Avatar
Derek Ross 2y ago

Happy #FOSSFriday! Today, we're going to talk about another piece of software that I've used for a few years. Pi-hole.

Pi-hole is a free and open-source DNS sinkhole that helps to block ads and trackers on your network. It works by intercepting DNS requests from your devices and redirecting them to a local server that has been configured to block ads. This can significantly improve the performance and privacy of your network.

Pi-hole is a software application that can be installed on a Raspberry Pi or other compatible device. You can even install it via certain "node" OS platforms like Umbrel. It is very easy to set up and use, and there are many tutorials available online.

To use Pi-hole, you will need to configure your devices to use it as their DNS server. This can be done on most devices by going to the network settings and changing the DNS server to the IP address of your Pi-hole device or by simply configuring your router's LAN's DHCP settings to use the Pi-Hole.

https://pi-hole.net

Reply to this note

Please Login to reply.

Discussion

fc
fc994dc4... 2y ago

Pi-hole is nice but I prefer adguard-home

Avatar
Derek Ross 2y ago

i have never used adguard, but i've seen people speak highly of it.

Avatar
₿lack Swan 2y ago

Why?

Avatar
(>0_0)> 2y ago

Love Pi-hole! I’ve been running mine for nearly 7 years

Avatar
Derek Ross 2y ago

Avatar
Keysa - Simplest Bitcoin Edu 2y ago

Thanks Derek, seen it on Umbrel but haven’t looked into it.

A clearly non-tech savvy question: Can you use pi-hole with a VPN?

Avatar
armstrys 2y ago

The internet makes it seem like some VPN providers may allow you to specify your own local DNS resolution. Otherwise you might be stuck with alternative solutions. If you’re willing to run a VPS server and use it like a VPN you can do achieve similar outcomes using Tailscale and pihole together.

nostr:note1yumddtz95gq45chm7k9xt7r8jqvx2gz9qdsm3ww9g59l92u0w44q0sdcrv

Avatar
Derek Ross 2y ago

it's not easy to do or not easily supported as by default a VPN provider has you using their DNS servers for requests. some VPN providers come with these types of services built in to block trackers and ads though.

Avatar
₿lack Swan 2y ago

You can, but you would want to be careful. If using a VPN client on a client device (PC / Phone), this would leak DNS queries and make analysis far easier to conduct.

Alternatively, you could configure your router so that all egress traffic traverses the VPN. This would mean that DNS queries to external resolvers would also go out over the VPN link!

Avatar
geeknik 2y ago

pihole is pretty good, not gonna lie. but i've been running pfsense for over a decade (#freebsd ftw) and i much prefer the power of pfblockerng. 🤙🏻

Avatar
Derek Ross 2y ago

pfsense is awesome 😉

Avatar
AJV 2y ago

These Friday bonus content are very helpful. I’m new to all of this and your making us aware of better options and tools out there to help us.

Avatar
Derek Ross 2y ago

im glad you find it useful 😉

Avatar
armstrys 2y ago

Don’t forget pihole combined with Tailscale magic DNS to get blocking on the go!

I also recommend installing unbound during the pihole installation to make your server also handle the DNS resolution. Easy, better privacy, I never noticed a performance drop.

Avatar
Derek Ross 2y ago

this is a good idea. thanks for the recommendation.

Avatar
Enki 2y ago

+1 for unbound.

Avatar
armstrys 2y ago

I should have said Tailscale “nameservers” not MagicDNS. Setting a Tailscale nameserver lets you route the DNS requests back home without routing all data through your home network.

Avatar
Derek Ross 2y ago

i knew what you meant :) ive played with their MagicDNS.

de
nobody 2y ago

Tailscale has some performance drawbacks. If you have the skills to host things yourself, wireguard will give you the best performance. I use this container and it's so good https://github.com/wg-easy/wg-easy

de
nobody 2y ago

But I otherwise have the same setup: pihole, unbound, VPN is the mobile on the go powerhouse set up.

Avatar
armstrys 2y ago

Thanks for the setup! I’ll definitely look into it. Tailscale is just so damn easy :)

de
nobody 2y ago

You bet man!

Wireguard can run in kernelspace which will be faster than Tailscale which runs userspace wireguard. Worth it for me because I have cloud instances connecting to home for things and need the speed. If you're just doing normal browsing you likely wouldn't notice.

Avatar
Enki 2y ago

Love my pihole.

Avatar
JSTR 2y ago

Pi-hole is the best thing ever! Have been running for a year now… highly recommend