We value your privacy

We use cookies to personalize your use of our site. This includes third-party cookies for that we use for advertising and site analytics. See our Privacy Statement and Cookie Policy for more information on how we collect and use data.

Cookie Options
OK
Knowledge Center

Network & DHCP

A Synology Router enables you to manage local area networks (LANs) with great flexibility. Besides the basic LAN features such as DHCP and DoH, you can also have multiple local networks (i.e., VLANs – virtual local area networks), each of which can be configured with independent Wi-Fi and a variety of LAN settings.

This article shows you how to create local networks, set up DHCP servers, configure DHCP reservations, and manage various settings for LAN security and optimization.

Contents

Understand local network types

There are three types of local networks you can manage on your Synology Router, as listed below:

  • Primary network: The main local network set up by default. It is the only network whose Ethernet ports can be configured as trunk ports. Client devices can connect to it via Ethernet cables or wireless signals.
  • Guest network: A completely wireless local network set up by default. It allows you to provide visitors with Internet connectivity without granting them access to your private networks.
  • Custom network: A manually set up local network. It can be assigned both Ethernet ports or Wi-Fi names (SSIDs). You can create up to 3 custom networks on a Synology Router in wireless router mode (refer to this article to learn more about operation modes).

Create a local network

  1. Go to Network Center > Local Network > Network and click Create.
  2. Configure the following settings and click Next:
    • Network name: Fill in the name of your network in this field.
    • Local IP: Specify an IP address, e.g., 192.168.1.1. It will be reserved as the IP address of this network.
    • Subnet mask: Select a subnet mask, which determines the IP range of the network.
    • VLAN ID (VID): Enter a VLAN ID (Virtual Local Area Network Identifier) for this network. It is used to logically differentiate this network from other networks.
    • Allow managing Synology Router through this network (Optional): For security reasons, SRM can only be accessed from the primary network by default. Tick this option if you want to access SRM from this network.
    • Enable network isolation (Optional): If you tick this option, the communication between this network and other local networks will be blocked. For example, a device connected to this network will not be able to access files or devices on other networks hosted by your Synology Router. Please note that this option takes priority over firewall rules.
  3. Assign Ethernet ports to this network, and click Next.
  4. Set up a Wi-Fi name (SSID) for this network, and click Next.
  5. Check all information is correct on the summary page and click Apply. The local network will be created.

Note:

  • To prevent IP conflicts and Internet access failure, the Local IP should not be the same as that of your ISP modem.
  • To create a completely wireless network, please skip Step 3.
  • To create a complete wired network, please skip Step 4.

Edit a local network

To configure a local network depending on your needs, select the local network and click Edit at Network Center > Local Network > Network. You will see the following adjustable options:

General information

At the General tab, edit the following basic information for your local network:

  • Network name
  • Local IP: The IPv4 address of this network.
  • Subnet mask: The IP range of the network.
  • VLAN ID (VID): An identifier used to logically differentiate this network from other networks.
  • Allow managing Synology Router through this network: Tick this option if you want to access SRM from this network. This option is not available for the primary network because SRM can always be accessed from it.
  • Enable network isolation: If you tick this option, communication between this network and other local networks will be blocked. For example, a device connected to this network will not be able to access files or devices on other networks hosted by your Synology Router. Please note that this option takes priority over firewall rules.

Note:

  • The network names of primary network and guest network cannot be edited.
  • In wireless AP mode, the options Local IP, Subnet mask, Allow managing Synology Router through this network, and Enable network isolation are not available for the primary network and custom networks.

Ethernet ports

At the Ethernet tab, assign the network ports to your local network. Client devices can be connected to the network via these ports.

Note:

  • Features at the Ethernet tab are not available for the guest network.
  • To ensure the accessibility of SRM, Port 2 always belongs to the primary network.
  • Ethernet ports that are not assigned to custom networks will automatically become the ports of the primary network. To assign a port back to the primary network, you can revoke them from the custom networks.

