The original post: /r/pihole by /u/chirabchichi on 2024-11-05 22:00:30.

Wondering what other things everybody else installs on their pihole?

The original post: /r/pihole by /u/whistlingturtle on 2024-11-05 18:45:01.

This question stems from what FearTheHump told me in this reply. (Item 2b.)

I’m not seeing anything relevant in the “Settings” screen of the admin interface.

Context:

Because there are problems with my Pi-hole installation along with too many things I still don’t understand, I intend to try again on another machine. In the mean time, I don’t want to uninstall it from this one yet, but it’s running for nothing. I disabled it (which prevents if from blocking anything) and I stopped the logging (because that goes on even when blocking is disabled), but if I stop the FTL service, then I lose DNS on this machine, even though its connection settings are pointing to the router for DNS fulfillment, which in turn is not currently set up to point back to the Pi-hole host.

So, if there’s a way to tell Pi-hole to not “listen” to its host, then I think I need to do that before I stop the FTL service.

I changed almost nothing in Pi-hole’s settings after installation, so I’m surprised by this situation, given this statement on the Post-Install page of the Getting Started section of the doc:

“Pi-hole will not be used by the host automatically after installation.”

That is clearly false.

The original post: /r/pihole by /u/Breadcrumbsforsnakes on 2024-11-05 17:58:59.

I set up pihole, yet all adds come through. The interface says it's blocking thousands of ads, yet all adds show up. I do not have the DNS set up on my router, just on each computer. What am I doing wrong?

If I set up the DNS on router will it work?

The original post: /r/pihole by /u/FriJanmKrapo on 2024-11-05 15:51:10.

The original post: /r/pihole by /u/-PromoFaux- on 2017-02-01 20:21:30.

Welcome to /r/pihole, where your adventures into network wide adblocking start!

Before posting a new thread, you may want to check out the following:

• Subreddit Search: As mentioned here, Reddit will only return matches of titles and self-text (the text of the original post), but not comments. So, do be sure to check out the latest stickied release announcement thread just in case.
• Our Discourse Forums: Many things are covered here, and we even have a German Language Subforum staffed by one of our native-speaking German developers.
• Pi-hole issues on Github: Pi-hole Core, Admin Dashboard and the FTL Engine.
• Having issues with, or have found a bug in a new release? Check the stickied new release thread to see if someone has already reported it. If not, then please create a top level comment in that thread.

There's some other things to keep in mind:

• Pi-hole does not block every single ad, but it'll do its hardest to ensure that everything that is blocked stays that way.
• Ad lists are maintained by people outside of the Pi-hole project. This means that it's possible for ads to get missed, and certain legitimate websites be accidentally blocked!
• There's a wide range of hardware used for routers, and an even wider range of hardware that you can run Pi-hole on. We try our best to support Pi-hole on as much hardware as possible, but as always, your milage may vary!
• There is one rule we ask you never break: Do NOT advertise your own public-facing instance of Pi-hole, or any other DNS server. DNS security is hard, and anything but the most secured DNS servers will contribute to a DNS amplification attack. In some cases, your ISP will even block your Internet connection!
• Using a Pi-hole as a DNS server has the ability of tying your browsing history to your device. Be aware of this when using a Pi-hole you don't have complete control over.

Our community does a wonderful job of answering questions and helping users out, and personally, we like to think that it also does a good job of moderating itself through the voting system and reporting functions. Whilst we try and answer as many posts here as possible, it can get tedious if there's something that has already been asked many times, and could have been solved with a little time searching for a solution!

Finally, remember your reddiqutte: the people you're speaking to are also human, and have a wide range of technical aptitudes.

Cheers, your friendly mods.

The original post: /r/pihole by /u/SuperAngelofdeath69 on 2024-11-05 08:49:06.

