Linux

Occasionally it's caused some problems with the tracking crapware that the spouse's company uses in their web platform. Since they work from home and it breaks the main site they use for work, I've had to add some exceptions.

I've also seen it occasionally cause problems on websites that rely on tracking garbage and outright fail when they're blocked. Usually I just never go there again but in a few cases it's been something I was forced to use so I just disable the pihole for five minutes, do what I need, and hope to never visit that site again.

I think there have been maybe eight of these occurrences in the past five years so it's not a continual annoyance. No big deal and definitely worth it.

My gf likes to click on ad entries of Google searches - that doesn't work

I use default block list and had 0 issues so far

Quite often, yes, especially for apps.

For nearly a year the Android Amazon app wouldn't work. It would load, and then when a tracker failed to start, would show a generic error message page.

US bank mobile app wouldn't login for about 2 months last year.

This happens quite often when apps are built with dependencies they assume will load, and when there is a failure an error boundary catches it and shows an error view.

Been using pi-hole since 2016 and I’ve had to make but a handful of exceptions over he years. I guess it’s a case by case thing.

Most things just work, and I have 3.5 million domains blocked. When something doesn't work you can go into the query log to see what was blocked, and whitelist it from there. I seldom have to do this. Some apps are written to fail completely if they can't send their telemetry, but most just work without the ads.

Important? Depends on who you ask, but annoying? Yes absolutely. I've found with both Pihole and Adguard Home that deal links posted on Slickdeals are broken. But those also redirect several times and it can be a bit cumbersome to whitelist all the domains.

I also found out recently that one (or more) of my blocklistsnin AGH was blocking Steam from uploading games saves. So I had to remove some.

There might be a chance for false-positives. Or to just clog your dns responses with repetitive queries.

Then again, you don't need more than a HaGeZi blocklist anyway.

Depends on what lists you add to pihole (or adguard).

The default lists for both are primarily advert or tracking related, and very safe to keep. The only time I whitelist is when I'm following some kind of shopping deal that uses a tracker. Most linux related things are free from that.

I have a pihole, I love it. My wife hates it so much I made her her own Wi-Fi network on her own vlan that’s isolated from the rest of the network and uses Google dns. My wife likes to click ads and watch TikTok and all that shit is blocked on my network

Yes, but first go check which list you want to use since they're a good starting point to understand a kind of level of tolerance and expectations around your experience.

There's lots of lists around here's a small sample:
https://arstech.net/pi-hole-blocking-lists-2023/

Be prepared for a bump in time outs as you work through things you might need (I blocked by accident a bunch of needed Microsoft services that I need to use during my job).

I haven't edited my white list in months, maybe over a year. It's going very well. I've been running pihole on ubuntu for more than 5 years as two virtual machines. I'm happy.

About two years ago I played a shitty mobile game called Idle Miner Tycoon and its pseudo-multiplayer system wouldn't work. It turns out that Pi-hole was blocking a domain the game used. While I did whitelist the domains I ended up not playing the game anymore.

My most frequent issue is that links created through an email service provider like ConvertKit will get blocked by PiHole.

I’m a small business owner and so I get a lot of other people’s newsletters, on purpose. I like seeing what mentors and colleagues are doing with their businesses. But a link to their website, a blog post, anything really will almost always be blocked by PiHole if it’s sent via an ESP. This kind of “tracking” (email clicks from a small biz I know and trust) is something I am totally fine with.

It’s easy to disable for 1 minute to click through, but sometimes I forget that the PiHole is active and I can’t figure out why the links aren’t working.

Been running it 7 years with a combined adlist of 1,089,320 domains.

It's really rare that I run into a site that won't load or function correctly (like once maybe twice a year). The most noticeable really is the ad results in Google, but I've moved away from that to DuckDuckGo anyway.

In the few cases that you do want to use a blocked doman; you can open pihole and either whitelist the domain with one click right out the query log, or disable pihole blocking entirely for 5sec-30min with one or two clicks.

If you really want to, you can group clients and adlists so some clients have much stricter blocking than others do. You can even leave some devices completely free of blocking while still using pihole to log their traffic.

By far one of the noisiest blocked domains is Nvidias driver telemetry. If you don't strip it out using NVSlimmer, it'll constantly retry its phone home, spamming the pihole with dns requests (not enough that it can't handle, but enough that it's VERY noticeable in the dashboard)

The only one I ever found in 2 years of pihole use was cdn.cookielaw.org.. a good percentage of sites won't display with it blocked. Most other stuff is fine.

When I first installed pihole I went overboard with blocklists and broke nearly everything.. don't do that :p

Yesterday I couldn't download stuff from Ansible gateway because my lists blocked the object storage URL but there's a query log in both tools that makes troubleshooting easy and Adguard has a disable protection button that can disable filtering and can disable it for a set amount of time so you don't forget to turn it back on

Lots of downsides which proponents forget to mention.

1. My wife clicks ads. I know, I couldn’t believe it either. Being unable to click ads made her sad, so I had to bypass all her devices.

2. Many sites, including social media, are rendered inoperable. Either because their domains are black listed by a filter, or because the site refuses to load/render without being able to serve ads. Ad blockers have a similar issue, but it’s much worse with pihole.

3. Lots of critical services rely on telemetry to operate. Office applications, operating systems, your TV, your phone. When they can’t access their telemetry servers, exception handling ranges from graceful to catastrophic. That is, many devices and applications will cease to function. You’ll spend a lot of time tracking down the apps, devices, processes, and IPs you need to whitelist. This is a HUGE PITA, and an ongoing process. Server IPs change, as do the number of servers required for operation.

I'm using AdGuard, which is pretty similar. I had issues with my Sonos speakers. The devices couldn't find the speakers until I set a few servers on the whitelist.

Apart from that, all's good.

You have full control over what you block and whitelist. So if anything goes wrong, you can just troubleshoot it and whitelist if needed. If all fails, you can always (temporarily) turn off all blocking in pihole.

DNS blocking is heavily dependent on the blocklist(s) you use. It's entirely possible to block >95% of crapware, and break companies' ability to track you without compromising usability.

Having used both for a lot of years, I'd say look instead at AdGuard Home. It is also FOSS but supports more out of the box; including certificate management, the ability to use encrypted DNS both upstream and downstream without need for third party software (cloudflared), the ability to use adblock filter syntax (lists are 200k lines instead of 2 million lines, but actually block more), and so on. PiHole has some improvements pending in the next version, but it's not there yet in comparison, imho.

I'd also strongly suggest you check out Hagezi's DNS blocklists, as they're pretty much set and forget. They're intended to be used as your only block list, and do an excellent job (see testing in the Discussions on their GitHub). Use the Normal list if you don't want to deal with false positives occasionally, and the Pro++ list if you don't mind getting your hands dirty (whitelisting occasionally) and want to block every last scrap of annoyance and anti-privacy crapware on the web. Both will significantly improve your online experience.

Just make sure you have port 53 and 80 open. I recently had some problems myself trying to get Pi-Hole up and running. I already had dnsmasq taking up port 53 for a wifi hotspot, which conflicts with Pi-Hole's own DNS. Aside from that, hosting any websites can also conflict with Pi-Hole's frontend.

If you aren't using your Pi 3 for anything yet then I already assume this shouldn't be a problem though.

Good luck and have fun setting up your Pi-Hole!

Only if you like watching commercials on paramount +