Even if you install this to something else (not Promax for example) this video is fantastic going through the build process. The one thing I would change is change the DNS servers on your router and not on each individual device. That way you get the benefits of PiHole across all your network devices (including smart TVs, IoT, Smart Fridges etc). Plus you only have to configure your DHCP server (usually the home router) with this.
Could you explain why you enable DHCP instead of adding a static IP address when creating the proxmox container please. This is all new to me, so would like to learn what things do. Thank you
I love how you used a visual explanation of a physical click and drag with pictures. You have no idea how helpful that is to understand what it is you’re explaining.
This assumes you have access to the router, and that this setting is available to you. I have access to the router, but my ISP does not allow me to change DNS servers. What makes this worse ks their DNS servers have issues every couple of months, crippling the experience.
9:16 I recently learned that the "paste error" relates to clipboard formatting for application, rather than plain text. This might not apply in a proxmox console (not even sure whether proxmox supports ctrl+shift+V), but definitely where I’ve had it in a local terminal: - only happens after a ctrl+V but once that’s happened, ctrl+shift+V also shows the formatting characters - if you map ctrl+V in as something benign for the terminal, it prevents this so ctrl+shift+V always just send the raw text paste
Question, when installing pi hole you select to use dhcp. should it be set to static ip that a way you can set your home router dns to point to the pi-hole as the DNS server?
Maybe a stupid question but I keep confusing myself... 1) can I use Pi-hole as a local DNS resolver (replacement for something like resolv.conf/systemd-resolved)? 2) Can I setup Pi-hole directly on my Ubuntu desktop and use it as a local DNS resolver or is it strictly for a "home network"? Also some context I really only use my phones hotspot to my PC. I would just setup Pi-hole on my phone but there is no root process available for my device.
The problem I see is that every few minutes, a request is made and it shows that it does not come from the cache, but it is a new request to the upstream DNS server and there is a delay since Unbound is slower than a public DNS server.
I installed pihole/unbound through docker, and while the setup can get annoying if you aren't used to it, I can't recommend Docker enough for server stuff in general. It's been said on the channel a few times, of course, but Docker just makes deployment so much easier; just use the same text/config files for each deployment, and you don't even have to worry about it next time you inevitably reinstall your OS.
Setting up my new homeserver with CasaOS (basically a Docker manager GUI with a nice "appstore" that brings pre-configured docker images). How did you get unbound in the docker container for pihole?
hi, i have pihole running in a docker on my pi4, what do i need to do to install unbound? is that done within the pihole container itself or as a seperate container?
@@chenks76 it's been a bit since I set it up, but I basically found another docker container to run unbound, and made both containers run in network mode "host" (not actually required, you can do more complex networking if you put in the time to learn it). Then, you just point pihole to the address running unbound in that docker container.
I must be missing it (everyone is not an IT professional and I just started with linux) where do I down the ubuntu files (templates)? You said you would link it in the description and I can't find it...
Need help, trying to set this up and when you get to 6:46, I get an error saying. I have a red X in the check for existing repository in /etc/.pihole. Then at the bottom it says could not update local respository. Contact support. Could someone help me get past this step?
Also what is the point of creating a user and then giving them sudo anyway? sure if you were limiting their access, or their abilities, but giving them sudo just makes them the equivalent of Root? What is the value in this?
I made a script that does this, but it also allows you to make your own network! You can use it as a router as well. (I used it as a wifi to Ethernet because I don't have Ethernet ports in my house)
Ok Hi @TechHut , Thanks for the video, I bit the bullet and made a Pi-Hole box today out of a old HP 4core 4gig computer that was given to me last year and I forgot I had it. Anyway I installed Ubuntu server and PiHole as per you video and it is amazing how much faster things load on my phone and TV and computers. Yes I hooked it up to my PfSence box and deployed it network wide. Yes the old HP is overkill and has hardly no load on it at all... Lol Just wanted ya to know and keep the awesome videos coming! 🖖 LLAP
dear should I get a pi device?or a old dusty laptop would work & my router is ddlink 275u but I do have tplink 1200ac giga router want to set pi hole & vpn if possible use pia
is there a ''best'' micro computuer tu do this? Raberry Pi vs Libre Computure vs others. From the Raberry pie website they mention the PI Zero 2 I believe, but ive read on reddit that A libre Le Potato is better cause ethernet and power cable IIRC.
am android users i don't have pc or lap or even pi ... can i do all this !! i did everything with open dns put still i can't block some apps and ads on all phones in the network ... 🤕💔
I didn't really understand the point of setting up unbound/making the dns "recursive". I have pihole installed and running on the network and I'm thinking of doing this but I don't get why I would. Can anyone explain?
