Raspberry Pi Project 02 – Ad Blocking DNS and DHCP
Ramen Junkie 
I’ve been at a bit of a loss for a while on what to do with my RaspberryPi B+. I have a B+ and two RaspberryPi B 2s. The B2s are so much more useful and powerful than the B+ that the poor B+ has kind of been tossed to the wayside. I was using it as a server for ZNC, an IRC Bouncer. When I set up my milti-monitor set up, I tried running X-Chat on the B+ with ZNC but the lag was too much. I’m not sure if the load was from XChat or from ZNC or from Synergy, but the short of it is, the B+ wasn’t useful to my array of machines and needed a headless activity assigned to it.
Sure, I could let it continue to run ZNC, but dedicating two Pis to IRC seems like overkill, so I moved ZNC to the B2 that I run Xchat on and freed the B+ for whatever I wanted.
Pi-Hole for DNS
I started out by setting up Pi-Hole. It has a fancy name and is simple to install, but at the core, Pi-Hole is just a DNS server that filters sites based on some predefined public lists. Specifically, it filters ads. There is a whole debate to be made on the pluses and minuses of ad filtering, but it is what it is and I’m not getting into that debate here. Pi-Hole has a white list anyway, for “good ads”. Mostly, it’s a way to filter on mobile, where it’s not easy to install an ad blocker.
Installing Pi-Hole is as simple as entering the following into the command line over SSH or even on the RaspberryPi itself:
sudo curl -L install.pi-hole.net | bash
Though you will also need to set up the Pi with a static IP and then later point your computer’s DNS records to the IP of the Pi.
On a bit of a side note, DNS is Domain Name Server. The easy analogy is that it is a phone book to the Internet. Servers where websites live all have IP addresses assigned in various ways, but in order to keep things simple for humans, these servers get friendly names, like Microsoft.com or Facebook.com. The DNS is where your computer looks up “Facebook.com” to find out what IP address it’s located at. In this case, ads come from specific servers and providers, often not related to the core domain. So Website.com may serve ads from advertiser.org. With Pi-Hole, your computer looks up both domains when you connect to Website.com, but the RaspberryPi Pi-Hole simply replies “I don’t know where Advertiser.org is located”. You computer then fetches what it can from Website.com, but displays nothing from Advertiser.org.
ISC-DHCP for DHCP
Sort of tangentially related, I recently changed ISPs. I went from a 3Mbps DSL to 50Mbps Cable modem. I keep my home network crazy organized since there are a ton of devices on it. For every person in my house there are something like 4 devices, and this doesn’t count game consoles, media devices, or my own little IOT devices. On the old modem, I set up MAC assignments on the router so that wireless devices like my phone, where I can’t assign a static IP, get assigned a specific IP. I went through and set all of this up on the new modem, but none of the assignments seem to have taken. I’m not entirely sure why, I have theories, but I’ve instead decided to use this as an excuse to re-purpose my B+ and to learn more about managing a DHCP server.
So what is DHCP. DHCP stands for Dynamic Host control Protocol. I mentioned earlier that DNS was the way to connect the firstly domain name to an unfriendly IP address. DHCP assigns those IP addresses. Some static devices like routers or desktop computers that never go anywhere can pick and self assign an IP but things like phone that move between networks need to be given a temporary IP address as they come and go. DHCP handles this. Every device on a network has a unique IP address, though small networks like the one in your home, all tend to share IP ranges since to the outside world they appear to be one node/thing/device. DHCP can be used to give out reserved “static like” IPs to these roaming devices though based on the device’s MAC Address. A MAC Address is a device unique identifier. For example, when the DHCP server or router sees a specific MAC, it can say “I know you, you get IP 192.168.1.50”. When a strange device shows up, it will simply say “Here, this time you are 192.168.1.103, which is the next free IP in my pool of IPs”.
