Episode 355 Pi-Hole

[G+_Russ DiBennetto]

Episode 355 Pi-Hole. I would like to share my experience. First, I used a RPi - Version 1, model-B. It has more than enough power and is only running at 1% with Pi-Hole running. Where I had a problem was with the ActionTec FiOS Router model M1424WR router. Changing the DNS entries for DHCP for the LAN interfaces did not work. I actually had to change the DNS entries to manual DNS entries on the WAN (Broadband) interface before it worked. I have had it running a few days, and although it isn't as through as browser based ad blockers, it does work well. And the best thing is if I turn off the browser based ad blockers my Internet performance goes way up. Pi-Hole is like supercharging your Internet web based experience. I want to hear the experiences from others that implemented the Pi-Hole and what problems you have encountered.

[G+_Golden Retriever]

Did you change your DNS to 9.9.9.9?

[G+_Russ DiBennetto]

First I should say that I set up DHCP with a static address for the Raspberry Pi so it always gets 192.168.1.21 when it boots. I set the primary addresses for the LAN DHCP DNS servers to 192.168.1.21, 8.8.8.8, and finally one of the addresses served by FiOS Broadband.

 

In order for this to work for all DHCP clients, I had to manually set the DHCP Broadband WAN interface to 192.168.1.21, and one of the FiOS DNS servers that was served to the router from Verizon.

 

It appears that setting the LAN DHCP DNS servers doesn't work on this router. The menu says it changed but my PC had the router's address for DNS.

 

The way I tested this was simple, I opened up IE on the PC and entered mail.yahoo.com. When Pi-Hole was blocking I got the login screen and a sentence on the left telling me to log on. When the Pi-Hole was not blocking, I get a big ad screen.

 

 

 

[G+_Ben Reese]

Can you disable DHCP on your router? Pihole has a DHCP server you can use if the router won't let you specify a DNS server.

 

I've coupled Pihole with OpenDNS to make a decent family filter. Don't have to worry about inappropriate sites coming up and I don't have to worry about the kids getting stuck in terrible ads.

[G+_Travis Hershberger]

I've found the combination of Pi-Hole and uBlock Origins the best 1-2 punch for bad/annoying adds so far. I have most of my Pi-Hole installs running in VMs instead of on RPi's, but I've given them even less resources than an RPi has. It'll happily run with only 256MB RAM and 50% of a CPU.

[G+_Russ DiBennetto]

Ben Reese I'll have to look into the Pi-Hole DHCP server. I don't know if I can use it because the FiOS cable boxes use DHCP to acquire their addresses in a different range within the LAN subnet. Thanks for the tip. I also use OpenDNS on the Pi-Hole for my DNS server.

 

[G+_Russ DiBennetto]

Travis Hershberger I have Ublock and AdBlock Plus on my Firefox browser but use AdBlock as it seems to run faster for me.

As for a VM, I had a older Pi laying around so I used that for the Pi-Hole. I have a Pi-2 and Pi-3 that I use for other functions, including OpenVPN, Apache server, a call blocker, a CUPS server, and home brewed Weather server that uses Weather Underground API. I really didn't find a lot of utilization used by the Pi-Hole software running in Raspbian Wheeze only about 1%.

Thanks for your feedback.

[G+_Travis Hershberger]

Russ DiBennetto The FIOS boxes should be getting a DHCP address on the WAN port, which is a whole different network than the LAN side. Unless it's in bridge mode, in which case the same thing but with your own router instead.

[G+_Russ DiBennetto]

Travis Hershberger I don't believe they do. I am including a couple of pic that are screen shots from my router. I have concern about DHCP Option 60 being used and MoCA for the set top boxes and my multi-room DVR. It appears that the boxes get their address via being bridged to the LAN. Also WAN address distribution is disabled.

It seems to work okay the way I have it set up so I might keep it that way. I do appreciate all the comments, as I learn something new every day.

 

[G+_Russ DiBennetto]

[G+_Travis Hershberger]

Russ DiBennetto I'd say that's a vendor fail, as I don't know of a technical reason they'd have to configure clients in such a way. Of course, the crowd I hang out with will tell you most telecom companies are terrible on tech.

[G+_Russ DiBennetto]

Travis Hershberger Having worked for Verizon Business at one time, I have to agree with you. Although I don't know how much of it is Verizon and how much is Actiontec the manufacturer of the router.

[G+_Travis Hershberger]

Russ DiBennetto I'm betting on someone at Verizon being the first one to get it working, and they just used that as the standard rather than bothering to do it right.

[G+_Ben Reese]

Russ DiBennetto I thought I'd look into this a bit more and may have found the solution. Since OpenDNS is popular, I just did a search for "M1424WR opendns" and got this: support.opendns.com - (Verizon FIOS) Actiontec MI424WR and Westell UltraLine

 

I'm still not 100% sure this would work because it's possible your modem/router is acting as a DNS relay and won't use an internal IP for that purpose, but it's worth the try.

If it is passing this out with DHCP, it may take your devices a while to update - 1000+ minutes the way it looks. The easiest way around that is to reboot your router. On Windows you can use nslookup ("nslookup google.com") in the command line to see what DNS server it's using.

 

Hopefully this gets you going!

[G+_Russ DiBennetto]

Ben Reese Yup that is what I did and it works. I would have liked it better if I were to do that on the LAN DHCP interface but Verizon doesn't let that happen so I had to do it on the WAN/Broadband interface. It works fine. I just dislike putting my primary DNS in as the Raspberry Pi Pi-Hole device (set with a static address). But that was the work around I used when I was bringing it up. I hope it helps others that might be FiOS users and want to implement Pi-Hole.