-
Notifications
You must be signed in to change notification settings - Fork 485
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] We need another DNS approach for [Synology] systems. #1983
Comments
@bcmmbaga Hop in now that you are on fire :P |
Hello @zzecool thanks for reporting this issue. Can you test using user space mode? If you are on DSM 7.0+ you can do that by using the following commands: sudo mkdir -p /etc/sysconfig
echo 'NB_WG_KERNEL_DISABLED=true' | sudo tee -a /etc/sysconfig/netbird
sudo systemctl restart netbird |
@mlsmaycon Yes here you are : 2024-05-22T18:52:59+03:00 INFO client/internal/connect.go:115: starting NetBird client version 0.27.7 on linux/amd64 2024-05-22T18:53:00+03:00 ERRO client/firewall/create_linux.go:48: failed to create iptables manager: failed to list rules in FORWARD chain: running [/sbin/iptables -t filter -S FORWARD --wait]: exit status 1: iptables: No chain/target/match by that name.
|
@zzecool can you try adding a default nameserver in the NetBird's dashboard? As the detected DNS mode was file, it won't resolve DNS queries without one. |
I have a dns for this node in the Web management interface. The dns is up and running fine. It is on the same machine that netbird is running on port 53. |
in that case, you can add one of the node's local IPs as a nameserver and distribute it to a group that only contains the Synology node. |
in that case, you can add one of the node's local IPs as a nameserver and distribute it to a group that only contains the Synology node. This is exactly what i have. On the web interface for this node group the DNS is the 10.0.0.50 and this is inside the node : Its ip address just to be clear
The resolv test :
|
Maybe this is the problem that after this rule i have cloudflare for ALL ? Does the first rule matched have higher priority and used or not ? Thanks |
Could be. The peers in the personal group might be using the cloudflare addresses. Just to confirm, your Synology is part of the |
Yes its part of the personal group. |
ok, to validate the setup try limiting the cloudflare configuration to another group. |
Yeap that did the trick. So the first matched rule is getting ignore and replaced, you have to consider if this is what you want, as most ppl we are used to the iptables way priority of rules.
Removing the /etc/sysconfig/netbird breaks everything again. So now that your install.sh script detects Synology just fine, please add the creation of /etc/sysconfig/netbird file :D
We are making progress :D |
@zzecool can you confirm that this local resolver, 10.0.0.50#53, comes with every Synology by default? |
Nope this is a DNS that im personaly running on this machine. |
Okay, in that case, it is better not to default to userspace mode just yet, as it may affect other users. We will look into the masquerade issue and then make a decision. Thanks for validating this. |
Can you think any other way to make this work in kernel space while having another DNS running in the same machine ? |
In Synology the current DNS implementation fails like this if you have a DNS running localy :
The local DNS is listening in all available addresses for that we need a DNS that will listen in a different port but not with the current implementation as it is not supported.
You guys are active, so we are very close to make Netbird fully supported in Synology.
The text was updated successfully, but these errors were encountered: