Google Chrome slow to load websites with Pi Hole

Forums › Desktop computing › Google Chrome slow to load websites with Pi Hole - Secure DNS not supported?

1 | 2 | 3

548 posts

Ultimate Geek
Inactive user

#3049827 14-Mar-2023 09:21

I did try it out. I admit it was a very nice UI, and had a few extra features on top... but nothing worth the asking price. I blew through the free allowance in about a week and deployed Adguard home, which has been fantastic.

If you need remote access, Tailscale is a very nice solution. It's wireguard, but with a fancy UI on top. It makes it trivial to share your LAN services, including DNS, to all devices on all networks. It will even allow you to advertise a single subnet, then replace the configured DNS servers on your endpoint devices. Voila, adblocking on mobile devices with no more effort than hitting 'log in with google' in an app. Of course, the main selling point here vs NextDNS is that it will tunnel all of your LAN services, and allow you to tunnel all traffic via any node in your tailscale network for a secure VPN solution with a couple of taps.

Also, I don't recall if the Fritzbox supports a firewall rule to intercept DNS requests to other servers - an essential feature to catch sneaky traffic from a variety of IoT devices trying to bypass filtered DNS.

timmmay

20579 posts

Uber Geek

Trusted

Lifetime subscriber

#3049829 14-Mar-2023 09:26

I put my PC and phone onto NextDNS and they're working fine. I've used 122K DNS queries in six days. I'll put my PC back to using PiHole I think, and turn secure DNS off. I'll leave my phone on NextDNS for now, it seems to block ads well, ad blocking on phones is more fiddly.

Bewildered:

So I've literally been working on this for the past couple of days after work and have found the same thing. In my case the slow down was because my original DHCP scope for my clients still referred to 1.1.1.1 and 8.8.8.8 as the third/fourth DNS servers as 'backup DNS' if Pi-Hole went down....but instead clients seemed to prefer these, were trying them, timing out, and only then asking Pi-Hole. Hence every site was lagged, and then once it loaded the site was fine because by then it had received the DNS data required.

Once I removed these extra DNS servers everything went back to normal speed. I have multiple subnets and vLANs but in essence my set up now is as follows:

Interesting, thanks. So your key recommendation is to use DCHP to hand out two DNS servers only?

michaelmurfy

meow
13243 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#3049831 14-Mar-2023 09:37

@ripdog Your solution is not as easy as simply loading a profile on your device and Voila, adblocking. Remember what you suggest doesn't necessary work well for everyone. I'm not going to run Tailscale on my devices at a battery cost just to get to my home DNS servers and services which I don't always need to have access to.

Also remember blocking ads does also prevent sites like Geekzone from displaying ads and thus making any money from you. DNS blocking means that you can't whitelist individual sites either. So, consider supporting platforms like Geekzone by subscribing.

Also per your last point. I get you don't like ISP provided routers but the Fritz!Box for a home router is actually rather good. All you need to do is do an outbound block to Port 53 + 5353 on these routers which forces your devices to go via your defined DNS servers. I've found this works with every device totally fine. Just because they're provided by an ISP doesn't mean they're a pile of rubbish as they can route Gigabit at a lower power cost than the custom solution you always suggest on here and are totally fine for most users.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

ripdog

548 posts

Ultimate Geek
Inactive user

#3049834 14-Mar-2023 09:50

Yeah, I do believe that self-hosted solutions are better, and that's why I advocate for them. I think, at least on a site called 'geekzone', that we should be encouraging newbies to learn how their network works and taking control of their data, not just handing them a shiny box which does everything and they don't need to fiddle with. This is especially true when the OP has already managed to deploy Pi-hole on their network.

Of course, this is my opinion.

Is it proven that sending DNS via tailscale uses more battery than DoH? I'm sure the algorithms will be the same... Perhaps tailscale can't use the crypto instructions due to being a Go app?

I'm never going to allow any ads to be displayed on any device I own. Ad networks have been used as malware vectors too many damn times for me to see them as an acceptable risk anymore. I subscribed to geekzone for a number of years, I feel comfortable with the amount of support I've given this site - especially considering it's a forum, meaning the content is 100% contributed by it's unpaid users.

michaelmurfy

meow
13243 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#3049842 14-Mar-2023 10:18

ripdog: Is it proven that sending DNS via tailscale uses more battery than DoH? I'm sure the algorithms will be the same... Perhaps tailscale can't use the crypto instructions due to being a Go app?

