Stop data brokers from exposing your information. Go to my sponsor aura.com/dbtech to get a 14-day free trial and see if your personal information has been compromised.
These are great tools. I deployed AdGuard DNS at my home and it's made a huge difference, especially with mobile apps. I struggled with why it wouldn't work on my laptop and found that Chrome had enabled Google's own DNS over HTTPS features, so it was bypassing my filtered DNS. I tried to configure the browser to use my own secured DNS but ended up just using the systems' regular DNS. Not great for when I'm away, but at least the DNS is encrypted from my home.
Its really nice and has alot of features that PI-hole doesn't. @@DBTechYT If you run yours in linode VM you can use it for mulitple locations and multiple firewalls too !
I'm not too sure that ad blocking test site is correct. The ones that are in red, which means my adblocker was not able to block.. I tried to go to that actual site and I was not able to because the site itself is blocked. So if the actual site is blocked, why would it be in red saying the ad wasn't blocked?
Thanks for the video, for all of your videos I've deployed a few projects from them. Question... what's the difference in this and enabling dnssec in the dns settings of adguard and pointing to a dnssec compatible upstream server (From the dns upstream server list in adguard that supports dnssec). Your video may be showing a better way to do this. I was just curious. Thanks again
Hello may I asking why use Pi hole if Next DNS already block the same list that Pi hole ? also I can thinking viceversa why use next dns using Pi hole ?
Any advantage in using this over unbound and pihole for security? It seems like it is good for blocking family content and screening, if you don't use unifi for screening
Why not set unbound as recursive dns server in pihole and use Adguard as the upstream dns server? This is the way I have mine setup but I am using Quad9 as the upstream dns server.. works great.
Thank you for your video. Does it work even if AdGuard Home is the DHCP server? If you want to use the AdGuardHome DHCP server, you must specify the --network host argument when creating the container. Thx
when I try to run docker compose (adguard) I have an error cause my port 53 is currently in use by systemd-resolved. I stoped that service to run docker compose but when I start again that doesnt works. when I test my upstream dns server got an error.
Stubby is an application that acts as a local DNS stub resolver using DNS over TLS. Stubby encrypts DNS queries sent from a client machine to a DoT -provider increasing end user privacy
I have a issue in command docker compose up -d WARN[0000] /docker-compose.yml: `version` is obsolete and if I delete version then docker prompt me: project name must not be empty and if I create project_name . prompt me docker-compose.yml: (root) Additional property project_name is not allowed. Is reading the file or not ? I getting confuse ...
Since i used to have Xfinity, I do have a solution. Buy a Netgear or TP-Link or something else to plug into the Xfinity router and use that as your actual networking device. I think you can put the Xfinity router into bridge mode and that will make the new device you put on it the actual heart of your network and the Xfinity device will just operate as a modem. Then you can configure the new device however you want.
Good video as always. Question! What is the difference between have nextdns configured within PiHole container and the stream configured to 127.0.0.1? This configuration is like host > pihole > pihole (127.0.0.1) > nextdns.
Honestly it might work. I haven't tested that method. But when I've got 2 applications that need to communicate, I prefer to put them on their own Docker network to make the communication easier.
In my previous comment, I said this was easy to add to my current pihole config, but it has ended up as anything but. When I switch to the docker IP for the Custom DNS, I no longer get any DNS resolution. dig commands time out. As soon as I turn back on the Google DNS servers, it works again. I have DNSSEC enabled, both containers are running, both containers are a part of the pihole_local_network when I perform docker network inspect pihole_local_network. I copied the proper information into the stubby.yml file for my NextDNS account. There's something about stubby that isn't working, but I don't know how to troubleshoot it more in depth. I don't know how I could perform a packet capture on 172.25.0.11 to see if it is even trying to talk out. Thoughts?
Is there a way to deploy this without having to create a new container for docker and adguard? I already have 2 instances of adguard setup primary/secondary DNS. Is there a way to deploy the Stubby container and point it to adguard that I already have in place. Hope that makes sense.
You probably could with a bit of time and effort. I think you'd just need to create a docker network, install stubby, move both adguard and stubby to that network, and then point adguard to stubby for the upstream dns
Nice video again :-) i'm thinking to set up adguard on a pi at home that is connected with A VPN to a pi hole in the cloud. Not sure if this Will work good bit sounds like a Fun project
Stop data brokers from exposing your information. Go to my sponsor aura.com/dbtech to get a 14-day free trial and see if your personal information has been compromised.
Thank you for leaving the trouble-shooting steps in the video. It is always helpful to see someone figure out the problems that I am having!
Thanks for watching and I'm glad it was helpful!
These are great tools. I deployed AdGuard DNS at my home and it's made a huge difference, especially with mobile apps. I struggled with why it wouldn't work on my laptop and found that Chrome had enabled Google's own DNS over HTTPS features, so it was bypassing my filtered DNS. I tried to configure the browser to use my own secured DNS but ended up just using the systems' regular DNS. Not great for when I'm away, but at least the DNS is encrypted from my home.
Can you do a video on:
Pi-Hole with unbound, DNSSEC and DoT or DoH, using Cloudflare tunnel & CrowdSec & Fail2ban.
I'm a noob with this stuff but how does this differ from say doing a pihole + unbound setup ?
Thank you for this detail! Made it easy to update my pihole to include stubby.
With AGH you can put users or devices in groups, so all phones can have a different block list to all TVs or laptops, a handy feature.
