Blocking-Ads on your Home Network using Pi-Hole DNS Server

My Pi-Hole running on My Homelab MicroK8S cluster

What is a DNS Server?

A DNS (Domain Name System) server is a fundamental part of the internet infrastructure. It serves as the internet’s phone book, translating human-readable domain names (like www.google.com) into IP addresses that computers use to communicate with each other, just as our phone book translates a human-readable name like Mr. Google to his phone number, which the mobile phone system can use to facilitate communication.

When you type a URL into your web browser, your computer sends a request to the DNS server associated with your network configuration. The DNS server then responds with the corresponding IP address of that URL, which your computer uses to connect to the server hosting the website you want to visit.

In essence, DNS servers provide a crucial service that allows humans to use the internet more easily without needing to remember the exact IP addresses of different websites they wish to visit.

What is my DNS and where did it came from?

When you connect a device to your home network or workplace network, a DHCP (Dynamic Host Configuration Protocol) server, usually hosted on your network’s router, automatically assigns your device a unique local IP address along with the DNS server to use.

By default, your ISP (Internet Service Provider) provides a basic router when you install broadband internet at home, which is already configured with a DHCP server to provide IP addresses in the subnet 192.168.1.0/24 and a DNS server provided by the ISP.

Important to be aware that relying solely on your ISP’s DNS server raises privacy concerns. ISPs have the capability to block access to certain websites (By making the domain name unsuccessfully mapped with the IP Address) and even collect data on your browsing habits. This highlights the importance of considering alternative DNS servers instead of using your ISP’s DNS server

Here are some alternative DNS

• Google Public DNS 8.8.8.8/8.8.4.4
• Cloudflare DNS 1.1.1.1
• Cisco OpenDNS 208.67.222.222/208.67.220.220

Using alternative DNS can prevent your ISP from learning your browsing habits and protect your privacy to some extent. However, you may simply be giving your data to Google or Cloudflare instead. 🤣🤣

Cloudflare claiming superior Query speed compared to other DNS services

What is Pi-hole?

Pi-hole is a DNS sinkhole that protects your client devices from unwanted content without installing any client-side software. It is typically used to block ads across an entire network.

When you set up Pi-hole on your network, it becomes your primary DNS server. Devices on your network send DNS requests to Pi-hole, which checks the requested domains against its list of blacklisted ad-serving domains. If a match is found, Pi-hole blocks the request, preventing the ad from being loaded. If no match is found, Pi-hole forwards the request to an upstream DNS server (which can be any DNS server you want), which then resolves the domain to an IP address as usual.

In addition to being a DNS server, Pi-hole can also be used as your network DHCP server, but this article will only use Pi-hole as a DNS server for ad-blocking purposes.

Deploying Pi-Hole at home

Pi-hole is super lightweight and can be run virtually on any hardware (Please do not install Pi-hole on your dishwasher💀) with 2GB free space and at least 512MB on memory.

Popular way for running Pi-Hole

• Direct Installation on Raspberry Pi Zero: This is the simplest method where you install Pi-Hole directly on a Raspberry Pi Zero. This option is cost-effective and ideal for those looking for a dedicated Pi-Hole server with low power consumption. It can be powered by your router’s USB port.
• Docker: If you already have a system running 24/7 using Docker or other containers, deploying Pi-Hole using Docker is straightforward. Docker provides isolation and easy management of dependencies. Many users opt for this method due to its simplicity and ease of maintenance.
• Proxmox LXC (Linux Containers): Proxmox is a popular hypervisor for virtualization, and running Pi-Hole within an LXC container on a Proxmox homelab is another option. LXC offers lightweight virtualization with minimal overhead, making it a suitable choice for hosting Pi-Hole.
• Kubernetes: For those with a Kubernetes system running at home, deploying Pi-Hole on Kubernetes is a viable option. Kubernetes provides orchestration and scaling capabilities, which can be beneficial if you have a more complex home network setup or if you’re already familiar with Kubernetes.

Each method has its advantages and considerations. For the sake of simplicity, this article will cover direct installation and docker

Direct Installation

Direct Installation is super easy according to the Pi-Hole documentation you can get Pi-Hole up and running by just using the following command

curl -sSL https://install.pi-hole.net | bash

Docker

This is my recommended way of deploying Pi-Hole using Docker. If you haven’t installed Docker yet, feel free to follow the Docker Documentation for installation. After that, I prefer to use Docker-compose to deploy Pi-Hole.

version: "3"

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "80:80/tcp"
    environment:
      TZ: 'Asia/Bangkok'
      WEBPASSWORD: 'admin' # DO NOT FORGET TO CHANGE THIS
    volumes:
      - './etc-pihole:/etc/pihole'
      - './etc-dnsmasq.d:/etc/dnsmasq.d'
    restart: unless-stopped

may be use VXVLAN if you want a dedicated IP Address for your DNS server

Kubernetes

We will not dive into deploying Pi-Hole on Kubernetes in this article but for anyone who interested feel free to visit My GitHub Repo for my configurations.

Pi-Hole basic Configurations

visit your Pi-Hole admin dashboard via http://<Pi-Hole-IP>/admin and login with your WEBPASSWORD

Now, Pi-Hole needs an Adlists to enforce blocking. Go to the Adlists menu section where you can add and remove blocked domains for Pi-Hole. Feel free to use the user interface to add as many lists as you like. The default list shipped with Pi-Hole will block the majority of ads. I highly recommend visiting The Firebog for more lists.

Using Pi-Hole on your device

You have successfully set up a ready-to-use Pi-Hole on your network. The last step is to utilize the Pi-Hole, and there are primarily two ways to do so: by configuring the DHCP settings of your router/switch or by manually editing the network configurations of your network interface. If you want your Pi-Hole to enforce default network-wide ad-blocking, I recommend setting the DHCP of your network to use the IP address of the Pi-Hole as the default DNS server.

It’s important to note that different network devices may have varying methods for configuration. Routers and switches typically have DHCP settings accessible through their web interfaces, where you can specify the DNS server to be used by devices on the network.

Testing Pi-Hole

My go-to method for testing an ad blocker is to use a specific tester, which guides you through various types of ads. If your Pi-Hole is functioning correctly, you should not see any ads on the page.