I’m looking into the best VPNs and want to know what Reddit thinks is the top VPN provider of this year. I know free VPNs can work for some things, but it seems like paid VPNs are usually faster and safer. I’ve done some research and found a few paid VPNs that a lot of people seem to recommend, but I could use some help deciding. Here’s what I’ve found so far:

Private Internet Access (PIA): PIA is popular for its large server network and solid privacy features. It works on multiple devices and keeps browsing secure.

NordVPN: Known for strong security, NordVPN has many servers worldwide. It’s great for streaming, has fast speeds, and keeps your data private.

Mullvad: is focused on privacy and security. It’s simple to use and doesn’t ask for much personal info, so it’s highly regarded for its transparency and privacy.

Surfshark: I’ve seen a lot of mentions of Surfshark. It’s a newer VPN but quickly becoming popular. It allows unlimited devices on one account, is affordable, and protects privacy.

ProtonVPN: From the same creators as ProtonMail, ProtonVPN has a strong focus on security and privacy. They offer a free version, but the paid one includes more features.

Here are a few more VPNs that seem worth mentioning:

ExpressVPN: Known for its speed and reliability, ExpressVPN has strong security protocols and global server access.

CyberGhost: CyberGhost has a user-friendly interface and solid privacy policies, and it supports multiple devices at once.

Now I’d love to hear from you:

Best VPN according to Reddit? Best Free VPN according to Reddit? Best VPN for torrenting according to Reddit?

If you have any thoughts on a reliable free VPN too, I’d appreciate your input. Looking forward to hearing your recommendations!

The original post: /r/pihole by /u/tritri301 on 2024-11-05 01:04:26.

Hi everyone! I’m running Pi-hole on a Raspberry Pi 4 with 2GB of RAM in a Docker container, alongside Nginx Proxy Manager. About a month ago, my Pi started having a weird recurring issue: Pi-hole would gradually eat up all the memory until the system locked up, forcing me to reboot it.

I tried a temporary fix by deleting the Pi-hole database, which seemed to solve the problem—until it came back a month later. Now I’m stuck with the same issue.

When I checked the logs, I found the same error message as before:

ERROR: SQL query "DELETE FROM network_addresses WHERE lastSeen < 1699160581;" failed: database is locked (SQLITE_BUSY)

I’ve tried searching online, but I haven’t found any solid answers. At idle, the CPU sits at 0%, but Pi-hole is hogging 57% of memory, causing the Pi to slow down due to heavy reliance on swap.

Anyone else had this issue or have ideas for a more permanent fix?

The original post: /r/pihole by /u/DonutOne on 2024-11-05 00:57:46.

Setting up a new pi-hole...

Should I go with v5 or just go with the V6 beta? I do value stability, but then I saw v6 is "close" to release....

The original post: /r/pihole by /u/benuski on 2024-11-05 00:19:41.

Hello! I've been analyzing my logs to try and find a way to block Spotify video podcasts on my daughter's iPad. We have Youtube blocked on the router level, but we want her to be able to listen to music but not watch weird creepy Minecraft videos on Spotify.

So far, it looks like blocking the domain video-fa.scdn.co has blocked those videos for now. I hope other parents (and others in general) find this useful!

The original post: /r/pihole by /u/benuski on 2024-11-05 00:14:35.

Hello! This may be common knowledge, but I wanted to share my configuration that sets up Unbound to forward queries to an upstream provider using DNS over TLS. There is a guide on the Pihole site for cloudflared, but as team members said in the comments here that this is only because someone wrote it and made a pull request for it to be integrated.

I started with the basic Alma Linux LXC container and the provided Unbound configuration provided on the Pihole docs site, and added the DNS over TLS configuration at the bottom.

 # TLS settings
 tls-cert-bundle: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem

Forward all queries over TLS

forward-zone: name: "." forward-tls-upstream: yes # Cloudflare DNS over TLS # forward-addr: 1.1.1.1@853#cloudflare-dns.com # forward-addr: 1.0.0.1@853#cloudflare-dns.com # Quad9 DNS over TLS forward-addr: 9.9.9.9@853#dns.quad9.net forward-addr: 149.112.112.112@853#dns.quad9.net

By default, this setup does not fallback to recursive resolution of DNS requests by the root nameservers, though you can configure to do so if you wish.

