this post was submitted on 16 Jul 2023
138 points (97.9% liked)

Selfhosted

39895 readers
464 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hey, not sure if this is the right community, but looking for some information.

I've seen many people strongly recommend AdGuard Home for network-wide ad-blocking either in isolation, or in direct comparison to Pihole. But I can't really find why there is such a strong recommendation. The only clear reason I've seen is that AdGuard is easier to set-up.

However, I already have Pihole set-up on all of my networks on separate Raspberry Pis at each location. I have it running as the DNS server so that every device that connects to the network automatically gets ad-blocking. I have a few groups set-up within Pihole for slightly nuanced blocking


i.e. some of my family still want to use Facebook etc. (on a separate subnet).

So my question is, considering I already have Pihole set-up, am I missing some key benefit that AdGuard Home would provide?

top 49 comments
sorted by: hot top controversial new old
[–] oleorun@lemmy.world 34 points 1 year ago (3 children)

I've been using a pihole exclusively for years on my Ubiquiti network at home. Combined with Wireguard, it's a stable, easy ad-blocking solution. I've never even considered moving from it, seeing how well pihole Just Works.

[–] theghostoutside_@lemmy.world 5 points 1 year ago (2 children)

That's more-or-less what I thought. And in fact I forgot to add to my post that I also use Pihole on the go via Wireguard, which seems like another hurdle to converting to AdGuard. Thanks.

[–] AbidanYre@lemmy.world 7 points 1 year ago

Adguard home would also work exactly the same way as pihole for that use case.

[–] PrMinisterGR@lemmy.ml 3 points 1 year ago

You can use a private Adblocking DNS on all OS at this point.

[–] esmazer@lemmy.world 2 points 1 year ago (1 children)

Does pihole affects your internet speed?

[–] lemming741@lemmy.world 1 points 1 year ago

It has to go upstream for answered requests, so it can add 1 or 2 ms to the 45 ms it would otherwise take when you're local. If you're using a VPN to your home dns, it can add 75 ms and I can feel it.

[–] qazwsxedcrfv000@lemmy.unknownsys.com 26 points 1 year ago (4 children)

The only edge Adguard Home has over PiHole I can think of is its out-of-box support of encrypted DNS upstream and downstream queries (e.g. DNS-over-HTTPS and DNS-over-TLS).

[–] Sudo@lemmy.world 8 points 1 year ago

This is the reason why I switched over to Adguard Home and stuck to it.

[–] mnrockclimber@lemmy.sdf.org 3 points 1 year ago

I guess that’s nice. I installed cloudflared myself and get the same results that way with my pinhole. But it was an extra step.

[–] german@pawb.social 3 points 1 year ago

It can also run directly on lower powered machines. GL.iNet routers are a good example, they’re based on OpenWrt and come with AdGuard Home support out of the box, so no need for a whole external computer to handle DNS stuff. Sure it’s limited by ram about how many lists you can have, but still. Pihole is much more “substantial”

[–] tabularasa@lemmy.world 2 points 1 year ago

I was going to say this and also you can do single device exclusions in AGH.

[–] bear 20 points 1 year ago (1 children)

I've used both, each for a long stretch of time; they are fundamentally extremely similar and you'll be fine with either. I switched to AdGuard Home entirely because I could run it directly from my OPNSense router instead of a second machine. There isn't really anything else major I've noticed different between them, but my usage is fairly basic. AdGuard's interface felt a bit more mature and clean, but that's it.

If you're happy with your PiHole, there's no reason I'm aware of to switch.

[–] TrejoPhD@lemmy.world 6 points 1 year ago

This guy is right.

I have used Pi-hole forever at home, but decided to try out AGH on my parents’ network. They do largely the same stuff, so if Pi-hole is working for you, stick with it; I do with my home network, too!

[–] bigredgiraffe@lemmy.world 11 points 1 year ago (2 children)

So, anecdotally, I used pihole first more than 5 years ago and switched to AdGuard as pihole did not have the ability to do conditional forwarding of requests for various zones or the ability to add static records via the UI. Conditional forwarding means that I can send the requests for let’s say example.com to an internal server hosting that zone responding with private records for internal services as well as other similar scenarios.

I also like that I can identify clients or networks in adguard by various factors and apply different rules (blocking and forwarding) and collect statistics on those clients or groups of clients, I don’t think pihole has either feature yet.

I also like that adguard is a static binary which is likely what people mean when they say it’s easier to install and maintain.

As to why I keep it and don’t switch back, I like the interface AdGuard has and it doesn’t break so I often forget about it anymore. I’ll update if I remember anything else but those are the larger things for me. If pihole is working then stick with it but curiosity is a definite reason to try adguard, I bet you could just stop pihole on your machine and run adguard to check it out without too much work (yay static binary) but I haven’t tested that myself.

Hope that helps!