It was mentioned in the video, might be worth a re-watch. Basically you're not sending your DNS lookups requests through to companies like Google, Cloudflare etc. You're keeping this information to yourself. You're protecting your data going to the DNS server (PiHole) originally, and this adds privacy for your send requests from the DNS server to Google, Cloudflare etc
I didn't know that pihole had their own unbound settings page, and I just used the unbound docs to set mine up and it was a little frustrating at times, but it's all working perfectly.
Do I just leave the router DNS set to my pihole IP or do any router settings need to be changed from a standard pihole setup to accommodate the Unbound install?
I've set my PiHole as a recursive DNS / DHCP server. I have the router set to do its' default dns settings. is using the router to redirect the dns to the pihole really necessary if the pihole is utilized as the dhcp server? Does it even matter to? I'm unaware of if the router dns setting does anything (XR500 dumos) if it's 'relaying' or not. would appreciate any insight on this setup. Additionally, if there's a way I could properly firewall it? how should the interface be set up?
Do you have any idea why I installed Pihole on an omv server and when I install unbound, it doesn t work at all ??? I did the same steps you did but it never works despite the process being running......
Hello! i install pi-hole on nas server it work work perfect expect from one thing!!! it all so blocked some page a rally like how I can stop blocking them?
What I find works for me, is using the PIA DNS with their mace adblock already enabled. If you have a smart TV, you can use a vpn but if that doesn't work then pihole is your best bet.
Newbie question, Does Pi-Hole work to block youtube ads on a smart tv and smartphone? I've read ads on YT are not blocked by pihole because they are hosted con the same youtube domain. I don't know what ublock origin does on browsers because thankfuly it does block them there.
He installed the LCX Ubuntu distro. LCX is a docker-light container build into Linux. The 'apt' command work on all debian based distributions. But apt was only used to fetch the security updates and to install curl (and unbound). He than used curl to fetch the bash install script from the pihole website and pipe it to bash that performed the whole installation...
I ran SmoothWall proxies ~20 years ago with Open DNS' paid service. My company didn't want to pay an annual fee, so I switched to their Family Shield free product along with a HOSTS file. Aside from not being a proxy, how is this so different?
Just an FYI, it's pretty trivial. Just pull up your router configuration page and set the dns there to your pihole ip address and it will do it for any device on the network.
@@DaleEarnhardtsSeatbelt at the moment all I have is an old 2005 HP laptop so finding out that the raspberry pi and it's alternatives are stronger than my laptop is a little depressing. I'll definitely be trying something from rock pi.
@@DaleEarnhardtsSeatbelt I use it for school. Im looking for something cheap that I can use and run 24/7. I think I'ma try a rock pi 4a when I get birthday money.
yes even pi 1 can run this fine. Use dietpi OS which has an auto install script to do everything in the video just have to check a checkbox and press ok
Nobara? Are you using that too? I switched to it on my gaming machine, and OMG it's amazing! Why have you not done a video on this yet!? I hope that's coming soon...
I have been running pihole for 12 months and love it. But I wasn't aware unbound needed to be installed separately. I currently have 2.4 million web sites blocked and my statistics show 92.3% are cached. Pihole also blocks ads on a few television streaming services here in Australia.
PiHole operates a small, fast caching server for its own DNS operations, but relies on a recursive server upstream to do proper name resolution. Unbound is a fully recursive DNS resolver, and will search the full authoritative server hierarchy to resolve the name. Just to be clear, this isn't a *great* idea, all in all. Hammering the full hierarchy to find a server listing might be OK if it's done at the backend and distribution levels, such as with CDN and ISP name servers, but if *everyone* fires requests at the authoritative servers, they would have been swamped decades ago. That's why caching servers were built into the standard from the outset. To use an outdated metaphor, it's like everyone calling directory assistance instead of looking in a nearby phone book.
