I've been using a pihole exclusively for years on my Ubiquiti network at home. Combined with Wireguard, it's a stable, easy ad-blocking solution. I've never even considered moving from it, seeing how well pihole Just Works.
this post was submitted on 16 Jul 2023
138 points (97.9% liked)
Selfhosted
39250 readers
236 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 1 year ago
MODERATORS
That's more-or-less what I thought. And in fact I forgot to add to my post that I also use Pihole on the go via Wireguard, which seems like another hurdle to converting to AdGuard. Thanks.
Adguard home would also work exactly the same way as pihole for that use case.
You can use a private Adblocking DNS on all OS at this point.
Does pihole affects your internet speed?
It has to go upstream for answered requests, so it can add 1 or 2 ms to the 45 ms it would otherwise take when you're local. If you're using a VPN to your home dns, it can add 75 ms and I can feel it.
The only edge Adguard Home has over PiHole I can think of is its out-of-box support of encrypted DNS upstream and downstream queries (e.g. DNS-over-HTTPS and DNS-over-TLS).
This is the reason why I switched over to Adguard Home and stuck to it.
I guess that’s nice. I installed cloudflared myself and get the same results that way with my pinhole. But it was an extra step.
It can also run directly on lower powered machines. GL.iNet routers are a good example, they’re based on OpenWrt and come with AdGuard Home support out of the box, so no need for a whole external computer to handle DNS stuff. Sure it’s limited by ram about how many lists you can have, but still. Pihole is much more “substantial”
I was going to say this and also you can do single device exclusions in AGH.
I've used both, each for a long stretch of time; they are fundamentally extremely similar and you'll be fine with either. I switched to AdGuard Home entirely because I could run it directly from my OPNSense router instead of a second machine. There isn't really anything else major I've noticed different between them, but my usage is fairly basic. AdGuard's interface felt a bit more mature and clean, but that's it.
If you're happy with your PiHole, there's no reason I'm aware of to switch.
This guy is right.
I have used Pi-hole forever at home, but decided to try out AGH on my parents’ network. They do largely the same stuff, so if Pi-hole is working for you, stick with it; I do with my home network, too!
So, anecdotally, I used pihole first more than 5 years ago and switched to AdGuard as pihole did not have the ability to do conditional forwarding of requests for various zones or the ability to add static records via the UI. Conditional forwarding means that I can send the requests for let’s say example.com to an internal server hosting that zone responding with private records for internal services as well as other similar scenarios.
I also like that I can identify clients or networks in adguard by various factors and apply different rules (blocking and forwarding) and collect statistics on those clients or groups of clients, I don’t think pihole has either feature yet.
I also like that adguard is a static binary which is likely what people mean when they say it’s easier to install and maintain.
As to why I keep it and don’t switch back, I like the interface AdGuard has and it doesn’t break so I often forget about it anymore. I’ll update if I remember anything else but those are the larger things for me. If pihole is working then stick with it but curiosity is a definite reason to try adguard, I bet you could just stop pihole on your machine and run adguard to check it out without too much work (yay static binary) but I haven’t tested that myself.
Hope that helps!
I'm super new to all this but piehole has clients and groups which I assume is for applying custom rules
That’s awesome, I’ll have to give it another look. Maybe I’ll have to set up one of each and do some performance testing then :D
PiHole has everything you listed except the static dns via web ui. You need to add them to the hosts file.
If it's just for local you can add dns hostnames in the gui. I have all my lan boxes defined in pihole with the .lan under the local dbs ootio. Might even work for external too
That’s awesome, I’ll have to give it a try again! I saw they also recently added an external-dns target for pihole for kubernetes which was the real genesis of needing an internal dns server anyway.
I've got enough going on, on my internal lan that I have a bind server hosting internal fwd/ptr zones. I just put config files in /etc/dnsmasq.d/ that direct queries for those domains there.
There's a third party tool for AdGuard which allows syncing multiple instances. Very nice because if you want something to be redundant in your home setup, it's DNS. This adds the ability to sync configured rulesets and custom DNS entries.
EDIT: There seems to be a similar tool for Pi-hole as well.
I was warming up to post the gravity sync link before I got to your edit. I've been using it for at least a couple years and I've been happy.
I swapped from Blocky to AdGuardHome because of AdGuardSync.
You can't really go wrong with any of those. They are both very solid options. Having said that, if I had to recommend one, I'd go with Adguard, because:
- The interface is better. Most notably the query log interface. Searching the logs with some long time span makes Pihole spike in memory usage and is super slow. (there's no server-side pagination)
- Custom filters are more powerful thanks to modifiers, which AFAIK Pihole does not support. Some of it can be configured via dnsmasq (without user friendly interface), some I had not found any solution for. Good example is dnstype modifier, which I sometimes use to block AAAA responses for sites, that have set AAAA records, but the service actually does not work over IPv6. So I can disable IPv6 for certain domains if I need to. (or other way around, force IPv6 only)
Some of the above might have changed, I haven't used Pihole for about a year.
Been running a pi-hole with unbound for years here. Apart from updating the roots file every six months its been sitting there doing it's thing happily without skipping a beat. I did take a small look at Adguard but couldn't see anything like the tail pihole log option which I tend to have in a tab as I like to see what's going on.
