Setting up Pi-hole

aaronyuri · 31 Oct 2025 at 17:12

Smok3y said:
Okay, thanks. Well one of the websites I don't use very often is reporting I'm using an ad blocker so it must be doing something.

I am using a Pi 2W via Wifi, is there any point in getting a network port dongle? I do have one that has a USB-C connecter but it doesn't work with the Pi using a USB-C to micro sd converter, no power passing through.

I also don't suppose there's any point in adding the PS5 to Pi Hole, just things like computers, phones and tablets?

If I game on my PC will it add latency?

The only delay would be when performing name resoluition. A few ms isn't going to make one bit of difference to your DNS lookups, quite frankly. Once your device has performed the lookup, there will be no further delay. The short answer is no, this will not affect gaming on your PC, nor add any latency. To provide some further context:

Your client (PC in this instance) needs to connect to gameserver1.com (just an example). It will send a DNS lookup query to your Pi, with Pi-hole listening for DNS requests. If Pi-hole doesn't have the record cached, it will go to your configured DNS forwarder and query it for the record instead. Once it receives a response, it forwards the response back to your client (PC). Your PC then makes a direct connection to whatever gameserver1.com resolved to. The Pi is no longer involved once your client (PC) knows what IP address to connect to.

To flow it:

Client > Pi-hole > Check Pi-hole cache, if no cached record, do lookup > Pi-hole sends DNS query to DNS forwarder > Pi-hole receives response from DNS forwarder > Pi-hole sends response back to client.

Client connects directly to the resolved IP.

Smok3y · 31 Oct 2025 at 18:25

aaronyuri said:
The only delay would be when performing name resoluition. A few ms isn't going to make one bit of difference to your DNS lookups, quite frankly. Once your device has performed the lookup, there will be no further delay. The short answer is no, this will not affect gaming on your PC, nor add any latency. To provide some further context:

Your client (PC in this instance) needs to connect to gameserver1.com (just an example). It will send a DNS lookup query to your Pi, with Pi-hole listening for DNS requests. If Pi-hole doesn't have the record cached, it will go to your configured DNS forwarder and query it for the record instead. Once it receives a response, it forwards the response back to your client (PC). Your PC then makes a direct connection to whatever gameserver1.com resolved to. The Pi is no longer involved once your client (PC) knows what IP address to connect to.

To flow it:

Client > Pi-hole > Check Pi-hole cache, if no cached record, do lookup > Pi-hole sends DNS query to DNS forwarder > Pi-hole receives response from DNS forwarder > Pi-hole sends response back to client.

Client connects directly to the resolved IP.

Many thanks good sir. Shame VM won't allow modem mode on thgeir newer hardware, but I guess Pi Hole is working as intended so all good.

Steveocee · 1 Nov 2025 at 06:23

Smok3y said:
Okay, thanks. Well one of the websites I don't use very often is reporting I'm using an ad blocker so it must be doing something.

I am using a Pi 2W via Wifi, is there any point in getting a network port dongle? I do have one that has a USB-C connecter but it doesn't work with the Pi using a USB-C to micro sd converter, no power passing through.

I also don't suppose there's any point in adding the PS5 to Pi Hole, just things like computers, phones and tablets?

If I game on my PC will it add latency?

Yes, very good indicator if a website is telling you that you're blocking. If you haven't already, have a look at Hagezei (https://github.com/hagezi/dns-blocklists) lists. The default StevenBlack list is good for basic blocking but they take it to another level.

If you can, rework your network so your Pi is cabled in. If for whatever reason the connection to the Pi isn't greatm your whole network will suffer. I wouldn't want critical infrastructure to my (or anybodies) network connected via WiFi - Cable is the way.

Run everything you can via your PiHole! If you use more feeds, you're protecting the devices using it, not just ad's, Hagezei does threat feeds, it's an extra layer of protection you can bake in with zero effort for other clients.

Smok3y · 1 Nov 2025 at 09:48

Steveocee said:
Yes, very good indicator if a website is telling you that you're blocking. If you haven't already, have a look at Hagezei (https://github.com/hagezi/dns-blocklists) lists. The default StevenBlack list is good for basic blocking but they take it to another level.

