Solved Run AdGuard as DNS on my NAS through Docker

Currently reading
Solved Run AdGuard as DNS on my NAS through Docker

18
1
Hi there,

Very happy to find this place where I might get some precious help!
I'm running through docker and docker-compose, AdGuard (kind of PiHole) on my Synology NAS.
My NAS is up to date.

As I want to use it as DNS on my router, I need it run on the port 80 (as not all devices can manage a DNS with a specific port).
To be able to do that, I have create a docker macvlan network following a nice tutorial found online.

Nevertheless, a macvlan can be accessed by all devices on the network expect by the host (my NAS) itself.
I learned that today while search how to solve my issue for hours :(

I would like to find a way to solve this for the following reasons:
  • It's annoying
  • I can't access it from other containers
  • My Syno can't use the DNS
  • The reverse proxy from the Syno can't go its job to provide HTTPS as it cant access it
Leads I have tried to dig:
  • Free 80/443 of my Syno, don't really like forcing stuff and didn't work
  • Using ipvlan instead of macvlan but Synology current Docker version seems to not support it

I have attached here the Reverse Proxy settings + the docker compose file.

Thanks for reading this. I hope someone as a solution.

Best
 

Attachments

  • reverse-general.PNG
    reverse-general.PNG
    10.4 KB · Views: 90
  • reverse-header.PNG
    reverse-header.PNG
    8.8 KB · Views: 93
  • reverse-advanced.PNG
    reverse-advanced.PNG
    9.3 KB · Views: 67
  • adguard.txt
    1.3 KB · Views: 31

Shadow

Subscriber
467
161
NAS
DS216+II, DS118, DS718+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. Android
I believe the dockers have to be connected to some kind of different docker bridge network. Then the NAS and other dockers connected to that network should then use the IP address of that different docker network. I've been trying to figure this out but no success.

Docker is starting to become less and less attractive to me...
 
A kernel security feature forbids that a macvlan ip and its parent network interface can communicate with each other. This is not a restriction of docker.

The section Host access of this blogpost Using Docker macvlan networks · The Odd Bit covers what needs to be done. Though, the solution will be ephemaral and needs to be reapplied on nas restart. Make sure to put those commands into a [email protected] start.

@Shadow: what is a docker? Are you refering to containers as dockers? if so, why?!
 

Shadow

Subscriber
467
161
NAS
DS216+II, DS118, DS718+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. Android
Last edited:
@Shadow: what is a docker? Are you refering to containers as dockers? if so, why?!

I should get a good night sleep before I post stuff via my mobile phone.

The section Host access of this blogpost Using Docker macvlan networks · The Odd Bit covers what needs to be done. Though, the solution will be ephemaral and needs to be reapplied on nas restart. Make sure to put those commands into a [email protected] start.

So if this is done right, then the host NAS can communicate to the containers with it's macvlan IP address? That would be awesome! Gonna look into this. Thanks!

Could you please link it? :)

If you'd use the search function on this forum, then you'd find this threat.
 
18
1
A kernel security feature forbids that a macvlan ip and its parent network interface can communicate with each other. This is not a restriction of docker.
I have read that afterwards that security is showing that the solution I chose have backside.

The section Host access of this blogpost Using Docker macvlan networks · The Odd Bit covers what needs to be done. Though, the solution will be ephemaral and needs to be reapplied on nas restart. Make sure to put those commands into a [email protected] start.
I will look this asap, thanks a lot for this information!
 

Shadow

Subscriber
467
161
NAS
DS216+II, DS118, DS718+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. Android
The section Host access of this blogpost Using Docker macvlan networks · The Odd Bit covers what needs to be done. Though, the solution will be ephemaral and needs to be reapplied on nas restart. Make sure to put those commands into a [email protected] start.

I will look this asap, thanks a lot for this information!

Well I can confirm that this indeed works...

1588266359812.png


My gosh. This is sweet. So now on the Synology DNS package I can just set the LAN IP of my AdGuard docker container as forwarder. And I can also confirm this works!
 
Its a simply trickery to bypass the limitations :) Don't forget to add a task to re-create the new macvlan interface after a reboot ....
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Similar threads

Similar threads

Trending threads

Top