Hope this helps, and any tweaks or suggestions are welcome!

The original post: /r/pihole by /u/Wasted-Friendship on 2024-11-04 17:37:25.

TLDR:

Something on my network overburdens my PiHole with requests and brings my internet down every hour at xx:20:00 until xx:21:41. I changed out my PiHole for an external DNS and it resolved it. Looking at the logs, I have a DNSMASQ error at this time with over 150 concurrent requests. I can't tell if it is because of the downtime or something else. How can I best troubleshoot?

Full story:

I have a FIrewalla Purple in transparent bridge mode between my UDMPro v1 and POE Switch with everything on the switch. This is to help monitor what is happening in my network (e.g., quarantine new devices, watch for malware), effectively a second eye in the sky for the UDMP IDS/IPS. For the past three months, every hour at the 20-minute mark, I lost my internet for about a minute and thirty to forty seconds and the Firewalla downtime tracking confirms this downtime as a hard-wired device.

• Troubleshoot Step 1:
  • I have been working outside on this, starting with Xfinity. They did identify that I had a previously installed overly complex system, including MoCa filters and a high noise-to-signal ratio. They fixed it, and my network pings dropped from 27 to 13 ms. Speeds increased as well. Unfortunately, the network kept dropping. I next started to go internal to the network.
• Troubleshoot Step 2:
  • I pulled my Firewalla out of line and connected the switch and UDMP with an SPF+ cable, and the same thing continued.
• Troubleshoot Step 3:
  • I pulled my PiHole down and used a 100% external DNS provider. Everything has been stable for 48 hours now and everyone is happy...except me seeing all these ads again.

I would then venture to guess that a PiHole setting is the problem here. I did some investigating around and I did find that I am getting DNSMASQ errors around this time:

PiHole Instance 1:

https://preview.redd.it/fytdtlt07xyd1.png?width=981&format=png&auto=webp&s=b281d0fb8caa8c596d2a0005dcfe1d7bdf873e71

PiHole Instance 2:

https://preview.redd.it/21qj9m5l6xyd1.png?width=974&format=png&auto=webp&s=a4f631b6aa2f5875f1e769d8b39ea11e0414ac99

It doesn't log every downtime, but it just so happens to be coincidental that both systems die within a millisecond of each other at the exact same time. Instance one is running on a Synology 918+ and the second is running in a NUC. Both do not have any log problems during this time. I have discovered that Firewalla does do a ton of DNS queries at one time. I caught this because a device was doing a ton of DNS requests to check IPs for blocking. Something Firewalla confirmed was normal behavior. I thought this may be the culprit here, but in troubleshoot step 2, it was gone and I was still having disconnect problems.

Having had PiHole for years and loving the internet without trackers and ads, I feel disgusted doing web work without this protection, and I want to put it back in line. My wife and kids will kill me because they value stability over privacy.

How can I troubleshoot this?

The original post: /r/pihole by /u/whistlingturtle on 2024-11-04 17:34:04.

I apologize for the long story. I tried to write a “TL;DR” but couldn’t formulate something that would have been useful without repeating all the same details.

Currently, I have two problems. They are most probably related. I could say that I don’t know how I ended up in this situation but, technically, that would be wrong, since I wrote everything down along the way.

A few weeks ago, I installed Pi-hole on a Minix computer (running Debian 12) to start experimenting with it. That went very well at first; everything was working as expected, and I discovered queries that I had not previously suspected, coming from various devices on the network.

Then, Pi-hole got into some sort of a mood, where it replied “N/A” to everything. Re-starting its DNS service didn’t help; only rebooting the computer did. And it did it again a few hours later. I searched on Reddit and on pi-hole.net and I found a few posts that seemed to match my case but none of them mentioned a resolution. I wrote about this in a Reddit post but it received no replies, so I eventually uninstalled Pi-hole. (I later found instructions for disabling Pi-hole without uninstalling it.)

