Blocking ads before they enter your house at the DNS level with pi-hole and a cheap Raspberry Pi
Lots of folks ask me about Raspberry Pis. How many I have, what I use them for. At last count there's at least 22 Raspberry Pis in use in our house.
- One runs our dakboard family dashboard that we built in a weekend but use every day.
- We have at 3 that are set up for retrogaming - one in a 3d printed Gameboy (A pi-grrl, in fact), one in a X-Arcade Tankstick, one in a tiny laser-cut arcade case for the desktop.
- I have a Raspberry Pi that runs one of my 3D Printers running Octoprint. This one also has as camera and does time-lapse videos of my 3D prints.
- We have another 3 that run little robots my sons and I have built
- 6 are running in a local Kubernetes Cluster
- These 6 Pis are my personal cloud, so maybe there's 16 Pis in the house and one Pi Cloud/Cluster.
- One is an internet radio in the 13 year old's room running PiMusicBox.
- One is a touchscreen tablet the 11 year old uses for Scratch. Imagine a Linux iPad.
- One runs Kodi as an entertainment center in the kids' play room.
- One lives in a CrowPi that we use for experiments and .NET Core remote debugging.
- Another three are Raspbery Pi Zero Ws for various experiments with one Pi Zero W acting as as backup Open Source Artificial Pancreas.
- and most recently one is a Pi-hole. A Black hole that eats tracking cookies, advertising, and other bad stuff. See also "shut your pie hole." AKA that place you put pie.
A Pi-hole is a Raspbery Pi appliance that takes the form of an DNS blocker at the network level. You image a Pi, set up your network to use that Pi as a DNS server and maybe white-list a few sites when things don't work.
I was initially skeptical, but I'm giving it a try. It doesn't process all network traffic, it's a DNS hop on the way out that intercepts DNS requests for known problematic sites and serves back nothing.
Installation is trivial if you just run unread and untrusted code from the 'net ;)
curl -sSL https://install.pi-hole.net | bash
Otherwise, follow their instructions and download the installer, study it, and run it.
I put my pi-hole installation on the metal, but there's also a very nice Docker Pi-hole setup if you prefer that. You can even go further, if, like me, you have Synology NAS which can also run Docker, which can in turn run a Pi-hole.
Within the admin interface you can tail the logs for the entire network, which is also amazing to see. You think you know what's talking to the internet from your house - you don't. Everything is logged and listed. After installing the Pi-hole roughly 18% of the DNS queries heading out of my house were blocked. At one point over 23% were blocked. Oy.
NOTE: If you're using an Amplifi HD or any "clever" router, you'll want to change the setting "Bypass DNS cache" otherwise the Amplifi will still remain the DNS lookup of choice on your network. This setting will also confuse the Pi-hole and you'll end up with just one "client" of the Pi-hole - the router itself.
Sponsor: Seq delivers the diagnostics, dashboarding, and alerting capabilities needed by modern development teams - all on your infrastructure. Download at https://datalust.co/seq.