PiHole hosted in the cloud? I recommend NextDNS

Wouldn’t it be great to have your Pi-Hole hosted in the cloud and accessible everywhere? Perhaps you could use its ad blocking on your smartphone. Or at work. Or, when your laptop connects to a Wi-Fi network when you travel.

I tried to make PiHole accessible everywhere, but it was tricky. A typical Raspberry Pi sits behind a home router. Exposing it requires effort and has serious drawbacks.

PiHole is not designed to support modern, secure DNS protocols. Sending unencrypted DNS queries using the public internet infrastructure seems very uncomfortable in 2024. I ended up with an alternative solution, and here are my learnings.

TL/DR: if you are looking for a cloud-native PiHole alternative, NextDNS is worth a shot

PiHole’s main objective is to block domains serving advertising. It can also block other domains, like tracking, malware, or simply pages that waste your attention/time.

You can achieve the same with NextDNS. It’s modern, beautiful, and does the job.

Reaching PiHole from a smartphone. What are the options?

PiHole seems designed with the assumption that it sits on your local network. It means that your mobile devices cannot use it when they connect to other networks. For example, if your smartphone uses your carrier’s cellular network, your Raspberry Pi is unreachable to you. In such a situation, you cannot use your customized DNS server, unless you build an even more elaborate setup, like a VPN to your home network.

I got determined to set up a DNS server reachable both from my home and from my smartphone, workplace, or family home. At this point, I could think of three options:

• Keeping PiHole on a Raspberry Pi and exposing it to the internet (with a public IP or VPN).
• Hosting PiHole in the cloud, in some VM or container. I considered setting up a cheap Linux VM in Azure.
• Finding a cloud-native alternative service.

Keeping PiHole on a Raspberry Pi requires exposing it to the public internet or setting up a VPN to a home network. It seemed overly complicated. I would rather not spend time configuring VPNs on all my devices. I don’t like dealing with VPNs, and the friction was enough for me to give up this option.

Hosting PiHole in the cloud, seemed tempting. However, PiHole is designed to serve as a DNS server in a local network. It lacks a security level I would want to have in the cloud. Notably, at least currently, it does not serve data using a secure protocol like DNS-over-HTTPS, DNS-over-TLS, or similar. And sending unencrypted DNS queries over the public internet is something I do not agree to. This problem could be worked around if we expose an additional HTTP server component to handle DoH requests. But with each piece, the setup becomes more and more complicated. Another issue is the cost of hosting. This would require a VM running most of the day. With the current pricing of VMs in the cloud, it would cost at least a few dollars a month.

Finding a cloud-native alternative service turned out to help me escape the pickle. I found NextDNS, and I’m delighted with this service. Please note, that I’m using affiliate links here to link to them (thanks if you use them!). But it is my honest recommendation as a user. I published the first version of this blog post before I thought of any affiliate links.

Discovering NextDNS: an appealing alternative solution

NextDNS has a similar set of features as PiHole, but it’s a software-as-a-service natively hosted in the cloud. You can access your customized DNS server from the public internet. So unlike when you use PiHole, you can set up your Android, iPhone, and laptops to use your own DNS server. And it will work regardless of where are you connecting from.

NextDNS lets you block domains with advertisements, malware, or other stuff you’d rather avoid. It’s super-easy to manage. You just choose to which blocklists you wish to subscribe. You can also create your personal blocklist and allowlist. The service allows you to use all modern secure protocols for querying DNS servers.

So if you like the experience known from Pi-Hole, my recommendation is to give it a try. I think you’ll appreciate how good a piece of software this is. I have used it for a few months now. And, with all the respect to the Pi-Hole that served me for years, I am supper happy about the transition.