Then I installed Pi-hole on my main computer (running Linux Mint 21.2). Yes, I know: Linux Mint is not “supported” by Pi-Hole, but there are people who use it anyway and there doesn’t seem to be a reason why it wouldn’t work. For me, it would be more desirable to use it as the Pi-hole host, because I never shut it down; only reboot it once a month. (Normally.)

After a while, but before I had really started using Pi-hole (i.e. it was covering only the “localhost”), it also got into a mood, similar to what had happened on the Minix, except this time the replies were all “Refused” instead of “N/A”. I didn’t reboot. Instead, I disabled Pi-hole and stopped the FTL service.

While I was still debating whether I should continue trying to make Pi-hole work on my main computer or go back to the Minix instead, I proceeded to change both of their network connections to use a static IP address, as a preparation for whatever I would decide next. For the record, I attributed 192.168.0.198 to the main computer and 192.168.0.196 to the Minix, as well as 192.168.0.197 to another client. (The router is at 192.168.0.1.) This is where my current problems start.

But first I must explain one particularity of my network: my main router is a strictly wired one; an old D-Link, which doesn’t allow me to see, let alone alter, DHCP assignments by MAC address. (But this has never been a problem so far.) I have a TP-Link Wi-Fi router that I bought six months ago and it is set to “Access Point” mode only, with its DHCP service disabled, and it is connected to the wired router like any other client. My network has always been set up this way (for a variety of reasons), i.e. this TP-Link simply replaced an older Toto-Link that I was using in the same manner since 2009. I’m mentioning all this because, currently, anything I connect by Wi-Fi still works fine, including access to a DNS service, because I set the Wi-Fi router’s DNS to 1.1.1.2.

The biggest problem is that, unless I re-start pihole-FTL, anything hardwired to the D-Link wired router (except the Wi-Fi router) is now cut off from any DNS service, even though it is still set to use 1.1.1.2, not 192.168.0.198. I also tried with its default of 0.0.0.0 and that made no difference. I also rebooted it, even though this router is very good at applying changes, i.e. triggering a DHCP release / renew.

So, it appears that, just because Pi-hole is installed on it, this computer insists on using Pi-hole, without seeing that the FTL service is stopped. (After all, it’s not the router that is pointing it back to itself for DNS fulfillment.) Is that really what is happening? It would contradict this claim (from the Post-Install page of the Getting Started section of the doc):

“Pi-hole will not be used by the host automatically after installation.”

Anyway...

Will I have to uninstall Pi-hole to rectify the present situation?

And why is the (hardwired) Minix computer not getting its DNS need fulfilled at all, even after I re-started the FTL service on the other one? Why isn’t it getting it from the external DNS service (i.e. 1.1.1.2) via the wired router as before? All I did was to make it use a static IP. (But I also set it back to dynamic as a test and it’s still not getting any DNS.)

The original post: /r/pihole by /u/RareSat28 on 2024-11-04 07:01:28.

Hi, I am running pihole in a docker on a home server. I didn't realize that when I took down the server for some maintenance, our home network was down. I temporarily changed the setting on the router to not use the pihole.

What precautions can I take to avoid this if pihole or the server is down?

The original post: /r/pihole by /u/CalmTheAngryVoice on 2024-11-04 02:34:23.

Hi all,

For the past few years, I've been running Pi-hole on a 2008 vintage Lenovo netbook running 32 bit Ubuntu 16.04.6 (command line/server version; no GUI). I was feeling froggy and upgraded some of the OS packages, and then I updated Pi-hole with the Pi-hole -up command. I encountered some sort of compatibility error and was told I could bypass it by bypassing the OS check using the "sudo PIHOLE_SKIP_OS_CHECK=true Pi-hole -r" command, which I did. Something broke, and I can no longer access the Pi-hole admin page from other devices. Can anyone help please?

