Discussion
ash73 said:
Doesn't matter, just set the pi-hole up to do both dhcp and dns (and point any static ip devices to it as the default gateway) then clients will ignore the router dns.
As in put it in modem only mode, and put the RPi pi in as the router as well?That would however expose all my devices direct to the internet (ie remove whatever vestigal firewall protection there is on the superhub, and rely purely on the devices having their own firewalls)?
I think I'd probably rather stick something 'in the way' so that all my machines etc are downstream of an external firewall, preferably with some detection/IPS going on if possible. I theory - I guess something like a USG, followed by a 5+ port switch with the RPI doing DHCP (or use the USG for DHCP)?
If you wanted to keep with Unify you could go for something like this with a small switch:
https://www.amazon.co.uk/UBIQUITI-Networks-Securit...
- This is end of life now and replaced by the dream machine: https://www.ui.com/products/#default
I appreciate neither of these quite fit your requirement but the Unify stuff does work very well together so if you were willing to add a switch you could make it work.
https://www.amazon.co.uk/UBIQUITI-Networks-Securit...
- This is end of life now and replaced by the dream machine: https://www.ui.com/products/#default
I appreciate neither of these quite fit your requirement but the Unify stuff does work very well together so if you were willing to add a switch you could make it work.
HiAsAKite said:
But to actually deploy this in my home network I will need to invest in a router, as the virgin superhub does not allow you to change DNS providers...
So next steps:-
- Invest in a RPi
- Obtain a router, to place downstream of the superhub and switch the superhub into modem mode.
My BT router doesn't either, so I just manually set the Pi as the DNS for those devices that I want to route through it. Sure it takes a few minutes to do all the laptops, tablets, phones, and TVs in the house, and it doesn't cover visitor's devices, but it works for me and didn't involve any additional cost.So next steps:-
- Invest in a RPi
- Obtain a router, to place downstream of the superhub and switch the superhub into modem mode.
HiAsAKite said:
As in put it in modem only mode, and put the RPi pi in as the router as well?
That would however expose all my devices direct to the internet (ie remove whatever vestigal firewall protection there is on the superhub, and rely purely on the devices having their own firewalls)?
I think I'd probably rather stick something 'in the way' so that all my machines etc are downstream of an external firewall, preferably with some detection/IPS going on if possible. I theory - I guess something like a USG, followed by a 5+ port switch with the RPI doing DHCP (or use the USG for DHCP)?
FWIW, I use: modems —> USG (DHCP)—> switch —> RPi (x2) for PiHole DNSThat would however expose all my devices direct to the internet (ie remove whatever vestigal firewall protection there is on the superhub, and rely purely on the devices having their own firewalls)?
I think I'd probably rather stick something 'in the way' so that all my machines etc are downstream of an external firewall, preferably with some detection/IPS going on if possible. I theory - I guess something like a USG, followed by a 5+ port switch with the RPI doing DHCP (or use the USG for DHCP)?
Works well and doesn’t mess up ability to have the unifi deal with DHCP for the vlans.
LooneyTunes said:
FWIW, I use: modems —> USG (DHCP)—> switch —> RPi (x2) for PiHole DNS
Works well and doesn’t mess up ability to have the unifi deal with DHCP for the vlans.
Something along those lines was what I was thinking, albeit I hadn't clocked I can disable DHCP on the superhub without putting it in modem mode - so that might be an option.Works well and doesn’t mess up ability to have the unifi deal with DHCP for the vlans.
I'm running it on a pi-zero nowadays but I found after a while it seems to have run into issues, maybe because I was using the DHCP functionality as well. Some devices weren't getting IP addresses when the lease expired, and also had some cases of whitelisting not working effectively, so DNS queries were unresolved even when the NS was on the whitelist.
I was too lazy and stupid to diagnose and fix the problems, so have set the pi to reboot at 03:00 to try to help with the first issue and replaced my router with one that allows me to specify DNS to address the second issue.
A few days in and it seems to be okay so far. Whitelisting seems not to be instant but does work.
I was too lazy and stupid to diagnose and fix the problems, so have set the pi to reboot at 03:00 to try to help with the first issue and replaced my router with one that allows me to specify DNS to address the second issue.
A few days in and it seems to be okay so far. Whitelisting seems not to be instant but does work.
ash73 said:
You shouldn't have to reboot every day.
Just rebuild the image on the pi0 ssd card and reinstall pi-hole, only takes a few minutes.
I could, but it's much easier to have the pi-hole reboot automatically once each day (assuming it solves the problem!)Just rebuild the image on the pi0 ssd card and reinstall pi-hole, only takes a few minutes.
Otherwise, I'm spending time reinstalling it and it's unavailable while I do it.
thebraketester said:
Just reinstalled pi hole on my rpi after it went tits up a few months ago. I wanted to try and use it to block the inbuilt ads on my new Samsung TV. Works great, no more adverts.
