Our household has a few Raspberry Pi's doing various tasks from tracking airplanes flying overhead, measuring temperature humidity in our house, Docker projects, and several more hidden away for a rainy day. The rainy day finally arrived when I stumbled across a new project. This time it is entirely different (I always say this). However, it's true. This Raspberry Pi project Pi Hole is the gatekeeper to our home network.
Traditional Ad Blockers are usually Browser Plugins or software utilities on every computer on your network. Managing all your devices is cumbersome, hard to maintain, and leaves a gaping hole for network-connected devices like TV's, Printers, Alexa's, Sonos, or any other smart devices which connect to your network. The Pi Hole blocks Ads, Malware, and overreaching metrics collection network-wide. Since I switched to SimpleAnalytics to stop tracking people on our websites I thought to apply the same principle to our home network. Now I get to decide how I server metrics and ads as well.
How does the Pi Hole work though? The Pi Hole answers your computer’s DNS queries and if it is a domain on the blacklist, it sends the request to the Pi Web server. This Web server just serves up a blank page. So instead of loading the ad from the real domain, the blank page from the Pi is downloaded, thus “blocking” the ad or metric.
Installing Pi Hole
Installing Pi Hole should increase performance and security simultaneously for our home network. The risk of the project is a single Raspberry Pi is now the single point of failure for my network, so reliability becomes a concern. I am entirely confident to rely my entire home infrastructure on a $35 Raspberry Pi running an Open Source project.
Like any other project I run everything in a Docker container, and this project should be no different. The Pi Hole project already has a nice Docker project utilizing compose. The Pi Hole Docker install is well documented and quite nicely done. After installing Docker on the Raspberry Pi it was an easy git clone, a couple of modifications to select my timezone and preferred DNS servers (CloudFlare 220.127.116.11), then docker-compose up, and we were in business.
Once Pi Hole is running, it is time to switch over my network to the Pi Hole. I configured my router to use the Pi Hole IP address as the new DNS server for my network. That's it! Now every device that connects to my router is now taking advantage of Pi Hole.
Pi Hole in Operation
Now that my network is funneling through the newly configured Pi Hole it's time to take a look at the Dashboard. The dashboard is a friendly interface which greets you with some fantastic statistics and visualizations right off the bat.
- Total Queries
- Queries Blocked
- Percent Blocked
- Domains Blocked
- Queries last 24 hours
The menu bar on the left side of the Dashboard offers even more functionality. We can whitelist or blacklist URLs, query log files, update the URL block list, and all sorts of reporting options. The level of detail and functionality is impressive and adds confidence. Considering all the functionality and that my entire network is now routing through my Raspberry Pi 2, the performance is phenomenal running average 8% memory utilization.
Review after 1 month in operation
The Pi-Hole has been running for 1 month now on my home network. I have had to whitelist 1 or 2 URLs which was blocking a reset of an Alexa which had an issue, and a video conferencing system had all sorts of tracking and metrics built in which were causing some havoc until I whitelisted them. Otherwise, the Pi has been chugging along at 8% memory utilization, and the network is considerably faster when surfing the web. The Pi Hole project even offers some ad-heavy websites to test to check the difference before and after https://pi-hole.net/pages-to-test-ad-blocking-performance/, and it is incredible the difference.
Statistically speaking our household is averaging 15% of queries blocked and a spike over a bad weather weekend of 30% blocked. It is scary and incredible to think the number of ads and metrics forced upon us, and this number continues to increase. I am delighted with the Pi Hole project and am recommending it to all.
Since I am so impressed with the performance and security, the next step is to install this in our 56K.Cloud office. It is also interesting how we could set up a secondary Pi so we could have a primary and secondary DNS server for our office.
The other functionality I am researching is the Open VPN option https://docs.pi-hole.net/guides/vpn/overview/ running in one of our cloud providers so I can take advantage of the Pi Hole on our cellular networks while on the go.