The general public bring to mind a NAS as a field that retail outlets backups, media, paperwork however undersells what a NAS can do when it’s already sitting in your community all day.A NAS is likely one of the few machines in a house lab this is in most cases powered on, hooked up by way of Ethernet, and strong sufficient to consider with small infrastructure jobs. That makes it a excellent position to run a personal DNS server.
The helpful phase is that DNS isn’t some summary undertaking carrier. Each and every telephone, computer, TV, container, and random sensible gadget in your community depends upon it earlier than the rest can occur. When DNS is treated by way of the router or an ISP by way of default, you in most cases get little or no keep watch over and virtually no visibility. Shifting it in your NAS adjustments that with out turning your own home lab right into a full-time process, and you’ll additionally block obtrusive junk, see which units are speaking an excessive amount of and create native names for inside services and products. For a device already working quietly within the nook, that could be a sensible use of {hardware} you already personal.
Why a NAS is a great position for DNS
It’s already working when the remainder of the community wishes it
DNS will have to run on a device that runs and runs and runs… a desktop isn’t excellent as it sleeps, reboots, or will get used for every type of items. A computer strikes round, and the Raspberry Pi works smartly, however now not everybody needs some other gadget and tool adapter. A NAS is in most cases other because it sits close to the router, remains on-line, and already has a set position within the community. Whether it is working OpenMediaVault, TrueNAS, Unraid, or a undeniable Linux set up, it may well in most cases run a light-weight DNS carrier with out noticing the additional load.
AdGuard House, Pi-hole, and Technitium DNS are all excellent possible choices. AdGuard House is continuously the very best for a easy house setup since the interface is blank, and the primary setup does now not ask an excessive amount of from you. You get dashboards, question logs, blocklists, upstream settings, and consumer statistics with no need to construct the entire thing from scratch. On OpenMediaVault, working it in a container makes the setup simple to stay cut loose the remainder of the NAS. You’ll be able to use their Podman plugin, however Docker would paintings in a similar way.
QuizOperating a personal DNS server in your NAS
Minutiae problem
Assume you realize DNS, NAS, and residential networking? Put your abilities to the check with those 8 questions.
NetworkingDNSNASPrivatenessHouse Lab
Right kind! DNS stands for Area Title Machine. It acts just like the web’s telephone e-book, translating human-readable domains like ‘google.com’ into IP addresses that computer systems use to be in contact.
Now not relatively — DNS stands for Area Title Machine. With out it, you would must memorize numeric IP addresses for each website online you sought after to discuss with as an alternative of handy domains.
What’s a number one benefit of working your individual personal DNS server at house?
Right kind! A non-public DNS server like Pi-hole or AdGuard House allows you to block advertisements, trackers, and malicious domain names for each gadget in your community — no per-device app required. It is probably the most robust house networking upgrades you’ll make.
Now not relatively. The massive win with a personal DNS server is network-wide advert and tracker blockading. Each and every gadget — together with sensible TVs and telephones — advantages routinely without having person apps put in.
What does NAS stand for in house networking?
Right kind! NAS stands for Community Hooked up Garage. It is a devoted record garage gadget hooked up to your own home community, permitting a couple of units to get right of entry to and proportion recordsdata centrally — and because it runs 24/7, it is best for internet hosting services and products like DNS.
Now not relatively. NAS stands for Community Hooked up Garage. Those always-on units are perfect for working background services and products like a DNS server as a result of they are already eating energy across the clock.
Which of the next is a well-liked open-source DNS sinkhole software repeatedly used on house networks?
Right kind! Pi-hole is likely one of the maximum well known network-wide advert blockers that purposes as a personal DNS server. In the beginning designed for Raspberry Pi units, it runs on just about any Linux-based machine — together with maximum NAS running programs.
Now not relatively. Pi-hole is the preferred open-source DNS sinkhole used on house networks. Nginx is a internet server, Plex is a media server, and WireGuard is a VPN protocol — all nice equipment, however none of them care for DNS filtering.
What’s the IP deal with of Google’s well known public DNS server?
Right kind! Google’s number one public DNS server is 8.8.8.8, with 8.8.4.4 as its secondary. Those are some of the most generally used public DNS servers on the earth, despite the fact that the usage of your individual personal server helps to keep your DNS queries off Google’s infrastructure.
Now not relatively. Google’s well-known public DNS deal with is 8.8.8.8. The deal with 1.0.0.1 belongs to Cloudflare, whilst 192.168.1.1 and 10.0.0.1 are not unusual personal router gateway addresses — now not public DNS servers.
Why would possibly privacy-conscious customers desire a self-hosted DNS server over a public one like Google DNS?
Right kind! Whilst you use a public DNS supplier, each area you glance up can also be logged and doubtlessly used for analytics or promoting. A self-hosted server helps to keep the ones question logs by yourself {hardware}, beneath your individual keep watch over.
Now not relatively. The core privateness advantage of self-hosting DNS is that your surfing queries keep by yourself {hardware} slightly than being logged by way of a 3rd social gathering like Google or your ISP. Notice that DNS encryption on my own does not encrypt your entire web site visitors.
What port does same old DNS site visitors use by way of default?
