PiHole Info

[coxhaus]

I have never run a PiHole and I wonder how it works. I have used a Microsoft DNS server on my network, so I know how that works.

Can you setup PiHole to perform DNS on a switched network so only DNS traffic flows to your PiHole using a switch?


By any chance is PiHole setup on a different network so you have to do slow routing to and from it for port 80 and DNS?

By chance is all traffic routed to a PiHole?

Can someone give me a run down on how it works. I have no plans to run it but I would like to know.

 

[Tech Junky]

PIHOLE = DNS = 53 not 80

The only traffic hitting it is DNS

Any URL / regex can be added to black/white lists

It can serve as a DHCP server or you can change your DHCP server to specify the IP of pihole for your clients

 

[coxhaus]

I know DNS is port 53 but there are other options now for DNS, DOH and DOT. I use port 53. And I know web is port 80.

So DHCP also if you want. What about the rest?

DHCP would imply the same network unless you are doing a layer 3 hop.

So PiHole does not block Ads?

 

[ColinTaylor]

What about the rest?

The rest of what? PiHole is a DNS server (with optionally a DHCP server). That's it.

 

[coxhaus]

OK so all switched traffic.

I read where someone was using it to block ads and I was wondering how that would work. I guess they were wrong.

 

[ColinTaylor]

I read where someone was using it to block ads and I was wondering how that would work. I guess they were wrong.

It does block ads - that's the entire point of PiHole. Are you sure you're not confusing PiHole with some other product?

Pi-hole – Network-wide Ad Blocking

pi-hole.net

 

[coxhaus]

I guess the router is doing the DOH and DOT encryption and maybe PIHole forwards to it which forwards on to the net.

 

[coxhaus]

It does block ads - that's the entire point of PiHole. Are you sure you're not confusing PiHole with some other product?

Pi-hole – Network-wide Ad Blocking

pi-hole.net

Then you have to be doing layer 3 maybe higher not layer 2 if you are blocking web traffic. Layer 2 is switching. Are you only doing DNS blocking?

OK, here is a question, do you use PiHole as your default gateway? Are only as your DNS IP?

 

[Tech Junky]

@coxhaus Why are you interjecting on something you obviously know nothing about here?

PIHOLE / sometimes is used to call a Rasp-PI which is a SBC mini computer which is not the software itself

PIHOLE SW will do DNS / DHCP / block or white list ads / domains

It's like all of the ad blocking SW on the market but on steroids and besides normal entries you can add regex or curated lists that auto update as well.

 

[coxhaus]

Thanks that makes sense I don't need the pictures. It is DNS only. I am good.

 

[Tech Junky]

Thanks that makes sense I don't need the pictures. It is DNS only. I am good.

No, it's multi functional.....

DOH / DOT are the browser itself sending DNS through 443. The OS does have an additional setting to use the same but, doesn't override using PIHOLE for DNS. A phone though on the other hand explicitly needs to disable both the browser and phone secure DNS options.

 

[coxhaus]

You are using PiHole for your DNS IP, not your default gateway. And it is layer 2.

 

[sfx2000]

Thanks that makes sense I don't need the pictures. It is DNS only. I am good.

Be careful - PiHole can be configured to be a DHCP server (since it's basically dnsmasq with a nice wrapper and some very useful scripts)

 

[sfx2000]

PIHOLE / sometimes is used to call a Rasp-PI which is a SBC mini computer which is not the software itself

IIRC - there is a docker instance also available for those who like to explore options there.

Docker

 

[coxhaus]

I have no plans to run it. I might play with Cisco Umbrella sometime. My problem is I am not sure I want to give up QUAD9.

I use an Intel I9 cpu on my laptop and ads are so fast they don't bother me.

I may have seen some ads that were injected with a little window. I am not sure, but I don't click on those. And since the last Microsoft updates I have not seen them.

 

[sfx2000]

I have no plans to run it. I might play with Cisco Umbrella sometime. My problem is I am not sure I want to give up QUAD9.

PiHole can support Quad9 without any issues. With ad blocking, it's more about privacy and potential security if an ad server is compromised and starts serving up malware. PiHole isn't the only game in town for router/dns based site blocking (more than just ads) - but for what it is, on a small home or business network, it can be a useful tool.

 

[coxhaus]

Yes I know DNS is a chain. I am sure you could even forward DNS server to a router and then forward from the router to an internet router. I did that in the past just so I could add some static names in the router for DNS. There was some reason I could not add the names to the local DNS for the router. I was years ago.

I was thinking more if I use Cisco's Umbrella I will have to give up QUAD9.

 

[Tech Junky]

You can input whatever DNS you want to in the custom field and 9999 is one of the default built in options with a check box. If you go into the VAR files you can do it all from CLI.

There's nothing special about any particular DNS option though. In the past there have been issues with most of them getting poisoned and causing issues and just switch to something else until you get the desired response of a page opening as requested.

It uses dnsmasq under the hood

Jun 13 16:25:04 dnsmasq[3010]: reply epdg.epc.geo.mnc260.mcc310.pub.3gppnetwork.org is 208.54.159.227
Jun 13 16:25:10 dnsmasq[3010]: reply fls-na.amazon.com is 192.0.0.2
Jun 13 16:25:29 dnsmasq[3010]: reply www.amazon.com is 192.0.0.2
Jun 13 16:26:06 dnsmasq[3010]: reply optimizationguide-pa.googleapis.com is 142.251.32.202
Jun 13 16:26:10 dnsmasq[3010]: reply apps.facebook.com is <CNAME>
Jun 13 16:26:10 dnsmasq[3010]: reply star.facebook.com is <CNAME>
Jun 13 16:26:10 dnsmasq[3010]: reply star.c10r.facebook.com is 31.13.93.19
Jun 13 16:26:17 dnsmasq[3010]: reply clients4.google.com is <CNAME>
Jun 13 16:26:17 dnsmasq[3010]: reply clients.l.google.com is 142.251.35.206
Jun 13 16:26:20 dnsmasq[3010]: reply mail.google.com is 142.251.116.18
Jun 13 16:26:20 dnsmasq[3010]: reply mail.google.com is 142.251.116.19
Jun 13 16:26:20 dnsmasq[3010]: reply mail.google.com is 142.251.116.17
Jun 13 16:26:20 dnsmasq[3010]: reply mail.google.com is 142.251.116.83
Jun 13 16:26:45 dnsmasq[3010]: reply 1.amazon.pool.ntp.org is 96.8.119.236
Jun 13 16:26:45 dnsmasq[3010]: reply 1.amazon.pool.ntp.org is 137.184.81.69
Jun 13 16:26:45 dnsmasq[3010]: reply 1.amazon.pool.ntp.org is 192.241.146.233
Jun 13 16:26:45 dnsmasq[3010]: reply 1.amazon.pool.ntp.org is 12.167.151.1

 

[Tech9]

I miss Pi-hole GUI. I had one running on Ubuntu Server with Unbound before. Using pfBlockerNG in pfSense now. It deals with both DNS and IP.

 

[ColinTaylor]

You are using PiHole for your DNS IP, not your default gateway.

Correct.

And it is layer 2.

No, IP is layer 3.