Security for Everyone!

Installing a Pi-Hole

I wrote a post about filtering DNS requests, and there I mentioned the option of using Pi-Hole. I would recommend you read that post if you want to have more context. Otherwise, let’s begin.

Here is the hardware and software I used:

  • A Raspberry Pi Model 3B, not the most recent one, but I had it in a drawer, and it is more than enough. The size and power of this device is just amazing
  • During the installation: a keyboard and, optionally, a mouse, an HDMI cable, a monitor
  • Raspbian OS, based on Debian, to run on the Raspberry, which ensures the system works without issues
  • The Pi-Hole application
  • A network cable to attach the Raspberry to a free port in your switch

You can, of course, use and old laptop or desktop and install a standard Linux distribution. You can go to the section “Installing Pi-Hole software” if you already have a fully working Linux machine.

Installing Raspbian OS

I used a 16 GB micro SD card memory to install Raspbian OS. From the Raspberry webpage, I downloaded the Imager tool that did everything for me. It is pretty simple to use:

  • You run the image.exe file
  • Select the OS you want yo install: here I selected the recommended option, with a Linux Desktop as well. I have to point out that this is not needed for Pi-Hole, so if you prefer to have a command-line only version, it is excellent as well
  • Chose the memory card where you want to write the OS installation

Click Write, and wait

Once the process finished, you can plug the micro SD card in the Raspberry and boot it up.

Raspbian Desktop

The last thing before launching the Pi-Hole configuration is making sure you have a fixed IP address for your ethernet interface. The rationale behind this is simple: you will use the Raspberry as your DNS server, so you do not want it to change its IP address, ever.

With all this set, we can proceed with the Pi-Hole installation.

Installing Pi-Hole software

Open a terminal window and launch the following command:

curl -sSL | bash

And follow the steps proposed. All default options are excellent, so unless you know what you are doing, do not change anything. Only remember to specify you want a fixed IP address. And make sure you write down the administrator’s password the installer has assigned. Otherwise, you might need to log back to your Raspbain and reset it with this command:

pihole -a -p

If everything went well, you should be able to launch a web browser and go to your Pi-Hole IP address and see this:

And clicking in the admin link will take you here:

Final step: using your brand new DNS server

The last and most important step: to make sure you have your Pi-Hole server set as the DNS server in your network. For this, there are different options, depending on the setup you have, so I will explain what I did in my setup. I use Ubiquiti Unifi gear, so I went to the configuration site and put in my DHCP server setting and specified that my DNS server is the IP address for my Pi-Hole server. And that’s it. You will slowly start seeing that more and more clients are using the Pi-Hole as DNS server and, what gives, at least to me, the most satisfying thing, is that almost a third of your traffic is being blocked by it.

You also get some great dashboards and plenty of reports that you can use to analyse the traffic and, if needed, block or unblock some URLs.

And that’s it. Please let me know if you have any question or any comment. I hope you find this useful.

Stay safe!

Leave a Reply