Pi-hole is a bloated mess compared to this IMO. At the end of the day pi-hole is still just a fork of dnsmasq with a load of scripts and a bootstrap gui whacked on top. You need to add on extra bits and pieces to get anything like modern tech whereas AGH has https gui, multi-user support, DoH/DoT/dnscrypt/etc, toggles for quick blocks, access to a 'realtime' blocklist for emergent threats all baked in. It's also a single self-updating binary with a single config file instead of spraying bits all over your OS. Runs on pretty much anything you can think of, too.pi-hole was great back in the day but unless you're just keeping on keeping on with an existing install there's better options available now.. AdGuard Home, Blocky, Technitium DNS etc.
I often compare pi-hole to DD-WRT inasmuch as it was awesome back in the day but times have changed and you probably wouldn't use it as first choice these days given what else is now available to you.
ryandrake|3 years ago
zfa|3 years ago
Encrypted upstream lookups. Responding to encrypted lookups made to themselves. Realtime threat protection via API. Quick toggle of blocks instead of rebuilding lists. Ability to quickly change blocking of individual devices. Decent Metrics.
Probably more.
But if you just want something with no web bling then there's other alternatives to dnsmasq which would be worth looking at which give some of the above features whilst keeping it commandline and manual blocklist building.
dnscrypt-proxy is wonderful, for example, and can do most of the stuff you can do in dnsmasq.
cricalix|3 years ago
If I want metrics, I just open a browser and see what clients have been the noisiest, what’s being blocked a lot and so on. Generally I don’t even think about it.
mekster|3 years ago
I can easily see what domains are blocked in the web ui and see that Adobe products are trying to phone home so often and which clients are trying to resolve what domains.
amaccuish|3 years ago
alrlroipsp|3 years ago