Setting up Pi-hole
I've been upgrading my home networking lately. My house was built with CAT5e cable running through it for phone service. However, I don't have a landline. So, I've been changing the wall plates to terminate with CAT5e and wired a lot of my home devices. The change isn't noticeable in most places. I've seen a difference in better buffering times in videos online, and improvements in latency-sensitive workloads (aka video games).
I've been looking at other changes to my home network as well. One thing that I came across that seemed intriguing is a project called Pi-hole.
Pi-hole is essentially a DNS blocker, or DNS sinkhole as the project documentation describes it.
There are lots of bad things on the internet: ads, malware, trackers, etc. Many of these originate from bogus domains made just for these purposes. Pi-hole uses lists of these bad domains. When it receives a DNS query for one of these nefarious domains, it returns a response that the domain doesn't exist. In short- when surfing the web, all the pesky ads you see, are just gone.
It's also possible for Pi-hole to return its IP which hosts a generic web page for these requests, but for secure requests such as https, this becomes more difficult as certificates will not match. The web page would get served as an indication something got blocked. For me, it seems safer to respond that the domain doesn't exist and check the Pi-hole administration page if some odd issue occurs.
To install Pi-hole, I'm using a Raspberry Pi 4. I have flashed Raspbian Lite on an SD card and installed Docker. After installing Docker, I used the script on the Pi-hole site to run it in docker. (I love Docker.) All those are well documented on their respective pages.
I tweaked the ethernet configuration on the raspberry pi to set a static IP and pointed it to itself as a DNS server.
From /etc/dhcpcd.conf
I added the following lines
interface eth0
static ip_address=192.168.1.254/24
static routers=192.168.1.1
static domain_name_servers=127.0.0.1
Finally, I configured my router to use the IP of Pi-hole for it's DNS server, and that's it.
Pi-hole also acts as a DNS cache. When performing a lookup over DNS, the initial lookup of a hostname can take some time. This usually improves with subsequent accesses to the domain on the same device as OSes usually keep a local cache of hostnames to IP addresses. Pi-hole caches these IP lookups, so across devices the queries get sped up because they get accessed off the cache on the Pi-hole which is on the local network, rather than some remote server.
I've been toying with the idea of having Pi-hole as the DHCP server for my network. It uses dnsmasq under the covers which allows for things such as defining custom domains, which would be awesome when coupled with manual assignments on the DHCP server.
For now, I just want to see how well Pi-hole works. If it works well enough, I'll enable other functionality later.