Hacker News new | past | comments | ask | show | jobs | submit login

Gigabit Ethernet? I'm tempted to grab a few and try running Pi-Hole for my whole organization (~1200 users) and see how that goes. :) I know you can set up Pi-Hole on Ubuntu VMs. But there's something so attractive to me about running it separate from your hypervisors and closer to the core switch on very very cheap hardware.... Been curious about Pi-Hole on my bigger work scale for a while, this may very well tip me to trying it out.



Yeah, for the first time it's true gigabit. Results from iperf:

Raspberry Pi 3B: 94Mb/s Raspberry Pi 3B+: 285Mb/s Raspberry Pi 4B: 930Mb/s

https://twitter.com/ben_nuttall/status/1143037993957187584


Pi-Hole is a wrapper around dnsmasq, so you could just run that on your base OS with the same configuration files. Add gravity.sh if you want automated blocklist updating:

https://lowendbox.com/blog/host-your-own-dns-now-with-100-mo...

If you already have an available server there's no need to spin up a VM to host another OS instance just to run native software...


Someone in the comments of that post recommends this automatically updated blocklist https://github.com/notracking/hosts-blocklists


It shouldn't be a problem even with older Pis. Pi-Hole only answers DNS requests, which are comparatively tiny. The actual web traffic goes through your regular layer-3 network.


This seems like it could start replacing cheap firewall hardware. I believe pfsense no longer requires aes-ni (?), so it seems like a good choice for that.


AES-NI for x86 CPUs was going to be required for the next release of pfSense (2.5), but that requirement was dropped when the API that necessitated AES-NI was pushed back from the 2.5 release. AES-NI will probably still be a requirement at some point in the future.

AES-NI won't be a requirement for ARM CPUs - Netgate sells first-party ARM-based pfSense appliances that have non-AES-NI hardware crypto acceleration that they've confirmed wouldn't be affected by the AES-NI requirement. Not sure how that applies to third-party ARM systems.


Yeah I'm actually using netgate boxes right now. I just figure rpis are cheaper. Thanks for the info.


they're not a lot less expensive by the time you have an equivalent system.

The SG-1100 is based on the v7 espresso.bin board. a 2G version of that is $99 by the time you have case, heat-sink, eMMC and power supply. We sell them for $159.

A 2G RPi 4 with case, heatsink, and power supply is $76.30. You have WiFi, but no second (or third0 Ethernet.

Also, someone has to pay the developers, right?


> I know you can set up Pi-Hole on Ubuntu VMs.

I've been running Pi-hole on Ubuntu on bare metal for a few months. ("server" in my basement)




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: