Most active commenters
  • uncharted9(6)
  • dizhn(3)

←back to thread

Ask HN: What ist your AdBlock strategy?

99 points laserstrahl | 14 comments | 28 Oct 24 12:16 UTC | HN request time: 0.775s | source | bottom

Hi, Just installed OpenWRT. Which solutions for ad blocking and other trackers would you recommend? Pi-Hole is not a option, since I don't have one laying around.

So anything else I can try which will work out of the box? For links and guides I'd be happy. PS: I got dual antennas what would come into your mind to do with it?

Show context
dizhn ◴[29 Oct 24 09:15 UTC] No.41981250[source]
I haven't looked at pihole once after I discovered adguard home.

https://openwrt.org/docs/guide-user/services/dns/adguard-hom...

replies(1): >>41994996 #
1. uncharted9 ◴[30 Oct 24 14:08 UTC] No.41994996[source]
How do you reduce the latency of the upstream DNS resolvers? The closest Cloudflare servers give me 20-25ms DNS resolution times, but with Cloudflare as the upstream DNS in Adguard Home, I'm getting more around 80-110ms.
replies(4): >>42010736 #>>42012503 #>>42012552 #>>42020769 #
2. dizhn ◴[31 Oct 24 19:46 UTC] No.42010736[source]
Is there a specific way to test that or just nslookup/dig/drill and look at the number there? I want to check this and get back to you.
replies(1): >>42015704 #
3. cortesoft ◴[31 Oct 24 23:14 UTC] No.42012503[source]
What sort of workloads are you doing where 60ms extra time on your DNS lookups is an issue?
replies(2): >>42013968 #>>42015711 #
4. sigio ◴[31 Oct 24 23:23 UTC] No.42012552[source]
If you run adguard home with long blocklists on a consumer-level router, this will cause big delays, simply because the blocklists are large and eat all available memory and lots of processing on any dns request.

I've kept de blocklists in adguard home small, and then it works fine, but if I add hundreds of thousands of blocked domains, it gets painfully slow on my Edgerouter X running OpenWRT

replies(2): >>42015698 #>>42015792 #
5. 3eb7988a1663 ◴[01 Nov 24 04:05 UTC] No.42013968[source]
I naively assumed most OS + routers cache DNS queries so that your typical sites will not even require a lookup. Or is that a bad assumption?
replies(2): >>42015691 #>>42017254 #
6. uncharted9 ◴[01 Nov 24 10:56 UTC] No.42015691{3}[source]
I switched from Adguard Home to Blocky because I noticed how much faster page loads were on Blocky. I've configured it to cache any query I resolve more than once in a 24 hour window. This makes most of my page loads really, really fast.

Adguard also has the ability to cache. But I haven't seen it to significantly speed up my page loads. The default resolution itself is much slower on Adguard + Cloudflare DNS compared to Blocky + Cloudflare DNS. So this makes Adguard double whammy.

7. uncharted9 ◴[01 Nov 24 10:58 UTC] No.42015698[source]
I'm using same set of Blocklists (800k-1M rulesets) in my comparison between Adguard and Blocky with same upstream resolver.

I'm running them as system service on my laptop, and using my localhost as dns proxy.

8. uncharted9 ◴[01 Nov 24 11:00 UTC] No.42015704[source]
Adguard Dashboard shows average DNS resolution time. I eventually shifted to Blocky which tracks logs of every DMS query. I strung a quick python script to make a dashboard similar to Adguard's and calculating avg resolution time for each resolved A records.
replies(1): >>42015938 #
9. uncharted9 ◴[01 Nov 24 11:01 UTC] No.42015711[source]
Nothing interesting particularly, but cached + faster DNS resolution is usually perceptible in general web browsing.
10. tssva ◴[01 Nov 24 11:13 UTC] No.42015792[source]
The Edgerouter X had good specs for the time it was released but that was over 9 years ago at this point. I had to replace mine a few years ago because it didn't have the thruput for my 1Gbs internet connection.

Many modern consumer routers contain processors and memory which can easily handle Adguard Home. I have a GL.iNet MT-6000 with a MediaTek Filogic 830 processor which has 4 ARM A53 cores running at 2Ghz and offloads wifi and wired network packet processing from the cores. It also has 1GB of DDR4 memory. It has no problem handling Adguard home, my 1Gbs internet connection and gives me around 900Mbs of wirguard thruput.

11. dizhn ◴[01 Nov 24 11:38 UTC] No.42015938{3}[source]
Blocky looks good too. I will check it out at some point. Thanks.
12. kstrauser ◴[01 Nov 24 14:30 UTC] No.42017254{3}[source]
DNS records commonly have cache lifetimes (“TTLs”) of a few minutes. It would be an error to cache those for much longer.
13. stonegray ◴[01 Nov 24 19:43 UTC] No.42020769[source]
Maybe not what you’re looking for, but I put adguard home on a VPS (although later switched to a “real” dns software prior to benchmarking) and is faster^1 than connecting directly to cloudflare from home.

[1] https://stonegray.ca/dns/#performance

Edit: for the curious, I use technetium as the server, nginx to proxy it (security stuff, prioritize traffic from my zerotier network, do DNS/DoT translation, etc) and docker/letsencrypt/watchtower/netdata for auto updating and status reporting, packaged as a single docker compose I can deploy easily.

replies(1): >>42041935 #
14. uncharted9 ◴[04 Nov 24 14:43 UTC] No.42041935[source]
This looks really interesting. I am not in North American region and hence this would be slow from my region. But nonetheless interesting project. Have you documented the entire setup journey on a blog or video?