Selfhosted

It's fine, did the job for me at the time. Just wanted the ad and nasty blocking. Keeping it and the filters up to date is easy.

Now have a pfSense box with pfBlocker-NG, which does essentially the same thing. Also runs Snort as an additional layer, and makes penning in IoT stuff possible.

The number one rule of selfhosting unbound. Make two.

You won't be happy one morning if you don't. I run unbound with adblocking on OpenWRT, but if my router dies, my whole network does anyway, so... Eh.

Sadly, it was very bad. I tried it about five years ago on a Pi 4. In less than a year, the Pi crashed five or more times. Once it was due to a faulty SD card, and on several occasions it was due to other software on the Pi crashing. Each time, the internet went down, which made my family unhappy, especially when I was not at home and could not fix it.

I also saw little benefit as I already block ads on all my devices, and my smart home stuff has no internet access at router level.

I haven't tried it since. Should I try again now with redundancy? What are the benefits?

I use it on a Raspberry Pi 2B and Orange Pi Zero, both work wonderfully for the task, and it looks like Pi-Hole can work fine even on a router. Both of my SBCs are passively cooled, that’s why I decided to comment on the photo: you don’t need a computer this powerful to run it. As far as I remember, my very first Raspberry Pi (v. 1B or something like that) handled this task very well too. I temporarily retired that SBC in favour of Orange Pi Zero, so I cannot say for sure, but I think that computer had no issues with being fast enough for Pi-Hole. Really, give it a try if you didn’t, it’s ‘install once and forget’ type of software. Perhaps it should be updated periodically, but I don’t manage that. The only nuance with it, you need to have two computers, for the redundancy. Otherwise you’d be having downtimes when you need to turn off the SBC, or even reboot it.

Maybe a controversial take, but I like pihole for blocking only - I have a pair of powerDNS servers set up for my internal name resolution. They recurse to Pihole, but can fall back to internet DNS servers if Pihole isn't responsive.

I tried pihole for local resolution and found it to be a fairly large pain to automate. Plus kubes has PDNS hooks for auto-updating DNS entries.

Technitium DNS Server is a bit more feature rich but honesty I would just run a DNS filter on your router

I run it in a VM and it's great

I just use adguard home. Worker a little better in my docker setup.

I run 2 instances of pihole/unbound as lxcs on my main server and local back up, works great.

If I didn't have the two big boxes I'd use my pi4/zero2 to run two instances of pihole/unbound.

If I didn't have my pis, I'd run 2 instances of pihole/unbound on literally anything I could install it on.

What I'm saying is that I consider pihole/unbound to be essential infrastructure at this point. I'm also trying to say I've broken my only instance of pihole enough times to understand the importance of redundancy.

I use Pis as a (sort of) hardware key to get family and friends onto my Tailscale VPN. They all have pihole too. I haven't convinced any of them to get a pi0 as a redundant box, but I'm sure they'll learn eventually too. No doubt it'll be my problem.

I love it! It took me a bit to iron out all the kinks with my network, but I am completely happy with it now.

I use technitium, but there is nothing "wrong" with using a pihole. I used to run several (containers, plus one physical), and have set up quite a few for family and friends.

I have that virtualized, times three. Two to have a failover, and third one with different settings for my kids (cloudflare's family dns)

I have run Pihole on 2 physical Pi 4s (DietPi OS) with config sync for 3 years now. Core to the house. Very reliable.

Doing it.
If it works? Why not

I use a RPi 5 running docker for: Pi-Hole, Jellyfin, Home Assistant, Heimdall. Works great, and there's still capacity left to add more services.

My pi 1b handles the internal DNS for my game servers, which at this point is actually just minecraft because PSO:BB was way harder to setup than I thought. It works and it is extremely easy and it still holes all the tracking stuff too.

I set up split dns using a phone earlier this year, and it's been fantastic

I started playing with it, but decided that DNS was slightly lower level than I wanted to host myself (personal opion, more power to you if you disagree). Instead, I use NextDNS which gives me great control down to individual devices, blocks ads and malware, and doesn't bring down the internet for my entire home if I have a faulty power supply or SD card or whatever.

I switched to https://github.com/0xERR0R/blocky

Pihole was fine, but had features I didn't care (mostly UI). Blocky is much smaller and lightweight

I mostly like it, but over the last few months I've had my pihole die randomly during the day, which killed my home network, and I had to walk my partner through rebooting everything.

I've now got redundant pihole instances, but I'd really like to know what is going wrong with pihole. Its impossible to replicate, and very sporadic.

Depends on how you do it and what you need from it. I've actually moved on from my Pihole instance, for reasons I'll get into later.

The broad appeal of using Pihole for DNS in a homelab is the ability to route services from domain names on the local host. This can be really useful, especially for "hacking" service availability onto other unintended devices. Additionally, it can be nice for less tech-savvy users who might not be comfortable editing /etc/hosts or just want to check out a service on their phone web browser.

I would generally recommend using an isolated device for Pihole needs; If you're doing work on your home server, you'll probably want all users on your service to keep their internet connection working to not be a burden to others living in your household (if you have others). A raspberry pi is a really good target for a pihole, and even a cheap old/used one from the interwebs can serve you well (I was using one recently on a pi3b and it was no issue.) Keep in mind that you can't really do fallback dns configuration unless you're ok with losing the key feature of pihole (blocking ads and redirecting domains). Notably, I'm actually not a proponent of running all services on individual compute units generally, I just think DNS is special and you don't really want to tie it into docker services to keep a separation between the services and the server, so to speak.

This brings me to the second feature: adblocking. This one is really a mixed bag. Ultimately, I turned this feature off only because it doesn't work for the websites that have arguably the most ad content (youtube, twitch) and really only serves to hurt the smaller players. Sometimes it's great for blocking things like SmartTV advertisements or data encroachments, but it's very hard to block ads from a web domain in a way that doesn't outright block the service itself (so blocking youtube ads without blocking youtube is, seemingly, a fools errand.) I'm willing to hear other people's opinion on this, I just couldn't get this working to a satisfactory degree.

I've abandoned Pihole as a local dns resolver. This is because Tailscale suits my needs and also allows me out-of-house connectivity to things like my music or personal data so my phone never goes out of communication with my home network. When you use tailscale at home, it's generally really good about routing that through your local network instead of the relay, so there shouldn't be that many downsides. Note, I say generally, because there have been times where it goes through a relay unexpectedly which I haven't solved yet (this is likely a local router configuration issue, anyway...)

I notice that you're already familiar with Pihole, but just thought that it would be best to "explain" my thoughts on it in the form of a recommendation/editorial form.