Protecting the Family — Blocking one ad at a time with Pi-Hole®

Xavier «X» Santolaria
8 min readJul 7, 2022
Photo by John Paul Summers on Unsplash

Introduction

I can’t think of anything positive when mentioning the word Ad. They are annoying, make websites perform worse, clutter the interface, some can lead you to click to trick you into something either costly, or worse, dangerous. All in all, there’s nothing good about ads. Even less when you have kids, or non tech-savvy people browsing the Internet from home.

Some time ago I came across the Pi-Hole® project, which advertise themselves as “a DNS sinkhole that protects your devices from unwanted content, without installing any client-side software” — Or in other words for us, block ad serving websites (note that a DNS sinkhole can do much more than ad blocking, but in our case, that’s what we aim to achieve using Pi-hole).

Let’s give it a shot!

How Does it Work?

Our Pi-hole installation will be configured to be your primary DNS server on your devices. Basically, Pi-hole sits between your devices and an upstream DNS server, and will block any requests to known ad and tracking servers. It’s as simple as that.

The general workflow is as follows;

  • Your home devices will use Pi-hole as DNS server for all their requests (this will be configured at the time a device connects to your network and gets its network settings via DHCP)
  • When the devices sends the request [1] via the Pi-hole DNS server, to resolve a hostname to an IP address, Pi-hole will run that against its “blacklist” of ad or tracker service, and will block the request if it finds it, otherwise, the request will continue its way to some upstream DNS server of your choice [2] (your ISP’s, or any other such as OpenDNS, Google DNS, Cloudflare, …)
  • The upstream DNS server will then resolve the domain and return the appropriate IP address [3] for the device to make the request/connect to [4]

One of the many benefits, asides from not seeing ads anymore, is also the reduction of traffic on your network, as ad requests are blocked before they are…

--

--