Advertisements are incredibly annoying, and I’m saying this as someone who relies on them for income on The Polyglot Developer. Even with ad providers such as Google saying that they’re working to provide a better experience, things seem to be getting worse. You could use tools like Adblock Plus in the browser, but what about mobile devices? Better yet, what about all the websites out there that detect when an ad blocker is being used and make the browsing experience even worse by denying access?
To get beyond these advertisement related problems, you’re going to need to handle things from a network level, not a per device level.
In this tutorial we’re going to see how to configure Pi-Hole, a popular network level ad blocking solution. For this example we’re going to use it with a Raspberry Pi and an Ubiquiti EdgeRouter, even though other networking hardware can be substituted.
Before we get too invested in the tutorial, I wanted to point out a few things:
When it comes to the specifics, I’m using a Raspberry Pi 3 and I’m using WiFi with no performance issues. From what I understand, any Raspberry Pi model is more than capable of using Pi-Hole with proper network performance. For the EdgeRouter, I’m using the EdgeRouter X-SFP, but it doesn’t matter as long as you’re using EdgeOS. You can use other routers, but the instructions for setting the DNS will be different.
Before we start fiddling with our network, we’re going to need Pi-Hole to be available. To install Pi-Hole on a Raspberry Pi, we’re first going to need a properly configured Raspberry Pi with Raspberry Pi OS. Getting a Raspberry Pi up and running is out of the scope of this tutorial, but you can use my previous tutorial as a reference if you get stuck.
With the Raspberry Pi properly configured, SSH into the device or connect to it with a mouse and keyboard. Once connected, execute the following command:
curl -sSL https://install.pi-hole.net | bash
The above command was taken from the documentation for Pi-Hole.
Throughout the installation process, you’ll be asked some questions. I’m using the defaults for my setup, but read through each of the questions and choose what makes the most sense for you.
By the end of the process you’ll be given a static IP address to use as your DNS and a password for connecting to the Pi-Hole web administrative dashboard. Use the DNS and password information to connect to the dashboard and you’ll see something that looks like the following:
Pi-Hole doesn’t require any further configuration, but it is worth clicking around the dashboard and becoming familiar with all the reporting. You’re going to be amazed with how much traffic is dropped which should not only speed up your web experience, but make it more pleasant with less advertisements. Remember, since you’re going to be blocking advertisements on a network level this will work for web, mobile, and any other type of device on your network.
Now that we have a Pi-Hole on our network, we need to make sure all devices are using it as a DNS. This will probably be the most challenging part because every router’s configuration is slightly different. However, if you’re using EdgeOS with an Ubiquiti EdgeRouter, the process won’t be too bad.
Within the EdgeOS web dashboard, click the Config Tree tab. In the tree, navigate to Service -> DNS -> Forwarding, but make sure you double-click Forwarding to bring up the settings rather than expanding the tree deeper.
You’re going to want to add your Pi-Hole to the name-server field. If you’ve got multiple Pi-Hole on your network for redundancy, add them all as separate name servers. While you could add OpenDNS, Google, and Cloudflare as well, make sure you’re aware that the list is not a priority list. Name servers in the list are used randomly, so mixing Pi-Hole name servers with standard name servers could result in some network traffic not being filtered. Depending on the configuration of your EdgeRouter, the listen-on value might differ. I’m not doing anything fancy with my EdgeRouter as it is being used for a home network, so switch0 worked for me.
I had the most success with the DNS forwarding option in EdgeOS. However, there are a few alternative approaches you can use which may give you success as well.
Within EdgeOS there’s a System option at the bottom of the screen.
In the Name Server section, add the IP address of your Pi-Hole.
You’ll want to make sure that proper forwarding is happening to the name servers that you add to the list. To do this you’ll need to make use of the CLI or SSH into your Ubiquiti EdgeRouter. When you’re connected through the CLI, execute the following commands:
configure
set service dns forwarding system
commit
save
exit
You can validate that the system name servers were used by executing the following command:
show dns forwarding nameservers
If successful, the above command should include your system name servers in the response.
There are two other options that I know of when it comes to custom DNS entries in the EdgeRouter for the Pi-Hole. One includes manually setting the name servers with the CLI and the other involves creating NAT rules. Again, I had the most success with using the Config Tree tab, but you might feel better using one of the other options.
After creating your Pi-Hole and configuring your router to use it as a DNS, you might find that nothing has changed. Advertisements are still slipping in and the Pi-Hole dashboard might not even be correctly reporting. There are a few things you can try.
The first thing to check is what DNS is being used by your computer. We can check by doing an nslookup
from the command line:
nslookup aax.amazon-adsystem.com
The above URL is one that is on the block list at the time of writing this tutorial. If your DNS is working correctly, you should get a response that looks like the following:
Server: UnKnown
Address: 192.168.1.1
Name: aax.amazon-adsystem.com
Addresses: ::
0.0.0.0
The main things to look for are the Address and Addresses values. The Addresses value should be 0.0.0.0
which says the address couldn’t be found. The Address should reflect your router or your Pi-Hole.
If things don’t look correct, try the following:
nslookup aax.amazon-adsystem.com 192.168.1.86
You’ll want to replace the IP address with that of your Pi-Hole. What we’re doing is forcing the DNS to be our Pi-Hole. If we get expected results it probably means we need to flush our DNS cache.
We can do that by running one of the following commands:
# Windows
ipconfig /flushdns
# macOS
sudo killall -HUP mDNSResponder;
Go ahead and try the nslookup
command again. If everything worked out, the correct DNS should be used.
If we never got the appropriate results when using the IP address of the Pi-Hole it means we probably have other problems.
You just saw how to configure a Pi-Hole on your network using a Raspberry Pi and an Ubiquiti EdgeRouter. The Pi-Hole will block advertisements and other potentially malicious addresses from your network by dropping DNS lookups that appear on the block-list that’s part of the Pi-Hole. Instead of using the DNS that your ISP or router chooses, we are treating the Pi-Hole as our DNS.
If the Pi-Hole rules are too aggressive or not aggressive enough, you can customize things within the Pi-Hole dashboard. While the EdgeRouter and EdgeOS were used in this example, a lot of the same fundamentals can be used for other routers. You’ll just have to do a little research.
As previously mentioned, this tutorial included affiliate links. If you plan to buy any of the products mentioned, please use my links so I can get some commission.