support for multiple zones

[sanktnelson]

Hi all, this script has been working flawlessly for me for quite some time. Unfortunately my requirements have now changed and I would like to update dns-records for multiple zone on multiple subnets. I have a router which provides the networks on different interfaces and dhcp relays so the synology can give out leases. That part works fine. My setup looks like this: fw eth0: WAN fw eth1: 192.168.0.1/24 with synology at 0.205 as DNS/DHCP, domain: intern fw eth2: 192.168.10.1/24 domain: lan2.intern fw eth3: 192.168.20.1/24 domain: lan3.intern

the synology gives out dhcp leases from the correct ranges to the correct interfaces. is there an easy way to adapt the script to update different zone files according to the IP of the client? maybe just run multiple instances of the script, one for each zone, with different settings files? Cheers!

[gclayburg]

There probably is a way to make something work. If you find something that requires changes to the script, I'll accept a PR that makes sense. Maybe someone else has an environment like this?

[Hemsby]

I need this also - any help in getting this achieved?

[sanktnelson]

I ended up using another device as DNS which is able to do this out of the box, so I didn't try to get it to work. But from a short glance at the script it's probably easiest to run one instance for each zone and only add a configurable range of addresses to react to to the script.

[sw2828]

I have the same issue. I have multiple reverse zones that I'd like to have dynamically updated. I found that this script only updates the reverse zone that is first in the file. If anyone has figured this out, can you please share? - Thank you.

[sw2828]

Does anyone have a solution for this? Would be great to update DNS on multiple DHCP zones.

[dougmeek]

@sw2828 for clarification, what exactly are you trying to achieve?

DHCP on Synology allows for multiple IP subnets to be configured for DHCP, but it's limited in many ways. For instance, the DHCP server configuration only allows you to set DNS servers and DNS domain once. Basically per-subnet you cannot set the DNS name and DNS server dynamically using the Synology package. Personally, I'd really like to see that improved on the Synology-side, but I digress.

Considering that you only have one DNS domain for all DHCP clients, I would recommend only running one reverse zone as well. In my case, I use 10.0.0.0/8 on my network, but I subnet that as required. For my reverse zone, and subsequent configuration of this script, I just use: 10.in-addr.arpa

This works fine and manages clients from the entire /8 no matter what subnet I have them on. If this doesn't fit your use-case, I'd suggest probably going with a more robust solution. I'm seriously considering building a docker container or VM that does my DNS/DHCP and ditching the Synology package entirely due to these limitations. It would be really nice to set the DNS domain and DNS servers per subnet.

[sw2828]

@dougmeek , Thank you for your quick reply. I am familiar with the limitations of the Synology software, specifically the dynamic DNS update. I have submitted a feature request to Synology for this and was told it's not on their roadmap. I'm very surprised that this is not a standard function. I would hope that others that have a need for this functionality would also submit a feature request so that Synology sees the need for this simple, basic functionality. I have thought of moving off Synology for this reason, but they do have many other nice features that I don't want to leave. Plus, we have them integrate in many of the services we use, so it would be tough.

Anyway, I like the idea of using one reverse zone (10.0.0.0/8) as you mentioned. Not sure why I didn't think of that. When I have some time, I will try to migrate it over as you suggested.

Thanks again. I really appreciate your feedback. Have a great day.

[dougmeek]

@sw2828 you're welcome.

Yeah it doesn't at all surprise me that improving DNS/DHCP isn't on their road map. They're still using a Python 2 package to run a bunch of services. I'm more surprised that they haven't had a huge zero day CVE.