You don’t need to use a pi hole to do that, just lock the Samsung Plus app in the app settings.Ok- I had pi-hole working smoothly, and I was able to watch the F1 on All4 (pihole did not block the ads) - however it now appears pihole is blocking them, and All4 refuses to play nicely.. :-(
With this in mind, I'm looking to whitelist the domains All4 uses, so i can watch the F1 without having to disable Pi-hole each time.
Has anyone else encountered this, found a list of the necessary domains?
I was going to use the pi-hole logs to generate a domain list, but it felt like it might turn into a game of wack-a-mole...]
With this in mind, I'm looking to whitelist the domains All4 uses, so i can watch the F1 without having to disable Pi-hole each time.
Has anyone else encountered this, found a list of the necessary domains?
I was going to use the pi-hole logs to generate a domain list, but it felt like it might turn into a game of wack-a-mole...]
I'll try and phrase this better than last time.
Pi Hole is a terrible ad blocker if you still want to consume internet content, Pi Hole is a fantastic learning tool but, as you're seeing, a terrible desktop solution.
For what you want I'd suggest uBlock origin in firefox, click allow in private browsing and use a private browsing window, pause ublock to watch what you want and then firefox will clean up any trackers 4od want to leave hanging around.
Pi Hole is a terrible ad blocker if you still want to consume internet content, Pi Hole is a fantastic learning tool but, as you're seeing, a terrible desktop solution.
For what you want I'd suggest uBlock origin in firefox, click allow in private browsing and use a private browsing window, pause ublock to watch what you want and then firefox will clean up any trackers 4od want to leave hanging around.
mattley said:
I'll try and phrase this better than last time.
Pi Hole is a terrible ad blocker if you still want to consume internet content, Pi Hole is a fantastic learning tool but, as you're seeing, a terrible desktop solution.
For what you want I'd suggest uBlock origin in firefox, click allow in private browsing and use a private browsing window, pause ublock to watch what you want and then firefox will clean up any trackers 4od want to leave hanging around.
Do you have a suggestion for blocking ADs on multiple devices? Pi Hole is a terrible ad blocker if you still want to consume internet content, Pi Hole is a fantastic learning tool but, as you're seeing, a terrible desktop solution.
For what you want I'd suggest uBlock origin in firefox, click allow in private browsing and use a private browsing window, pause ublock to watch what you want and then firefox will clean up any trackers 4od want to leave hanging around.
I do not mind ADs but some that come through on games my kids play on IOS are really not appropriate. Browser based blockers would not help with this. I already pay for youtube premium to remove the ADs from there as again they were not suitable for kids.
ive got BT fttp (1000mb ) with some unifi gear and a pihole and find it works pretty well. BT router has dhcp disabled, and the rpi4 is is setup to run pihole, cache DNS locally (dunno what thats called, forget) and as a dhcp server, as a squid proxy, and also as a unifi controller.
The unifi stuff points the clients at the rpi4. The TV and qnap box access internet via a whitelist on the rpi4 squid proxy.
pihole took a bit of tweaking but its working well now, even blocks some youtube ads. Nobody seems to be complaining at home either..
The unifi stuff points the clients at the rpi4. The TV and qnap box access internet via a whitelist on the rpi4 squid proxy.
pihole took a bit of tweaking but its working well now, even blocks some youtube ads. Nobody seems to be complaining at home either..
bmwmike said:
pihole took a bit of tweaking but its working well now, even blocks some youtube ads. Nobody seems to be complaining at home either..
Most adverts on YouTube are hosted on their own servers so pi-hole can’t distinguish them and block them. I blame Linus tech tips because he did a “how to” on it and very quickly afterwards YouTube took action by moving the hosting model. Pi-hole is still useful for a whole house as blocker though. No adverts in iOS games is nice. For example, my kids play hay day where you can click on a movie ticket to watch adverts. With pi-hole the movie ticket isn’t there. As others have said though, there are better browser based ad blockers and I use them on our PCs. I only installed them because of the totally incompetent way Pistonheads has dealt with adverts in the US. There seemed to be a period where there was no testing and the adverts were worse than spam and made it impossible to use the site. That isn’t an exaggeration. I tried to work with the PHs team but they couldn’t keep up with their advert serving partner’s crap so I gave up.
For YouTube adverts you can also go premium for $10/month and it removes the advert breaks. If you happen to be in Turkey for a few minutes and sign up it costs $1/month. Even when you get back home it still only charges $1/month and reverts back to geographically accurate content. I had to take this route for two reasons. In appropriate content and some ads were running for hours and didn’t have a skip option. I think there’s enough ads built into “sponsored content” that I don’t want to deal with additional adverts.
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff