The beauty is that you can shove Pi in it of course.
this post was submitted on 05 May 2025
459 points (98.3% liked)
Technology
69804 readers
3168 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
That was a great read. Really enjoyed that.
Any reason to use this instead of a free NextDNS?
Local hosting
Additionally you have control over it. Sure, you don't need local since you're using it in conjunction with the internet. You control it though. You decide entirely what you want to trust and don't have to delegate that trust as much.
66.6% of all traffic is blocked with no functional impact on anything that I do
Okay. I’m convinced.
Misleading statement. It doesn't block "traffic", it blocks DNS requests... you don't know how much traffic this corresponds to.
You can easily find out. 2 machines (even virtual machines) one set it's DNS to the PiHole, one not.
Both hit the same sites in the same order. Compare network traffic.
That's only for a single case comparison. You can't draw statistically meaningful conclusions about what percentage of traffic the pihole has blocked over a longer period of time.
Correct. The payload of DNS requests is tiny compared to, say requesting a webpage. So there might not be a huge decrease of bandwidth usage reduction. However, having 66.6% less DNS requests is still a win. The router/gateway doesn't have to work that hard because of the dropped requests.
It isn't so much about the payload of the DNS requests, but about the content that would have been loaded if the DNS request hadn't been blocked.
If you load a page that has 100kB of useful information, but 1MB of banner ads and trackers ... you've blocked a lot more than 66%. But if you block 1MB of banner ads on a page that hosts a 200MB video, you've blocked a lot less.
Also a 66% blocked percentage seems very high. I have installed pihole on 2 networks, and I'm seeing 1.7% on my own network, but I do run uBlock on almost everything which catches most stuff before it reaches the pihole, and 25% on the other network.
I run a handful of instances across different networks, 1.7% is suspiciously low, you should make sure you've got the right lists. I like HageZi's
load more comments
(4 replies)
load more comments
(2 replies)
Of course, because ads have zero bandwidth. /s
Are you an idiot?
As per the article
on my own network a whopping 66.6% of all traffic is blocked
I stated it's actually 66.6% DNS requests being blocked, not the raw bandwidth utilization. Raw bandwidth savings (by not downloading the non-zero ads) would be much lesser.
Can't we be nicer on the internet?
No, raw bandwidth savings would likely be very significant. You do realize that for many webpages the ads are most of the bandwidth? On my network (I have capped internet so this is important) if I run dns ad blocking my total bandwidth is 40% less.
I'm not sure whether it makes sense trying to discuss with you but let's try...
You couldn't know how much traffic you saved because you didn't load the ad. The ad could be 1KB, 1MB or 1GB, but because you didn't load it you wouldn't know it's size. Without knowing it's size, you wouldn't be able to calculate the savings.
As mentioned somewhere is in the thread you would have to directly compare two machines visiting the same pages and even then it's probably only approximate because both machines might get served different ads.
I’ve compared average monthly bandwidth before and after implementation of dns based ad blocking and it has reduced my usage from anywhere from 33% to 45%.
They have been implying that ad blocking only saves the dns request, which is the most ridiculous ignorant claim I’ve ever seen.
Don't fall for the trap that they recommend an expensive Pi 5: I am running Pi-hole on a Pi 2 but you can basically run this on obsolete hardware, whether that's a Pi or a PC/laptop
I'm running Pi-hole and Pi-VPN on a Zero W (using a Geekworm case w/RJ45). It's not very taxing at all.
I also run two other Pi-hole instances in my server cluster (one in Docker and one in an LXC container). Mostly just for uptime reasons, so I can take any one of them down at any time to perform maintenance and/or upgrade.
Can confirm. I have 10 year old pi2 that is dedicated to pi hole and even that is not utilizing all of its 1gb of memory
I run mine on a PI 0. Also use it as a samba disk partition for transferring files.
load more comments
(3 replies)
You may even be able to run it on a NAS. My NAS supports docker, which means I can run a pihole on it. I have a Pi 3b as my dedicated primary, but my NAS runs as a backup.
phrasing
I'm reasonably certain the name was intentional because of the way it could be phrased.
I've been thinking of setting one up for a while, if I have a home server would I be better off hosting it on that or as a separate device? What are the alternatives to a raspberry pi? They've shot up in price over the years.
Setup and run two.
This way if one goes down, the other takes over (also makes updates / maintenance easier)
If you have a server running, I wouldn't buy more hardware. They have good example documentation for just such a configuration:
https://docs.pi-hole.net/docker/
If your server already has those ports bound (specifically the DNS port 53) you are going to have to get creative; otherwise it'll work well!
Worst case, a cheapo pi 3 will do the job. At one point I had it running on a pi zero, so hardware requirements are pretty low.
If your using docker and the ports are bound you can just use the network mode host so the container gets it's own ip. It's how I have adguard running on my unraid server
edit: Sorry I mixed up the details as @starkzarn@infosec.pub pointed out. It's a macvlan configuration. My intention was to point out it's possible. Here's some documentation https://docs.docker.com/engine/network/drivers/macvlan/
That's not how that works. network_mode: host shares the network namespace with the container host, so it doesn't do any NAT, it only exists on the host's IP. It would be akin to running a natively installed app, rather than in a container. macvlan networking is what gives a container its own IP on the logical network, without the layer of NAT that the default bridge mode networking that docker typically does.
Thanks for the clarification I had mixed up the details and went to check my containers. You sir are correct. I added some documentation to my post regarding macvlan network creation.
load more comments
(1 replies)
I personally like it on a dedicated Pi simplly because I don't want DNS to die if i'm doing other server maintenance. the Pi is pretty much set it and forget it.
But i guerss you might as well try it on your server first and you can always buy a Pi if you find it to be too much of a pain.
I put it onto my home server and it is working great. I can't tell you about all the options, but it was so easy to start another VM for it that I didn't look at other options too carefully.
load more comments
(6 replies)
I recommend having two. Otherwise your home internet goes down everytime you update or reboot or it crashes.
Interesting... And this is not a criticism, simply an observation...
I've a single Pihole instance running on a RPi 4 and have experienced not a single instance of any of the 3 probs you mention. Except, of course, the very few minutes it takes for a reboot which I can schedule and am aware when it's happening...
🤷♂️
Literally just had my pihole hard crash this weekend due to a bad update to FTL. Apparently they had a major version upgrade and didn't bother to read the notes so I had to do a full OS reinstall.
Back up your configs people. Had to dig through documentation to find the sqlite file and then parse through it like some sort of animal.
Literally just had my pihole hard crash this weekend due to a bad update to FTL. Apparently they had a major version upgrade and didn’t bother to read the notes so I had to do a full OS reinstall.
The v6 upgrade was such a disaster. I was bitten by it too, it started the upgrade then halfway through decided it didn't like my OS (debian-testing) and crapped out ... leaving me with a b0rked installation. Luckily I was able to return to v5 using my system backup. It was a right pain to figure out how to restore though, because they write files all over /opt, /etc, /usr/bin, /usr/local and /var.
For this reason I have since dockerized my pihole installation. Not only does this allow you to choose the exact pihole version you want (a bare metal install only supports the latest version), but it allows you to centralize your configuration files neatly under a docker volume, so you only have to backup the volume.
load more comments
(2 replies)
load more comments
(9 replies)
load more comments
(25 replies)
Raspberry Pi 1b > DietPi > Pi-hole > Unbound <3
I never hear anyone else talk about dietpi, I install that more than raspbian
Same
load more comments
(2 replies)
view more: next ›