Right kind! DNS makes use of port 53 by way of default, for each UDP and TCP site visitors. UDP is used for many same old queries because of its velocity, whilst TCP is used for higher responses or zone transfers. Understanding this port is very important when configuring firewalls in your NAS.
Now not relatively. DNS operates on port 53. Port 80 is for HTTP internet site visitors, port 443 is for HTTPS, and port 8080 is a not unusual choice HTTP port. When putting in place a DNS server in your NAS, you’ll be able to wish to make certain port 53 is open and now not blocked by way of some other carrier.
Which NAS running machine from Synology permits customers to put in containerized apps like AdGuard House by the use of Docker?
Right kind! DSM, which stands for DiskStation Supervisor, is Synology’s proprietary NAS running machine. It helps Docker packing containers via its Container Supervisor app, making it easy to deploy DNS server device like AdGuard House or Pi-hole on a Synology gadget.
Now not relatively. DSM (DiskStation Supervisor) is the running machine made by way of Synology for its NAS units. TrueNAS, Unraid, and OpenMediaVault are all respectable NAS platforms, however they arrive from other distributors — TrueNAS from iXsystems, Unraid from Lime Generation, and OpenMediaVault as a neighborhood challenge.
Your Ranking
/ 8
Thank you for taking part in!
The setup is more practical than it sounds
A container and two folders are sufficient to start
For OpenMediaVault, the fundamental concept is to create chronic folders for AdGuard House, then run the container. The chronic folders subject as a result of you wish to have settings and logs to live to tell the tale container updates. A minimum Podman setup looks as if this:
mkdir -p /srv/packing containers/adguardhome/paintings /srv/packing containers/adguardhome/conf
Then run AdGuard House with Podman. In an actual setup, you will have to bind DNS to the real NAS IP, particularly if systemd-resolved already listens on native port 53.
podman run -d --name adguardhome --restart=continually
-v /srv/packing containers/adguardhome/paintings:/decide/adguardhome/paintings
-v /srv/packing containers/adguardhome/conf:/decide/adguardhome/conf
-p NAS_IP:53:53/tcp -p NAS_IP:53:53/udp
-p 3000:3000/tcp -p 8080:80/tcp
docker.io/adguard/adguardhome:newest
After that, open the setup web page at:
http://NAS_IP:3000
All the way through setup, stay the internet interface on port 80 within the container and DNS on port 53. For the reason that host maps container port 80 to port 8080, the dashboard turns into to be had at http://NAS_IP:8080.
That’s the fundamental set up, however the vital factor isn’t memorizing the command however working out the form of the setup: chronic information, DNS port 53, internet UI on a protected port, and the NAS IP utilized by shoppers.
- Logo
-
ASUS
- Wi-Fi Bands
-
6 GHz, 5 GHz, 2.4 GHz
- Ethernet Ports
-
1x 10G, 4x 2.5G
- Mesh Community Appropriate
-
Sure
Use undeniable upstream DNS first
Fancy DNS can wait till the fundamentals paintings
AdGuard House helps DNS-over-HTTPS and different encrypted upstream choices. They’re helpful, however I might now not recommend enabling them first all the way through debugging.
Forestall blaming your router for sluggish web, blame your DNS as an alternative
Shifting the DNS off my router solved my house community’s largest complications
Get started with undeniable upstream resolvers reminiscent of 1.1.1.1, 9.9.9.9, or 8.8.8.8. As soon as fundamental DNS works, you’ll transfer to DNS-over-HTTPS if you wish to have. This makes troubleshooting more uncomplicated as a result of you realize the primary downside isn’t certificates validation, bootstrap DNS, or an HTTPS factor within the container.
The most simple check is to invite your NAS DNS server immediately the usage of dig or nslookup:
dig @NAS_IP google.com
If it returns an ordinary resolution, AdGuard responds and the DNS server is up.
Then check a repeatedly blocked area and take a look at the AdGuard question log from the dashboard. If the log presentations the question and marks it as blocked, the machine is doing its process. You’ll be able to additionally use the dig command to check it. As an example, you take a look at one thing like doubleclick:
It resolves to 0.0.0.0this means that it’s getting blocked, and the server is operating correctly.
Putting in AdGuard House is simplest part the process. Your units should use it and the cleanest approach is to open your router’s DHCP settings and set the DNS server to the NAS IP. After units renew their DHCP rent, they will have to obtain the NAS as their DNS server routinely.
In case your router does now not permit customized DNS in DHCP settings, you’ll set DNS manually on each and every gadget.
Do not Improve Your NAS for Plex, Do This As an alternative
New pc > new NAS.
A small improve that makes NAS a part of the community’s keep watch over aircraft
Operating personal DNS on a NAS isn’t glamorous, however it is likely one of the maximum sensible house lab upgrades. It will give you visibility into community habits, reduces undesirable requests, and centralizes DNS keep watch over in a device this is already working.
This is the type of self-hosting I in my view like. Now not a sophisticated stack that wishes consistent care, however an invaluable carrier that quietly improves day-to-day use, and you’ll set it up as soon as, level your router to it, after which take a look at the dashboard when you wish to have to grasp what is occurring. Your NAS already sits there, powered on and ready. Let it do yet another process!
You almost certainly do not want a NAS: Why a DAS is best for most of the people
Now not offered on a NAS? Get a DAS as an alternative
