Scribd
Upload
338 views23 pages

Pihole Installation Guide

This document provides instructions for installing a Pi-hole ad blocker on a Raspberry Pi to block ads network-wide. It discusses how Pi-hole works by blocking domains of ad servers from being resolved while allowing legitimate content. The document outlines prerequisites, installation steps, and options for configuring devices to use the Pi as their DNS server. It also reviews how to configure the Pi-hole software and view logs of blocked ads. Setting up the Pi-hole as the network's internal DNS server is recommended for optimal blocking of ads across all devices on the local network.

Uploaded by

pratip
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
338 views23 pages

Pihole Installation Guide

This document provides instructions for installing a Pi-hole ad blocker on a Raspberry Pi to block ads network-wide. It discusses how Pi-hole works by blocking domains of ad servers from being resolved while allowing legitimate content. The document outlines prerequisites, installation steps, and options for configuring devices to use the Pi as their DNS server. It also reviews how to configure the Pi-hole software and view logs of blocked ads. Setting up the Pi-hole as the network's internal DNS server is recommended for optimal blocking of ads across all devices on the local network.

Uploaded by

pratip
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 23

Installing a network-wide ad

blocker with a Raspberry Pi

LUG @ NCSU
Caleb Rollins
Preface & Resources


https://pi-hole.net/

https://docs.pi-hole.net/

https://discourse.pi-hole.net

Most of this presentation was shamelessly
taken and condensed from the forums and
documentation pages

This is merely a getting started guide with
all the essential information in a
convenient format
2
Why I was initially interested in Pihole


Content is blocked in non-traditional
locations, such as mobile games, Roku, and
other IOT devices on your local network

Caching DNS queries does not affect loading
times

Can function as a DHCP server, ensuring all your
devices are protected automatically

Blocks ads over both IPv4 and IPv6

Free and open-source

Better and more robust than a browser extension
3
At a high level, how does Pi-hole work?


You open your favorite web browser

You type amazon.com in the address bar

Pi-hole looks up amazon.com and begins
downloading it

It will detect the domains used to serve
advertisements (from crowd sourced databases)
and instead of looking up the real address of those
sites, it will send a fake address instead

This allows the legitimate content on amazon.com
to load, but prevents the ad images and videos from
being downloaded
4
Prereqs


Very lightweight
– Min. 2GB free space, 4GB recommended
– 512MB RAM

Pi-hole is supported on distributions utilizing systemd or
sysvinit
– Raspberry Pi OS (formerly Raspbian)
– Ubuntu
– Debian
– Fedora
– CentOS

Can also be installed via Docker, but I don’t have much
knowledge about this platform
5
Prereqs


Pi-hole needs a static IP address to properly function
“Users may run into issues because we currently install dhcpcd5, which may conflict with other running network
managers such as dhclient, dhcpcd, networkmanager, and systemd-networkd.” (documentation)


Stable network connection (ethernet over wifi if possible)

Your device is essentially a server now

You may have to edit your firewall config
– IPv4:

ufw allow 80/tcp

ufw allow 53/tcp

ufw allow 53/udp

ufw allow 67/tcp

ufw allow 67/udp
– IPv6 (including the above IPv4 rules):

ufw allow 546:547/udp
6
Installation Overview


On your device of choice that is connected to your LAN
– wget -O basic-install.sh https://install.pi-hole.net
– sudo bash basic-install.sh
– Install script will guide you through basic setup

Three Options
– Configure your router to have DHCP clients use Pi-hole as their
internal DNS server (this is optimal)
– Use Pi-hole's built-in DHCP server (good backup, complicated)
– Manually set each device to use Pi-hole as their DNS server
(pain in the arse)

The reason we must change these settings on our network
is so that all traffic is routed through the Pi-hole

7
Option 1: Setup Pi-hole as internal DNS server


Log into your router’s configuration
page and find the DHCP/DNS settings

Make sure you adjust this setting under
your LAN settings and NOT the WAN

Upstream WAN DNS servers options are
configured/chosen in the setup script for Pi-hole
(OpenDNS, Google, etc.)

8
Option 1: Setup Pi-hole as internal DNS server


From documentation
https://discourse.pi-hole.net/t/h
ow-do-i-configure-my-devices-t
o-use-pi-hole-as-their-dns-serve
r/245

Pi-hole LAN IP Address

9
Option 1: Setup Pi-hole as internal DNS server


Router control panels will vary (kinda like BIOS
settings)
– ie. my home router

my public ip lol

Pi-hole LAN IP Address

10
Option 1: Closing reminders


If you have existing devices on the
network, ads will not be blocked until
the DHCP lease is renewed

DHCP leases can range from a couple
hours to days, so….

Usually a renewal of each device’s
lease can be forced by restarting the
device

11
Option 2: Using Pi-hole as a DHCP server


Like mentioned earlier, very complicated

Uses dns service called dnsmasq to act as replacement for
built-in DHCP server that router has

Be sure to disable DHCP on your router first or many issues
could occur
– I made this mistake and my home network came to a
grinding halt….

More information is available on their documentation pages
– https://docs.pi-hole.net/main/post-install/
– https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-a
s-their-dns-server/245
– Really helpful and complete documentation. Yay!

For these reasons we will not be going too deep on this option
12
Option 3: Opting In/Out


Hybrid option that allows for hand-
picking which device on the LAN is
protected by Pi-hole
– Think of it is an opt-in/opt-out method (ex. the
network is shared with a roommate)

This means that your Pi-hole was configured either
by option 1 or 2 earlier

“By manually setting the DNS server to something
other than Pi-hole, you override the DHCP options,
and thus what DNS server to use, provided by your
router.” (documentation)
13
Option 3: Opting In/Out


Getting to DNS settings on each
device/OS is a little different but they
all kinda follow this
Control Panel/Settings → Network/Internet →
Details/Advanced Settings → DNS/IP Addressing

To opt-in: Set your DNS server to the
Pi-hole’s LAN IP

To opt-out: Set your DNS server(s) to
other servers (ex. Google DNS 8.8.8.8)
14
We are now done with all the dirty
work!

15
Config


GUI Option → this can be accessed at
– http://MY_PIHOLE_IP_ADDRESS/admin

16
Config


CLI option → I typically SSH into my
Raspberry Pi when I need to do this
– pihole status
– pihole version
– pihole logging
– pihole updatePihole
– pihole enable
– Lots more….
https://docs.pi-hole.net/core/pihole-command/#pi-hole-core

17
Config


Custom whitelist and blacklist sites
can be added

Different databases/known
advertisement sites can be tweaked

Log files can be viewed

Ad blocking can be permanently or
temporarily disabled for
debug/testing

18
The Results: Advertisement Heavy Site


Before →

my public ip

19
The Results: Advertisement Heavy Site


After

my public ip

20
The Results: Roku TV


Before →

21
The Results: Roku TV


After

22
Questions?

23

You might also like