It's been a couple months since I set up an intel nuc computer as a network wide ad blocker using pi-hole software and it's been working great. Internet speed is increased and the amount of internet queries blocked is around 15-20%. There have been a couple of sites that I had to whitelist to get the app to work especially ad sponsered movie apps, but relatively few issues overall.
Being privacy minded, and trying out a few of the upstream dns servers and reading their privacy policies led me to question can any free dns servers really be trusted? Although I am not going to dark web web-sites, I don't like the idea of big corporations tracking everything done online. One way they can use this data is to track your political views by what news web sites you go to. The algorithm then labels you as conservative or liberal, etc.
This got me to look into using my pi-hole server as a complete dns server solution, thereby eliminating the need for another dns server. Turns out the pi-hole team had already thought of this and had written a procedure for setting up a recursive dns server using the same hardware as your ad-blocker.
Following this procedure https://docs.pi-hole.net/guides/unbound/ I was able to configure my pi-hole to be my full dns server solution. It was fairly easy to configure and setup by installing "unbound" and copying the example pi-hole.conf file to "/etc/unbound/unbound.conf.d/pi-hole.conf" on my nuc computer. After installation it just took rebooting the pi-hole server and configuring the IPV4 address in the pi-hole admin dashboard. Checking that your recursive DNS server is working properly can be done by going to https://dnsleaktest.com/ and running the extended test. Its been a few weeks since I set this up and have had no issues and no noticable reduction in speed to access web sites.
Overall, I'm completely satisfied with this solution and thankful that the pi-hole team and the "unbound" software developers have made it so easy to setup for those that might not attempt to do it otherwise.
No comments:
Post a Comment