Network-wide ads blocking using Pi-hole and a Raspberry Pi.

2 Raspberry Pi's
Photo by Jeff Loucks / Unsplash

Flash an OS to Raspberry Pi

For simplicity, I decided to flash my Pi with Raspbian using Etcher.

Install Pi-hole

Plug Pi to my router with Cat 6 cable (more than enough) and SSH in, then run one step automated installation.

Next, change the admin password with pihole -a -p.

I remain DHCP server on my DIR-882 router, just assign DNS to Pi's IP address. Default settings are good enough.

To be a complete paranoid, install unbound. Also, improve security of the Raspberry Pi.

And there you go, all done.

Be cynical

I block acs.time.com.my to prevent my ISP to do something weird. They flashed the router with their own custom firmware, I don't understand why they would want to manage their customer devices remotely with an outdated TR-069 Auto Configuration Server.

Maintenance

Periodically run pihole updatePihole to keep Pi-hole updated.

If Pi-hole is running Unbound as DNS resolver, update root hints file every six months.

wget -O root.hints https://www.internic.net/domain/named.root
sudo mv root.hints /var/lib/unbound/