I’ve run Pi-hole in my homelab for years and benefited from using the service. As well as the hands-on education.
With that said, what is everyone else’s experience with the software? Do you use Pi-hole in your homelab setup? I would assume many hundreds of thousands of people use Pi-hole.
Edit #1:
The image attached to this post is my RPi 5, which hosts the Pi-hole software. Big supporter of the whole “SBCs for learning and home improvement” mentality.
Edit #2:
It is interesting to see the broad support for Pi-hole and DNS blockers in general. The more options, the healthier the tech ecosystem is, which benefits everyone.
I had a look at it but didn’t use it for longer, I used adguard later in a lxc container later, since i didn’t see a point in using a different device, right now the adguard is running as a service on my opnsense so i don’t have to rely on something other than the router for internet. I like the option to block on a dns level, and to be fair it’s always a similar set of blocklists that can be used, the major difference is in the preselection. right now I could probably switch back to the default opnsense dns server and add the lists there, only losing the info on what has been blocked.
It’s great. Gets things done. I even have it for my office. About 20 people there.
I installed a Pi-Hole largely to serve as a local DNS, but enabled the ad-blocking 'cause it seemed silly not to. My wife got very upset. Apparently she likes the ads.
With that aside though, it seems to work quite well. Just make sure to (a) use a reasonably-powered device (my Pi Zero appears to be taxed by it) and you should probably use an Ethernet connection 'cause my Pi Zero regularly flakes out so DNS requests fail due to the IP being “unreachable” for a half second.
My wife got very upset. Apparently she likes the ads.
Set static IPs for her devices, then whitelist that device IP past the block lists by adding it to a group, then regex allow domain: ‘*’ for that group.
how does flaking out present itself?
I had an issue for a long time where the pihole seemed to be bricking the network, and combined with the Eero mesh it was a pain to bring back online each time due to order of operations restarting devices and enabling/disabling DNS on the router
Basically the IP stops responding to any traffic. At one point I set up a constant ping, and every once in a while I got something like “destination host unreachable”. It doesn’t happen often enough for me to move the service onto a physical device though. That’s work and I’m tired like, a lot.
Apparently she likes the ads
Must be to most wife thing I’ve ever heard :)))
I run a pi-hole on a pi 3 and another in a container in docker. Something rarely goes wrong with both and I have a script that sync them.
I replaced their google with searxng, but in the end, they needed ads for their free to play games, so I had to turn it off for them.
Not a fan of Pi-hole itself, but other than that,why not?
(Technitium DNS has some advantages down the road)
Oh, why don’t you like pi-hole?
Pihole has a few drawbacks when your systen grows - a lot of things then need to be done by hand that others do either automated or at least easier.
Personally I have become very fond of technitium - it does everything you will ever need and the main drawback is that it seems so fucking overwhelming initially. But: Once you figured out that you basically only need 10% of the fields it becomes easier. And it’s fucking solid and just works and works and works.
I’m running one Pi-hole, but not on RPi. One is an LXC container on my Proxmox host, another is on dedicated Dell Wyse thin client box.
I use it on a Raspberry Pi 2B and Orange Pi Zero, both work wonderfully for the task, and it looks like Pi-Hole can work fine even on a router. Both of my SBCs are passively cooled, that’s why I decided to comment on the photo: you don’t need a computer this powerful to run it. As far as I remember, my very first Raspberry Pi (v. 1B or something like that) handled this task very well too. I temporarily retired that SBC in favour of Orange Pi Zero, so I cannot say for sure, but I think that computer had no issues with being fast enough for Pi-Hole. Really, give it a try if you didn’t, it’s ‘install once and forget’ type of software. Perhaps it should be updated periodically, but I don’t manage that. The only nuance with it, you need to have two computers, for the redundancy. Otherwise you’d be having downtimes when you need to turn off the SBC, or even reboot it.
I run Pihole on physical Pi’s and once configured to my liking has been quite nice. I’ve even had family compliment that they miss the ad blocking when they leave the home :)
Ugh, I wish my wife would see this. She’s been complaining that she couldn’t open her Google search results because the links go through some adserver PiHole is blocking (probably their sponsored links). I put her phone on the “don’t block anything at all” list and she’s been happy ever since 🤷
I prefer using NextDNS, so that it works wherever I am
I run it in a VM and it’s great
What I like about running a dedicated physical deployment of pihole (and only pihole) is better reliability, especially when using at for DNS. If a VM host has any issues, the network will lose DNS services. This is much more likely to occur the more layers and services you run on that host.
A friend recently had this happen while they weren’t home and their family went mad as they lost useful internet access - some necessary for remote work.
That’s fair, I do have a cluster and failover and so it’s not really a problem
I run pihole without any problems as a docker container. I assume you want to ask how well it works to add custom records, because that’s what you usually do with a dns server.
Adding single records with the web ui works just fine. However, adding wildcards isn’t possible. So you end up attaching a terminal to your container and adding dnsmasq configs yourself. This is a bit poor.
On the other hand: How often do you need to add wildcards? I needed like 2 entries since I set up pihole a few years ago.
I just use adguard home. Worker a little better in my docker setup.
The number one rule of selfhosting unbound. Make two.
You won’t be happy one morning if you don’t. I run unbound with adblocking on OpenWRT, but if my router dies, my whole network does anyway, so… Eh.
I run 2 instances of pihole/unbound as lxcs on my main server and local back up, works great.
If I didn’t have the two big boxes I’d use my pi4/zero2 to run two instances of pihole/unbound.
If I didn’t have my pis, I’d run 2 instances of pihole/unbound on literally anything I could install it on.
What I’m saying is that I consider pihole/unbound to be essential infrastructure at this point. I’m also trying to say I’ve broken my only instance of pihole enough times to understand the importance of redundancy.
I use Pis as a (sort of) hardware key to get family and friends onto my Tailscale VPN. They all have pihole too. I haven’t convinced any of them to get a pi0 as a redundant box, but I’m sure they’ll learn eventually too. No doubt it’ll be my problem.
To anyone having issues running on a pi it’s likely either or both of the following item -cheap 5v power supply. Yes you can use an old phone charger but it won’t cut it for long term usage. Get a quality unit or better yet the branded pihole charger. We ended up with a Poe hat that it runs off. Sorted Ethernet and power supply.
-memory card. Buy a quality, fast card and you will be fine.
Going on 8 years with my current pi setup. One failure around 6 years in which was the memory card