As someone who switched from PiHole to AdGuard Home a couple of years ago, my reason was because PiHole dropped support for adblock style lists that I was using, while AdGuard still supports them.
See here for more into
I believe as of 2023-05-28 (v5.17), they began supporting Adblock-style lists.
https://github.com/pi-hole/pi-hole/releases/v5.17
Edit: it may have even been before that, I think the above just added additional functionality.
I don't think you'll miss anything. If pihole works for you, then there is no need to switch to adguard.
One thing I found helpful is configuring my router (asuswrt-merlin) to transparently route all dns request to my adguard instance. You might already heard that some apps and IoT devices tried to be clever and hard-coded their dns server so they can evade dns blocking (I'm looking at you Netflix). If your router support redirecting all dns request to a custom dns server, definitely use it!
I'm looking into custom firmware for my router. I'll edit it in when I get home if someone doesn't guess it, but it looks super cool
edit: openwrt.org
I have run my own PiHole previously. Then I wanted Ad blocking on my phone, so I also setup OpenVPN that ran alongside my PiHole so I could get ad blocking anywhere. I travel often, and then we moved, so I never got it set up again, at the same time I discovered AdGuard could be configured on both home networks for network-level blocking, but they also have device profiles for iOS.
I haven’t had to fuss with PiHole now in years.
If you are happy to do the administration of a PiHole, and the scope it provides, it’s good. I didn’t want to have to fuss with it anymore.
Does AdGuard Home have proper IPv6 support meanwhile? I remember the lack thereof made me switch back to pi-hole a few years ago.
Yes, no problem with IPv6.
I found it easier to setup adguard as my DHCP server, because I wasn't able to change the default DNS settings of my isp's router.
Additionally The web interface was quite laggy on my raspberry pi 1b and it always filled up my sdcard with log data (it's been over a year since when I last used pihole though)
setup adguard as my DHCP server
To be fair, Pihole can also be setup as your DHCP server, and it's not exactly complicated either.
https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/
I bought my own router and modem because of that. Cox started locking router features away inside their app and wanted $10/month to change settings on a modem/router combo I was already paying $8/month to rent!
Now the Pi-Hole is my DHCP server.
I only use PiHole for a couple of months, it wasn't easy to setup something that worked on my LAN and over internet. Initially I used OpenVPN but was hard to use it with profiles to identify the devices.
Than a tried AdGuard Home, and use it with DoH/DoT server was very simple, and can easily use any profile for each device on LAN or DoH/DoT server.
Can easily search logs and block/allow for each device.
Give it a try, and use it for a couple days.
FWIW I tried AdGuard as I liked the look of some of its features but it slowed my connection down massively - sites would take ages to load.
I may have done something wrong but I tried quite a few things but went back to PiHole as I’ve never had any issues with it.
YMMV
I used both and Adguard looks more buggy for me. And also it is heavier.
And also it is heavier
I can't say I'm seeing the same.
Pihole CPU and memory usage (these are 1 week stats):
Same for Adguard:
So both are kind of the same unless you run on very limited hardware. The docker images are about 100MB for Pihole and 20MB for Adguard. This is probably most important parameter as you can run Adguard on some routers, that have very limited flash storage, but again only matters on extremely limited HW, something like Raspberry Pi has orders of magnitude more resources.
Adguard Home works really bad on RPi Zero and not as fast as PiHole on Rpi3B+. That's why Adguard is heavier for me.
That's fair. Wonder why that is, because my experience is quite the opposite.
The metrics I shared above actually had the Pihole running on much more powerful HW. (proper server with quite beefy CPU) The Adguard stats are from old Intel NUC which is perfomance-wise about on par with Rpi3B+. As you can see it barely uses any resources at all. So I'm surprised to see you reporting the performance as really bad.
I was testing Adguard on small openwrt based device and it still ran fine. Rpi3B+ has order of magnitude faster HW than that. I just don't see how would Adguard be slower or even noticeably slow. Or even Pihole. Both could run about 40 copies of the service on single Pi3.
Whis is not to say I don't trust you, it's just strange.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
| Fewer Letters | More Letters |
|---|---|
| DNS | Domain Name Service/System |
| NUC | Next Unit of Computing brand of Intel small computers |
| PiHole | Network-wide ad-blocker (DNS sinkhole) |
| RPi | Raspberry Pi brand of SBC |
| SBC | Single-Board Computer |
3 acronyms in this thread; the most compressed thread commented on today has 10 acronyms.
[Thread #8 for this sub, first seen 19th Jul 2023, 13:50] [FAQ] [Full list] [Contact] [Source code]
I hosted both, adguard on VPS for whenever i'm outside and pihole in my local network with my adguard's DoQ as upstream. I also use wireguard so i don't need to switch DNS and to bypass DPI on my phone.
AdGurd has a Home Assistant add-on
So does pihole as far as I know
I used to do all this, but then I gave up and started paying for NextDNS. It's like having your own Piholes in the cloud. It's like £18/year and is way more reliable than self hosting, especially for something as crucial as DNS for your home. It also has excellent parental controls if you need that, multiple profiles, good logging and analytics and a decent looking privacy policy.
Sure, it's not as fun as self-hosting but it's better then getting shouted at every time someone's app stops working because of some glitch in your setup.
view more: next ›