@@watchm4ker Thanks for your reply. I did install Unbound after watching this video. I did have it installed 12 months ago in conjunction with pihole but felt it was redundant at the time. I've learnt my lesson and it is up and running. I do have a public facing name server too but it is for my various domains, pihole is just internal (television, laptops, phones etc). It is brilliant. Thanks again.
@@watchm4ker My knowledge just gets me by. I'm a recent convert (24 months ago) from windows. I'm in the IT industry and have avoided linux/unix for 30 years. It's a big learning curve at 59 years old :)
@@the-flatulator Ouch. Worst part is, Microsoft was a huge player in the UNIX space, thanks to Xenix and early versions of NT. Then they tossed it all for their own special sauce, only to More or less reinvent the wheel for a bunch of *nix features and systems.
@@TechHut It does, just switched my CasaOS default PiHole docker for this other one. PSA if you want to try this, you'll have to stop or delete the other PiHole container otherwise CasaOS complains about 53 being a duplicated port (because it's being used by the other instance). **Quick tutorial for that docker image on CasaOS: ** 1 - Go to the "one-container", click on the docker-compose file and copy the contents 2 - On CasaOS, open the App Store, click on the top right button to add a custom app and there's an icon there to import, click on the docker-compose tab and paste. 3 - Click OK, fill the missing data (timezone, default web portal path, password, etc) 4 - Click on the PiHole button on CasaOS, go to admin, login, and see if it's working 5 - Profit!
Can you also discuss the risks of opening port 53 or setting up pihole as an OpenDNS resolver? I've set up mine on AWS free tier and now have 24 clients connected even though I've only set up mine for use on 2 devices. I read up on the pihole forums and it looks like setting it up without VPN can make it vulnerable to DNS poisoning attacks or it might be compromised and used for DDoS attacks. I'm a noob and just following guides, discussing this in detail will be very interesting.
noobs should NOT run DNS servers. This is not trivial, as it looks in a video. Open recursive DNS servers are points of DDoS attacks (meaning hackers or bots most likely will use you as a point of attack). Just use the DNS servers of a trusted by you DNS provider, and set it up and that's it.
One crucial aspect of such setup - its security, has not been discussed in the video. Installing a recursive DNS server is a security risk. DNS caching is another security risk on its own. But let's get back to the first risk - having open / exposed recursive DNS is a risk - the user can become a point of DDoS attack without even knowing it. If someone cannot ensure, that his recursive DNS server is NOT exposed (open) to the Internet - they should never use such server in the first place. I would recommend non tech savvy people, who don't understand running a DNS server very well, to NOT use one. People, who have privacy concerns should not use Google DNS either.
Hi there, just subscribed....i have a question/request. Im a pretty novice Linux user but one of the best apps i found on Linux was/is Compiz Fusion....could you possibly do a video on that...ive recently installed but i cant quite get it working properly...many thanks (if you can/want to of course)!!
Even if you install this to something else (not Promax for example) this video is fantastic going through the build process. The one thing I would change is change the DNS servers on your router and not on each individual device. That way you get the benefits of PiHole across all your network devices (including smart TVs, IoT, Smart Fridges etc). Plus you only have to configure your DHCP server (usually the home router) with this.
this comment is gold!
Can anyone point me in the right direcon on how to change the DNS server on the router?
@@m4yh3m121 typically you would see it in the settings: internet section or dhcp section
Some DHCP servers on home routers don't support that
@@maskedredstonerproz They're cheap, so get one that does.
Could you explain why you enable DHCP instead of adding a static IP address when creating the proxmox container please.
This is all new to me, so would like to learn what things do.
Thank you
I love how you used a visual explanation of a physical click and drag with pictures. You have no idea how helpful that is to understand what it is you’re explaining.
a 100% !! this is why my firends referred me to this link.
instead of going device by device you can just change the dns entry on your router dhcp settings.
This assumes you have access to the router, and that this setting is available to you. I have access to the router, but my ISP does not allow me to change DNS servers. What makes this worse ks their DNS servers have issues every couple of months, crippling the experience.
@@LaughingOrange well here ISP does allow you to change settings they even allow you to use third party routers
I’d recommend setting up a PFsense box as your router. Just let your IPS box server as bringing the internet in
Can also turn off the dhcp server on the router and use pihole as the dhcp server
he lit said that in the video
I would love to see a video that showcases this done so that any device that connects to the network no longer has ads!
I love your calm and clear method of instructions.
