Introduction
When you type a URL into your web browser and hit enter, a request is sent from your computer to the web server that is hosting the page you're trying to view. But how does your computer know which web server to ask for that page? The internet is constantly growing and changing, and there are a vast quantity of web servers to choose from. The process is a little involved, but understanding the process will let you gain better control over your network. I'll give a slightly simplified overview of the process below.
First, let's discuss that URL you typed in. In this case we'll assume https://raynieport.github.io, since you're reading this article.
We start at the far right: 'io'. That's the top-level domain, and you've undoubtedly seen others like 'com', 'org', 'gov', 'edu', and so on.
Moving left, 'github' is the name of the domain you're trying to visit. Finally, 'raynieport' is the subdomain.
When you type a URL in, your computer first asks the top level domain (io) where to find the domain (github), and then asks the domain where to find the subdomain (raynieport).
This method of organization allows your computer to find the right website out of the millions of servers connected to the internet.
However, if you're already thinking of tinkering with your home network or setting up a home server environment, you're probably aware that the internet is built on TCP/IP. This means that every web server is accessed by an IP address, not by the actual URL that you type in. So how does this work? You don't usually type in an IP address to go to your favorite website, although you could. Enter DNS.
DNS
DNS stands for "Domain Name System", and it translates human-readable URLs into IP addresses that your computer uses. Think of the Yellow Pages, but for the internet. Instead of asking the top level domain where to find the domain and so on, your computer asks your DNS server to do the searching instead. If you've never accessed a given website before, the DNS server performs the search as usual and saves the results. If you've been there before, the DNS server quickly loads the address from memory. The DNS server then returns the IP address for the website you're trying to visit, and your computer loads the appropriate webpage.
DNS is crucial to the functionality of the internet as we know it. Without it, you'd have to remember the IP addresses for all your favorite websites! That being said, you might be thinking "How have I been accessing the internet this whole time? I've never set up a DNS server." Well, you're probably using the DNS service provided by your ISP (Internet Service Provider). While this is convenient, it has some potential downsides.
First of all, ISP DNS servers typically have a huge number of users, and can be pretty slow depending on your provider. Secondly, if you use your ISP's DNS server, they can potentially log every website you send a request for, and even outright block certain domains. Even if you're using HTTPS, which encrypts the traffic to and from a site, your ISP can still see which sites you're trying to connect to. Some ISPs even sell this data or use it to create targeted advertising. While a few ISPs might promise that they don't ever look at the data in their DNS servers, there's nothing stopping them from doing so. Given these privacy concerns, you may want to consider hosting your own DNS server or switching to a more trusted one (Cloudflare's 1.1.1.1 is popular in the home server community).
DNS Sinkholes
Alright, now that you know a bit more about DNS, we can get to the main topic of this article. As mentioned above, if you're using your ISP's DNS server, they can potentially block certain domains. This occurs when your computer asks for the IP address of a certain domain, and the DNS server ignores the request. If the DNS server doesn't send the IP address back, you can't connect. Fortunately, we can use this same method to our advantage.
When you load up a typical modern webpage, assets are often loaded from several different sources. For example, a video (like an embedded YouTube video) may reside on a completely different web server than the HTML and CSS. Ads are one of the most common assets to be loaded from an external source. A huge majority of ads online are essentially embedded links that display targeted advertising based on who is viewing them. So, if a webpage tries to connect to an advertising domain to load ads, but the DNS server doesn't return the IP address... then the webpage will load up ad-free.
A "DNS sinkhole" returns the IP address as usual for most connections, but refuses to return the IP address of a specific set of domains. In this case, we want to ignore requests for known advertising domains. If you create such a DNS sinkhole on your local network and send all DNS requests to it, the result is a nearly ad-free internet connection for all devices on your network, including phones and devices without traditional ad-blocking software.
Pi-hole
Pi-hole is a lightweight and easy-to-manage DNS sinkhole designed specifically to block ads across your local network. The service is so lightweight, in fact, that it can be run on something as inexpensive as a Raspberry Pi (hence the name Pi-hole). The installation is pretty straightforward, and it can run on a wide range of Linux devices. Below is a setup video from Linus Tech Tips, but there are also installation instructions on the project's GitHub. If you prefer to run Pi-hole in Docker, see the official Docker image.
