Pi-Hole - Network wide Ad blocking

    • OMV 2.x
    • jollyrogr wrote:

      Neat. But what about flmaxey's pi-hole docker tutorial that says this:

      ** If upgrading to the latest image, it is recommended that the previous container is stopped/deleted, delete the previous image, delete the macvlan driver in the networks tab and delete the file contents of /dockerparms/pihole . [/b]Then proceed with the installation of the new image as follows.**

      Sounds a lot more involved than what you describe. Sounds like starting over every time.
      The How-To was written to cover as many cases as possible. From PM's and threads, in a couple cases, problems were experienced in upgrading the image and container to the latest version, when the older volumes and bind points were retained. In one case, the macvlan interface refused to be reused. In these cases, if the older bind volumes and points and the macvlan interface are deleted, the new Pi-hole container works as intended. Since there's no way to determine how many are affected, it made sense to edit the How-To to take these issues into account.

      When I upgrade, I've had no problem with reusing the macvlan interface and the older volumes and bind points merged seamlessly into the new version. (Which retains custom black and white lists and other settings.)
      Thinking about it, perhaps an update is order, so that those without the fringe issues (the majority) can merge their settings into a new container.

      Video Guides :!: New User Guide :!: Docker Guides :!: Pi-hole in Docker
      Good backup takes the "drama" out of computing.
      ____________________________________
      Primary: OMV 3.0.99, ThinkServer TS140, 12GB ECC, 32GB USB boot, 4TB+4TB zmirror, 3TB client backup.
      Backup: OMV 4.1.13, Intel Server SC5650HCBRP, 6GB ECC, 16GB USB boot, UnionFS+SNAPRAID
      2nd Backup: OMV 4.1.9, Acer RC-111, 4GB, 32GB USB boot, 3TB+3TB zmirror, 4TB Rsync'ed disk

      The post was edited 1 time, last by flmaxey: edit ().

    • jollyrogr wrote:

      So I don't believe that my ISP is manipulating DNS traffic as they are a smaller local company rather than a large bunch of assholes like AT&T, etc.
      But I could trial a public DNS server to see how that compares. I just feel like Google provides the servers for the sole purpose of collecting data on people.
      Google probably does collect on those who use them, but there's literally no way to prevent a service provider from logging your internet activity. On the other hand, one of my ISP's is Comcast who is a known DNS manipulator. I refuse to use their DNS. ((Microsoft's telemetry servers are another matter altogether. Pi-hole is effective in limiting M$'s data collection from your workstations.))

      Since you have one of the smaller IPS's, take a look at this free utility for testing DNS servers. (Depending on how you're configured, test results might be more accurate if Pi-hole is off-line.)

      Video Guides :!: New User Guide :!: Docker Guides :!: Pi-hole in Docker
      Good backup takes the "drama" out of computing.
      ____________________________________
      Primary: OMV 3.0.99, ThinkServer TS140, 12GB ECC, 32GB USB boot, 4TB+4TB zmirror, 3TB client backup.
      Backup: OMV 4.1.13, Intel Server SC5650HCBRP, 6GB ECC, 16GB USB boot, UnionFS+SNAPRAID
      2nd Backup: OMV 4.1.9, Acer RC-111, 4GB, 32GB USB boot, 3TB+3TB zmirror, 4TB Rsync'ed disk

      The post was edited 2 times, last by flmaxey: edit ().

    • flmaxey wrote:

      Google probably does collect on those who use them, but there's literally no way to prevent a service provider from logging your internet activity. On the other hand, one of my ISP's is Comcast who is a known DNS manipulator. I refuse to use their DNS. ((Microsoft's telemetry servers are another matter altogether. Pi-hole is effective in limiting M$'s data collection from your workstations.))
      Since you have one of the smaller IPS's, take a look at this free utility for testing DNS servers. (Depending on how you're configured, test results might be more accurate if Pi-hole is off-line.)
      I'll test that out. Thanks.
    • geaves wrote:

      Didn't know Gibson did that one, got some interesting results, which included 2 dns servers from own isp which I was not aware of, and cloudflare didn't make the top 50!
      It's a great utility that will customize results, based on location.

      Your results are interesting because your Net connection is probably on an access node, very close to the WEN loop (Western European fiber Network). The WEN has low latency to most major communications nodes (and cloudflare) world wide. While ISP traffic shaping may be part of it, your results are an indication that no one size fits all. If users don't want to test DNS latency, public servers that support ANYCAST would be the way to go. And, as previously stated, servers that support DNSSEC are always a good idea. (Just my opinion.)