[–] metaStatic@kbin.social 2 points 1 year ago* (last edited 1 year ago) (1 children)

I'm super new to all this but piehole has clients and groups which I assume is for applying custom rules

[–] bigredgiraffe@lemmy.world 1 points 1 year ago

That’s awesome, I’ll have to give it another look. Maybe I’ll have to set up one of each and do some performance testing then :D

[–] SeeJayEmm@lemmy.procrastinati.org 2 points 1 year ago (2 children)

PiHole has everything you listed except the static dns via web ui. You need to add them to the hosts file.

[–] death916@lemmy.death916.xyz 6 points 1 year ago

If it's just for local you can add dns hostnames in the gui. I have all my lan boxes defined in pihole with the .lan under the local dbs ootio. Might even work for external too

[–] bigredgiraffe@lemmy.world 1 points 1 year ago (1 children)

That’s awesome, I’ll have to give it a try again! I saw they also recently added an external-dns target for pihole for kubernetes which was the real genesis of needing an internal dns server anyway.

I've got enough going on, on my internal lan that I have a bind server hosting internal fwd/ptr zones. I just put config files in /etc/dnsmasq.d/ that direct queries for those domains there.

[–] narc0tic_bird@lemm.ee 6 points 1 year ago* (last edited 1 year ago) (2 children)

There's a third party tool for AdGuard which allows syncing multiple instances. Very nice because if you want something to be redundant in your home setup, it's DNS. This adds the ability to sync configured rulesets and custom DNS entries.

EDIT: There seems to be a similar tool for Pi-hole as well.

I was warming up to post the gravity sync link before I got to your edit. I've been using it for at least a couple years and I've been happy.

[–] outcide@lemmy.world 1 points 1 year ago

I swapped from Blocky to AdGuardHome because of AdGuardSync.

[–] mea_rah@lemmy.world 6 points 1 year ago

You can't really go wrong with any of those. They are both very solid options. Having said that, if I had to recommend one, I'd go with Adguard, because:

  • The interface is better. Most notably the query log interface. Searching the logs with some long time span makes Pihole spike in memory usage and is super slow. (there's no server-side pagination)
  • Custom filters are more powerful thanks to modifiers, which AFAIK Pihole does not support. Some of it can be configured via dnsmasq (without user friendly interface), some I had not found any solution for. Good example is dnstype modifier, which I sometimes use to block AAAA responses for sites, that have set AAAA records, but the service actually does not work over IPv6. So I can disable IPv6 for certain domains if I need to. (or other way around, force IPv6 only)

Some of the above might have changed, I haven't used Pihole for about a year.

[–] Finkler@lemmy.world 5 points 1 year ago* (last edited 1 year ago)

Been running a pi-hole with unbound for years here. Apart from updating the roots file every six months its been sitting there doing it's thing happily without skipping a beat. I did take a small look at Adguard but couldn't see anything like the tail pihole log option which I tend to have in a tab as I like to see what's going on.

[–] timp80@lemmy.chatterverse.social 5 points 1 year ago (1 children)

As someone who switched from PiHole to AdGuard Home a couple of years ago, my reason was because PiHole dropped support for adblock style lists that I was using, while AdGuard still supports them.

See here for more into

[–] subtext@lemmy.world 3 points 1 year ago* (last edited 1 year ago)

I believe as of 2023-05-28 (v5.17), they began supporting Adblock-style lists.

https://github.com/pi-hole/pi-hole/releases/v5.17

Edit: it may have even been before that, I think the above just added additional functionality.

[–] redcalcium@c.calciumlabs.com 4 points 1 year ago (1 children)

I don't think you'll miss anything. If pihole works for you, then there is no need to switch to adguard.

One thing I found helpful is configuring my router (asuswrt-merlin) to transparently route all dns request to my adguard instance. You might already heard that some apps and IoT devices tried to be clever and hard-coded their dns server so they can evade dns blocking (I'm looking at you Netflix). If your router support redirecting all dns request to a custom dns server, definitely use it!

[–] metaStatic@kbin.social 1 points 1 year ago* (last edited 1 year ago)

I'm looking into custom firmware for my router. I'll edit it in when I get home if someone doesn't guess it, but it looks super cool

edit: openwrt.org

[–] 667@kbin.social 3 points 1 year ago

I have run my own PiHole previously. Then I wanted Ad blocking on my phone, so I also setup OpenVPN that ran alongside my PiHole so I could get ad blocking anywhere. I travel often, and then we moved, so I never got it set up again, at the same time I discovered AdGuard could be configured on both home networks for network-level blocking, but they also have device profiles for iOS.

I haven’t had to fuss with PiHole now in years.

If you are happy to do the administration of a PiHole, and the scope it provides, it’s good. I didn’t want to have to fuss with it anymore.

[–] Muspell@lemmy.world 2 points 1 year ago (1 children)

Does AdGuard Home have proper IPv6 support meanwhile? I remember the lack thereof made me switch back to pi-hole a few years ago.