If you can, rework your network so your Pi is cabled in. If for whatever reason the connection to the Pi isn't greatm your whole network will suffer. I wouldn't want critical infrastructure to my (or anybodies) network connected via WiFi - Cable is the way.

Run everything you can via your PiHole! If you use more feeds, you're protecting the devices using it, not just ad's, Hagezei does threat feeds, it's an extra layer of protection you can bake in with zero effort for other clients.

I looked at that but don't know how to add it? I added Easy something as that was just copying and pasting a line of text. I have found the Pi Hole links and wehen I click on either Link/M1/M2 it gives me a big list so I guess I just need copy the the link from the address bar and paste it into Pi Hole with the other 2?

Also after approx 24 hours I've had to reset my VM 5x router, nothing would connect and my Xbox showed could not connect to DHCP server although everything has been working fine for around a day?

Jake_UK · 8 Nov 2025 at 12:16

You want the links to the .txt file(s) and then you can just paste that into your PiHole lists page as the address. There is a structure/logic to that github page but you have to work through it!

For example, here's the link (from that page) to the Pro (recommended) level of blocking for use with PiHole (two mirrors are also available): https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/pro.txt

MatsyLR · 13 Nov 2025 at 16:10

What's the situation with letting cash back sites such as topcashback, Quidco etc to not get blocked?
I imagine the URLs/IPs change dynamically

Armageus · 13 Nov 2025 at 16:36

MatsyLR said:
What's the situation with letting cash back sites such as topcashback, Quidco etc to not get blocked?
I imagine the URLs/IPs change dynamically

Temporarily unblock (5 minute) whilst you make a purchase

maj · 13 Nov 2025 at 18:27

If I'm on my phone I just turn WiFi off and use mobile data instead with ublock disabled in browser.

Ad_Augendae · 20 Nov 2025 at 12:55

Anybody using dnscrypt-proxy with pihole for DoH, if so how do I setup quad9.
I tried adding quad9 in the following line
# server_names = ['scaleway-fr', 'google', 'yandex', 'cloudflare']
Example:
server_names = ['quad9']
the cloudflare seems to work ok......

Code:

● dnscrypt-proxy.service - Encrypted/authenticated DNS proxy
     Loaded: loaded (/etc/systemd/system/dnscrypt-proxy.service; enabled; preset: enabled)
     Active: active (running) since Thu 2025-11-20 12:52:47 GMT; 3s ago
   Main PID: 2135 (dnscrypt-proxy)
      Tasks: 10 (limit: 8750)
        CPU: 131ms
     CGroup: /system.slice/dnscrypt-proxy.service
             └─2135 /usr/local/sbin/dnscrypt-proxy -config /etc/dnscrypt-proxy/dnscrypt-proxy.toml
but if i try quad9 I get...

● dnscrypt-proxy.service - Encrypted/authenticated DNS proxy
     Loaded: loaded (/etc/systemd/system/dnscrypt-proxy.service; enabled; preset: enabled)
     Active: activating (auto-restart) (Result: exit-code) since Thu 2025-11-20 12:50:32 GMT; 52s ago
    Process: 2100 ExecStart=/usr/local/sbin/dnscrypt-proxy -config /etc/dnscrypt-proxy/dnscrypt-proxy.toml (code=exited, status=255/EXCEPTION)
   Main PID: 2100 (code=exited, status=255/EXCEPTION)
        CPU: 120ms

Rainmaker · 20 Nov 2025 at 15:57

Ad_Augendae said:
Anybody using dnscrypt-proxy with pihole for DoH, if so how do I setup quad9.

The term quad9 isn't a known label for any DNS service. If you check the upstream list of DNS servers, the one you want is probably one of:

Code:

quad9-dnscrypt-ip4-filter-pri         # Quad9 DNS, no ECS, malware filtering, dnscrypt protocol
quad9-doh-ip4-port443-filter-pri      # Quad9 DNS, no ECS, malware filtering, DNS over HTTPS protocol

If you update your config with one of those and reload/restart the service, you should find it works.

