One install. Every device on your network stops seeing ads.
You know those banner ads, tracking pixels, and pop-ups that follow you around the internet? Most of them come from a handful of known advertising domains. Pi-hole sits on your network and blocks DNS requests to those domains before they ever reach your devices. No browser extensions needed. No per-device setup. Your phone, your laptop, your smart TV, your kid’s tablet. All of them, protected at once.
I have been running Pi-hole on my HomeLab for over a year and it blocks roughly 30% of all DNS queries on my network. That is 30% of traffic that was ads, trackers, and telemetry that never needed to load in the first place.
What Pi-hole Actually Does
Pi-hole is a DNS sinkhole. When a device on your network tries to load a page, it asks your DNS server to translate the domain name to an IP address. Pi-hole intercepts those requests and checks them against blocklists. If the domain is on a list (like ads.facebook.com or tracking.google.com), Pi-hole returns a blank response. The ad never loads.
Your normal web traffic goes through untouched. Only the known advertising and tracking domains get blocked.
What You Need
- A Linux machine (a Raspberry Pi, a VM, or a Docker container on your server)
- About 512MB of RAM and minimal disk space
- Access to your router’s DHCP settings (to point DNS at Pi-hole)
If you followed the HomeLab series, you already have everything you need. Pi-hole runs great as a Docker container alongside your other services.
Installing with Docker
Create a directory for Pi-hole:
mkdir -p ~/pihole
cd ~/pihole
Create a docker-compose.yml file:
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
ports:
- "53:53/tcp"
- "53:53/udp"
- "8080:80/tcp"
environment:
TZ: 'America/New_York'
WEBPASSWORD: 'changeme'
volumes:
- './etc-pihole:/etc/pihole'
- './etc-dnsmasq.d:/etc/dnsmasq.d'
restart: unless-stopped
Start it:
docker compose up -d
The admin panel will be at http://YOUR_SERVER_IP:8080/admin.
Pointing Your Network at Pi-hole
Once Pi-hole is running, you need your devices to use it as their DNS server. Two options:
Option A: Change it on your router (recommended)
Log into your router and find the DHCP settings. Set the primary DNS server to your Pi-hole’s IP address. Every device that connects to your network will automatically use Pi-hole. No per-device configuration needed.
Option B: Change it per device
If you cannot change your router’s settings, you can manually set the DNS server on individual devices. This works but requires setup on each one.
Adding Blocklists
Pi-hole ships with a default blocklist that covers the most common advertising domains. You can add more from the admin panel under Adlists.
Good community-maintained lists:
- Steven Black’s Unified Hosts (ads + malware + trackers)
- OISD (one list that combines many sources, well maintained)
- Hagezi’s DNS Blocklists (multi-level options from light to aggressive)
Start with one or two lists and see how it goes. Too many overlapping lists slow down updates without adding much benefit.
When Things Break
Some services stop working when their tracking domains get blocked. Common ones:
- Spotify blocks some of its own CDN tracking alongside ads. You may need to whitelist specific Spotify domains.
- Smart TVs sometimes refuse to load content if they cannot phone home. Samsung and LG are the worst about this.
- Mobile apps that are mostly ads will sometimes crash or show blank screens.
The Pi-hole admin panel has a query log that shows every DNS request. If something breaks, check the log, find the blocked domain, and whitelist it. It takes about 30 seconds.
What You’ll Notice
- Web pages load faster (no waiting for ad servers to respond)
- Less data usage across all devices
- The Pi-hole dashboard shows exactly how much junk your network was loading
- YouTube ads still get through (they come from the same domains as the video, so DNS blocking cannot separate them)