Configuring Synology DNS as a secondary Server is a simple operation. Simply put there are built-in and downloadable Apps that further extend the functionalities of these NAS boxes. And there are plenty of them divided by categories. Now to the question as to why would I need a second DNS server? Well there are plenty of reasons and in particular all focused on the availability of the data in this case DNS records data. Why are they so important? More and more apps, hosts and devices on the network communicate with each other relying on name services and of course just the “standard DNS” is key to the large majority of applications. Without a name resolver some applications might not even be fully working.
Production environments should always have a protection plan which provides a line of defence not just against data loss but also availability for the data. And homelabs these days are not that different. When making this considerations I was wondering if there was a way to easily replicate DNS data to a different system. Now obviously the requirements for a homelab are less stringent and demanding compared to a Production environment. During my testing and breaking things of course I have been in a situation where some components and applications were not working properly. The reason? The DNS server was missing. The dichotomy in this case is the DNS Server is generally running as part of the virtual infrastructure. But what if that VM running the DNS Server or even the Host associated to that VM is not operating as expected? That’s right, this is the beginning of troubleshooting for issues that in “theory” shouldn’t be there.
This is where the Synology DNS Server configured as backup or the primary one can help. Well at least in a homelab! Let’s assume for some reason the Primary DNS server is not running. The secondary one running directly on the synology NAS will help resolving queries. Of course the second one can be a single point of failure! But let’s face it if the storage is not available at all chances are we need to troubleshoot a bigger problem than the DNS server down!
So in this article a quick how to install and configure the Synology DNS server app we can use as secondary or slave zone to our primary running with Active Directory.
Synology DNS Server configuration
From the Synology Desktop let’s go into the Package Center to install or configure the Synology DNS package.
The Package Center will show the installed apps.
Let’s search for DNS and start proceeding with the installation. The NAS requires access to the internet to search and download the necessary files. As an alternative it is also possible to run an offline installation of the Synology packages. The install phase only takes a few seconds. Usually these apps are small in size and already optimized.
We are now ready to start the Synology DNS Server configuration. First thing would be to create a “Zone”.
Let’s use Create to add the DNS Server zone running as “Slave”. This zone will import all the DNS Records from the primary DNS zone already installed and configured in Active Directory (or other sources, platforms).
In the wizard we should specify something similar to the following. Domain type, name and Master Server. Let’s use the Forward zone with actual domain name and IP Address of the primary DNS Server. For now we can leave the rest of the settings. should the primary DNS server use an encryption key this can be specified here.
At this point the Synology DNS zone is created and already importing data from the primary one. Let’s make sure the required firewall ports are open between primary DNS and Synology NAS.
In the Resolution tab it is possible to enable the name Resolution services including the ability forward DNS queries to external DNS by mean of Gateway addresses.
From the Log tab a quick view on the main activities with the option to filter and search for detailed ones.
And finally in the settings the option to configure logs, cache and TCP parameters.
After a few moments from initial synchronization the records in the Synology DNS server are already visible. From Zone Tab and then Edit let’s make sure the Start of Authority (SOA) record is available and correct.
From the same menu the wizard also show all the other DNS records synchronized.
Now that Synology DNS Server is configured and synchronized with primary DNS, let’s make sure the VMware vSphere Hosts are updated with this additional information. On each vSphere Host let’s enable the SSH Service and use a utility like putty to open a connection to the server. From there simply run a “dcui” command.
Let’s use the Configure Management Network context.
And finally add the new Synology DNS Server. When saving the configuration the ESXi Management Agents will be quickly restarted.
Next is to repeat the same steps on the other VMware vSphere Hosts and all other components using DNS.