as a solution.

Best
 

Attachments

  • reverse-general.PNG
    reverse-general.PNG
    10.4 KB · Views: 499
  • reverse-header.PNG
    reverse-header.PNG
    8.8 KB · Views: 500
  • reverse-advanced.PNG
    reverse-advanced.PNG
    9.3 KB · Views: 472
  • adguard.txt
    1.3 KB · Views: 133
I believe the dockers have to be connected to some kind of different docker bridge network. Then the NAS and other dockers connected to that network should then use the IP address of that different docker network. I've been trying to figure this out but no success.

Docker is starting to become less and less attractive to me...
 
A kernel security feature forbids that a macvlan ip and its parent network interface can communicate with each other. This is not a restriction of docker.

The section Host access of this blogpost Using Docker macvlan networks · The Odd Bit covers what needs to be done. Though, the solution will be ephemaral and needs to be reapplied on nas restart. Make sure to put those commands into a task@system start.

@Shadow: what is a docker? Are you refering to containers as dockers? if so, why?!
 
Last edited:
one-eyed-king said:
@Shadow: what is a docker? Are you refering to containers as dockers? if so, why?!
Click to expand...

I should get a good night sleep before I post stuff via my mobile phone.

one-eyed-king said:
The section Host access of this blogpost Using Docker macvlan networks · The Odd Bit covers what needs to be done. Though, the solution will be ephemaral and needs to be reapplied on nas restart. Make sure to put those commands into a task@system start.
Click to expand...

So if this is done right, then the host NAS can communicate to the containers with it's macvlan IP address? That would be awesome! Gonna look into this. Thanks!

Mnl- said:
Could you please link it? :)
Click to expand...

If you'd use the search function on this forum, then you'd find this threat.
 
one-eyed-king said:
A kernel security feature forbids that a macvlan ip and its parent network interface can communicate with each other. This is not a restriction of docker.
Click to expand...
I have read that afterwards that security is showing that the solution I chose have backside.

one-eyed-king said:
The section Host access of this blogpost Using Docker macvlan networks · The Odd Bit covers what needs to be done. Though, the solution will be ephemaral and needs to be reapplied on nas restart. Make sure to put those commands into a task@system start.
Click to expand...
I will look this asap, thanks a lot for this information!
 
one-eyed-king said:
The section Host access of this blogpost Using Docker macvlan networks · The Odd Bit covers what needs to be done. Though, the solution will be ephemaral and needs to be reapplied on nas restart. Make sure to put those commands into a task@system start.
Click to expand...

Mnl- said:
I will look this asap, thanks a lot for this information!
Click to expand...

Well I can confirm that this indeed works...

1588266359812.png


My gosh. This is sweet. So now on the Synology DNS package I can just set the LAN IP of my AdGuard docker container as forwarder. And I can also confirm this works!
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Register

Log in

Already have an account? Log in here.

Similar threads

J
DSM 7.1 What is the different between run docker-compose in ssh or using container manager project?
I have no idea what you are doing, but I just tested it based on the instructions of the guide you linked...
Replies
11
Views
1,375
one-eyed-king
one-eyed-king
maravac
Any videocall OR web conferencing service available to run in Docker?
From Mattermost selfhosted collaboration platform...
Replies
5
Views
1,234
Rusty
Rusty
B
  • Question
DSM 7.1 Advise on how to run or set up a container that needs extra command instructions
It is realy not complicated to translater container arguments to Synology UI settings. Here is what each...
Replies
2
Views
1,523
one-eyed-king
one-eyed-king
R
Run container via a scheduled task on Synology
Same here This worked for me: Task script: #!/bin/bash cd /volume1/docker/[directory where...
Replies
10
Views
4,940
schnill
S
D
docker run command line options from gui
thanks - will play with it
Replies
2
Views
10,912
darrenoakey
D
Telos
Question Permissions for User to run Docker?
@one-eyed-king , I have tried your first step: sudo synogroup --add docker and encounter the following...
Replies
11
Views
27,983
mrkgoh
M
fredbert
Question Anyone run FreshRSS in Docker?
Thank you for your feedback on the matter. There is no need to break this into multiple topics considering...
2
Replies
30
Views
8,725
Rusty
Rusty

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Register

Trending threads

Back
Top