Yes, I'm aware that updating/upgrading Linux should generally only be done to solve a known issue and that this was a bad idea.

The original post: /r/pihole by /u/thatguywiththatname2 on 2024-11-04 01:18:19.

I am running a pihole (DNS+DHCP) on a pi with the hostname deimos. I have another pi with the hostname phobos. I also have a Windows machine that I use to ssh to both of these. In my powershell terminal on Windows I can type ping phobos and it shows me this output

PS D:\> ping phobos
Pinging phobos.home [192.168.1.11] with 32 bytes of data:
Reply from 192.168.1.11: bytes=32 time<1ms TTL=64

I can also run ping deimos:

PS D:\> ping deimos
Pinging deimos.local [2a00:23c4:4245:b01:8af4:6362:8396:926e] with 32 bytes of data:
Reply from 2a00:23c4:4245:b01:8af4:6362:8396:926e: time<1ms

Would I be correct to assume that demios.local is from mDNS?

And why and how does the phobos ping get resolved to phobos.home?

I have nothing set up in the "Local DNS" pi hole options, but I do have Phobos set to a static IP in the DHCP options

The original post: /r/pihole by /u/Wise_Stick9613 on 2024-11-03 20:21:33.

Wouldn't it be better to use (suggest) dnsproxy since it also supports other protocols like DNS over QUIC and DNS over TLS?

I'm trying to figure out which one is better, or am I misunderstanding and the two tools (cloudflared and dnsproxy) do different things?

P. S. Please do not suggest unbound, that's not what I asked.

The original post: /r/pihole by /u/Extension-Bed3491 on 2024-11-03 17:12:21.

The original post: /r/pihole by /u/ferriematthew on 2024-11-03 11:49:03.

The original post: /r/pihole by /u/CollateralDmg15Dec21 on 2024-11-03 05:40:13.

Environment/Setup :

For the Primary Pi-Hole, I'm running that on a Small Form Factor Computer with Ubuntu. It also runs Unbound + Samba server, RustDesk but nothing else.

For the Secondary Pi-Hole, I'm running that on a Pi 3 B+ [with no heat sink or fan] . This one has no Unbound. but has VNC + RustDesk running .

Ratio of Queries / load when comparing Primary vs Secondary :

I'm seeing, on average , the ratio of queries serviced by Primary : Secondary is 100 : ~55 (71K vs 41K) .

Question 1 : Is this ratio of Queries for Primary vs Secondary normal /expected ?

Another interesting observation : The % of Query Blocked are on par (27% vs 23%) especially when considering the AdList Domains for the Primary is 2x the Secondary

Temperature of Pi running Pi Hole

Another interesting aspect as well is that as Pi-Hole dashboard publishes temps ;

the stablised running Temp of the Primary is at ~27C/80F

whereas the stablised running Temp of the Secondary (Pi ) is ~65C/150F

The rooms ambiant temp is 22C/72F , so another way of looking at it is Primary is [Ambiant + 5C ] and Secondary is [Ambiant+35 ]

Question 2 : Can you share your similar observations and if this normal ? I really like the idea that the Pi is super energy efficent , running off USB, but 65C is pretty warm and a little concerning!

PS: I'm in the Southern Hemisphere and we are just starting Summer and the ambiant temps can reach 40+ during the peak periods or days

PPS: suspending the RustDesk task doesn't make any difference

Thank you

The original post: /r/pihole by /u/Niq22 on 2024-11-03 03:18:49.

So I just upgraded Pihole from a version I got from thenetworkchuck in youtube. Most of the configurations seemed to transfer over, but my "adlist" now shows "-2" for the domains on the adlist:

https://preview.redd.it/5rc9hgnxtlyd1.png?width=1370&format=png&auto=webp&s=5290ac7ac80be52fd3aa8800562d6ef21b922742

You can see that blocks are no longer happening...thoughts as to why this is happening and what I can do to fix?

