This will be an article of all the quick tips that I think users need to remember when it comes to using your Synology products. I will be adding more over time, and you are welcome to contribute in the comment section below.
1# RAID is not backup!
Most (first) time users confuse RAID with backup. RAID is not backup. End of discussion. RAID is only a way to have your data accessible in case one or more members of your array stops working. That's it.
If you have a RAID1 (mirror) array with two drives, that doesn't mean that they are backup of one another, it only means they will maintain the same data just in case that one of those two drives dies (and they will).
So, be sure to not think that data on your NAS is automatically backed up if it's living on some sort of RAID array. If that data is just on that array and not on your computer for example, then it's not a backup. It is still on a single device that can die horribly in a fire, regardless of the number of drives that it has. Then what will you do?
2# Backup your backup
Not something that most users think about when it comes to backup. If they start to back up their data in the first place that is already a win but backing up that backup, is something most users don't do.
It would be best to have a backup of your backup because what will you do when your backup becomes inaccessible for any reason?
If you want proper backup then follow the 3>2>1 backup rule. 3 copies of your data > on 2 separate media types (NAS, tapes, DVDs, etc) > and 1 of them should be offsite (family home, car, office, cloud, etc).
3# Minimum privileges for your users
As much as it's great to have a NAS unit that you can share with your friends and family, it can also become dangerous in terms of what those users can do with apps, services, and data that is being hosted on that device.
Give all your users (that does include you!) the least minimum permissions that are needed to perform all the tasks.
If you end up giving everyone full permissions you will end up in trouble. More detailed info in my Syno 101 series.
4# "+ over J"
This might not be clear of the bat, but if you are unfamiliar with the Synology NAS lineup, all of their models have a suffix at the end of their name that will tell you what "class" the device belongs to.
For example, DS220j, DS220+, DS418play, RS3621xs+, etc.
Without going into details, best to consult the Synology site for details when it comes to models, but what I wanted to say was that a first-time buyer might aim high when it comes to apps and services and in the end get a NAS from the wrong class that on paper, can do the tasks, but not that well.
Bottom line is, be very clear about what you want your NAS to do and can that specific model cope with all that demand. IMHO, even if you are getting a first NAS for your humble needs, try and get a "+" model. There is nothing wrong with the "J" (entry) model lineup, but you need to be aware of the limitations.
5# Plan your array configuration
Once you get your NAS and you start to configure it, one of the first things that you will need to do is configure your drives in a potential RAID array.
NOTE: Keep in mind that you don't have to configure your drives as part of an array, it is just an option.
Review the space that you need, the number of drives and the fact will you mix the drives (capacities) or not. Also, be sure to mind the fact if you will migrate later on to a model that does not support Synology SHR array type!
Best to use Synology RAID calculator as a start point.
6# Cearful with hardening
As much as it is important to harden your NAS as much as possible, be sure not to lock yourself out of it or prevent access in case your "main" access route is not accessible for any reason.
If you access your NAS remotely this is particularly important because there could be several reasons that your access will not work (ISP provider, firewall, remote location network policies, etc). It is because of that important to allow yourself access to be mindful when it comes to "locking your NAS down".
Consult the Security and access article on most of the options that you can use to harden your NAS and access it.
7# Stay up-to-date and read the release notes!
Maybe this one should be higher up the list, but there is no right or wrong here, staying up-to-date is imperative today, especially if you are exposing your NAS to the Internet.
Be sure to READ the notes before you apply the patch, and also, remove the auto-patch option for DSM and the apps. This will save you a ton of problems if they do happen as a result of a bad patch. Keep in mind that as much as staying up-to-date is important, it is best to do it on your terms.
8# Configure a static IP address for your NAS
Once you start using your NAS it would be good if you could fix its LAN IP address to a static value to avoid your NAS "floating" around your network.
Considering that the NAS device is a server it would be best to have it anchored to a specific IP address then to look for it around the network from time to time.
Be sure to set these values in Control Panel > Network > Network Interface > LAN adapter
9# Change default DSM ports (5000/5001)
By best practice, you should change your default DSM ports from their current values of 5000/5001 (HTTP/HTTPS) to some other custom ones.
Especially if you are publishing your NAS on the Internet. Go to Control Panel > Network > DSM Settings.
10# Avoid installing 3rd party apps from the package center if you can
There is a large number of apps and services that your NAS can run. Most of them are installed and maintained via the Package Center. With Synology's policy and way of thinking, you might want to consider not installing any none Synology app from the package center.
