Epis Technology: Advanced Synology Data Protection

How to Sync Data Between Multiple Synology NAS with Synology Drive

Keeping multiple Synology NAS in sync across offices, homes, or data centers requires more than copying files on a schedule. With Synology Drive Server and Synology Drive ShareSync, we can build a real-time, policy-driven data fabric that stays consistent across locations while respecting permissions, bandwidth, and security requirements. 

Why Use Synology Drive for NAS-to-NAS Sync?

Synology offers several ways to move data between NAS:

• Synology Drive Server + Synology Drive ShareSync for near real-time, one-way or two-way sync of Team Folders between Synology NAS. 

• Shared Folder Sync (rsync-based) for scheduled, one-way replication of shared folders. 

• Hyper Backup & Snapshot Replication for backup and point-in-time recovery, not live sync.

For scenarios such as distributed teams, branch offices, or off-site mirrors where we want live, file-level consistency between Synology NAS, Synology Drive ShareSync is the recommended solution. 

Architecture Overview: Drive Server, Team Folders, and ShareSync

A proper multi-NAS design with Synology Drive includes three core components:

1. Synology Drive Server
   Installed on each NAS via Package Center; provides Drive services and manages Team Folders.

2. Synology Drive Admin Console (Team Folders)
   We enable existing shared folders as Team Folders to make them available for Drive and ShareSync. The official docs explicitly require that the shared folders we wish to sync are enabled as Team Folders in Synology Drive Admin Console → Team Folder. 

3. Synology Drive ShareSync
   Installed automatically alongside Synology Drive Server, this component runs on the “satellite” NAS and connects to a remote Drive Server to synchronize Team Folders in near real time, supporting one-way or two-way sync. 

Conceptually:

• One NAS acts as the primary Drive Server hub (though any NAS running Drive Server can host Team Folders).

• Other NAS units connect via Drive ShareSync, pulling, pushing, or bi-directionally syncing selected Team Folders.

Recommended Topologies for Multi-Site Synology Sync

We typically choose among three patterns:

1. Hub-and-Spoke

   • One central NAS (primary Drive Server)

   • Multiple branch NAS units using ShareSync

   • Ideal for regional offices, multi-branch organizations, or central archive + remote working sets.

2. Bidirectional Pair

   • Two NAS units (e.g., head office and DR site)

   • Two-way ShareSync on one or both ends

   • Suits collaboration where both sites actively create and modify data.

3. One-Way Offsite Mirror

   • Production NAS → off-site NAS over VPN or QuickConnect

   • Download-only sync on the remote side for “warm standby” or secondary read-only access.

Prerequisites and Planning Checklist

Before creating sync tasks, we ensure:

• Compatible DSM and packages

  • Both NAS devices run a supported DSM 7.x version.

  • Synology Drive Server is installed from the Package  Center on each participating NAS. 

• Administrative access

  • We sign in using an account in the administrators group when creating ShareSync connections. 

• Shared folder layout

  • Shared folders are clearly defined (e.g., /Projects, /Archive, /Media), with appropriate permissions.

  • Only folders that truly need cross-site sync are selected as Team Folders.

• Network connectivity

  • LAN, site-to-site VPN, or secured internet connectivity (QuickConnect or port forwarding).

  • DNS entries or static IPs/FQDNs for each NAS, to ensure stable addressing.

• Security posture

  • HTTPS is enabled on DSM.

  • 2-factor authentication is enforced for admin accounts.

  • Firewall rules and VPN are considered when syncing over the internet.

Step 1 – Prepare and Harden Both Synology NAS

1. Update DSM and Packages

We start by updating:

• DSM to the latest stable release.

• Synology Drive Server package on each NAS.

• Any underlying storage or network packages that might affect performance or security.

Staying current ensures compatibility with new Synology Drive features and security patches. 

2. Create or Confirm Shared Folders

From Control Panel → Shared Folder:

• Create or review folders for:

  • Production data (Projects, Finance, HR, etc.)

  • Collaboration workspaces (Teams, Departments)

• Confirm that:

  • Each folder uses the desired filesystem.

