Pi-Hole & Personal rDNS Server Appliance Setup Guide¶
Part 2: Installing the Pi-Hole Application¶
Overview¶
This guide will walk you through the steps necessary to install and configure a Pi-Hole on your Raspberry Pi, along with a personal recursive DNS server that will keep your DNS queries out of your ISP's immediate view.
The core sections of this guide are broken down into 4 parts:
- Installing the Raspberry Pi OS
- Installing the Pi-Hole Application (you are here)
- Installing the recursive DNS Server
- Make Pi-Hole work for you!
The Pi-Hole Project¶
A Pi-Hole is a Linux network-level advertisement and Internet tracker blocking application, which acts as a DNS sinkhole server intended for use on your private home network. The Pi-Hole application is specifically designed to run on low-power embedded devices with network capability, such as the Raspberry Pi.
Once properly configured and connected to your home network, you can change all of your client devices to use the Pi-Hole as their DNS Server (instead of the default DNS server, likely your wireless router). If you use a Pi-Hole as your DNS server while browsing the web, it will intercept DNS queries used for loading ads, and it will prevent those ads from being displayed on a web page. This makes for a much more pleasant (and faster!) web browsing experience.
A bit of Planning Ahead
- For your Pi-Hole to work properly, it will need a static IP address on the same subnet that your wireless router uses to issue DHCP addresses.
- Most modern home WiFi routers use /24 subnets, and use the .1 address as the gateway, the DHCP Server, and the DNS Server IP address. On many home WiFi routers, the default DHCP range doesn't start at the .2 address, but often at .10 or even .100.
- In almost all cases, the exact DHCP range is configurable. If you are familiar with the admin interface of your home WiFi router, this will all be easy information to find.
- Identify an IP address (aside from .1) that is not part of the DHCP range. If on your router, the DHCP range starts right at .2, you may need to edit the range by moving the lowest number from .2 to .6 or even .11, so you can use .5 or .10 for the Pi-Hole.
Installing the Pi-Hole Application¶
We will use the one-step automated install method as recommended by the folks at https://pi-hole.net
Log into your Pi using SSH, and from the shell prompt, execute the following command :
#Paste this into your shell prompt on your Pi
curl -sSL https://install.pi-hole.net | bashWarning
By doing this, you are piping commands in a bash script hosted on the pi-hole.net website directly into your bash interpreter on your Pi. This is considered controversial, and a potential security risk, as you are unable to easily see the commands before they are executed. This could mean that malicious commands may be included. You can review the current install script here: https://install.pi-hole.net. If this makes you uncomfortable, check https://github.com/pi-hole/pi-hole/#alternative-install-methods for alternative install methods
On-Screen Setup Menu¶
After the initial download and configuration finishes, you will be presented with a series of on-screen setup menus displayed in your SSH terminal window.
- Acknowledge the first three screens by pressing the Enter key on your keyboard (the
<Ok>field is pre-selected and the only option).
Attention
If you are presented with a screen that asks you to choose a network interface, be sure to select eth0, and NOT wlan0.
-
Next, you will be asked to select an Upstream DNS Provider. Select Google, though this is only temporary, we won't actually be using Google in the long run (we will use our own local recursive resolver!) We just need to select something now to be able to continue with the setup. Navigate to
<Ok>and press Enter. -
The next screen deals with third party block lists. Leave the defaults selected, navigate to
<Ok>and press Enter. -
The following screen deals with the IPv4 and IPv6 protocols, leave both selected, navigate to
<Ok>and press Enter. -
Finally, the screen that lets you set the static IP address the Pi will use. It will be pre-filled with values derived from the DHCP lease your Pi obtained when it last booted up. You will be asked if you want to use your current settings (the ones you see displayed on your screen) and make them static.
-
In almost all cases, you will want to select
<No>, so you can manually set the address you previously decided on. -
After selecting
<No>and pressing Enter, you will be given the opportunity to change the static IP address. It will be pre-filled with the values from DHCP, written in CIDR notation. Adjust the last octet to the number you previously decided on. Make sure that IP address is not part of your router's DHCP range. Navigate to<Ok>and press Enter. -
On the next screen, you will be asked for the Default Gateway address. The pre-filled value, which came from DHCP, should be correct and you can navigate to
<Ok>and press Enter. -
Now you will see a screen that asks if you want to install the Web Admin Interface. Make sure "On" is selected, navigate to
<Ok>and press Enter. -
This is followed by the question about installing the web server itself. Make sure "On" is selected, navigate to
<Ok>and press Enter. -
The final two screens deal with logging DNS queries. You do want to log them, so make sure "On" is selected.
-
The last question is about which "privacy mode" to chose - how much detail gets logged for DNS queries. This can be changed later from the Web Admin interface, so chose "0 - Show everything" to start with, navigate to
<Ok>and press Enter.
This concludes the setup process via the SSH connection. The script will finish configuring everything, and this may take a little bit of time. When it finishes, you will see one more screen with login information.
Important
Make sure to capture this information. Snapping a quick photo with your phone is a handy way to preserve the information until you can get the chance to change the password later.