I would not have the synology even connected to the Internet--too many ransomwares are targeting these and qnap units and succeeding.
Most dynamic IPs don't chnage if you leave the router on 24x7. I think I've seen not even 6 IP changes in 10 years on all 4x of the different ISP accounts I manage.
That's not enough anymore as any nas exposed to the internet that's synology or qnap is a BIG ransomware target.
I don't use this and really not overly familiar with it. That said, the only way I would allow connections to my internal storage would be from the inside. Translation: I would setup a 2FA vpn. Users would connect to said vpn and access resources from there. The only direct external access I allow is limited to known static /32 ipv4 IPs meaning no mobile devices have direct access.Main reason is for Emby.
Maybe I am looking at this wrong.
But OP wants to use it for DDNS would mean it's exposed...Yeah file sharing and the network protocol is all you need. Switch off the internet/cloud/remote support/surveillance/streaming etc. etc. features.
None of the QNAPS I've rolled out...a lot of them...have been hit. Most if not all have had firmware update recently. Not pointing out to the internet.
You can actually even do this by just getting a domain name and using the 'advanced dns' settings on the dns host to make subdomains on your domain that point to whatever addresses you want. nas1.yourdomain.com, nas2.yourdomain.com, etc.Not addressing the securty questions.
Yes you can have other things do DDNS, as said, most times ISPs I've seen in recent years don't bother changing your address.
I use CloudDNS for this. I should add that I have my own domain as well, you'll need that with them.