[–] mea_rah@lemmy.world 2 points 1 year ago

Yes, no problem with IPv6.

[–] emhl@feddit.de 2 points 1 year ago* (last edited 1 year ago) (2 children)

I found it easier to setup adguard as my DHCP server, because I wasn't able to change the default DNS settings of my isp's router.

Additionally The web interface was quite laggy on my raspberry pi 1b and it always filled up my sdcard with log data (it's been over a year since when I last used pihole though)

[–] FutileRecipe@lemmy.world 6 points 1 year ago

setup adguard as my DHCP server

To be fair, Pihole can also be setup as your DHCP server, and it's not exactly complicated either.

https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/

[–] Trebach@kbin.social 3 points 1 year ago

I bought my own router and modem because of that. Cox started locking router features away inside their app and wanted $10/month to change settings on a modem/router combo I was already paying $8/month to rent!

Now the Pi-Hole is my DHCP server.

[–] Generator@lemmy.pt 2 points 1 year ago

I only use PiHole for a couple of months, it wasn't easy to setup something that worked on my LAN and over internet. Initially I used OpenVPN but was hard to use it with profiles to identify the devices.

Than a tried AdGuard Home, and use it with DoH/DoT server was very simple, and can easily use any profile for each device on LAN or DoH/DoT server.
Can easily search logs and block/allow for each device.

Give it a try, and use it for a couple days.

[–] rarkgrames@lemmy.world 2 points 1 year ago

FWIW I tried AdGuard as I liked the look of some of its features but it slowed my connection down massively - sites would take ages to load.

I may have done something wrong but I tried quite a few things but went back to PiHole as I’ve never had any issues with it.

YMMV

[–] cichy1173@szmer.info 1 points 1 year ago* (last edited 1 year ago) (1 children)

I used both and Adguard looks more buggy for me. And also it is heavier.

[–] mea_rah@lemmy.world 2 points 1 year ago (1 children)

And also it is heavier

I can't say I'm seeing the same.

Pihole CPU and memory usage (these are 1 week stats):

Same for Adguard:

So both are kind of the same unless you run on very limited hardware. The docker images are about 100MB for Pihole and 20MB for Adguard. This is probably most important parameter as you can run Adguard on some routers, that have very limited flash storage, but again only matters on extremely limited HW, something like Raspberry Pi has orders of magnitude more resources.

[–] cichy1173@szmer.info 1 points 1 year ago (1 children)

Adguard Home works really bad on RPi Zero and not as fast as PiHole on Rpi3B+. That's why Adguard is heavier for me.

[–] mea_rah@lemmy.world 2 points 1 year ago

That's fair. Wonder why that is, because my experience is quite the opposite.

The metrics I shared above actually had the Pihole running on much more powerful HW. (proper server with quite beefy CPU) The Adguard stats are from old Intel NUC which is perfomance-wise about on par with Rpi3B+. As you can see it barely uses any resources at all. So I'm surprised to see you reporting the performance as really bad.

I was testing Adguard on small openwrt based device and it still ran fine. Rpi3B+ has order of magnitude faster HW than that. I just don't see how would Adguard be slower or even noticeably slow. Or even Pihole. Both could run about 40 copies of the service on single Pi3.

Whis is not to say I don't trust you, it's just strange.

[–] Decronym@lemmy.decronym.xyz 1 points 1 year ago* (last edited 1 year ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
DNS Domain Name Service/System
NUC Next Unit of Computing brand of Intel small computers
PiHole Network-wide ad-blocker (DNS sinkhole)
RPi Raspberry Pi brand of SBC
SBC Single-Board Computer

3 acronyms in this thread; the most compressed thread commented on today has 10 acronyms.

[Thread #8 for this sub, first seen 19th Jul 2023, 13:50] [FAQ] [Full list] [Contact] [Source code]

[–] kryosaur@lemmy.kryo.ooo 1 points 1 year ago

I hosted both, adguard on VPS for whenever i'm outside and pihole in my local network with my adguard's DoQ as upstream. I also use wireguard so i don't need to switch DNS and to bypass DPI on my phone.

[–] Railison@aussie.zone 1 points 1 year ago (1 children)

AdGurd has a Home Assistant add-on

[–] Lighthouse@feddit.it 1 points 1 year ago

So does pihole as far as I know

[–] whenever8186@feddit.uk 0 points 1 year ago

I used to do all this, but then I gave up and started paying for NextDNS. It's like having your own Piholes in the cloud. It's like £18/year and is way more reliable than self hosting, especially for something as crucial as DNS for your home. It also has excellent parental controls if you need that, multiple profiles, good logging and analytics and a decent looking privacy policy.

Sure, it's not as fun as self-hosting but it's better then getting shouted at every time someone's app stops working because of some glitch in your setup.

load more comments
view more: next ›