A Pi-hole is a Raspbery Pi appliance that takes the form of an DNS blocker at the network level. You image a Pi, set up your network to use that Pi as a DNS server and maybe white-list a few sites when things don’t work.
I was initially skeptical, but I’m giving it a try. It doesn’t process all network traffic, it’s a DNS hop on the way out that intercepts DNS requests for known problematic sites and serves back nothing.
Installation is trivial if you just run unread and untrusted code from the ‘net 😉
curl -sSL https://install.pi-hole.net | bash
I put my pi-hole installation on the metal, but there’s also a very nice Docker Pi-hole setup if you prefer that. You can even go further, if, like me, you have Synology NAS which can also run Docker, which can in turn run a Pi-hole.
Within the admin interface you can tail the logs for the entire network, which is also amazing to see. You think you know what’s talking to the internet from your house – you don’t. Everything is logged and listed. After installing the Pi-hole roughly 18% of the DNS queries heading out of my house were blocked. At one point over 23% were blocked. Oy.
NOTE: If you’re using an Amplifi HD or any “clever” router, you’ll want to change the setting “Bypass DNS cache” otherwise the Amplifi will still remain the DNS lookup of choice on your network. This setting will also confuse the Pi-hole and you’ll end up with just one “client” of the Pi-hole – the router itself.
Sponsor: Seq delivers the diagnostics, dashboarding, and alerting capabilities needed by modern development teams – all on your infrastructure. Download at https://datalust.co/seq.