1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Setting up Pi-hole

Discussion in 'Linux & Open Source' started by NoNameNoNumber, 5 Nov 2016.

  1. macuser

    Hitman

    Joined: 3 Feb 2004

    Posts: 712

    Of course makes sense, we don’t do Facebook or much social media.
     
  2. Rainmaker

    Sgarrista

    Joined: 18 Aug 2007

    Posts: 9,045

    Location: Liverpool

    Yes, though I did read old reports that it only displays stats for the main LAN. AGH development moves quite quickly, so it's probably fixed by now. Try it and see?
     
  3. jokerguv

    Gangster

    Joined: 25 Mar 2020

    Posts: 110

    Great stuff, I've added these on my AdGuard Home (docker install on pi).

    Been using AdGuard Home instead of PiHole for a couple of months now, nothing against PiHole its just that AdGuard Home seemed like a more complete package out of the box so thought of trying it out.

    Overall its been great and I don't feel like going back to PiHole though some people really like PiHole's UI, I'm fine with both tbh.

    As far as block rates go, PiHole with various adlists used to block around 45% of my traffic but alot of times there were false positives and I'd have to routinely whitelist domains. With AdGuard Home and just the OISD list, its around 32% and I've never had to whitelist any domain so far (of course block rate is entirely usage dependent).
     
  4. Rainmaker

    Sgarrista

    Joined: 18 Aug 2007

    Posts: 9,045

    Location: Liverpool

    I'm glad it's working for you. My list is very short but it catches a huge percentage of undesirables, because ABP format is expandable (i.e. catches all subdomains and derivatives, including wildcards). If you ever have an issues just message me or open an Issue on the Git.
     
  5. jokerguv

    Gangster

    Joined: 25 Mar 2020

    Posts: 110

    Awesome. I especially noticed "telemetry.roblox" on your list and there's too much roblox use on my network. Instantly went ahead :).
     
  6. maj

    Wise Guy

    Joined: 19 Jul 2010

    Posts: 2,448

    Location: Newcastle

    Been trying Adguard home free version as an alternative to pihole. Is there a need for their own app if you're using it as DNS server?

    From what I can see they support ads in browsers but in-app adverts is only a feature on the premium version. That correct? Using oisd block list and getting ads in game apps for example and when I check query log I can't see the advert being listed to block. Temporarily switched device to pihole and the advert was blocked (using oisd).

    That said with pihole I only seem to get ip addresses for devices with pihole set as DNS and DHCP server. Adguard gives each device a name automatically with same settings which makes each device easy to identify to check specific client logs. I would say Adguard has a nicer GUI too.
     
  7. Rainmaker

    Sgarrista

    Joined: 18 Aug 2007

    Posts: 9,045

    Location: Liverpool

    There's far too little information in your post to effectively help. Blocking ads in-app on which platform? Also, you're talking about 'Adguard home free version', but AdGuard Home only has one version - which is FOSS. Are you confusing the iOS/Android/browser based Adguard apps, which do indeed have a free (browser only) and paid (system-wide) tier? Using the OISD list should yield the same results on either PiHole or AGH, and if anything be better on the latter as that supports ABP format whereas PiHole only supports domain blocking.

    How are you using AGH and PiHole? In Docker? Bare metal? Is AGH set up as DHCP server when you're using it? Is it the only DHCP server on the network? Are you setting AGH as the default DNS (and/or DHCP) on a per-device basis and verifying that the traffic is actually hitting AGH from the device in question?
     
  8. maj

    Wise Guy

    Joined: 19 Jul 2010

    Posts: 2,448

    Location: Newcastle

    Thanks for the reply. The ads were on Android and I only have Android mobile devices on my network. I am possibly getting confused about their products. I did read something that suggested there was a premium version which was the only way to block in app ads but can't find it but it may have been referring to their own app rather than AGH.

    Both PiHole and AGH are both hosted on a Linux VM until I can learn more about Docker as I'm still learning Linux. Both are configured to be both DHCP and DNS when in use (otherwise everything gets logged as being my router) and router is pointing to AGH as its DNS. DHCP is disabled on router. The only time Pinhole is used at the moment is if I manually point a device to it for testing purposes. Ads are getting blocked by Adguard in general and on that particular mobile device with the in-app ad I just couldn't see where the ad was coming from in the logs. Pihole blocked it straight away with same block list and I'm unsure why.
     