  • Quotas and recycle bins are configured as needed.

  • Permissions reflect least-privilege access.

3. Define a Service Account (Optional but Recommended)

Rather than using the admin account for ShareSync, we often:

• Create a dedicated user, e.g., drive-sync-svc.

• Add it to an admin-equivalent group.

• Grant it read/write permissions only to the Team Folders that must be synchronized.

This makes auditing and security management simpler.

Step 2 – Install Synology Drive Server and Enable Team Folders

On every NAS that will participate as a Drive node:

1. Open Package Center.

2. Search for the Synology Drive Server and install it.

3. After installation, open Synology Drive Admin Console.

In Synology Drive Admin Console → Team Folder:

1. Locate each shared folder that should be synchronized.

2. Click Enable on that folder to convert it into a Team Folder. 

3. Configure:

   • Versioning: number of versions and rotation policy.

   • Recycle Bin settings (if applicable).

   • Indexing behavior for improved search and Drive performance.

The Knowledge Center specifically states that the shared folders we wish to sync must be enabled as Team Folders before using them with ShareSync, so we verify this step carefully. 

Step 3 – Configure Synology Drive ShareSync on the Remote NAS

On each NAS that will connect to another NAS to sync Team Folders:

1. Ensure Synology Drive Server (and thus Synology Drive ShareSync) is installed from Package Center.

2. Launch Synology Drive ShareSync from the main menu.

 Connect to the Remote Drive Server

Within Drive ShareSync:

1. Click Create or Add connection.

2. Enter the IP address, FQDN, or QuickConnect ID of the remote NAS. 

3. Provide the username and password for the service or admin account on the remote NAS.

4. Test the connection to confirm network reachability and credentials.

If the connection fails:

• Check DNS, VPN, or port forwarding.

• Verify that DSM’s firewall permits port 6690/TCP, which Synology uses for Drive file syncing and backup.

 Select Team Folders to Sync

After a successful connection, we see a list of enabled Team Folders from the remote NAS:

1. Tick the checkboxes for each Team Folder to sync.

2. For each folder, click Edit to adjust the local mapping and sync behavior. 

Step 4 – Fine-Tune Sync Tasks: Direction, Filters, Permissions

Each ShareSync task can be customized per Team Folder.

 Choose Sync Direction

For each folder, we select an appropriate sync mode: 

• Download data from the remote only.

  • Remote NAS is the source of truth.

  • Local NAS maintains a mirror; ideal for offsite DR or read-only replicas.

• Upload data to remote only.

  • Local NAS is the primary; remote acts as a backup or distribution target.

• Two-way sync

  • Both NAS units can create and modify files.

  • Best for collaboration across sites, but requires clear ownership policies to avoid conflicts.

Many implementations combine modes—for example, two-way sync for a /Projects folder shared between offices and download-only sync for /Archive.

 Configure Folder Mapping and Exclusions

Within the Edit settings of each ShareSync task, we typically configure: 

• Local folder path

  • Map the remote Team Folder to an existing or new shared folder path on the local NAS.

• Subfolder selection

  • Uncheck subfolders that do not need to be synchronized (e.g., large media dumps, temp folders).

• File filters

  • Exclude by file type (e.g., ISO, VMDK, TMP, cache files).

  • Exclude by file size, to keep huge archives or raw recordings out of real-time sync.

• Permission sync

  • Sync all privileges, domain user privileges only, or files only (excluding permissions/metadata), depending on how identity is managed. 

This granular control allows us to keep the real-time sync set small and focused, improving both performance and stability.

 Versioning and Conflict Handling

Because Synology Drive relies on Team Folder versioning, we can:

• Keep a defined number of historical file versions.

• Restore previous versions if a user accidentally overwrites or corrupts a file.

• Use Drive’s conflict resolution by renaming colliding files (e.g., appending the device name or username).

For teams that frequently collaborate on the same documents, it is wise to define clear guidelines for who owns which folders and how conflicts are handled.

Step 5 – Network and Security Best Practices

Synology Drive sync traffic is continuous and sensitive, so we treat it like any other production data channel.