      Video Guides :!: New User Guide :!: Docker Guides :!: Pi-hole in Docker
      Good backup takes the "drama" out of computing.
      ____________________________________
      Primary: OMV 3.0.99, ThinkServer TS140, 12GB ECC, 32GB USB boot, 4TB+4TB zmirror, 3TB client backup.
      Backup: OMV 4.1.13, Intel Server SC5650HCBRP, 6GB ECC, 16GB USB boot, UnionFS+SNAPRAID
      2nd Backup: OMV 4.1.9, Acer RC-111, 4GB, 32GB USB boot, 3TB+3TB zmirror, 4TB Rsync'ed disk
    • That's useful. Given the DNS shenanigans going on with ISP's and others, that's worth giving it a try.
      (And I think waiting 1 whole second, for a first time resolve process, is well worth the wait.)

      Video Guides :!: New User Guide :!: Docker Guides :!: Pi-hole in Docker
      Good backup takes the "drama" out of computing.
      ____________________________________
      Primary: OMV 3.0.99, ThinkServer TS140, 12GB ECC, 32GB USB boot, 4TB+4TB zmirror, 3TB client backup.
      Backup: OMV 4.1.13, Intel Server SC5650HCBRP, 6GB ECC, 16GB USB boot, UnionFS+SNAPRAID
      2nd Backup: OMV 4.1.9, Acer RC-111, 4GB, 32GB USB boot, 3TB+3TB zmirror, 4TB Rsync'ed disk
    • I installed unbound on my OMV server, and referenced it in my Pihole/Docker install by OMV's IP address.

      Cached entries are blazingly fast and the entire DNS function is much more secure. For those who may be inclined to set up unbound it's a real improvement over ISP and public resolvers.
      _____________________________________________________________

      The differences between the How-To and getting Unbound to work on OMV, with Pi-hole running in a Docker.
      - Install unbound on your OMV server
      -The unbound config file, as shown in the How-To must be created/copied to
      /etc/unbound/unbound.conf.d/pickaname.conf
      - In the Pi-hole Docker, Settings, DNS, use your OMV servers IP address and the port that's in the unbound config file
      in this format 192.168.1.15#5353 (Use a pound sign, not a colon)(
      - To test unbound with dig, it may be necessary to install dnsutils - apt-get install dnsutils
      _____________________________________________________________

      In tests, after hitting a remote server the first time (120ms), the second name request for the same server was 0ms. After the first hit, it's local. :)

      Thanks for sharing this.

      Video Guides :!: New User Guide :!: Docker Guides :!: Pi-hole in Docker
      Good backup takes the "drama" out of computing.
      ____________________________________
      Primary: OMV 3.0.99, ThinkServer TS140, 12GB ECC, 32GB USB boot, 4TB+4TB zmirror, 3TB client backup.
      Backup: OMV 4.1.13, Intel Server SC5650HCBRP, 6GB ECC, 16GB USB boot, UnionFS+SNAPRAID
      2nd Backup: OMV 4.1.9, Acer RC-111, 4GB, 32GB USB boot, 3TB+3TB zmirror, 4TB Rsync'ed disk

      The post was edited 1 time, last by flmaxey: edit ().

    • While I don't know if there's a Docker for unbound; I'm sure it would work that way (Docker to Docker). Unbound and pi-hole connect by IP address and port.

      I chose a direct install, into OMV's Debian OS, because unbound is really light and the semi-annual update can be automated (in scheduled tasks.)

      Video Guides :!: New User Guide :!: Docker Guides :!: Pi-hole in Docker
      Good backup takes the "drama" out of computing.
      ____________________________________
      Primary: OMV 3.0.99, ThinkServer TS140, 12GB ECC, 32GB USB boot, 4TB+4TB zmirror, 3TB client backup.
      Backup: OMV 4.1.13, Intel Server SC5650HCBRP, 6GB ECC, 16GB USB boot, UnionFS+SNAPRAID
      2nd Backup: OMV 4.1.9, Acer RC-111, 4GB, 32GB USB boot, 3TB+3TB zmirror, 4TB Rsync'ed disk
    • I doubt you need to automate this task. That list is the 13 root dns servers. I think they have only changed a couple of times in the last couple of decades.
      omv 4.1.14 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.13
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • Users Online 2

      2 Guests