/posts/adguard-home.md
mkdir adguard-home
Some time ago I decided to switch over to AdGuard Home and away from Pi-hole based on a recommendation from a close friend.
I admit that I approached his recommendation with about a tablespoon of skepticism, mostly because my two Pi-hole instances were working perfectly after running them for more than a couple of years.
AdGuard Home has been the easiest to set up and configure by far, but that's not to say that setting up a Pi-hole is complicated. Pi-hole does take more steps if you are like me and prefer adding many blocklists. Both Pi-holes and AdGuard Home instances usually sit close to 50% blocking rate after a while, and believe it or not browsing the web works just fine.
I run two DNS instances in separate Raspberry Pi's in different rooms for redundancy. This redundancy has come in handy when conducting maintenance.
The initial installation is pretty simple for both AdGuard Home and Pi-Hole, and even moreso if you choose to use a distribution like DiePi that lets you choose which software to preinstall and configure.
I ended up configuring the following upstream DNS providers balacing the load across weighing in latency and failed requests:
https://dns.quad9.net/dns-query
https://security.cloudflare-dns.com/dns-query
https://freedns.controld.com/p0
https://dns.mullvad.net/dns-query
https://dns.adguard-dns.com/dns-queryfree -h
I've found out the hard way that AdGuard Home has a much higher memory footprint than Pi-Hole for the same amount of blocked domains, and it caused my previous Raspberry Pi 3 Model B+ with 2 GB of RAM to struggle multiple times a day where SWAP would be flushed with 5 GBs. I replaced the Raspberry Pi's with a 4 GB model and it has been smooth sailing since.
To enable encryption (i.e. DNS-over-HTTPS, DNS-over-TLS), I used the tailscale cert command to generate private keys and certificates which I configured on each instance.
I am currently using AdGuardHome-Sync to keep my AdGuard Home instances in sync.
- ← Previous
/posts/genesis.md