Introduction

  • Pi-hole is network-based ad-blocking software, which will run on a Raspberry Pi (popular Single Board Computer).
  • It is to block unwanted queries and URLs that you do not want to load on the network.
  • It was created by Jacob as an open source
  • It uses DNS sinkholing and blocklists as a way of stopping the internet nasties mentioned above.
  • This remove ads and trackers in places where traditional browser-based ad blocker plug-ins cannot in all the devices.
  • The features are easy to install, robust, versatile and scalable.
  • It makes use of dnsmasq, cURL, to block DNS request.
  • It obtains the list of tracking domain from predefined sources that use to compare DNS queries. If any match found on user blacklist, the Pi-hole will refuse to resolve the requested domain and respond to the requesting device with a blank webpage.
  • A domain name can be blacklisted and removed from blacklist manually too.

PI-hole Installation

Step 1: Requirements:

Raspberry Pi Media Center Kit with 3B+

Step 2: Install Raspbian Strech-lite on PI:

Install an operating system on Raspberry Pi

Step 3: Raspberry Pi Network IP

To check IP of Raspberry Pi - Use Advance IP Scanner tool - Connect with TV / Monitor: Use a command ifconfig - Check in DHCP Router table

Step 4: PI-hole installation

To setup Pi Hole, from the command prompt (locally or remotely through SSH) use the following command:

$ curl -sSL https://install.pi-hole.net | bash 

Step 5: Pi-hole Dashboard

There are several ways to access the dashboard:

1.http://<IP_ADDPRESS_OF_YOUR_PI_HOLE>/admin/ 2.http://pi.hole/admin/ (when using Pi-hole as your DNS server) 3.http://pi.hole/ (when using Pi-hole as your DNS server)

alt text


Configuration of Pi-hole

  • The curl command acts like a web browser. It is a command-line tool for getting or sending data including files using URL syntax. Here it is basically pulling the information the pihole.net has and piping it into bash.
  • One of the cautions to be exercised when running this script is that: we run it as the root user, hence we should be careful that we got it from reliable sources.
  • We can also run from scratch as complete documentation is available.
  • Once the installation is done, it transforms the device into a NETWORK wide adblock. Also, you will need to configure your router to have DHCP clients use Pi-hole as their DNS server which ensures that all devices connecting to your network will have content blocked without any further intervention.

Changing DNS for the router

A static IP address is the one that is assigned to a user and it remains constant. This is the IP address used by the user every time he/she logs into the network. Whereas, DHCP is the dynamic IP address that is actually given to or will be chosen for the user from a pool of IP addresses that are present in the scope available in the network. Static IP is permanent and DHCP is temporary.

-If your router does not support setting the DNS server, you can use Pi-hole’s built-in DHCP server; just be sure to disable DHCP on your router first (if it has that feature available). Pi-hole will be configured as the DNS server for ALL the devices that are connected to the network. Pi-hole is NOT a router- it only provides a DNS service. Blocks ads over both IPv4 and IPv6

Connecting your machine to Pi-hole

Redirect the machine’s DNS address to the Pi-hole —> on every machine that you are going to connect to the Pi-hole Once we change our machine’s DNS, we notice that within very few seconds, a lot of queries will be made and we can play along with the statistics that will be displayed on the admin page to use them for further analyses. We can manually edit the black and whitelists on the admin page. There is also an option to disable or enable blacklistings

Pi-hole as your own DNS resolver

  • DNS queries are not secure. Others can see and manipulate the DNS requests.
  • We need DNS over HTTPS (DoH) to issue DNS requests in a secure manner.
  • Google also provides such resolvers.
  • But we need something like Pi-hole in between to act like our DNS resolver and it kills queries for known bad domains
  • Other alternatives: we can also use DNSCrypt or unbound with pihole.
  • We can use cloudfared over DoH in such scenario: Code:
    cd ~
    wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-arm.tgz
    mkdir argo-tunnel
    tar -xvzf cloudflared-stable-linux-arm.tgz -C ./argo-tunnel
    rm cloudflared-stable-linux-arm.tgz
    cd argo-tunnel
    ./cloudflared --version
    

DNS

  • The Domain Name Systems (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com.
  • Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.
  • Each device connected to the Internet has a unique IP address which other machines use to find the device. DNS servers eliminate the need for humans to memorize IP addresses such as 192.168.1.1 (in IPv4), or more complex newer alphanumeric IP addresses such as 2400:cb00:2048:1::c629:d7a2 (in IPv6).

How does DNS work?

  • The process of DNS resolution involves converting a hostname (such as www.example.com) into a computer-friendly IP address (such as 192.168.1.1).
  • An IP address is given to each device on the Internet, and that address is necessary to find the appropriate Internet device - like a street address is used to find a particular home.
  • When a user wants to load a webpage, a translation must occur between what a user types into their web browser (example.com) and the machine-friendly address necessary to locate the example.com webpage.
  • In order to understand the process behind the DNS resolution, it’s important to learn about the different hardware components a DNS query must pass between.
  • For the web browser, the DNS lookup occurs “ behind the scenes” and requires no interaction from the user’s computer apart from the initial request.

There are 4 DNS servers involved in loading a webpage:

  • DNS recursor - The recursor can be thought of as a librarian who is asked to go find a particular book somewhere in a library. The DNS recursor is a server designed to receive queries from client machines through applications such as web browsers. Typically the recursor is then responsible for making additional requests in order to satisfy the client’s DNS query.
  • Root nameserver - The root server is the first step in translating (resolving) human-readable hostnames into IP addresses. It can be thought of like an index in a library that points to different racks of books - typically it serves as a reference to other more specific locations.
  • TLD nameserver - The top-level domain server (TLD) can be thought of as a specific rack of books in a library. This nameserver is the next step in the search for a specific IP address, and it hosts the last portion of a hostname (In example.com, the TLD server is “com”).
  • Authoritative nameserver - This final nameserver can be thought of as a dictionary on a rack of books, in which a specific name can be translated into its definition. The authoritative nameserver is the last stop in the nameserver query. If the authoritative name server has access to the requested record, it will return the IP address for the requested hostname back to the DNS Recursor (the librarian) that made the initial request. alt text

Resources

  1. Pi-hole website
  2. How do I configure my devices to use Pi-hole as their DNS server?
  3. Pi-hole tutorial
  4. Setting up Pi-hole
  5. Page Ads block site
  6. What is DNS
  7. Why You Need a Network-Wide Ad-Blocker
  8. A fun and colorful explanation of how DNS works
  9. How the Domain Name System works