Something Something PiHole3 Mar 2019 · 📖 in 4 minutes Ad blocking with DNS
So I'm sure you're familiar with adblockers; in short, you install a plugin on your browser / phone and then when you visit the web it'll run in the background and block any request to a list of domains.
There is a drawback to this approach however, the app / browser that you're using has to support the adblocker and this isn't always the case, in fact many apps can inject banner ads even if you use an adblocker.
A simplified flow may look something like this:
- Visit a website, say techradar.com
- Each request is first run through the adblocker
- if found on blacklist, request is blocked (in Safari you can see this in
the console as
Reasource blocked by content blocker)
- else request is made allowed through
- if found on blacklist, request is blocked (in Safari you can see this in the console as
So the flow above really only cares about two things; the blacklist of domains and the domain being requested.
At the application level this is possible with extensions, but what about the network level?
Shut your PiHole
In short PiHole takes the idea of the adblocker and applies it to the whole network. Like before it uses the two basic ideas of a blacklist and the requested domain, only this time it's doing it at the point the DNS lookup is done.
Quick aside on DNS (Domain Name System). Essentially it connects readable website addresses like blog.barnettjones.com with their IP address which computers and ISPs use to talk across the internet.
$ nslookup mbarnettjones.com Server: 18.104.22.168 Address: 22.214.171.124#53 Non-authoritative answer: Name: mbarnettjones.com Address: 126.96.36.199
Here the command
nslookupcan be query the DNS for the IP address behind it. (You may find a different IP address is returned if you run the same command)
This is all happening on your local network with zero effort / setup from you, it's simply the way we expect the internet to work. In fact the Hub / Wifi Router you're using to connect to the internet is usually processing the DNS lookups for you (or at the very least, dictating the DNS server your networked devices are using).
I'll leave DNS there for the moment but for more info on DNS check out this awesome guide by the folks over at Mozilla.
My Network, MY DNS
As it's your home network you're free to do what you please with it. With
a Raspberry Pi you can build a new DNS server which can be used like an
adblocker. There's a program
dnsmasq which runs on Linux and powers
DNS lookups, but it would be a very manaual process to go through and maintain
a blacklist and configure that yourself. Enter Pihole.
dnsmasq, PiHole manages your DNS and maintains the
blacklist of ad domains in oder to block those requests.
How does it work?
Well, above when
nslookup was run against
mbarnettjones.com it returned an IP
address, in order to block a request to a blacklisted domain it can simply
$ nslookup logs-01.loggly.com Server: 192.168.0.100 Address: 192.168.0.100#53 Name: logs-01.loggly.com Address: 0.0.0.0
The important part of that
nslookup is the
0.0.0.0 that is returned for the
0.0.0.0 doesn't point to a real server the page / app
that's trying to request content from that domain simply cannot.
Now there's a lot more to dig into with PiHole so i think I will do a follow up post about how I'm gettin gon with it. But it's certianly worth a go if you're also annoyed by the amount of ads you're faced with on the daily, plus more people are talking about it now than ever before so there's never been a better time to get your hands dirty and get involved.First appeared on Trusty Interior, last update 12 Feb 2023