Spice up your day by setting up a local DNS Server for network-wide ad, tracking and malware blocking.
AdGuard Home is another open-source DNS with blocking capabilities. If you aren't already aware, you set up your network to use the local AdGuard/Pi-hole server for DNS. When you try and access example.com your computer will send a lookup for the IP address of example.com, this query gets sent to your local server it then goes to the upstream such as Cloudflare (22.214.171.124), the response will then be forwarded to your device. The benefit of this setup is the blocking and caching it provides.
You can load in blocklists containing advertising or malware domains, so when your browser tries to access annoyingpopupads.com the request will simply get blocked (technically the IP of 0.0.0.0 is returned).
The caching a local DNS server provides can also be handy; if you request example.com and you already requested it 30 seconds ago it will serve that same IP without going off to fetch it. This can save a significant amount of time when browsing the web, usually around 3-200ms per lookup.
Pi-hole vs AdGuard Home
|Local DNS Entries (rewrites)||✅||✅|
|Answer queries via DoH/DoT||❌||✅|
|Upload HTTPS Certificate||❌||✅|
|Block Services (eg Discord/TikTok)||❌||✅|
|Blocklist Update frequency||Once Per Week||1 Hour-1 Week|
Although it's a little dated we have a post on setting up Pi-hole here.
- Ensure you have Docker and docker-compose installed.
- Head to your home (or docker) directory
- Create AdGuard Directory:
- Use the following template:
version: "2" services: adguardhome: image: adguard/adguardhome container_name: adguardhome ports: - 53:53/tcp - 53:53/udp - 784:784/udp - 853:853/tcp - 3000:3000/tcp - 80:80/tcp - 443:443/tcp volumes: - ./workdir:/opt/adguardhome/work - ./confdir:/opt/adguardhome/conf restart: unless-stopped
You may want to add
- 67:67/udp -p 68:68/tcp -p 68:68/udp to use AdGuard as DHCP Server. You'll want to use this if you can't set DNS settings on your router. Ensure you turn off the router DHCP service first (Only one DHCP Server can be run on a network).
- Spin it up:
sudo docker-compose up -d
- Setup AdGuard Home via the WebUI at http://IP:3000
Now just head to your router setting and configure the DCHP settings to use the IP address of your AdGuard to answer DNS queries. If you are unable to configure this you can turn off DHCP and use the AdGuard to handle DHCP (Look at the section above 5).
When looking for upstream DNS providers Quad9 (DoH: https://dns.quad9.net/dns-query) is a solid choice it's rapid and includes malware blocking. Other top privacy respecting DNS Services can be found at privacytools.io.