Thank you so much for this! Huge help :D
Good video sir !! I like and use Adguard. :)
Good choice! I've been using AdGuard for quite a while and like better than Pi-Hole, though I'm honestly not sure why :)
Its really nice and has alot of features that PI-hole doesn't. @@DBTechYT If you run yours in linode VM you can use it for mulitple locations and multiple firewalls too !
I'm not too sure that ad blocking test site is correct. The ones that are in red, which means my adblocker was not able to block.. I tried to go to that actual site and I was not able to because the site itself is blocked. So if the actual site is blocked, why would it be in red saying the ad wasn't blocked?
Thanks for the video, for all of your videos I've deployed a few projects from them. Question... what's the difference in this and enabling dnssec in the dns settings of adguard and pointing to a dnssec compatible upstream server (From the dns upstream server list in adguard that supports dnssec). Your video may be showing a better way to do this. I was just curious. Thanks again
Hello may I asking why use Pi hole if Next DNS already block the same list that Pi hole ? also I can thinking viceversa why use next dns using Pi hole ?
Pihole stops it leaving your house, so unnecessary traffic doesn't go anywhere.
@16:28 - can you explain the other options in the list, and when should one enable each option?
Any advantage in using this over unbound and pihole for security? It seems like it is good for blocking family content and screening, if you don't use unifi for screening
Why not set unbound as recursive dns server in pihole and use Adguard as the upstream dns server? This is the way I have mine setup but I am using Quad9 as the upstream dns server.. works great.
Q9 doesn't block trackers or telemetry, so no use to most concerned about privacy.
Thank you.
Thank you for your video. Does it work even if AdGuard Home is the DHCP server? If you want to use the AdGuardHome DHCP server, you must specify the --network host argument when creating the container. Thx
when I try to run docker compose (adguard) I have an error cause my port 53 is currently in use by systemd-resolved. I stoped that service to run docker compose but when I start again that doesnt works. when I test my upstream dns server got an error.
I don't really understand (I'm a noob btw) why do we need the stubby container? Why don't we directly refer to the netxDNS addresses?
Stubby is an application that acts as a local DNS stub resolver using DNS over TLS. Stubby encrypts DNS queries sent from a client machine to a DoT -provider increasing end user privacy
@@DBTechYTSo if I'm fine with my local network security and confident no one snoops around, I can directly use piHole/AdguardHome + nextDNS?
Yep
I have a issue in command docker compose up -d WARN[0000] /docker-compose.yml: `version` is obsolete and if I delete version then docker prompt me: project name must not be empty and if I create project_name . prompt me docker-compose.yml: (root) Additional property project_name is not allowed. Is reading the file or not ? I getting confuse ...
I just deployed using this stack linked in the video description: code.dbt3ch.com/k0oSo2VS
Do you have a suggestion how to work around Xfinity style routers that don't offer all the custom router features?
Since i used to have Xfinity, I do have a solution. Buy a Netgear or TP-Link or something else to plug into the Xfinity router and use that as your actual networking device. I think you can put the Xfinity router into bridge mode and that will make the new device you put on it the actual heart of your network and the Xfinity device will just operate as a modem. Then you can configure the new device however you want.
Good video as always. Question! What is the difference between have nextdns configured within PiHole container and the stream configured to 127.0.0.1? This configuration is like host > pihole > pihole (127.0.0.1) > nextdns.
Honestly it might work. I haven't tested that method. But when I've got 2 applications that need to communicate, I prefer to put them on their own Docker network to make the communication easier.
In my previous comment, I said this was easy to add to my current pihole config, but it has ended up as anything but. When I switch to the docker IP for the Custom DNS, I no longer get any DNS resolution. dig commands time out. As soon as I turn back on the Google DNS servers, it works again. I have DNSSEC enabled, both containers are running, both containers are a part of the pihole_local_network when I perform docker network inspect pihole_local_network. I copied the proper information into the stubby.yml file for my NextDNS account. There's something about stubby that isn't working, but I don't know how to troubleshoot it more in depth. I don't know how I could perform a packet capture on 172.25.0.11 to see if it is even trying to talk out. Thoughts?
Hey DB what is the different between nextdns and unbound? I am using unbound ..can I used both?
If you've got unbound handling DNSSEC, then you're probably fine.
hi can you give us a version of the config file for portainer I get a lot of errors when I run your script
You need to create the config folder somewhere on your server and map it properly when deploying via portainer
Is there a way to deploy this without having to create a new container for docker and adguard? I already have 2 instances of adguard setup primary/secondary DNS. Is there a way to deploy the Stubby container and point it to adguard that I already have in place. Hope that makes sense.
You probably could with a bit of time and effort. I think you'd just need to create a docker network, install stubby, move both adguard and stubby to that network, and then point adguard to stubby for the upstream dns
Nice video again :-) i'm thinking to set up adguard on a pi at home that is connected with A VPN to a pi hole in the cloud. Not sure if this Will work good bit sounds like a Fun project
Go for it!
You lost me at dns 😅
I would just go with a basic install of AdGuard Home. I don't even use the setup I have in this video lol
@16:01 - why use Stubby for DNSSEC, when all the upstream DNS providers support DNSSEC?
unbound supports DNSSEC, so why use stubby?
i love pihole but it just blocks every thing....i had faced many websites having issues
You've got many rules, scale it back
@@imzsoul sure il give it another shot
You got this
Don't just blindly add the super aggressive list. Use the recommended lists
I don't really recommend hardcoded dns server for windows, because sometime the static dns server gonna screw up dns setting for wireless lan
I mean *I've* never experienced this, but do whatever works best for you :)
rubbish!