DNS

How to install DietPi - The lightweight Debian based OS that runs on the Raspberry Pi.

How to install PiHole - This is used to block adverts and tracking across the entire network.

How to set up Unbound - This is used to help prevent phishing attacks.

The instructions on how I set up Rsync can be found here - This has been used to ensure that both white/black lists remain the same across both devices.

Primary and Secondary DNS servers

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole, intended for use on a private network.

I have used this to lower the amount of traffic on my network, learn how to use the command line, MX records, prevent adverts and tracking across all home devices and to also have greater control over my own data.

Primary DNS

This is the Raspberry Pi 3. I initially chose this device as it has a number of key features that I was planning on making use of for future projects. However, given the importance of having a stable DNS server on my home's internet functionality, it has now become the sole function.

It cost around £50 making it quite expensive for the task that it is being used for. This did however include a complete starter kit including a case, SD card, and power supply.

The specifications for it are the following:

Quad Core 1.2GHz Broadcom BCM2837 64bit CPU
1GB RAM
BCM43438 wireless LAN and Bluetooth Low Energy (BLE) on board
100 Base Ethernet
4 USB 2 ports
Full size HDMI
Micro SD port for the DietPi OS and storing data
Upgraded switched Micro USB power source up to 2.5A

I have installed DietPi as the OS which is a lightweight Debian based OS. I have it running headerless, meaning that I have to SSH into the device in order to make any key changes to it.

Secondary DNS

This is the Raspberry Pi Zero W. I chose this device for the secondary DNS server due to its low cost, and power consumption, and I did not need as heavy a technical specification as I originally thought when I bought the Pi 3. The need for a secondary DNS server proved vitally important as I rand updates, or if there were any issues on the primary. If there were issues, the whole network would seemingly die until the primary DNS server was back up and running. Happy wife, happy life.

It cost around £28 making it close to half the cost of the Pi 3 and this included a case and SD card. I did have to buy a micro-USB ethernet connector as well bringing the total cost closer to £35.

The specifications for it are the following:

802.11 b/g/n wireless LAN
Bluetooth 4.1
1GHz, single-core CPU
512MB RAM
Mini HDMI port and micro USB On-The-Go (OTG) port
Micro USB power

I have also installed DietPi on this device and it is perfect due to the lightweight nature of the OS. This has also been installed headerless, meaning that I have to SSH into it to control it.

DietPi

As its name suggests, DietPi is a lightweight distribution for the Raspberry Pi's.

It’s based on Debian and you can configure it to start with a minimal operating system (less than 200MB once installed).

It’s highly optimized for a minimal CPU and RAM hardware, so it’s perfect for a Raspberry Pi Zero.

You start with a minimal system and can choose to install additional software or not. I have chosen to install PiHole on it with a couple of other select programs like Log2RAM

How to install DietPi - The lightweight Debian based OS that runs on the Raspberry Pi.

https://github.com/MichaIng/DietPi

Block those adverts and take back control!

With DietPi installed on the Raspberry Pi's, it is now time to install PiHole on both of the devices. I opted to install the PiHoles with webserver GUIs available, allowing for easy control and access across a range of devices.

What is PiHole? Pi-hole is a network-wide ad blocker. Instead of installing adblockers on every device and every browser, you can install Pi-hole once on your network, and it will protect all of your devices. Because it works differently than a browser-based ad-blocker, Pi-hole also blocks ads in non-traditional places, such as in games and on smart TVs.

How to install PiHole - This is used to block adverts and tracking across the entire network.

https://github.com/pi-hole/pi-hole

Unbound

Using Unbound to allow the PiHole to become a recursive resolver. Firstly, why? To simply put it: a recursive resolver is a DNS resolver that resolves a DNS query by going through hierarchical sets of authoritative nameservers until it gets an answer to the query.

Ultimately, the answer is somewhat simple, and it’s mostly privacy related. When you use Pi-hole, you configure an upstream DNS provider (Google, Cloudflare etc). The first thing you need to realize is that all traffic is being sent from your external IP address, so depending on who you’re sending the data to, you’re trusting them with your internet traffic.

The other issue is that periodically, these services will go down. In that case, it might appear as if your internet “stopped” working, when the reality is that it simply cannot resolve DNS names.

By installing Unbound, I become your DNS provider. This ensures that my privacy is maintained, and will no longer be impacted by potential service outages.

How to set up Unbound - This is used to help prevent phishing attacks.

https://github.com/anudeepND/pihole-unbound

Gravity Sync

PiHoles rely on a set of lists, white and black to determine what traffic should be allowed and what shouldn't. These lists are called Gravity lists. In order to make sure that both DNS servers are using the same list, I have set up a Gravity Sync which syncs the 2 lists.

https://discourse.pi-hole.net/t/gravity-sync-an-easy-way-to-keep-multiple-pi-hole-in-sync/33545

https://github.com/vmstan/gravity-sync

Page updated

Google Sites

Report abuse