PiHole should be a must

If we use a large and agressive block-list *without* a beefy router with has large RAM, we will end up with seriously degraded router performance and internet. Ad blocking is very RAM intensive from my observations. The raspberrypi does this better because of the *very large* ram (compared to TP-Link AC750). NextDNS plugin off-loads adblocking to cloud where much more agressive blocking can be implemented which can also be used on **mobile internet**.
I'm aware of the limitations in router hardware but thanks for highlighting it for the other person. About NextDNS I don't wanna pay monthly subscription fee for yet another service though, personal choice.
Does Pihole also blocks youtube ad?
Nope.
 
The benifit of such a setup is that some part of it (nexdns) can also be used when using a mobile and on mobile internet (no pihole).
Little more involved but you can always install PiVPN and use your Pi-Hole externally. I thought NextDns was paid. Have they been ever audited ?
 
Does Pihole also blocks youtube ad?
No. You can block that using the Ublock Origin browser addon. On android Firefox + Ublock Origin. Ads embedded in content will still play.
Little more involved but you can always install PiVPN and use your Pi-Hole externally. I thought NextDns was paid. Have they been ever audited ?
That would either require a Public IP rather than the normal NAT(ed) Internet or a cloud server running the VPN & PiHole. NextDNS has 3 lakh queries @ free user @ month.
I'm aware of the limitations in router hardware but thanks for highlighting it for the other person. About NextDNS I don't wanna pay monthly subscription fee for yet another service though, personal choice.

Nope.
NextDNS has 3 lakh queries @ free user @ month. When used with a downstream DNS block like pihole the cacheing makes the queries even less.
 
Last edited:
I use Tailscale as a sort of private vpn. Installed it on my pi and set it as an exit node and specified it’s ip to be used as dns. That way I get pihole blocking when away from home.

Speeds will depend on your raspberrypi model, using lan or Wi-Fi etc.
 
I use Tailscale as a sort of private vpn
There is Wireguard, ZeroTier, Tailscale, NextDns and the list goes on.
I moved from PiHiole to plain simple Adguard Home and have stuck with that at my parents home. At my home, we have a mesh of two Synology Routers, which already have fantastic content filtering out of the box. For outside home, Bromite + blocklist is sufficient.
 
I use Tailscale as a sort of private vpn. Installed it on my pi and set it as an exit node and specified it’s ip to be used as dns. That way I get pihole blocking when away from home.

Speeds will depend on your raspberrypi model, using lan or Wi-Fi etc.
Do you have public IP for your home network? Most of us are behind cgnat these days and can't do anything without a VPS or some other kind of tunnelling service.
 
Do you have public IP for your home network? Most of us are behind cgnat these days and can't do anything without a VPS or some other kind of tunnelling service.
No public IP. Also under CGNAT. Tailscale/zerotier etc are designed for requirements/issues like these.
Initially, I also had planned for a remote vps to serve as an 'anchor' but it was a bit too much networking and setup hassles for me.

Here is how tailscale does 'nat punching'. Pretty neat article.
 
How are you guys getting Pihole or raspberry pi?. I am trying to get my hands on a raspberry Pi 4 with 8GM RAM but couldnt for the past 2 months. The listings on amazon are overpriced by 2-3x the price quoted by authorized resellers.
 
How are you guys getting Pihole or raspberry pi?. I am trying to get my hands on a raspberry Pi 4 with 8GM RAM but couldnt for the past 2 months. The listings on amazon are overpriced by 2-3x the price quoted by authorized resellers.
Just because the name is "Pi"hole doesn't mean you need to run it on a Raspberry pi. You can use any PC/mini PC (x86/x64) or ARM based device to run it. Go a few pages back I've shared some links to run it on an old android device 24x7.

Also pi with 8gb RAM is way overkill. This runs fine even on single core, 512MB RAM device such as a pi zero which means any android phone in the past 6-8 years can still be way more powerful.
 
Last edited:
No public IP. Also under CGNAT. Tailscale/zerotier etc are designed for requirements/issues like these.
Initially, I also had planned for a remote vps to serve as an 'anchor' but it was a bit too much networking and setup hassles for me.

