Pi-hole  –  A network wide AdBlocker

In 2019 there were a total of 763 milion unique installations of adblocker apps worldwide. Chances are that you are one of those people, Ads are everywhere in todays society and they are become increasively invasive with the addition of shady trackers whatching you as your browse the web.

Instead of installing adblocking apps on each device you own, the more elegant soloution would be to have one overruling adblock to control your whole network.

Say hello to Pi-hole

 

Pi-hole is a DNS sinkhole that protects your devices from unwanted content, without installing any client-side software.

Pi-hole_Logo

Hardware

 

Pi-hole was originally designed to run on Raspberry Pi’s (hence the name) however, it can run on pratically any hardware as long as it is able to have a LAN or WLAN connection and can run Raspberry Pi OS, Ubuntu, Debian, Fedora or CentOS. Other flavours of Linux may also work but are not offically supported by the Pi-hole team.

 

Pi-hole is a lightweight service and requires very little processing power.

The minium requirments are:

  • 2GB free space
  • 512MB RAM

Setup

 

This is going to be my 2nd Pi-hole on my home network, the first one is within a Ubuntu VM on a HP server. I currently use that Pi-hole as my primary DNS server however, that HP server is my main NAS and therefore sometimes has down time for maintanice.

I need a backup (secondry) DNS server to ensure 100% uptime and blocking.

Update your packages

 

Before doing anything I would reccomend updating your OS and packages.

This can be done by simply running:

(You may need SuperUser privileges)

$ sudo apt-get update
$ sudo apt-get upgrade

APt upgrade

Installing Pi-Hole

 

The developers have been kind enough to allow us to use a one-step automated install, this uses Bash which is somewhat controversial.

$ curl -sSL https://install.pi-hole.net | bash

If you wanmt to avoid using Bash for secuirty reasons then follow this guide to install Pi-Hole manually.

All you have to do is, clone the repository and run the install script.

 

Once the install script is running, it will go through and check the status of your system. You shoudl see green ticks like I have.

It will then take you through a fullscreen Pi-Hole installer. Here you get to choose your settings.

These are the settings I used:

  • eth0 as the interface (whatever you are using to network your Pi)
  • Cloudflare as my Upstream DNS provider
  • Default blocklists
  • IPv4 & IPv6 protocols
  • Web admin interface = On
  • Log queries = On

 

The final installation page will then display your web interface password, make a note of this!

pi hole

Configure your devices to use Pi-Hole

You have two options when configuring your devices, you can either tell your router to use the Pi-Hole so all your devices use it or you can manually tell each device to use the Pi-Hole.

 

For my home network I chose to use the Pi-Hole on all traffic.

To do this we must login into our router and change where it is looking for its DNS servers.

 

I have a Ubiquiti UDM so this setting was found under WAN > Advanced > DNS Server.

Here you can specify your Primary and Secondry DNS Servers, I have 2 Pi-Holes serving as my primary and secondry servers so I can poulate both this spots.

dns1

Web interface

Now that DNS traffic should be going through your Pi-Hole we can check the web interface to check.

Use the IP of the device to find the web GUI and then login using the details provided during the installation.

You should now see a dashboard similar to mine, here you can see the total queries, queries blocked, percent blocked and the number of domians on the blocklist.

 

In the top left corner you can also see useful stats about your device running Pi-Hole.

 

 

Now sit back and enjoy LAN wide AD & Tracker blocking!

web

Testing

 

You can test your Pi-Hole is working by visiting the Ad Blocker Test site made by d3ward.

It tests to see if your device can connect to popular services such as:

  • Ads
  • Analytics
  • Error trackers
  • Social trackers
  • OEM trackers
blocked