  9. ChrisD.

    Caporegime

    Joined: 20 Sep 2006

    Posts: 27,102

    You might have DNS bleed somewhere.
     
  10. maj

    Wise Guy

    Joined: 19 Jul 2010

    Posts: 2,448

    Location: Newcastle

    @ChrisD. Thanks may well have been as have since put the phone back onto AGH without any changes and it's now blocking ads in the game. Not sure what's changed but if she's happy I'm happy.
     
  11. GR63

    Wise Guy

    Joined: 28 May 2021

    Posts: 1,017

    Location: Herts

    PiHole on Pi2? OK experience? With the DNS routing options (prob wrong term I got there!) ??
     
  12. the-evaluator

    Mobster

    Joined: 24 Sep 2015

    Posts: 2,933

    It's fine. I've got a Pi2 here as my physical Pi-Hole instance (the other is a VM) and it's working absolutely fine.
     
  13. GR63

    Wise Guy

    Joined: 28 May 2021

    Posts: 1,017

    Location: Herts

    Thank you... thats one Pi2 for PiHole and one for DVB-T2 TVheadend... None wasted now... :)
     
  14. Robert

    Capodecina

    Joined: 20 Oct 2002

    Posts: 15,433

    Location: North West

    So I reset (not rebooted) my Asus router but when I set my routers dns to my synology, still no dice. So assuming it’s an issue on the nas. Will have to fiddle more.
     
  15. Robert

    Capodecina

    Joined: 20 Oct 2002

    Posts: 15,433

    Location: North West

    So...especially for Rainmaker - I re-installed adguard via docker creating a macvlan - giving it a separate IP (which worked fine) - but still no dice. As soon as I add the IP to my asus router, my internet connection dies. Really weird.
     
  16. Robert

    Capodecina

    Joined: 20 Oct 2002

    Posts: 15,433

    Location: North West

    So, I seem to have resolved it. Instead of changing the DNS settings under the "WAN" tab, I spotted something on another forum advising to change the DNS setting under the LAN tab, then "DHCP Server" and under "DNS and WINS Server Setting"

    So yeah, in adguard rather than getting one entry for my router, i'm getting quite a few - assuming the router just advertises the DNS address.
     
  17. Rainmaker

    Sgarrista

    Joined: 18 Aug 2007

    Posts: 9,045

    Location: Liverpool

    Sorry @Robert I forgot to come back to this. Glad you got sorted.
     
  18. Robert

    Capodecina

    Joined: 20 Oct 2002

    Posts: 15,433

    Location: North West

    Thanks. Do you know of anyway to test if Google’s DoH is working properly? The cloud flare test can’t detect DoH for Google, assuming because it’s encrypted.

    I also can’t use cloud flares DoH as it kills nowtv/btsport quality.
     
  19. Rainmaker

    Sgarrista

    Joined: 18 Aug 2007

    Posts: 9,045

    Location: Liverpool

    To test encrypted DNS is working you can do packet capture on the affected port/destination. A quick search will give you the details for your particular OS. If not, you could always test by using dnsleaktest.com - if the DNS provider is showing as Google (in this case) and the DoH is the only enabled DNS, then you're (99.9% likely) sorted. Think twice about using Google for anything with the word 'privacy' in it, though...

    As upstream for AdGuard Home or PiHole? You could always use Quad9 and enable EDNS client subnet. That will pass a part of your IP to the streaming service, so they can give you a more local CDN - and hence better quality streams. Read up on the (mild) privacy side effects, to ensure you're completely happy however.

    Quad9's EDNS enabled server:

    Code:
    IPv4
    9.9.9.11
    
    149.112.112.11
    
    IPv6
    2620:fe::11
    
    2620:fe::fe:11
    
    HTTPS
    https://dns11.quad9.net/dns-query
    
    TLS
    tls://dns11.quad9.net
    
     
  20. Robert

    Capodecina

    Joined: 20 Oct 2002

    Posts: 15,433

    Location: North West

    Im using Google’s DoH solution via AdGuard. Just wanted a way to confirm it was working.