Here is how tailscale does 'nat punching'. Pretty neat article.

Can tailscale be configured to allow remote access to my home RPI from the outside which does NOT have tailscale?

Meaning I have a RPI behind cgnat on which I've installed tailscale and I own a domain example.com , can I configure it to "expose" the RPI to the outside world (host my own webserver, etc)?

I would need an IP address too , right?

Currently I have a basic linode VM and have configured wireguard to make it like a jump host into my home network.
 
Can tailscale be configured to allow remote access to my home RPI from the outside which does NOT have tailscale?

Meaning I have a RPI behind cgnat on which I've installed tailscale and I own a domain example.com , can I configure it to "expose" the RPI to the outside world (host my own webserver, etc)?

I would need an IP address too , right?

Currently I have a basic linode VM and have configured wireguard to make it like a jump host into my home network.
Afaik, tailscale doesn't give a public ip. I not sure if it can be configured at allow cgnat devices to be 'exposed' to public internet. But I haven't explored it that much, I could be wrong.

I can access my rpi ssh and pihole admin page, but only when connected to tailscale network and using its tailscale lan ip.

I don't know of any other methods or programs that allow cgnat devices to be publicly accessible. Using a cloud vps as middleman is the only method I know so far, but that does incur cpu time and incoming and outgoing data costs.

Edit- my rpi is not public with tailscale. I just use tailscale connection as a vpn to route connections via my home and to use pihole blocking when on 4g or unknown wifi. Have set the my rpi as an exit node for my tailscale network.
 
How are you guys getting Pihole or raspberry pi?. I am trying to get my hands on a raspberry Pi 4 with 8GM RAM but couldnt for the past 2 months. The listings on amazon are overpriced by 2-3x the price quoted by authorized resellers.
Sufficient if you want to run Pihole only
 
Inspired by this article, i dusted off a pi zeroW i had lying around. It ran fine, but the pi would go unresponsive every few days and had to be restarted every time
Any idea ? Have disabled it for now
I recently installed openwrt on my router and access point and installed adblock simple on my router, and i have to say it's been a much cleaner and robust solution. Not many dashboards and graphs but pretty decent blocking
 
I recently installed openwrt on my router and access point and installed adblock simple on my router, and i have to say it's been a much cleaner and robust solution. Not many dashboards and graphs but pretty decent blocking
now use opera browser with adblock and you will automatically be using youtube premium and youtube vanced on cellphone
 
I recently installed openwrt on my router and access point and installed adblock simple on my router, and i have to say it's been a much cleaner and robust solution. Not many dashboards and graphs but pretty decent blocking
I don't think there's fine grain control on that. Like you can't have allow lists or client specific backlisting and filtering.
I've switched to Adguard Home on openwrt and it's much better.
now use opera browser with adblock and you will automatically be using youtube premium and youtube vanced on cellphone
That's not the point of having a network-wide DNS based adblocker.
 
From what i read my tplink didn't have enough memory to support adguard. Wanted to just try it out so went with the most basic option.
 
From what i read my tplink didn't have enough memory to support adguard. Wanted to just try it out so went with the most basic option.
Understandable. Even most expensive consumer grade routers will have that issue since RAM would only be limited to 512MB max (generally 128/256MB).
Larger blocklists take more RAM so yeah...

I'm using x86 based mini PC as an openwrt router for that purpose as well as a traffic shaper (SQM Cake).
 
Using Blokada v5 for the past 5 months and has already blocked more than 700k ads and trackers
For youtube, using youtubevanced

For Desktop, using Mullvad VPN as it have option to block ads, malware, trackers, etc
Blokada vs NextDns
 

Attachments

  • photo_2023-01-31_00-25-46.jpg
    photo_2023-01-31_00-25-46.jpg
    85.2 KB · Views: 70
  • photo_2023-01-31_00-25-42.jpg
    photo_2023-01-31_00-25-42.jpg
    39.1 KB · Views: 67
Last edited:
Back
Top