The reason is that Synology is on a path to terminate more and more 3rd party apps from their Package center. If you depend on any of them it would be smart to start looking for an alternative in terms of running those same apps on your NAS via the Docker platform.
This will not work for anyone, because Docker is not supported on all models and it will depend on your current NAS CPU if you can, or can't run it.
Another reason to check QT 4# "+ over J" to reevaluate your choice for a smart long-term purchase.
11# Disable 2FA via SSH
As much as 2FA (second-factor authentification) increases security, you could get into trouble if you can't get past it.
It can fail for any number of reasons (not often or at all for some people), for example, time and date being out of sync, maybe you forgot your mobile device, maybe mobile device has failed, etc.
One way to get logged back into DSM (unless you have an account that is in the admin class and has no 2FA (bad move btw), you will have two options.
- reset your NAS login and network parameters (so called reset stage 1)
- disable 2FA via SSH (you need to have SSH access to your NAS for this to work)
Log into your NAS via SSH and go into root mode with
sudo -i. Then perform these two operations:
cd /usr/syno/etc/preference/<yourAccountName>/ mv google_authenticator foogle_authenticator
You will move into the user folder with the
cd command and remove the 2FA with the second
mv command. Now you can log into your NAS and fix the cause of the problem.
12# Not every NAS is a PLEX server
This one ties a bit onto No.4 in the list but still, I wanted to point it out.
Media streaming is very popular nowadays, and with so much storage and power in some of these models, it is no wonder that people want to use them for their PLEX servers.
Keep in mind that not all NAS models are good for this role and some might need a Plex Pass subscription to be in the "valid" category. Also, AMD-powered NAS models are not a good buy if you intend to stream via PLEX.
Consult before you go into buying one of these devices for the sole purpose of streaming.
13# Keep your NAS time and date up-to-date
From time to time you might get into trouble if your NAS time and date are not up to date.
For example being unable to log in if you have 2FA active, or maybe that your apps are unable to be updated from the Package Center. The reason for this is that if your NAS is too much out of sync it will not work with one-time password mechanisms or be able to pull new app versions from the HTTPS locations where a valid certificate is active.
If your NAS is requesting that information from any point in time (too far into the future, or way back from the past) other than the current, up-to-date, your will start to have problems.
Control Panel > Regional Options is the place to go. Double-check time zone and time settings and be sure to hit that Update now button.
14# Use FQDN and port number with Synology mobile apps
If you are running your Synology apps over a reverse proxy setup on a custom domain name, you might get into trouble while accessing your services using Synology mobile apps.
Even though apps have an option to select the protocol you are using (HTTP/HTTPS), and you are using the default 443 port, you still might not be able to log into your services using those apps.
The problem is simple, you need to use your FQDN format AND port number even if that port number is a default HTTPS 443.
Something like this:
15# Elevate to root permissions via SSH
In case you need to elevate your account to root level via SSH use the following command:
As I said at the beginning, there will be more tips coming along, and all of you are welcome to add your QT in the comment below that you think would be worth mentioning. Something that you wished you knew before you got into all this NAS business?
16# Limitations when expanding your RAID array
At some point you will have to expand your pool or volume and you might want to consult the following link for details on that.
The main point here is that you will have probably one of two situations:
SHR volume (SHR or SHR2)
Conventional RAID volume (RAID0,1,5,6,10...)
Depending on those two options bare these informations in mind!
For SHR: The capacity of the drive you intend to add must be equal to or larger than the largest drive in the storage pool, or equal to any of the drives in the storage pool.Example: If an SHR storage pool is composed of three drives (2 TB, 1.5 TB, and 1 TB), we recommend that the newly-added drive should be at least 2 TB for better capacity usage. You can consider adding 1.5 TB and 1 TB drives, but please note that some capacity of the 2 TB drive will remain unused.
For RAID 5, RAID 6, or RAID F1: The capacity of the drive you intend to add must be equal to or larger than the smallest drive in the storage pool.Example: If a RAID 5, RAID 6, or RAID F1 storage pool is composed of three drives (2 TB, 1.5 TB, and 1 TB), then the capacity of the new drive must be at least 1 TB.
17# There is no DSM downgrade
In case you were wondering, no you can't. You can't officially downgrade the DSM version. If you jumped on a new version of DSM and you want to downgrade for whatever reason, forget it.
Well, that's not completely true, but keep in mind that there are unsupported ways to bring your NAS back to previous versions, just remember, do that at your own risk!
Read up a bit on the process first, before trying it, just so you are clear on what needs to be done.