Wi-Fi

At the Wi-Fi tab, configure the existing Wi-Fi SSIDs or create one for your local network. Refer to this article for more information about Wi-Fi networks.

IPv4 DHCP server

At the IPv4 DHCP tab, you can set up your Synology Router as a DHCP (Dynamic Host Configuration Protocol) server, which automatically assigns dynamic IP addresses to client devices within a local network. Follow the steps below to enable IPv4 DHCP server features.

Important: The features at the IPv4 DHCP tab are not available for a Synology Router in wireless AP mode.

  1. Tick Enable IPv4 DHCP server.
  2. Configure the following required options:
    • Start IP address: The first address in the IP address pool.
    • End IP address: The last address in the IP address pool.
    • Address lease time: Specify how long the IP addresses assigned by the DHCP server are valid.
    • Gateway: The device that routes packets between the local network and other networks. The default value is the Local IP of this network (refer to the section about the General tab).
    • Primary DNS: The primary DNS server that resolves domain name records for your local network. The default value is the Local IP of this network.
  3. Configure the following settings depending on your needs:
    • Secondary DNS: Enter the alternative DNS server of your local network.
    • Domain name: Enter the domain name of your local network. The DHCP "domain-search" option will appear on DHCP client devices.
    • Forward known DNS server: Tick this option to send the information of a known DNS server to client devices. If you tick this option and specify servers in the Primary DNS or Secondary DNS fields, the client devices will choose one of the following to be its DNS server: the primary DNS, the secondary DNS, and the Synology Router's DNS server (WAN).
    • Enable Web Proxy Automatic Discovery: Web Proxy Automatic Discovery (WPAD) allows client devices on your local network to automatically configure proxy server settings. Users of the client devices will not have to manually configure their browser proxy settings. Tick the checkbox and enter the link of your configuration file in the URL field to activate this option.

Note:

  • To prevent Internet access failure, please ensure the following:
    • The Local IP (at the General tab) and Gateway of your local network are identical.
    • The DHCP IP range (configured by the Start IP address and End IP address) does not overlap with your ISP modem's IP range.
  • If you have modified the subnet mask or gateway of your local network, we suggest unplugging the Ethernet cables from the network's LAN ports and plugging them in again to ensure Internet connectivity.
  • The DHCP server generates its list of available IP addresses from a hash table. This means that the addresses are not sorted in any particular order. Therefore, it's not possible to predict the order in which the DHCP server allocates IP addresses.

IPv6 DHCP server

You can get an IPv6 address and prefix from Network Center > Internet > Connection > IPv6 Setup with 6in4, 6to4, etc. With this information, you can enable the IPv6 DHCP server features for your local network.

Important: The features at the IPv6 DHCP tab are not available for a Synology Router in wireless AP mode.

  1. Go to the IPv6 DHCP tab.
  2. Tick Enable IPv6 and enter the required information in the following fields:
    • Prefix: Select a prefix of IPv6 address obtained from Internet > Connection > IPv6 setup.
    • IPv6 address: Specify the suffix for this network's IPv6 addresses. The default value is 1. We suggest remaining the value unchanged.
    • Primary DNS: The primary DNS server that resolves domain name records for your local network. This does not need to be set in Stateless mode (See Step 3).
    • Secondary DNS: The secondary DNS server for the devices connected to the router. This does not need to be set in Stateless mode (See Step 3).
  3. Select one of the following Router Advertisement (RA) modes:
    • Stateless mode: Allow devices connected to the router to automatically configure an IPv6 address without specifying IPv6 DNS servers.
    • Stateless DHCPv6 mode: Allow devices connected to the router to automatically configure an IPv6 address and obtain DNS information via DHCPv6.
    • Stateful mode: Allow devices connected to the router to obtain IPv6 address and DNS information via DHCPv6.