 Transport Options: LAN, VPN, or Internet

We can establish connectivity via:

• Local LAN

  • Simple and fast; ideal when NAS units are on the same network or VLAN.

• Site-to-Site VPN (WireGuard, OpenVPN, IPSec, etc.)

  • Preferred for cross-site links; encrypts traffic and exposes only internal IPs.

• QuickConnect or Port Forwarding

  • QuickConnect routes traffic via Synology’s relay infrastructure when direct connections aren’t possible.

  • Direct internet exposure via forwarded port 6690/TCP is possible, but should be evaluated carefully from a security perspective. 

Wherever possible, we favor VPN or private networking over raw port forwarding.

Ports and Firewalls

For NAS-to-NAS syncing with Synology Drive:

• Ensure port 6690/TCP is open between NAS devices for Drive sync and backup.

• If using HTTPS access for web-based Drive management, also allow 5001/TCP (or customized HTTPS port).

• Apply DSM’s built-in firewall rules to restrict incoming connections to known IP ranges or VPN subnets.

 Identity and Access Management

To prevent privilege sprawl:

• Use a centralized directory (e.g., LDAP/AD) where possible, so ACLs are consistent across NAS units.

• Maintain identical user/group structures on both sides when syncing permissions.

• Enforce 2-factor authentication on privileged accounts used to configure ShareSync.

Step 6 – Monitoring, Maintenance, and Troubleshooting

 Monitoring Sync Health

We regularly check:

• Synology Drive ShareSync dashboard

  • Status of each connection and folder.

  • Any errors, warnings, or delayed tasks.

• Resource Monitor on DSM

  • CPU, RAM, and network usage during heavy sync operations.

For mission-critical data, we schedule periodic checks to confirm that both sides are fully synchronized and that latency is acceptable.

 Handling Common Issues

Several common issues recur in multi-NAS setups:

• Sync not starting or stuck at “Connecting.”

  • Verify DSM and Drive Server versions.

  • Confirm reachability on port 6690/TCP. 

  • Check firewall and VPN routes.

• Permissions not matching on the remote NAS.

  • Confirm that we enabled permission sync and that user/group IDs are consistent. 

• Large single files are causing timeouts.

  • Slow links or unstable WAN connections can impact huge files (e.g., 50–100 GB). Community reports indicate such files may stall or repeatedly retry until network stability improves. 

  • For very large archives, consider using Hyper Backup or rsync.

• Bandwidth saturation

  • Use QoS on the router or traffic shaping to limit Drive traffic.

  • Exclude non-critical data via file filters or separate Team Folders.

When to Use Shared Folder Sync or Hyper Backup Instead

Synology Drive ShareSync is powerful, but not always the best fit.

• Use Shared Folder Sync (rsync) when:

  • You need simple, scheduled one-way replication (e.g., nightly mirror).

  • Real-time sync is not required.

  • You prefer rsync-based incremental transfers on a schedule. 

• Use Hyper Backup & Snapshot Replication when:

  • You prioritize point-in-time recovery, multi-version backup, and deduplication.

  • You want to protect against ransomware, accidental deletions, or logical corruption.

In practice, we often combine:

• Drive ShareSync for live collaboration and cross-site access.

• Hyper Backup/Snapshot Replication for robust backup and disaster recovery.

Practical Best Practices for Reliable Synology NAS-to-NAS Sync

We apply the following operational guidelines in production environments:

• Keep DSM and Synology Drive packages updated to benefit from performance and security enhancements. 

• Enable only necessary shared folders as Team Folders; avoid turning the entire NAS into a single giant Team Folder.

• Separate “active” data (projects, documents) from “cold” data (archives, media libraries) at the folder level, and apply different sync policies.

• Always pair real-time sync with independent backup; sync is not a backup, and deletions are propagated.

• Test failover scenarios:

  • Simulate an outage of the primary NAS.

  • Confirm that remote NAS units have the data and that users can access it.

By combining Synology Drive Server, Team Folders, and ShareSync with sound network and security design, we can maintain a resilient, high-performance synchronization fabric across multiple Synology NAS deployments, whether they reside in the same building or on different continents.