Test: Pi Hole DNS ad-blocker

These last 2 nights, I spent a couple of hours to test Pi Hole, an interesting project of DNS-based ad blocker to install on a Debian distribution in a Raspberry Pi. The concept of Pi Hole is to configure your device (laptop, phone, tablet) to use Pi Hole server as your primary DNS server. Pi Hole then takes care of filtering any DNS request related to ad content.

Install Pi Hole

The installation is quite simple. First you need to download the latest Raspbian distribution (based on Debian Jessie) for your Raspberry Pi on www.raspberrypi.org. I used BitTorrent to download it as it turned to be faster on my lousy 1 Mbps home connection.

Then, if you are using Windows, you will need to get Win32DiskImager on sourceforge.net to create the Raspbian SD card. The Raspberry Pi website describes the process in details here.

Win32DiskImager

After copying the Raspbian image on your SD card and inserting it in your Raspberry Pi, boot it and remote access it with SSH (default account name and password are pi / raspberry):

SSH pi@raspberry

From there, you can install Pi Hole by running the following command:

curl -L https://install.pi-hole.net | bash

Once this is done, you just need to reconfigure your devices on your network so that they use the Pi Hole server IP as their Primary DNS server. In my case, I just reconfigured my Wi-Fi router to send these parameters in the DHCP answers.

Test and Performance

After configuring the DHCP settings of my router, I could confirm that mylaptop and the phones of my home network started using pi hole as their primary DNS server. However I noticed that ads were not blocked and that actually only 1 domain was blocked, which is the one I manually put in the blacklist.

Further investigations on Internet made me try the following command to fix this:

sudo pihole -r  # try to repair pihole installation

After running the command, I could see that the number of domains to block was properly updated from 1 to more than 100k. See the before / after screenshot from the web admin page:

Suddenly the ad-blocking counter started to ramp-up. The counter in the admin page gives the impression of efficiency by blocking a lot of ads immediately, although we don’t really realize it when browsing (I used to have AdBlockPlus plugin that I have deactivated to test Pi Hole). One visible effect that I really enjoyed is the ability to make ads disapear inside apps on my Android phone.

Pi Hole Dashboard

Example of Pi Hole Dashboard

Conclusion

Pi Hole works at DNS level, which means it basically blacklist more than a hundred thousands domains which are known to serve ad content. The good thing is that it can be deployed very easily on a network and enjoyed on any kind of device as long as you can set the primary DNS server. The limitation, however, is that it cannot act at a more detailed level than DNS, for instance to block specific content or file names such as JavaScript files.

But at this price (free software and 35$ for a Raspberry Pi) this is a great solution. This is good enough to be used at home but is also a serious product to be deployed in enterprises as well. I am also convinced that it could be used to provide ad blocking as a service by MNOs/ISPs to their customers. It might be actually how ISPs like Free in France are doing it?

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s