Super clear - very simple to understand and follow - I've had pihole setup for a while but not unbound as my all around DNS!
Thanks so much !
dietpi has a checkbox to click to auto install all of this in like 5 seconds. This is what should be recommended to users that are new.
I have done all this and then added pivpn on top so I get blocked ads everywhere I go.
What happened to the extra information down below on the container template? I don't see it....
9:16 I recently learned that the "paste error" relates to clipboard formatting for application, rather than plain text.
This might not apply in a proxmox console (not even sure whether proxmox supports ctrl+shift+V), but definitely where I’ve had it in a local terminal:
- only happens after a ctrl+V but once that’s happened, ctrl+shift+V also shows the formatting characters
- if you map ctrl+V in as something benign for the terminal, it prevents this so ctrl+shift+V always just send the raw text paste
Question, when installing pi hole you select to use dhcp. should it be set to static ip that a way you can set your home router dns to point to the pi-hole as the DNS server?
I do think so, I picked a static one :)
did you set the ip address to static. I somehow missed that step
Adguard is a bit better no:?
Maybe a stupid question but I keep confusing myself... 1) can I use Pi-hole as a local DNS resolver (replacement for something like resolv.conf/systemd-resolved)? 2) Can I setup Pi-hole directly on my Ubuntu desktop and use it as a local DNS resolver or is it strictly for a "home network"? Also some context I really only use my phones hotspot to my PC. I would just setup Pi-hole on my phone but there is no root process available for my device.
Yes, you can use ir directly in your computer, but it's not recommended
@@Fhannycopia3 it wouldn't be on a daily driver im really just wanting it to run some tests myself.
@@diveallz1044 Have fun
hi, i have a question. Why on my unbound always showing SERVFAIL? is it any configuration change needed?
I got error: could not update local repository. Contact support
Wish you made a comparative between with unbound and without unbound on the same website to see the difference between queries and blocked ads
he doesn't have the expertees for that :)
The problem I see is that every few minutes, a request is made and it shows that it does not come from the cache, but it is a new request to the upstream DNS server and there is a delay since Unbound is slower than a public DNS server.
Configure your cache-min-ttl and cache-max-ttl unbound will cache until he gets info the cache is stale then it recache
Can you explain how to use pihole with a pc that uses ethernet?
Like my router routes to the pihole on my linode server and now my wifi is completely adfree but my ethernet connected pc isnt so
I installed pihole/unbound through docker, and while the setup can get annoying if you aren't used to it, I can't recommend Docker enough for server stuff in general. It's been said on the channel a few times, of course, but Docker just makes deployment so much easier; just use the same text/config files for each deployment, and you don't even have to worry about it next time you inevitably reinstall your OS.
yeh been doing it that way for a few years, service as cattle is brilliant 😂
Setting up my new homeserver with CasaOS (basically a Docker manager GUI with a nice "appstore" that brings pre-configured docker images). How did you get unbound in the docker container for pihole?
hi, i have pihole running in a docker on my pi4, what do i need to do to install unbound? is that done within the pihole container itself or as a seperate container?
@@chenks76 it's been a bit since I set it up, but I basically found another docker container to run unbound, and made both containers run in network mode "host" (not actually required, you can do more complex networking if you put in the time to learn it). Then, you just point pihole to the address running unbound in that docker container.
@@Afsafs123 i'll need to look for a suitable image, i already have pihole running in network host mode
I must be missing it (everyone is not an IT professional and I just started with linux) where do I down the ubuntu files (templates)? You said you would link it in the description and I can't find it...
I can't find it tooo. It's annoying!!! 😭
This procedure is not working in the oracle cloud ubuntu vps install. web interface is not opening.
Can I do this with mobile data internet?
great video. can you guide to the uRL where we can download the template - at 02:27 timestamp?
You didnt set your dns at router though ? This should be noted this setup is not encompassing the network.
Your keyboard clicks sound lush. Which one is it?
can't open the admin. i followed the instruction until 7:42 but can't go beyond that.
How can i use both Pi-hole and nginx-proxy-manager together as one DNS?
Why after installing pi hole now the calls made from the internet like if you work from home drop frequently?
Is proxmox better than docker?
Can we get adblocker and firewall in single unit ?
I know it is good pratice to not use root at all, but is using root within an unprivileged LXC really a big issue?
what raspberry pi alternatives can i buy?