The set up for DHCP is a bit more involved than for Pi-Hole. There is a detailed guide below but I’ll run through the cliff notes version. There is a lot more that can be done but I’m not going to get super detailed here. This is essentially for a simple home network with one subnet. The first steps are to set up and configure the server, it will likely error out in the middle, just keep going with it.
sudo apt-get install isc-dhcp-server
sudo nano /etc/dhcp/dhcpd.conf
This is where it gets a little trickier. You will need to edit the options in the config file.
option domain-name “your_domain”
option domain-name-servers
Your Domain can be more or less anything really, it’s often just “Workgroup” by default in Windows. It should be all one word though. Domain Name Servers are specific however. If you are using Pi-Hole, set the IP of the Pi running Pi-Hole into this list. You can add additional DNS servers with a comma between each one, some suggestions, 8.8.8.8, and 8.8.4.4 are Google’s DNS servers. OpenDNS uses 208.67.222.222 and 208.67.20.220. It’s a good idea to have more than one in case there are issues.
The only other thing you NEED to set is the ip information and range found under
subnet 10.0.0.0 netmask 255.255.255.0
{ range 10.0.0.1 10.0.0.200;
option routers 10.0.0.254;
}
You will need to replace the IP information in this block. the subnet should be the first three octets of your network followed by a .0. The most common ones in a home network are 192.168.1.0, 192.168.0.0, and 10.110.1.0. The range is the range of IPs to give out. If you are going to use static IPs, i would recommend setting this range beyond your static IP ranges. For example, I have a spreadsheet blocking off reservations through 192.168.1.100, I added some extra for my router to serve as a backup DHCP server and set the range on the RaspberryPi as 192.168.1.175 192.168.1.250. This means, when a device connects, it will be assigned an IP starting at the next available at .175.
The final option is routers, chances are really good that you have only one, and chances are the IP ends in .1 or .254. This will assign the router IP so that devices know how to get out to the Internet.
If you want to ensure your Pi DHCP server is assigning IPs over anything else on the network (ie your router) you will need to find the line that reads “If this DHCP is the official DHCP server…” and uncomment the line “authoritative”.
Finally at the bottom, there are blocks to assign static IPs using a format like:
host MACHINENAME
{
hardware ethernet MACADDRESS;
fixed-address FIXED_IP_YOU_WANT_TO_ASSIGN;
}
An easy way, if you are running Windows, to find out MAC addresses of devices is to run Netscan. This will give you a list of everything connected to your home network. There are a few ways to decipher which IP/MAC is which. Some will have the MAC printed on them, often near the network port. In the case of phones or tablets, it’s simplest to simply disable the WiFi or turn them of and rescan to see which disappears. Some may show up with names you may recognize. You can also sometimes search for the first 3 sets of numbers (IE 45:3b:a3) which is manufacturer specific to decipher that “That’s a Sony device, the only Sony thing I own is the Blu Ray player”.
Setting reserve assignments is entirely optional. The main purpose is to better organize your home network. If you only have a half dozen devices, it really probably isn’t necessary at all.
Once you are done editing, CTRL+O (for Output) to save the file, and CTRL+X to close it. If you get an error that you can’t write the file then you forgot to do a”sudo” and you will need to do it all over again.
Wrap Up
Things are not quite finished yet. You will need to start the DHCP server, since it error-ed out earlier. You can do this using the following commands:
service isc-dhcpd-server stop
service isc-dhcpd-server start
HOWEVER, I still got an error when I did this. A little searching and I found a similar issue and fix which I used.
sudo pico /etc/default/ifplugd
Then change this:
INTERFACES=”auto”
HOTPLUG_INTERFACES=”all”
ARGS=”-q -f -u0 -d10 -w -I”
SUSPEND_ACTION=”stop”
To match this:
INTERFACES=”eth0″
HOTPLUG_INTERFACES=”eth0″
ARGS=”-q -f -u0 -d10 -w -I”
SUSPEND_ACTION=”stop”
then reboot and after the reboot start the server with:
sudo reboot
service isc-dhcpd-server start
Everything should be working now. You can run Netscan later and see if IPs are being assigned into the range you chose. This may not happen immediately since IPs have a lease time and devices may hold on to the old IP for a bit.
Reference:
Configuring the Raspberry Pi as a DHCP Server under Raspbian Wheezy
How To : Use The Raspberry Pi As A Wireless Access Point/Router Part 3…B!
Josh Miller aka “Ramen Junkie”. I write about my various hobbies here. Mostly coding, photography, and music. Sometimes I just write about life in general. I also post sometimes about toy collecting and video games at Lameazoid.com.