Pi Hole with a few good block lists...
33Which block lists?
3Out of the box, pihole has a few block lists already set up. Those are pretty good already.
To add more, you can find some good block list collections online. No need to add them all. Pick a good handful, depending on the category of stuff you want to block. Here are some helpful links:
https://github.com/lightswitch05/hosts
... Once you got a few block lists set up, you'll probably want to whitelist some things specifically, that are otherwise caught up in the filter. This is a super helpful resource for that:
https://discourse.pi-hole.net/t/commonly-whitelisted-domains/212
13
Yup. Another piHole user.
1
Adguard Home. I find it to be more feature complete, compared to Pi-Hole. Nicer GUI, more options, built in DNS-over-HTTPS/TLS, better client controls & detection, more domain information, better domain list blocking, and so on.
I moved from NextDNS, to Adguard Home. All self hosted, and accessed with a reverse proxy.
26Same, used NextDNS and Pi-Hole then move to AdGuard Home til today.
Built-in (DoH, DoT,...) servers are useful and simple to setup with client identification.8Are you guys not concerned about losing complete access to the internet if something drops on your server?
I realise these will be very rare cases, but shit happens sometimes, and always seems to happen at the worst possible moments.
What's your recovery plan?
Edit to add that this is the reason I'm on nextdns... Make it someone else's problem
2
NextDNS
26Permanently Deleted
3I was able to test it out first without having to create an account and I liked it. It has simple Ad/Tracking blocklists and supports both DoT and DoH. Also it has rewrites (like
/etc/hosts).14For me, Nextdns. It's mostly because I can choose which list is used by the dns blocking. If adguard has a lost blocking what I use, I can't do anything about it. Or maybe like allow a lot of domains.
Using the Hagezi pro++ list currently and it works damn well without any issues for me.
Also, there is a free way to use it (not sure about adguard).
9
Adguard home for everything
19Pi-hole for my home network. NextDNS on my phone.
13nextdns is the most performant option I've used. it often beats our cloudflare even. adguard wasn't bad but it was a bit more cumbersome and very slow.
I don't like recommending self hosting as opening ports on a private network isn't a great idea. you could use something like cloudflare or tailscale to bridge access but you'll run into issues with network speeds.
13opening ports on a private network is fine as long as you exercise a sane amount of security measures.
4
I just use ublock origin
12NextDNS. Easy, free, and effective.
10Adguard home with a few extra lists and custom rules. Just got the sync tool set up to auto replicate changes from one to another so no more copy/paste to a secondary. Great when I need to restart a VM and don't want to take out the internet while it reboots.
Used pihole some while back but the feature list was tiny by comparison, though it was a good while back so probably unfair to compare.
Also ran with pfBlocker for a while, nice to have it right on the gateway but found it a bit opaque and lacking customization for my needs.
9What about Mullwad dns
8nextds, feels almost like a pihole but unnecessarily crippled in some ways, which don't really matter to me.
8Adguard home for everyone in the house. Externally I just use ublock Origin and Cloudflare's DoH.
7Permanently Deleted
3uGuard Plus
2Oops, I meant ublock origin. I apparently can't do two things at once. ha
2
Permanently Deleted
6Specifically DNS? I have a Pi-Hole on my home network that is configured as a recursive resolver, and a second Pi-Hole on my personal VPN server (same).
6NextDNS. Several years now. It’s absolutely brilliant.
6ControlD with AdGuard as backup. Might have to try Mullvad's as well. Then AhaDNS Blitz on my phone.
5mullvad!
5Quad9
4Adguard Home on the homelab, with my router set to use it as DNS, alongside Tailscale with Headscale on top to reroute all traffic through the home network so that ad blocking works all the time, on all devices that can use Tailscale, and also away from home.
3I use two across different devices.
Both offer DNS over TLS and both are privacy focused which was why I decided to use them.
3Does DNS over TLS have any advantages over DNS over HTTPS?
4Not really and some would argue that from a local network perspective HTTPS is preferable.
The main difference is that HTTPS routes through a standard port so gets "lost" in all other Https traffic whereas TLS uses a distinct port so whilst it's encrypted you would be able to see at the local level that you're using DNS over TLS but not what you're doing.
7
If you are the "VPN to home, always on" user, go for pi-hole.
Adguardhome has it's strengths when it comes to DoH, DoT, Quic usage.
3Blocky installed locally as a service for my PC https://github.com/0xERR0R/blocky
RethinkDNS for my phone https://rethinkdns.com/configure
3I use the Adblock plugin on an openwrt router to provide blocklists for the whole lan. It works rather weell.
3Pihole. Default block lists
3I couldn’t get AdGuard Home working properly on my server, so I have been using NextDNS.
This is a good reminder to attempt to get it set up again
3PiHole with the Star Trek web UI theme. I think it looks pretty nice and has worked well for me.
3I'm using controld dns, the oisd full version, legacy dns on the home router and as a private dns on android. I've tried multiple combinations, but this one has a sweetspot for both blocking and usability.
3NextDNS, plus Ublock Origin on any web browser.
3I use Adguard because it's pretty reliable and solid.
I would love other options but I haven't found many that rival Adguard. I'm very picky about DNS because frequently services that I use can detect them and most free providers do nothing to alleviate blocking.
3im using cloudflare doh as upstream. and setting my own dns server (dnsmasq) with ad block hosts on my router
2Not sure if this counts, but I run DNS66 on my phone, and it works pretty well
1Control D
0