Advanced options

Choose your local network and click Edit > Advanced to configure the following settings:

  • Enable NAT: NAT (Network Address Translation) maps external IP addresses and ports with private IP addresses and ports. Tick the checkbox to activate this option.
  • Enable UPnP: UPnP (Universal Plug and Play) is a collaboration of protocols that allows a wide range of devices to be interconnected, both wired and wireless, and to work seamlessly with one another by establishing network services. Tick the checkbox to make client devices establish connections through UPnP on the local network. You can also click on UPnP Client List to view the current UPnP clients.
  • Enable IGMP snooping: IGMP (Internet Group Management Protocol) is a network layer protocol used to keep records of multicast group memberships. Enabling this option allows your Synology Router to snoop on IGMP messages and thus prevent network floods.
    • IGMP membership timeout: Specify how long your Synology Router waits for IGMP queries before removing a multicast group from its cache table.

Configure VLAN tags

At Network Center > Local Network > Network > VLAN Tag, you can see how traffic from each port is tagged with VLAN tags (VIDs), allowing you to configure managed switches or other devices that require VIDs. There are two types of tagging status:

  • Untagged: This status is displayed when the Ethernet port belongs to a specific local network (i.e., VLAN). Frames transmitted over this port will be untagged from the local network.
  • Tagged: This Ethernet port can carry frames tagged with the VID of this local network even if it belongs to another local network.

To enable auto trunking:

Trunk ports carry network traffic for multiple local networks (i.e., VLANs). They can be connected not only to network switches for VLAN purposes, but also to Wi-Fi points.

SRM supports auto trunking, which automatically turns your Synology Router's Ethernet ports into trunk ports when they are assigned to the primary local network. To enable it, please follow the steps below:

  1. Go to Network Center > Local Network > Network > VLAN Tag.
  2. Click Configure VLAN Tag.
  3. Select the Ethernet ports for which you wish to enable auto trunking. There are two types of results after you enable auto trunking for the ports:
    • Trunk port: The Ethernet port that can transmit traffic for multiple VLANs. It is used for the connection to a network switch or a Wi-Fi point.
    • Access port: The Ethernet port that can only transmit traffic for the VLAN it belongs to. This type of port can only be connected to end devices.
  4. Confirm the settings and click OK.

Note:

  • Only ports belonging to the primary network can be configured as trunk ports.
  • If you have Wi-Fi points connected via Ethernet or managed switches requiring VIDs, please make sure the ports connected to them are trunk ports.

Manage shared LAN settings

At Network Center > Local Network > Network > Advanced Settings, there are several options shared by all local networks:

  • Automatically change LAN IPs when detecting conflicts with the WAN subnet: The WAN (Wide Area Network) subnet stands for where your Synology Router's outgoing network interface is located. Tick this option to avoid IP conflicts between your local networks and the WAN.
  • Enable DoH (DNS over HTTPS): DoH ensures that DNS queries are sent over an encrypted connection for increased security and privacy. Tick this option and select Cloudflare or Google in DoH server URL. You can also enter the URL of your preferred DoH server into the field.
  • Enable multicast DNS relay: This option allows finding AirePlay/Chromecast devices across local networks. When enabling this option, make sure that network isolation is disabled on your target networks.

Note:

  • DoH is not available if the DNS Server package has been installed.

Manage DHCP clients

At Network Center > Local Network > DHCP Client, you can see a list of DHCP clients and their properties. If you want a client to always receive the same IP address during DHCP lease renewal, select the client and click Add to Address Reservation. Alternatively, you can follow the steps below.

To add a client from the DHCP reservation list

  1. Go to Network Center > Local Network > DHCP Reservation.
  2. Click Add.
  3. Specify a client's MAC address, hostname, and the IP address you want to assign to the client.
  4. Click OK to save your settings.
Understand local network types
Create a local network
Edit a local network
Configure VLAN tags
Manage shared LAN settings
Manage DHCP clients