What about DNS cache poisoning?--- How would I protect myself from that after doing this?
Need help, trying to set this up and when you get to 6:46, I get an error saying. I have a red X in the check for existing repository in /etc/.pihole. Then at the bottom it says could not update local respository. Contact support.
Could someone help me get past this step?
Oh, I expected this video to include instruction how to set up PiHole on the router as well. Can you please make a video about that too?
What makes this different from just using browser extensions such as Adblock to block ads or even Brave browsers build-in ad blocker?
Need help getting attempt to write a readonly database error and can’t add any blocklists or whitelist any ideas?
If I am installing pihole on a Raspberry Pi that already has Apache running, how do I handle the questions about the webserver and PHP?
Very helpful, followed your instructions and was able to get unbound setup with pihole (raspberry pi). Thank you!
Also what is the point of creating a user and then giving them sudo anyway? sure if you were limiting their access, or their abilities, but giving them sudo just makes them the equivalent of Root? What is the value in this?
Please excuse my ignorance, but where does unbound get it’s DNS list from? I guess I missed that part
please make or link a video on how to set it up on my router
I made a script that does this, but it also allows you to make your own network! You can use it as a router as well. (I used it as a wifi to Ethernet because I don't have Ethernet ports in my house)
Ok Hi @TechHut , Thanks for the video, I bit the bullet and made a Pi-Hole box today out of a old HP 4core 4gig computer that was given to me last year and I forgot I had it. Anyway I installed Ubuntu server and PiHole as per you video and it is amazing how much faster things load on my phone and TV and computers. Yes I hooked it up to my PfSence box and deployed it network wide. Yes the old HP is overkill and has hardly no load on it at all... Lol
Just wanted ya to know and keep the awesome videos coming!
🖖
LLAP
dear should I get a pi device?or a old dusty laptop would work & my router is ddlink 275u but I do have tplink 1200ac giga router
want to set pi hole & vpn if possible use pia
Never got Pi-Hole unbound working
is there a ''best'' micro computuer tu do this? Raberry Pi vs Libre Computure vs others.
From the Raberry pie website they mention the PI Zero 2 I believe, but ive read on reddit that A libre Le Potato is better cause ethernet and power cable IIRC.
am android users i don't have pc or lap or even pi ... can i do all this !! i did everything with open dns put still i can't block some apps and ads on all phones in the network ... 🤕💔
I didn't really understand the point of setting up unbound/making the dns "recursive". I have pihole installed and running on the network and I'm thinking of doing this but I don't get why I would. Can anyone explain?
It was mentioned in the video, might be worth a re-watch. Basically you're not sending your DNS lookups requests through to companies like Google, Cloudflare etc. You're keeping this information to yourself. You're protecting your data going to the DNS server (PiHole) originally, and this adds privacy for your send requests from the DNS server to Google, Cloudflare etc
@@CozaMcCoza but pihole does that already without Unbound, I'm trying to see what the point of using it is
Seems eerily similar to what Craft Computing put out a few years back, but still a relevant how to. Thanks!
When i point my pc dns to my pihole ip i loose internet connection. Only get LAN
How do I do this if my AT&T Gateway does not allow one to change DNS setting?
I didn't know that pihole had their own unbound settings page, and I just used the unbound docs to set mine up and it was a little frustrating at times, but it's all working perfectly.
Do I just leave the router DNS set to my pihole IP or do any router settings need to be changed from a standard pihole setup to accommodate the Unbound install?
Hey quick question here: Will a raspberry 1 B model with 512Mb of RAM gonna work fine with it?
Thanks.
Hi, I just installed Pihole. But now I am unable to watch Netflix. Can anyone help?
I've set my PiHole as a recursive DNS / DHCP server. I have the router set to do its' default dns settings. is using the router to redirect the dns to the pihole really necessary if the pihole is utilized as the dhcp server? Does it even matter to? I'm unaware of if the router dns setting does anything (XR500 dumos) if it's 'relaying' or not. would appreciate any insight on this setup. Additionally, if there's a way I could properly firewall it? how should the interface be set up?
If I enable unbound I can no longer resolve the websites I host on my LAN. What's the problem and solution with that?
Damn, finally a tutorial on youtube regarding this subject that is 100% spot on! Tnx man!
Just curious does the CPU/Ram on the board affect the throughput? If i'm running a 1/2GBPS fibre network can I just use a rasphberry pi 3?
