Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FR: Add DNS config support for Synology DSM7 #3602

Open
kcgthb opened this issue Dec 21, 2021 · 11 comments
Open

FR: Add DNS config support for Synology DSM7 #3602

kcgthb opened this issue Dec 21, 2021 · 11 comments
Labels
dns fr Feature request L3 Some users Likelihood OS-linux OS-synology Synology NAS devices P2 Aggravating Priority level T5 Usability Issue type

Comments

@kcgthb
Copy link

kcgthb commented Dec 21, 2021
edited
Loading

What is the issue?

Using Tailscale 1.18.2-2015 on DSM 7.0.1-42218, there seem to be an issue writing the /etc/resolv.conf file, when SmartDNS is used.

# tailscale status
# Health check:
#     - dns: writing to "/etc/resolv.pre-tailscale-backup.conf" in rename of "/etc/resolv.conf": open /etc/resolv.pre-tailscale-backup.conf: permission denied   
[...]

Steps to reproduce

No response

Are there any recent changes that introduced the issue?

No response

OS

Synology

OS version

DSM 7.0.1-42218

Tailscale version

1.18.2

Bug report

BUG-eec526fd617b286ee8b5e696d6b78c5b247fc0d64eead2b7845266145c8a9855-20211221144231Z-b1d2a4067be6e233
@DentonGentry
Copy link
Contributor

If you want to use Smart DNS from Synology and have the machine be reachable via Tailscale, starting it with:
tailscale up --accept-dns=false
would likely work. The Tailscale DNS features like Magic DNS won't work, but connectivity would.

I don't think we have a way to make both Smart DNS and Magic DNS work simultaneously, at least not yet.

@kcgthb
Copy link
Author

kcgthb commented Dec 21, 2021

And now I realize I wrote SmartDNS when I really wanted to say MagicDNS 😁

I (want to) use Tailscale's MagicDNS, no SmartDNS is involved at all, sorry for the confusion.

To use MagicDNS, I assume that the Synology's /etc/resolv.conf needs to be updated to add the ...tailscale.net domain and 100.100.100.100 resolver, right? I guess that this is what causing the error message, because of insufficient permissions?

@DentonGentry
Copy link
Contributor

Could you paste the output of ls -l /etc/resolv.conf on the Synology device?
If it is a symbolic link, please also ls -l the link target.

@kcgthb
Copy link
Author

kcgthb commented Dec 21, 2021

It's a plain file (no symlink), here are the permissions:

# ls -l /etc/resolv.conf
-rw-r--r-- 1 root root 182 Dec 21 10:11 /etc/resolv.conf

Thanks!

@bradfitz
Copy link
Member

I don't expect this to ever work on DSM7 where we don't run as root. AFAIK there's no API for us to change it as our non-root user.

If you use the SOCKS5 proxy for outgoing connections it'll do its own name resolution.

I assume you enabled TUN mode? Ah, yes, I see you did.

You could manually change the Synology DNS server to 100.100.100.100 but then Tailscale wouldn't know where to forward on non-Tailscale queries to unless you specified a global DNS server in your Tailnet config. Perhaps we need a node-local way to specify that.

@bradfitz bradfitz added dns OS-synology Synology NAS devices labels Dec 21, 2021
@DentonGentry DentonGentry added L3 Some users Likelihood P2 Aggravating Priority level T5 Usability Issue type and removed needs-triage labels Jan 2, 2022
@DentonGentry
Copy link
Contributor

1.22 added a tailscale configure-host command which can be run at each boot. I don't know if it addresses /etc/resolv.conf.

@DentonGentry DentonGentry changed the title Synology / DSM7 : permission issue writing /etc/resolv.conf FR: Add DNS config support for Synology DSM7 Aug 5, 2022
@DentonGentry DentonGentry added fr Feature request and removed bug Bug labels Aug 5, 2022
@DentonGentry DentonGentry mentioned this issue Aug 27, 2022
Closed
@DentonGentry
Copy link
Contributor

Mentioned in #4017 (comment)

The Synology CLI Administrators Guide mentions:

synonet {--set_dns} dns

But the description is:

Manually assign DNS server when all the network adapters are set to Manual IP.

@jimmybrancaccio jimmybrancaccio mentioned this issue Oct 9, 2024
Closed
@pjdubya
Copy link

pjdubya commented Oct 15, 2024

Thanks @jimmybrancaccio for pointing out this ticket. To folks who have weighed in so far, I've tried on DSM7.2.2 the following suggestions with the results as noted (all as root):

  1. tailscale configure-host
  • No impact on /etc/resolv.conf or ability to successfully resolve TS node names
  1. tailscale configure synology
  • Same results as (1)
  1. synonet --set_dns 100.100.100.100
  • /etc/resolv.conf content is replaced with "nameserver 100.100.100.100" (previous nameserver 192.168.1.1 no longer present). TS node names resolve normally, as do all global DNS attempts, as well as local DNS managed at my 192.168.1.1)
  1. Manually updating /etc/resolv.conf to
nameserver  100.100.100.100
nameserver  192.168.1.1
  • Same results as (3).

I am not clear on how nslookup was able to resolve global DNS and local DNS entries (which is not something this NAS is managing) when only 100.100.100.100 was present. My TS DNS configuration is to override local DNS with:

  1. 100.100.100.100 (Magic DNS)
  2. 192.168.0.1 (Split DNS for one local domain only)
  3. 1.1.1.1

Is 100.100.100.100 somehow able to access my account-specific configuration? I figured that for this to work, all rules would have to be written into /etc/resolv.conf , but that doesn't seem to be the case. If not, is the solution here to simply force our DSM7 boxes to use 100.100.100.100 when running Tailscale (either through synonet --set_dns or in the Synology control panel)?

@pjdubya
Copy link

pjdubya commented Oct 15, 2024

Just to cut to the chase for anyone else that is looking for a quick solution, this is what is working for me now so you may give it a try:

  1. Configure your https://login.tailscale.com/admin/dns settings as needed for your local network, including the option to override local DNS.

  2. Modify the task you run at NAS boot to look like this (only the first line is new as you would have already had the second line per https://tailscale.com/kb/1131/synology):

synonet --set_dns 100.100.100.100
tailscale configure-host; synosystemctl restart pkgctl-Tailscale.service

@IcarusR
Copy link

IcarusR commented Oct 19, 2024

@pjdubya thanks for the solution. I was close, what I missed was synonet --set_dns adding this to /etc/resolv.conf manually did not work for me. Also have to add search tailb11111.ts.net to /etc/resolv.conf in order for local net resolution to work.
So all seems good at present. Thanks

@r3mi r3mi mentioned this issue Oct 24, 2024
Open
@starkej2
Copy link

starkej2 commented Dec 4, 2024

@pjdubya Thanks, your solution worked great for me! I've been struggling with this issue for a few months 😩

Do you know if the synonet --set_dns 100.100.100.100 essentially do the same thing as setting the Manually configure DNS server to 100.100.100.100?

SCR-20241203-qncb-2

and if that's doing the same thing, why do we need to run that task at NAS boot? Is there something that changes that configuration upon reboot? 🤔

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dns fr Feature request L3 Some users Likelihood OS-linux OS-synology Synology NAS devices P2 Aggravating Priority level T5 Usability Issue type
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@bradfitz @kcgthb @DentonGentry @starkej2 @pjdubya @IcarusR