Solved Run AdGuard as DNS on my NAS through Docker

Currently reading
Solved Run AdGuard as DNS on my NAS through Docker

20
4
Hi there,

Very happy to find this place where I might get some precious help!
I'm running through docker and docker-compose, AdGuard (kind of PiHole) on my Synology NAS.
My NAS is up to date.

As I want to use it as DNS on my router, I need it run on the port 80 (as not all devices can manage a DNS with a specific port).
To be able to do that, I have create a docker macvlan network following a nice tutorial found online.

Nevertheless, a macvlan can be accessed by all devices on the network expect by the host (my NAS) itself.
I learned that today while search how to solve my issue for hours :(

I would like to find a way to solve this for the following reasons:
  • It's annoying
  • I can't access it from other containers
  • My Syno can't use the DNS
  • The reverse proxy from the Syno can't go its job to provide HTTPS as it cant access it
Leads I have tried to dig:
  • Free 80/443 of my Syno, don't really like forcing stuff and didn't work
  • Using ipvlan instead of macvlan but Synology current Docker version seems to not support it

I have attached here the Reverse Proxy settings + the docker compose file.

Thanks for reading this. I hope someone as a solution.

Best
 

Attachments

  • reverse-general.PNG
    reverse-general.PNG
    10.4 KB · Views: 437
  • reverse-header.PNG
    reverse-header.PNG
    8.8 KB · Views: 439
  • reverse-advanced.PNG
    reverse-advanced.PNG
    9.3 KB · Views: 411
  • adguard.txt
    1.3 KB · Views: 122
773
291
NAS
DS216+II, DS118, DS718+, DS720+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. Android
I believe the dockers have to be connected to some kind of different docker bridge network. Then the NAS and other dockers connected to that network should then use the IP address of that different docker network. I've been trying to figure this out but no success.

Docker is starting to become less and less attractive to me...
 
A kernel security feature forbids that a macvlan ip and its parent network interface can communicate with each other. This is not a restriction of docker.

The section Host access of this blogpost Using Docker macvlan networks · The Odd Bit covers what needs to be done. Though, the solution will be ephemaral and needs to be reapplied on nas restart. Make sure to put those commands into a [email protected] start.

@Shadow: what is a docker? Are you refering to containers as dockers? if so, why?!
 
773
291
NAS
DS216+II, DS118, DS718+, DS720+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. Android
Last edited:
@Shadow: what is a docker? Are you refering to containers as dockers? if so, why?!

I should get a good night sleep before I post stuff via my mobile phone.

The section Host access of this blogpost Using Docker macvlan networks · The Odd Bit covers what needs to be done. Though, the solution will be ephemaral and needs to be reapplied on nas restart. Make sure to put those commands into a [email protected] start.

So if this is done right, then the host NAS can communicate to the containers with it's macvlan IP address? That would be awesome! Gonna look into this. Thanks!

Could you please link it? :)

If you'd use the search function on this forum, then you'd find this threat.
 
20
4
A kernel security feature forbids that a macvlan ip and its parent network interface can communicate with each other. This is not a restriction of docker.
I have read that afterwards that security is showing that the solution I chose have backside.

The section Host access of this blogpost Using Docker macvlan networks · The Odd Bit covers what needs to be done. Though, the solution will be ephemaral and needs to be reapplied on nas restart. Make sure to put those commands into a [email protected] start.
I will look this asap, thanks a lot for this information!
 
773
291
NAS
DS216+II, DS118, DS718+, DS720+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. Android
The section Host access of this blogpost Using Docker macvlan networks · The Odd Bit covers what needs to be done. Though, the solution will be ephemaral and needs to be reapplied on nas restart. Make sure to put those commands into a [email protected] start.

I will look this asap, thanks a lot for this information!

Well I can confirm that this indeed works...

1588266359812.png


My gosh. This is sweet. So now on the Synology DNS package I can just set the LAN IP of my AdGuard docker container as forwarder. And I can also confirm this works!
 
Its a simply trickery to bypass the limitations :) Don't forget to add a task to re-create the new macvlan interface after a reboot ....
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

  • Question
It is realy not complicated to translater container arguments to Synology UI settings. Here is what each...
Replies
2
Views
718
@one-eyed-king , I have tried your first step: sudo synogroup --add docker and encounter the following...
Replies
11
Views
20,845
Thank you for your feedback on the matter. There is no need to break this into multiple topics considering...
Replies
30
Views
7,173
I am trying to solve a similar case: I am going to run my nginx:stable-alpine web server in Docker, with...
Replies
16
Views
8,530
  • Locked
Locking this thread due to publish tutorial...
Replies
30
Views
11,682

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Top