Custom Synology Dynamic DNS

If you want to connect to your Synology NAS from outside your network you will probably utilize the Dynamic DNS (DDNS) feature that is built into the Control Panel. The problem with the built in DDNS is that the number of compatible providers is limited. You have two options to use your own domain and the DDNS features.

Option 1: Write your own Dynamic DNS endpoint #

This is an interesting solution as you can set a custom endpoint to set your DNS settings, but requires that your DNS provider have some sort of API or solution for you to programmatically update DNS records. If your DNS provider doesn’t have an API you can keep your domain hosted with your current provider, but move the nameservers to one that does. I like Cloudflare or AWS’s Route53 as they both have good API you can work with to make this easier.

I even went so far as to write a simple python Flask app to do this to get you started with updating Cloudflare records. You can check out my project over on Github.

Unfortunately I decided that I didn’t want to migrate to Cloudflare nameservers to get this to work and stick with Hover’s nameservers. They also do not have an easy to use API to update DNS records.

Option 2: Setup a CNAME #

This is probably the easiest solution, but not as durable. You are going to be utilizing the Synology DDNS and create a CNAME in your provider to the Synology DNS.

You will want to navigate in your Synology to Control Panel > External Access and go to the DDNS tab. In this tab you will want to add a DDNS new DDNS entry following the Synology instructions.

Take this new DDNS (mine is and set a CNAME record in pointing to this record.

You may have issues with your DNS Time To Live (TTL) being too long and your DNS not updating to the correct record. To avoid this as much as possible set the lowest TTL you can with your DNS provider.

To test that it is working you can use the dig command. The below is the output from when I ran the command:

$ dig

; <<>> DiG 9.10.6 <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11819
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;            IN  A

;; ANSWER SECTION:     300 IN  CNAME  240 IN  A

;; Query time: 182 msec
;; WHEN: Thu Feb 04 11:02:48 PST 2021
;; MSG SIZE  rcvd: 83

Securing your custom domain #

The next thing to do now that you have a custom domain setup is to make sure you can use HTTPS with the correct certificate. If you ignore this you will constantly see a certificate warning because the certificate doesn’t match the hostname.

The easiest way to do this is to use the LetsEnrypt certificate feature in your Synology Control Panel. Navigate in your control panel to Security > Certificate. You can follow the detailed steps in the Synology documentation.

I personally make the LetsEncrypt certificate the default for all connections.