I’ve run Pi-hole in my homelab for years and benefited from using the service. As well as the hands-on education.
With that said, what is everyone else’s experience with the software? Do you use Pi-hole in your homelab setup? I would assume many hundreds of thousands of people use Pi-hole.
Edit #1:
The image attached to this post is my RPi 5, which hosts the Pi-hole software. Big supporter of the whole “SBCs for learning and home improvement” mentality.
Edit #2:
It is interesting to see the broad support for Pi-hole and DNS blockers in general. The more options, the healthier the tech ecosystem is, which benefits everyone.
Sadly, it was very bad. I tried it about five years ago on a Pi 4. In less than a year, the Pi crashed five or more times. Once it was due to a faulty SD card, and on several occasions it was due to other software on the Pi crashing. Each time, the internet went down, which made my family unhappy, especially when I was not at home and could not fix it.
I also saw little benefit as I already block ads on all my devices, and my smart home stuff has no internet access at router level.
I haven’t tried it since. Should I try again now with redundancy? What are the benefits?
A bit of redundancy is key.
I have my primary DNS, pihole, running on an RPI that’s dedicated to it; as well as a second backup version running in a docker container on my main server machine.
Nebula-Sync keeps the two synchronized with eachother, so if a change is made on one, it automatically syncs to the other. (things like local dns records or changes to blocklists).
If either one goes down (dead sd cards, me playing with things, power surges, whatever); the other picks up the slack until I fix the broken one, which is usually little more than re-install, then manually sync them using piholes ‘teleporter’ settings. Worse case, restore a backup (That you’re definitely taking. Regularly. Right?)
Both piholes use Cloudflared (here’s their guide *edit: I see I’ll have to find a new method for this… Just going to pin the containers to tag ‘2025.11.1’ for now) to translate ALL dns traffic into DOH traffic, encrypting it and using the provider of my choice, instead of my ISP or any other plain DNS. The router hands out both local DNS IPs with DHCP because Port 53 outbound (regular dns) is blocked at the router, so all LAN devices MUST use the local DNS or their own DOH config. Plain DNS won’t make it out.
DNS adblocking isn’t perfect, but it’s a really nice tool to have. Then having an internal DNS to resolve names for local-only services is super handy. Most of my subdomains are only used internally, so pihole handles those DNS records, while external DNS only has the records for publicly accessible things.