The original post: /r/pihole by /u/ohlookagnome on 2024-11-02 22:56:44.

I have come up against this error when figuring out network issues: "Maximum number of concurrent DNS queries reached (max: 150)" I had switched off DNSSEC and then turned it back on at part of the troubleshooting. I'm seeing the DS queries related to DNSSEC now and noticing that there are about 4 additional queries per A or AAAA query with DNSSEC turned on. Question is, do those DNSSEC queries count towards the maximum? If so, the functional maximum could be lower than expected. (I have increased the limit using "dns-forward-max" because I have a network topology and set off devices that seem to get spammy when transient issues occur. This is just a question out of curiosity.)

The original post: /r/pihole by /u/Low_Jump_3983 on 2024-11-02 17:40:51.

Hi everyone!

I’m working on setting up Pi-hole on my RockPro64 single-board computer. Here’s a quick overview of my current setup:

• Hardware: RockPro64
• OS: Debian Bookworm
• Installed software: OpenMediaVault 7
• Additional setup: OMV-Extras installed

I’d like to install Pi-hole using Docker Compose. I have OMV Extras installed, so Docker should be ready to go, but I’d really appreciate a step-by-step guide or instructions to get Pi-hole up and running smoothly on this setup.

If anyone has experience with this kind of setup or could point me toward a reliable guide, I’d be very grateful! Thanks in advance for the help!

The original post: /r/pihole by /u/PM_me_for_advice- on 2024-11-02 15:27:34.

Hi there - I have a pi 2b set up at home with pihole, unbound, and Pivpn.

I'm currently on the road but can ssh into my pi while connected via wire guard (set up with Pivpn).

When on VPN, I can access my dashboard, ssh into the pi, and generally use the Internet.

However, some odd applications don't work, like reddit and discord. I can't figure out why these wouldn't work when they work fine at home?

Would this be an issue with the pi hole setup or the Pivpn setup?

The original post: /r/pihole by /u/goldensilver77 on 2024-11-02 10:15:40.

I've installed Pi-hole on a Linux Mint PC and I'm not getting any information displayed on the Dashboard? My Windows PC is setup to use the ip address of the linux PC as it's DNS. But it doesn't seem to populate any data on the dashboard or Query Log? Am I missing something?

https://preview.redd.it/k3d5kgjoqgyd1.jpg?width=1259&format=pjpg&auto=webp&s=8a7973012b9e84b552217cf93befd511e7208e67

https://preview.redd.it/n20kbx7pqgyd1.jpg?width=1258&format=pjpg&auto=webp&s=15d76d1b6078cc2033ac5628371f301b5f85ff79

https://preview.redd.it/2poqycqtqgyd1.jpg?width=1239&format=pjpg&auto=webp&s=5c1e70666dbb091c1d7562d8b957832ec892aa80

The original post: /r/pihole by /u/CollateralDmg15Dec21 on 2024-11-02 10:13:31.

Hi ; which testing site(s) do you use to verify the effectiveness of the Pi Hole?

State 1 : Testing via https://adblock-tester.com/ or https://d3ward.github.io/toolz/adblock.html ; multiple tests in Chrome (in Incognito mode) is showing 34 points / 4-10% blocked , Yahoo/CNN are showing ads

State 2 : I then installed PiHole on Ubuntu (239,401 Domains in AdList, upstream with Unbound ) as Primary. I also set up a Rasp Pi (119,404 Domains in AdList, using upstream Cloudflare ) as Secondary DNS , using the steps in https://www.crosstalksolutions.com/the-worlds-greatest-pi-hole-and-unbound-tutorial-2023/ (No Whitelist was applied to both Pi Holes)

(yes, Yahoo/CNN ads were blocked.)

After running 1 day or so, PiHole admins were showing between 15-40% of queries are blocked. (I guess it depends on the rest of where the family have been accessing)

When re-doing the tests : Chrome tests were variously reporting range of 52-74 points / 65-74% blocked