Pihole

We have a container instance of Pihole on the network (pihole.0x20) filtering out aggressive, privacy invading, bandwidth consuming, resource wasting advertisement.

The container is running on Stealthpane.

Its IP address is propagated through DHCP on Router through the following option: 6,10.20.2.10,10.20.0.253; the Router itself is passed as fallback DNS.

The advantage of having it run separately from Router is to have a secondary caching DNS server running in case the gateway goes offline.

People are free to bypass Pihole by configuring the Router as DNS server on their devices, or specify another one.

Blocklist

We're using https://oisd.nl/ (https://dbl.oisd.nl/) as blocklist.

Privacy

Pihole is configured to use Anonymous Mode: this disables basically everything except the live anonymous statistics.

No history is saved at all to the database, and nothing is shown in the query log. Also, there are no top item lists.

The privacy level may be increased at any time without having to restart the DNS resolver. However, note that the DNS resolver needs to be restarted when lowering the privacy level. This restarting is automatically done when saving.