Thanks Morten, It may not be the cleanest write-up, but to me was the nicest way as to avoid doing a majority of the work in a headless environment as I really dont like to keep SSH available on the NAS and the Tony Lawrence how-to didn't address the issue of the NAS not being able to talk to its own mcvlan. Now everything on my network runs through Pi-hole.
Only issue I encountered was that setting the DNS for the NAS to 192.168.100.2 didn't work. It would break quickconnect functionality and also couldn't connect to the docker repository. I fixed it by just setting the DNS for the NAS to 8.8.8.8 as it doesn't need adblocking anyways.
I had that issue when first trying this install. In your setup of the docker image did you make sure to set DNSMASQ_LISTENING: Local? Without it set to local pihole will not listen to the bridge interface you created and will only listen over the mcvlan which the host device is unable to do because of the security of a mcvlan.
Edit: If I remember later when I get home ill look into it further. One of my big requirements for running pihole on my NAS was that all network device had to use it.
For me this also did not work (defining 192.168.100.2 as DNS server). I did set DNSMASQ_LISTENING to local. Did you look into it further?
I havent had time to look at it but I definitely will tonight.
If you happen to be around your pihole could you try going to you pi.hole page and in the setup change it to listen to all interfaces and apply that to see if it works?
ok, I looked at this tonight.
I have to ask but did you make sure to add your docker image to both the pihole and pihole_bridge networks?
If so can you please look to see if listen on all interfaces is selected like below?
Resolving this issue so your Synology can use pihole is more then just your Synology. All of your docker containers use the same DNS as your Synology. This will also give you the ability to run cloudflared or other DNS docker images that your pihole can use. As you see from the picture above my pihole goes back to a cloudflared docker image.
Hello I am really happy that you evolved the Lawrence guide and I am happily going to follow it. But first I need to know if I can use it with my set up. In my case I use my own DNS that runs on a OpenWRT device with Secure DNS,DNSSEC, TLS 1.3 and Encrypted SNI. At the moment I just use custom DNS: 192.168.178.2 which is my OpenWRT that is hooked to my router modem 
Ok, some hours later I must say many thanks to Beefyfish!
Fish Software is always the best
Fact is, all works and I am very happy! Very easy set up and easy to follow. I only stumbled at the point where we had to map foldes/files.
I hat to create the folder structure first via FileExplorer or WinSCP and to create the emtpy file dnsmasq.q so I could choose it. I think the other map was a folder pihole.
As said setup works and pihole filters. I have set up pihole to use DNS on an OpenWRT device in my LAN that encrypts DNS and all is fine. Even hostnames are shown correctly in Pihole dashboard.
Also connecting my Android via Wireguard that also runs on the OpenWRT works and Pihole filers block !!!
Thats good to hear. I use DD-WRT as my dhcp and name server then conditional forwarding in pi-hole so it resolves all the names on my network from my DD-WRT router..
This is the first tutorial that works on my Syno Docker
Hi Beefyfish,
you wrote "All of your docker containers use the same DNS as your Synology. This will also give you the ability to run cloudflared or other DNS docker images that your pihole can use. As you see from the picture above my pihole goes back to a cloudflared docker image".
I tryed to use "cloudflared" (for DoH) and "cloudflare-dns-server" (for DoT) in the same way as you, but I can`t connect to the docker-containers.
What bridge oder docker-connection-gateway do you use with your cloudflared-container?
Thanks for your help an also many thanks for your guidance!
I used the visibilityspots/cloudflared image. The only thing you should have to do is make sure to select "Use the same Network as Docker Host" in the Advanced>Network tab when creating the image.
Then point your Upstream DNS to the IP of your NAS bridge with #5054 at the end for the port.
You may need to set it to port #54 now as the docker file is showing.
CMD ["/bin/sh", "-c", "/usr/local/bin/cloudflared proxy-dns --address 0.0.0.0 --port 54 --upstream https://1.1.1.1/.well-known/dns-query --upstream https://1.0.0.1/.well-known/dns-query"]
He either changed the port at some time or the shown dockerfile has an error. The easiest way to verify the port he has set is to export the docker settings and open the config file as it will show the CMD at the top.
Yeah, I`m done... Now it works great for me. I used the same IP as you for this DoH-Service (192.168.100.1, same setting on Syno+Docker). Cloudflared currently uses Port 5054.
... and again, a thousand thanks 
Good to hear. I update the post above because I wasn't specific with IP of NAS. The only way the macvlan can ever talk to the host is through the bridge that was setup. It has to due with securities in docker.
@Beefyfish thanks for this guide however followed it exactly and am getting:
Start container Pi-hole failed: {"message":"failed to create the macvlan port: device or resource busy"}.
Any ideas where I should be looking?
Thanks,
@Beefyfish I managed to get this installed in the end using this guide:
I am however curious to the benefits of your method (which I have tried and failed at) versus this? Any help appreciated
I setup like this to maintain pi.hole as the address for my pi-hole. Synology NAS will not give up port 80. The way I wrote it up it is almost like another computer on your network.
With the error you received I think you may have messed up an address while creating the macvlan or the network port. I dont know how your network may be setup so using the numbers provided in my write up are example addresses unless your network is like mine.
My domain is on 192.168.1.x and my synology is on 192.168.1.2, with gateway on 192.168.1.1
my macvlan is hence on 192.168.1.1/24 and IP range 192.168.1.3/32
Pi-hole_Bridge I have kept identical to yours, so in my mind looks to be right?
That would be correct. If you attempt to retry making it you have to make sure to delete the existing macvlan through the webui before retrying.
I do know that if you are using virtual machines or network interfaces it will effect if you should be using eth0 or another network port while creating the docker image.
Have tried this a few times, with slightly different settings. Same error everytime it looks to be port related but there is no setup for ports in this. I am also running tatulli and a couple of unifi controllers, see other networks in docker, but don't think they should conflict? Other than that my syno is pretty standard.
When you run command ip addr does it come up as eth0 or eth#. I know with open v switch enabled you would need to use ovs_eth#. Another thing that might change it is binding the ethernet ports if it is equipped with more then one port as Im pretty sure it creates a virtual port that binds the multiple ports together but I'm not 100% positive as I dont use that feature.