DownloadBlog

How to set up your network protection with Pi-hole

Learn how to use the Pi-hole tool for remote network protection by configuring it as your DNS server using Meshnet.

Introduction

These days, the internet is full of advertisements and malicious websites. It is getting increasingly cumbersome to browse online with constant messages suggesting you visit a certain website or purchase a specific product. In addition, it is difficult to verify the legitimacy of a website or a URL at first glance. It only takes one click of a suspicious link to infect your device with malware.

Many people resort to using third-party tools, such as ad blockers or threat protection tools, in order to overcome the sheer amount of danger online. One such tool that enthusiasts tend to use more than others is Pi-hole.

Pi-hole allows you to transform your device to a local DNS server, which can be used as a network-wide ad blocker. While advertisement blocking is Pi-hole’s main purpose, you can use it for a variety of other options, such as local DNS mapping and website blacklisting.

On its own, Pi-hole only functions on the local area network. However, with the power of Meshnet, you can use Pi-hole to block unwanted ads or websites on your devices wherever you are in the world. Meshnet allows you to establish a secure and encrypted connection between your end device and the Pi-hole server.

While Pi-hole can be deployed on Windows and macOS inside a Docker container, this guide will walk you through the standard Pi-hole installation on a Linux machine and show you how to configure its Meshnet IP address as the DNS server on other devices to be used remotely.

Before you begin

Ensure that the machine you will use for Pi-hole meets the following criteria:

  • Linux distribution using Systemd or SysVinit

  • 2 GB of free disk space or more

  • 512 MB RAM or more

  • Static LAN IP address

  • Meshnet is enabled on the Linux machine and all client devices that will be using Pi-hole

For more detailed information, refer to the Pi-hole Prerequisites documentation.

Note

This setup cannot be used on mobile devices using cellular data. Changing the DNS addresses and keeping the Meshnet connection is not possible with such a connection method.

Install Pi-hole

  1. Open Terminal and run the following command to download and execute the Pi-hole installation script: 

    curl -sSL https://install.pi-hole.net | bash

    For alternative installation methods, refer to the Pi-hole installation page.

  2. Enter the sudo password of your Linux machine.

  3. In the installation dialog, select OK until you reach the Static IP needed window. If your device already has a static LAN IP address configured, select Continue. Otherwise, complete the necessary IP adjustments in your network.

  4. Choose the network interface that your device is using (for example, eth0, wlan0, enp0s3) and then choose Select.

    Available network interfaces listed in Pi-hole installation window.

  5. Choose your preferred upstream DNS provider and select OK.

  6. Complete the installation process by choosing the blocklist, installing the Admin Web Interface with the required modules, and configuring the query logging settings.

  7. In the Installation complete window, note down the address and password for the Pi-hole web interface and select OK.

    Pi-hole web UI address and password highlighted in the installation window.

Tip

Make sure to change the password of your Pi-hole web interface to a unique and secure one. You can do so by executing the following command in the terminal:

pihole -a -p

Allow Meshnet connections in Pi-hole settings

The setup will not work with the default Pi-hole settings, because they only allow requests from the same local subnet of the host device (for example, 192.168.1.0/24). Since Meshnet IP addresses use a different subnet, Pi-hole will ignore the requests.

To prevent this, complete the following steps:

  1. Open your browser, enter the URL of the Pi-hole web interface that was provided in the Installation complete window, and log in.

    • If you are accessing the web interface from the host device directly, you can use this URL: http://localhost/admin

    • Otherwise, use the device’s local IP address instead of the localhost part.

  2. Go to Settings and select the DNS tab.

  3. In the Interface section, select the Permit all origins option. Permit all origins option selected in Pi-hole's interface settings.

  4. Click Save.

Tip

If you want to change the upstream DNS addresses for your Pi-hole in the future, you can do so on the same DNS tab, under Upstream DNS Servers.

Pi-hole is now installed and prepared for use via Meshnet.

Import blocklists to Pi-hole

With the additional features Pi-hole offers, you can improve your network security even more. One example is to import custom website blocklists to protect your devices from malicious and dangerous URLs or phishing domains.

For this guide, blocklists from the firebog.net website will be used.

Add URLs

To add blocklist URLs to Pi-hole:

  1. Open your Pi-hole web interface.

  2. Select Adlists.

  3. In the Address field, enter your preferred blocklist URL. Click Add.

    Blocklist URL entered in Pi-hole settings.

You will see the newly added blocklist in the List of adlists section.

Blocklist successfully added to Pi-hole.

Update gravity script

To start using the newly imported blocklists, update Pi-hole’s gravity script.

  1. Open Pi-hole’s web interface and expand Tools.

  2. Click Update gravity. Update gravity option highlighted in the Tools section of the Pi-hole web UI.

  3. In the new window, press Update and wait for the process to finish.

  4. Once done, you will see a success message.

Alternatively, you can run the following command in Terminal: 

pihole -g

Use your Pi-hole DNS over Meshnet

The Pi-hole configuration is now finished. However, to use Pi-hole and all of its features, you need to set up its Meshnet IP address as the DNS server on each of your client devices.

Windows 11

  1. Right-click Start and select Network connections.

  2. Choose the network type your device is using (Wi-Fi or Ethernet).

  3. Find the DNS server assignment option and click Edit.

  4. Choose Manual from the dropdown menu and enable IPv4.

  5. Fill in the DNS fields.

    • Preferred DNS server: the Meshnet IP of the Pi-hole device.

    • Alternate DNS server: the DNS address of another provider.

    Pi-hole and alternate DNS addresses entered in Windows settings.

  6. Click Save.

Windows 10

  1. Right-click Start and select Network connections.

  2. Select Change adapter options.

  3. Right-click your current network adapter (Wi-Fi or Ethernet) and choose Properties.

  4. In the new window, select Internet Protocol Version 4 (TCP/IPv4) and click Properties.

  5. Select Use the following DNS server addresses and fill in the fields underneath.

    • Preferred DNS server: the Meshnet IP of the Pi-hole device.

    • Alternate DNS server: the DNS address of another provider.

    Pi-hole and alternate DNS addresses entered.

  6. Click OK twice to apply the changes.

Tip

If you're looking for alternate DNS addresses, here are some of the most popular free DNS providers:

  • Google — 8.8.8.8 and 8.8.4.4

  • Cloudflare — 1.1.1.1 and 1.0.0.1

  • Adguard — 176.103.130.130 and 176.103.130.131

  • Quad9 — 9.9.9.9 and 149.112.112.112

  • OpenDNS — 208.67.222.222 and 208.67.220.220

You can also use the same upstream DNS addresses from the Pi-hole configuration.

After changing the DNS server to the Pi-hole’s Meshnet IP address, the setup is finished. Now you will be able to safely use Pi-hole’s protection features while being far away from your home network.

PreviousNetwork protectionNextHow to set up your own DNS server

Last updated

Was this helpful?