No, the algorithms are not the same and there is a battery cost in running a VPN like Tailscale / Wireguard on your device. Plus also I trust the reliability of a distributed high availability platform over a platform hosted on a residential connection with a single point of failure (the internet connection). I can still VPN in whenever I want.

I'm never going to allow any ads to be displayed on any device I own. Ad networks have been used as malware vectors too many damn times for me to see them as an acceptable risk anymore. I subscribed to geekzone for a number of years, I feel comfortable with the amount of support I've given this site - especially considering it's a forum, meaning the content is 100% contributed by it's unpaid users.

And yet you fail to realize a site like Geekzone does require ongoing revenue in order to keep that platform running so the "unpaid users" like myself can continue posting... Due to more and more people using adblockers there are many forums that are shutting down as contributions on the forums doesn't pay for the hosting fees. Mauricio posted about this here: https://www.geekzone.co.nz/forums.asp?forumid=4&topicid=268494 so there is no need to be a dick over it thanks.

ripdog

548 posts

Ultimate Geek
Inactive user

#3049896 14-Mar-2023 10:30

michaelmurfy:

And yet you fail to realize a site like Geekzone does require ongoing revenue in order to keep that platform running so the "unpaid users" like myself can continue posting... Due to more and more people using adblockers there are many forums that are shutting down as contributions on the forums doesn't pay for the hosting fees. Mauricio posted about this here: https://www.geekzone.co.nz/forums.asp?forumid=4&topicid=268494 so there is no need to be a dick over it thanks.

Please don't accuse me of being a dick when you also accuse me of not knowing that websites cost money to host. I have *more* than paid the marginal cost of having me as a user, and I know this because I understand how much forums cost to host.

michaelmurfy

meow
13243 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#3049899 14-Mar-2023 10:37

ripdog: Please don't accuse me of being a dick when you also accuse me of not knowing that websites cost money to host. I have *more* than paid the marginal cost of having me as a user, and I know this because I understand how much forums cost to host.

And yet, I bet if you had to guess how much it costs to run this forum you'll get the answer totally wrong...

Going way off topic now so lets bring it back in.

Equinox IT

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.

freitasm

BDFL - Memuneh
79270 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#3049902 14-Mar-2023 10:43

@ripdog: Please don't accuse me of being a dick when you also accuse me of not knowing that websites cost money to host. I have *more* than paid the marginal cost of having me as a user, and I know this because I understand how much forums cost to host.

Please send me a PM with how much you think it costs to run Geekzone and I will let you know how close you are.

ripdog

548 posts

Ultimate Geek
Inactive user

#3049908 14-Mar-2023 10:53

No. Are you both deliberately misreading my posts to try and take the piss out of me?

I said "forums", not "this forum", and I said "marginal cost", not "cost".

Freitasm, are you going to now claim that I cost the forum more by posting here with adblock on than I have contributed in my several years of subscription?

Actually, I checked. I was subscribed from 2014 until the price hike. Either 7 or 8 years depending on the cutoffs. I am not even a high traffic user. I will stand by my statements 100%.

outdoorsnz

674 posts

Ultimate Geek

#3049961 14-Mar-2023 11:22

I installed DNS over HTTPS on my PiHole using this guide:

https://docs.pi-hole.net/guides/dns/cloudflared/

After reading through this forum, I'm now wondering if even required and perhaps adds a slight delay.

Also it does appear you can whitelist in PiHole and will do that for geekzone as I value GZ very much and the debate here prompted me to donate.

ripdog

548 posts

Ultimate Geek
Inactive user

#3049964 14-Mar-2023 11:25

outdoorsnz:

I installed DNS over HTTPS on my PiHole using this guide:

https://docs.pi-hole.net/guides/dns/cloudflared/

After reading through this forum, I'm now wondering if even required and perhaps adds a slight delay.

Also it does appear you can whitelist in PiHole and will do that for geekzone as I value GZ very much and the debate here prompted me to donate.

DoH is a useful tech because it keeps your DNS traffic safe from snooping by ISPs or anyone else in your network path. It's especially essential if you're using someone else's internet connection. I'd advise you to leave it on - any delay would be extremely small, not noticeable by any means.

freitasm

BDFL - Memuneh
79270 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#3049973 14-Mar-2023 11:41

@ripdog:
No. