Synology SRM DNS Server problems

19 Dec 2021 12:11 dns synology-srm

While messing around with my k3s cluster, I decided that I needed a DNS server. I tried the Synology DNS Server.

That is: in order for addresses like docker.k3s.differentpla.net to work, I need a DNS resolver, and it needs to be one that the rest of my home network can use. So I installed the DNS Server package on my Synology router. This is the default DNS server for everything, so adding a new zone to it should be an easy way to get everything talking.

This morning, I couldn’t ssh from my Windows laptop into the k3s controller. Initially I blamed WSL, but – as usual – it’s always DNS.

Overnight, the cached addresses had hit their TTL and expired, meaning that my laptop went back to the DNS server. This returned NXDOMAIN.

What broke?

Before installing the DNS server, Synology SRM uses dnsmasq for both DHCP and DNS, meaning that host names are implicitly registered in DNS whenever they request a DHCP lease.

After installing the DNS server, SRM uses named (i.e. BIND) for DNS, and host names are not implicitly registered in DNS.

I fixed it by uninstalling the DNS Server package, and things were back to normal more or less instantly. It still leaves me with the original problem: publishing k3s services in DNS.

Options

After briefly scratching my head, I’ve identified a number of options:

  • I was expecting dynamic DNS updates to happen.
    • Can I persuade dnsmasq to tell the DNS server about DHCP clients?
      • This is my preferred option, but I can’t find a setting for it.
    • Can I persuade the clients to tell the DNS server themselves?
      • There’s a dnsmasq option, --dhcp-client-update which is off by default.
      • Can I enable it in SRM? It’s not in the GUI, but editing the config file would probably work.
  • Similarly, can I let dnsmasq continue to think it’s the primary for the “home” zone, and set up BIND as the secondary?
    • Seems a bit … fragile, but maybe it would be fine.
  • dnsmasq has the --addn-hosts=<file> option. I could probably use that to add the extra hosts.
    • I’d need to add them manually, but I guess I’d need to do that anyway.
  • dnsmasq has the --server=/<domain>/<server>#<port> option, which allows you to specify a DNS server for specific domains.
    • I could use that to point .k3s.differentpla.net queries to an alternate DNS server.
    • If I wanted to use Synology’s DNS server, I could install it elsewhere (e.g. on my DS211 which is already connected to the cluster) and use it with this setting.
    • Maybe I can register services in CoreDNS, and use it with that?

For now, I think I’ll use the --addn-hosts=<file> setting. I might investigate CoreDNS at some point.