Pi-hole

509 readers

1 users here now

The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software.

founded 2 years ago

MODERATORS

[email protected]

How practical is it to block everything by default? (feddit.uk)

submitted 4 days ago by [email protected] to c/[email protected]

31 comments fedilink hide all child comments

I've just set up my pihole and I'm considering the best way to configure it. Is it a good idea to set the default group to block (almost) all domains and then manually add trusted devices to another group with a "normal" block list? My use case is untrustworthy devices that I don't want phoning home but which might change their IP address.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 4 days ago (2 children)

I tried that once, pihole blocks stuff coming in and not going out. Many “smart” devices will freak out if they can send things out to the internet but cannot receive things back.

[–] [email protected] 1 points 3 days ago* (last edited 3 days ago)

Pihole doesn't block inbound traffic, it has nothing to do with it (as you mention in your later comment, DNS is about address lookups, not routing IP addresses).

PiHole is a DNS server, all it will do is resolve addresses for clients that use it.

[–] [email protected] 1 points 4 days ago (1 children)

Does it? I don't know much about networking but I thought for a device to even send something out it still needs to go through DNS first.

[–] [email protected] 1 points 4 days ago (1 children)

No it does not go through a DNS on the way out. A DNS, or domain name server, is like a phonebook so people can put in whatever.whereever and get the IP address back.

[–] [email protected] 1 points 3 days ago (1 children)

Yeah, so to reach out does it not need to use DNS to know where it's reaching out to?

[–] [email protected] 3 points 3 days ago

No it can just send stuff to an IP