I’ve been aware of pi-hole for a while now, but never bothered with it because I do most web browsing on a laptop where browser extensions like uBlock origin are good enough. However, with multiple streaming services starting to insert adds into my paid subscriptions, I’m looking to upgrade to a network blocker that will also cover the apps on my smart TV.

I run most of my self hosted services on a proxmox server, so I’d like something that’ll run as an LXC container or a VM. I’m also vaguely aware that various competing applications have come out since pi-hole first gained popularity. Is pi-hole still the best thing going, or are there better options?

  • PainInTheAES@lemmy.world
    link
    fedilink
    English
    arrow-up
    31
    arrow-down
    1
    ·
    11 months ago

    AdGuard Home and blocky are other popular options. I switched over to AdGuard Home a while back because it supported DNS over HTTPS although I’m not sure if that’s still a relevant reason. I run AGH as a docker container but it is easy to run in a LXC or VM. There’s also a tool to sync configs if you need multiple instances. Notice: AGH block lists are formatted like uBlock Origin lists so you will not be able to use PiHole style lists.

    DNS based ad blockers won’t work when ads are served from the same place as the content. Which is why DNS based ad blockers don’t work against Twitch or YouTube. So YMMV.

    If you’re looking to block interface ads and select streaming service ads there are block lists available like this one. The game with smart TVs is blocking the ads breaks the TV a little because sometimes it calls back to the same servers for updates and misc info like weather.

  • bdonvr@thelemmy.club
    link
    fedilink
    English
    arrow-up
    19
    ·
    11 months ago

    Pi-hole is great, but unfortunately ads in YouTube or other streaming services is not one of the things it blocks.

    • HexagonSun@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 months ago

      Glad I read this - all my other devices block ads perfectly well already, but was wondering if I could block YouTube ads on my Apple TV… I guess not!

  • plz1@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    ·
    11 months ago

    NextDNS.

    Also, be wary of relying on anything blocking ads on streaming services this way. They will likely serve them within the video stream, so not network-blockable.

    • Kid_Thunder@kbin.social
      link
      fedilink
      arrow-up
      3
      ·
      11 months ago

      NextDNS caps your queries per month on the free account. ControlD doesn’t and you can pick a various mix of their public DNS resolvers. You don’t necessarily get the granular control with doing it this way for free that you can get with NextDNS though.

      If you do check out these, make sure you click the Secure Resolvers if you’d prefer for DLS/DOQ/DNS over HTTPS instead of Legacy.

        • Kid_Thunder@kbin.social
          link
          fedilink
          arrow-up
          2
          ·
          11 months ago

          I run pihole and my wireguard VPN server locks all queries through it, which in turn uses unbound and queries via different providers like Cisco’s OpenDNS, Cloudflare and Quad9. However, I wanted to present a similar offering that also has a free-tier without a query cap for people interested.

          • brrt@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            4
            ·
            11 months ago

            Your „free“ option just requires buying hardware that enables all of it and an intensive setup process and knowledge which might be quite time consuming.

            It may be a good solution but it’s far from free for many people.

            • Kid_Thunder@kbin.social
              link
              fedilink
              arrow-up
              4
              ·
              edit-2
              11 months ago

              The free solution I was referring to was my comment about using ControlD, which certainly offers a free service…which is the comment that the other person was responding to.

            • KairuByte@lemmy.dbzer0.com
              link
              fedilink
              English
              arrow-up
              1
              ·
              11 months ago

              Two things:

              • A free solution was already being talked about.
              • You can easily run pihole/adguard home on $20 hardware by following basic tutorials. It’s far from complex.
    • guajojo@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      11 months ago

      Pihole user for more than 5 years,.can confirm that it is indeed better, made the switch few months ago

      • DreadPotato@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        6
        ·
        11 months ago

        What makes adguard home better than pihole? Genuinely curious, I’m running pihole now and have been for a couple of years without issues.

      • Maximilious@kbin.social
        link
        fedilink
        arrow-up
        4
        ·
        11 months ago

        What makes it better other than the UI? I’m weary of using it because it is developed by Russian developers.

        • Gooey0210@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          3
          ·
          11 months ago

          Encryption, UI, probably a little bit more serious development

          But encryption is a big thing, DoT, DoH, Quic. And soon they will have ECH

            • Gooey0210@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              1
              ·
              11 months ago

              Hold on, this is not the same encryption

              The encryption i was talking about is the encryption of your dns server

              The article you sent is talking about upstream dns server encryption

              • DefederateLemmyMl@feddit.nl
                link
                fedilink
                English
                arrow-up
                1
                ·
                11 months ago

                The encryption i was talking about is the encryption of your dns server

                You mean encryption between the client and your DNS server, on your local network?