Just did that and it's so cool. Should've done this ages ago.
This is something I really need to do on my home network. Thank you for the content!
Do you have any idea why I installed Pihole on an omv server and when I install unbound, it doesn t work at all ??? I did the same steps you did but it never works despite the process being running......
Do I have to have git hub in order to install this? I tried thayat curl bash thing but it dinnit work
very simple by cutting all crap . thank you . hope to see more updates for this
Hello! i install pi-hole on nas server it work work perfect expect from one thing!!! it all so blocked some page a rally like how I can stop blocking them?
I am so confused ugh
I just add blocklists to my pfsense server...
Hello I have a laptop ubuntu server for jellyfin and nextcloud. Is pihole ok to install as well or need vm?
What I find works for me, is using the PIA DNS with their mace adblock already enabled. If you have a smart TV, you can use a vpn but if that doesn't work then pihole is your best bet.
What if I'm already running dnsmasq, is it possible to integrate it into PiHole?
I use Cloudflare upstream DNS server to filter adult content. If I set this up, does this mean I won't be able to use Cloudflare's DNS?
Do I need my raspberry pi always on and connected to ethernet?
Newbie question, Does Pi-Hole work to block youtube ads on a smart tv and smartphone? I've read ads on YT are not blocked by pihole because they are hosted con the same youtube domain. I don't know what ublock origin does on browsers because thankfuly it does block them there.
GREAT video. Super easy to follow along. You cadence and tone are perfect.
Is there any option to remove those blank fields on websites after ads placeholder? (browser blocker can do that).
Thanks for great tutorial!
What linux are you using in this video?
He installed the LCX Ubuntu distro. LCX is a docker-light container build into Linux. The 'apt' command work on all debian based distributions. But apt was only used to fetch the security updates and to install curl (and unbound). He than used curl to fetch the bash install script from the pihole website and pipe it to bash that performed the whole installation...
I ran SmoothWall proxies ~20 years ago with Open DNS' paid service. My company didn't want to pay an annual fee, so I switched to their Family Shield free product along with a HOSTS file. Aside from not being a proxy, how is this so different?
Thank you! I went further and set my router to use that DNS under DHCP settings and BOOM!
Couldn't you just set the dns value in your router so every device that gets a ip address from the router uses pihole?
Pi Hole was one of the best additions to my home network. Hardly any adds now :)
Adguard Hone is miles better than pihole
Yes! please make a video covering a network wide setup.
Just an FYI, it's pretty trivial. Just pull up your router configuration page and set the dns there to your pihole ip address and it will do it for any device on the network.
What Raspberry Pi alternative would you recommend for running pi hole?
If you have a nas. Use docker/vm if the nas supports it.
Rock pi and ordroid are good choices too
@@DaleEarnhardtsSeatbelt at the moment all I have is an old 2005 HP laptop so finding out that the raspberry pi and it's alternatives are stronger than my laptop is a little depressing. I'll definitely be trying something from rock pi.
@@revelmonger that 2005 laptop will probably work if you install Ubuntu on it lol.
@@DaleEarnhardtsSeatbelt I use it for school. Im looking for something cheap that I can use and run 24/7. I think I'ma try a rock pi 4a when I get birthday money.
@@DaleEarnhardtsSeatbelt I notice that rock pi doesnt sell on their site. Would Amazon be a reliable vendor?
I did it today. It works well. Thanks for the video.
What OS are you running on your main rig? Sick video!
Will it be ok to use a raspberry pi 3b+ or pi zero 2 w ?
yes even pi 1 can run this fine.
Use dietpi OS which has an auto install script to do everything in the video just have to check a checkbox and press ok
dont understnad why you dont show how to install the templates in proxmox, would make the video 5-10 seconds longer...
Thank you for this tutorial. I love the content. I just discovered you and subscribed.
Is the premise that DNS servers like Cloudflare log your data proven to be correct? Google ok., but Cloudflare or Quad9?
It is not known exactly. It boils down to TRUST.
TYhanks for this grate video. I have been wanting to do this for some time and now I have my pihole up and working.
1. How to enable DNSSEC in unbond for pi-hole ???
2. How does unbond protect you from Google & Cloudflare ???
Nobara? Are you using that too? I switched to it on my gaming machine, and OMG it's amazing! Why have you not done a video on this yet!? I hope that's coming soon...