Ad_Augendae · 20 Nov 2025 at 16:50

Rainmaker said:
The term quad9 isn't a known label for any DNS service. If you check the upstream list of DNS servers, the one you want is probably one of:

Code:

quad9-dnscrypt-ip4-filter-pri # Quad9 DNS, no ECS, malware filtering, dnscrypt protocol quad9-doh-ip4-port443-filter-pri # Quad9 DNS, no ECS, malware filtering, DNS over HTTPS protocol

If you update your config with one of those and reload/restart the service, you should find it works.

Thanks for that.

Code:

● dnscrypt-proxy.service - Encrypted/authenticated DNS proxy
     Loaded: loaded (/etc/systemd/system/dnscrypt-proxy.service; enabled; preset: enabled)
     Active: active (running) since Thu 2025-11-20 16:47:19 GMT; 6s ago
   Main PID: 2732 (dnscrypt-proxy)
      Tasks: 10 (limit: 8750)
        CPU: 162ms
     CGroup: /system.slice/dnscrypt-proxy.service
             └─2732 /usr/local/sbin/dnscrypt-proxy -config /etc/dnscrypt-proxy/dnscrypt-proxy.toml

Nov 20 16:47:19 fireping dnscrypt-proxy[2732]: [2025-11-20 16:47:19] [NOTICE] Network connectivity detected
Nov 20 16:47:19 fireping dnscrypt-proxy[2732]: [2025-11-20 16:47:19] [NOTICE] Now listening to 127.0.0.1:5053 [UDP]
Nov 20 16:47:19 fireping dnscrypt-proxy[2732]: [2025-11-20 16:47:19] [NOTICE] Now listening to 127.0.0.1:5053 [TCP]
Nov 20 16:47:19 fireping dnscrypt-proxy[2732]: [2025-11-20 16:47:19] [NOTICE] Source [public-resolvers] loaded
Nov 20 16:47:19 fireping dnscrypt-proxy[2732]: [2025-11-20 16:47:19] [NOTICE] Source [relays] loaded
Nov 20 16:47:19 fireping dnscrypt-proxy[2732]: [2025-11-20 16:47:19] [NOTICE] Firefox workaround initialized
Nov 20 16:47:19 fireping dnscrypt-proxy[2732]: [2025-11-20 16:47:19] [NOTICE] Hot reload is disabled
Nov 20 16:47:19 fireping dnscrypt-proxy[2732]: [2025-11-20 16:47:19] [NOTICE] [quad9-doh-ip4-port443-filter-pri] OK (DoH) - rtt: 22ms
Nov 20 16:47:19 fireping dnscrypt-proxy[2732]: [2025-11-20 16:47:19] [NOTICE] Server with the lowest initial latency: quad9-doh-ip4-port443-filter-pri (rtt>
Nov 20 16:47:19 fireping dnscrypt-proxy[2732]: [2025-11-20 16:47:19] [NOTICE] dnscrypt-proxy is ready - live servers: 1

Much appreciated.

Rainmaker · 20 Nov 2025 at 19:59

Ad_Augendae said:
Thanks for that.
Much appreciated.

No worries, happy to have helped.

hartgeh3 · Tuesday at 11:59

Does setting up pihole block adverts on the TV, got a LG one for the parents and plauged with adverts everywhere.

aaronyuri · Tuesday at 12:50

hartgeh3 said:
Does setting up pihole block adverts on the TV, got a LG one for the parents and plauged with adverts everywhere.

Have you turned nearly all of that nonsense off within settings first? There are a surprising amount of options for controlling adverts in WebOS. They're disguised as "personal recommendations" and crap like that.

hartgeh3 · Tuesday at 16:10

aaronyuri said:
Have you turned nearly all of that nonsense off within settings first? There are a surprising amount of options for controlling adverts in WebOS. They're disguised as "personal recommendations" and crap like that.

Yeah first thing I did when I plugged it in lol