this is a small guide for Adguard Home, an equivalent alternative to Pi-Hole.
To use Adguard Home on an OpenWrt router you need at least 20 MB free storage and about 100 MB free RAM (it can be started from a USB stick; the more RAM, the better). I‘m running Adguard Home on a Netgear R7800.
Ads/trackers/malware etc. are blocked by DNS. The DNS lists can be copied 1:1 from Pi-Hole or equivalent sources. Regex is also supported.
- The big advantage over Pi-Hole is that Adguard Home does not need any dependencies and can be started from a single binary file.
- Adguard Home comes with its own web interface, which can be accessed on a self-selected port.
- The DNS server can be operated in parallel to dnsmasq.
- DNS over TLS and HTTPS are supported by default.
- Adguard Home can be started automatically via /etc/rc.local by simply executing the binary
Since it is programmed in Go, many architectures are already supported:
The installation is relatively simple. The corresponding release must be downloaded and unpacked.
The application starts via ./AdguardHome and all necessary settings can be made via the web interface.
I have the Adguard Home DNS server running at 192.168.1.1:5353 and the web interface at 192.168.1.1:8080.
Accordingly, the /etc/conf/dhcp config must be adjusted and the new DNS server must be defined:
config dnsmasq option domainneeded '1' option localise_queries '1' option rebind_protection '1' option rebind_localhost '1' option local '/lan/' option domain 'lan' option expandhosts '1' option authoritative '1' option readethers '1' option leasefile '/tmp/dhcp.leases' option localservice '1' list server '192.168.1.1#5353
For me it is a super easy alternative to Pi-Hole, without installation effort and many dependencies.
Have fun with it!
Adguard Home Regex:
DNS over TLS Upstream Server:
DNS Leak Test:
DNS over TLS
Prevent DNS leaks and force all connected devices to use the new DNS port
iptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to 192.168.1.1:5353 iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to 192.168.1.1:5353