                • Gooey0210@sh.itjust.works
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  11 months ago

                  You can do it on your local network, but this won’t make much sense

                  I mean encryption between your phone or laptop outside of your house, and your dns server at your house

          • bdonvr@thelemmy.club
            link
            fedilink
            English
            arrow-up
            1
            ·
            11 months ago

            That’s cool for certain applications but on my home network should I really be super concerned about DNS encryption?

            • Darkassassin07@lemmy.ca
              link
              fedilink
              English
              arrow-up
              3
              ·
              11 months ago

              Not within the network, but translating regular dns to DoH before heading out to WAN keeps your browsing a little bit more private from your isp. Marginal, but it is a difference.

            • Gooey0210@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              2
              ·
              11 months ago

              Probably not, but anyway it’s pretty cool to have an option to do this kind of stuff

              You can set up this dns on your phone, laptop, without a need of vpn (although vpns are cool, especially tailscale)

              But, are you always connected to the vpn? Or even to connect to the vpn itself you probably need dns, why would not use your own

      • Encrypt-Keeper@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        As an AdGuard home user for more than a few years, I switched back to Pihole because it wasn’t really any better. It was also easier to pair pihole with Unbound.

  • Rookeh@startrek.website
    link
    fedilink
    English
    arrow-up
    8
    ·
    11 months ago

    I use both. Pi-hole running in a docker container on one of my home servers which my gateway is configured to assign as the default DNS for all clients, and uBlock Origin on all my browsers to catch everything else.

    Pihole is pretty good at catching ads on platforms that are not suited to browser based blockers (IoT devices, streaming boxes etc) but it isn’t perfect and is best used in conjunction with another solution.

  • lemming741@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    ·
    11 months ago

    I run pihole on proxomox, and also opnsense in the same box. Then you can forward all port 53 traffic to your pihole. Some devices have hard-coded DNS that will bypass the DHCP DNS.

      • zzzz@lemmy.world
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        1
        ·
        11 months ago

        Chuck 'em in the garbage and get something that doesn’t break when you insist on privacy.

        • Apathy Tree@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          4
          ·
          11 months ago

          Ha! This is my new way of looking at my smart devices. I’ll sell you off if you don’t do what I want, and buy something that does. Very much a threat.

          I recently factory reset all my Roku TVs, and didn’t connect them to the internet… and they work much better now.

          Roku broke big time when I insisted on privacy. blocked the entire Roku domain, it broke the apps on a 1-month schedule like clockwork to get the network release for reinstall which allowed for phone home. lol no. I trashed it. They are dumb TVs now.

          • zzzz@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            11 months ago

            I’ve done the same! It’s impossible to buy dumb TVs nowadays, but you can always prevent them from connecting to the network.

  • Darkassassin07@lemmy.ca
    link
    fedilink
    English
    arrow-up
    6
    ·
    11 months ago

    DNS based ad blocking does not block video ads served by streaming services. You’ll need a modified client specific to the service you want to block ads for to achieve that.

  • Codilingus@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    ·
    11 months ago

    Adguard home is like pihole, but has built in encrypted DNS options. For easy mode NextDNS.

    They pretty much all have the same block lists to choose from.

  • Father_Redbeard@lemmy.ml
    link
    fedilink
    English
    arrow-up
    4
    ·
    11 months ago

    I ran Pi-hole for years. Switched to adguardhome running on 2 servers (primary and secondary) with AGH sync keeping the two instances identical. I like the UI better, dns rewrites, and the ability to simply block services entirely with a single click.

    • Flying_Hellfish@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      I did this as well, I still have 2 pihole instances running with gravitysync for now, but AGH sync is much easier to setup and maintain. My 2 pihole instances are running for my guest network only and AGH is running everything else.

  • m_randall@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    edit-2
    11 months ago

    There’s nothing really bad with PiHole but I moved from it to AdGuard, both on proxmox. The UI brought me in, makes management a bit easier. It also supports DoH right out of the box.

    Try em both. See what you think.

    • shiftymccool@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      It takes a little experimentation to get it right, but you can find out which urls are involved with your game’s ads and whitelist them

    • supernicepojo@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      PiHole runs great on older Raspberry Pi’s(I am still using a pi3). Older models are still very easy to get and a readily available from the approved resellers list.

      • epyon22@programming.dev
        link
        fedilink
        English
        arrow-up
        3
        ·
        11 months ago

        Was running on my original pi b up till I replaced it recently with a pi 4. Was a little slow but worked fine.

        • keet@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          11 months ago

          Same here, but I’ve also set up a Pi Zero W to run pihole/unbound at the inlaws place without any issue.

  • satanmat@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    11 months ago

    I love pihole, for my family it is better as it helps on all the devices. Being able to block malware and tracking is nice too