I have been running pihole for 12 months and love it. But I wasn't aware unbound needed to be installed separately. I currently have 2.4 million web sites blocked and my statistics show 92.3% are cached. Pihole also blocks ads on a few television streaming services here in Australia.
PiHole operates a small, fast caching server for its own DNS operations, but relies on a recursive server upstream to do proper name resolution. Unbound is a fully recursive DNS resolver, and will search the full authoritative server hierarchy to resolve the name.
Just to be clear, this isn't a *great* idea, all in all. Hammering the full hierarchy to find a server listing might be OK if it's done at the backend and distribution levels, such as with CDN and ISP name servers, but if *everyone* fires requests at the authoritative servers, they would have been swamped decades ago. That's why caching servers were built into the standard from the outset. To use an outdated metaphor, it's like everyone calling directory assistance instead of looking in a nearby phone book.
@@watchm4ker Thanks for your reply. I did install Unbound after watching this video. I did have it installed 12 months ago in conjunction with pihole but felt it was redundant at the time. I've learnt my lesson and it is up and running. I do have a public facing name server too but it is for my various domains, pihole is just internal (television, laptops, phones etc). It is brilliant. Thanks again.
@@the-flatulator Ah. Wasn't sure on your level of knowledge, especially as it's a part that's usually kept hidden from most users.
@@watchm4ker My knowledge just gets me by. I'm a recent convert (24 months ago) from windows. I'm in the IT industry and have avoided linux/unix for 30 years. It's a big learning curve at 59 years old :)
@@the-flatulator Ouch. Worst part is, Microsoft was a huge player in the UNIX space, thanks to Xenix and early versions of NT. Then they tossed it all for their own special sauce, only to More or less reinvent the wheel for a bunch of *nix features and systems.
thank you you made it so easy to set this up, i knew how to setup pihole before but a recursive dns server that was new to me so thank you
Is there a way to set it up on a docker container?
Yes
This might help github.com/chriscrowe/docker-pihole-unbound
@@TechHut It does, just switched my CasaOS default PiHole docker for this other one. PSA if you want to try this, you'll have to stop or delete the other PiHole container otherwise CasaOS complains about 53 being a duplicated port (because it's being used by the other instance).
**Quick tutorial for that docker image on CasaOS: **
1 - Go to the "one-container", click on the docker-compose file and copy the contents
2 - On CasaOS, open the App Store, click on the top right button to add a custom app and there's an icon there to import, click on the docker-compose tab and paste.
3 - Click OK, fill the missing data (timezone, default web portal path, password, etc)
4 - Click on the PiHole button on CasaOS, go to admin, login, and see if it's working
5 - Profit!
Can you also discuss the risks of opening port 53 or setting up pihole as an OpenDNS resolver? I've set up mine on AWS free tier and now have 24 clients connected even though I've only set up mine for use on 2 devices. I read up on the pihole forums and it looks like setting it up without VPN can make it vulnerable to DNS poisoning attacks or it might be compromised and used for DDoS attacks. I'm a noob and just following guides, discussing this in detail will be very interesting.
RUN YOUR OWN VPN AS WELL
noobs should NOT run DNS servers. This is not trivial, as it looks in a video. Open recursive DNS servers are points of DDoS attacks (meaning hackers or bots most likely will use you as a point of attack). Just use the DNS servers of a trusted by you DNS provider, and set it up and that's it.
I was just thinking of putting the DNS server right on my RP4 so this was a very well timed video for me. Thanks!
dietpi has a script to auto install all of this in 1 checkbox
One crucial aspect of such setup - its security, has not been discussed in the video.
Installing a recursive DNS server is a security risk. DNS caching is another security risk on its own.
But let's get back to the first risk - having open / exposed recursive DNS is a risk - the user can become a point of DDoS attack without even knowing it.
If someone cannot ensure, that his recursive DNS server is NOT exposed (open) to the Internet - they should never use such server in the first place.
I would recommend non tech savvy people, who don't understand running a DNS server very well, to NOT use one.
People, who have privacy concerns should not use Google DNS either.
Hi there, just subscribed....i have a question/request. Im a pretty novice Linux user but one of the best apps i found on Linux was/is Compiz Fusion....could you possibly do a video on that...ive recently installed but i cant quite get it working properly...many thanks (if you can/want to of course)!!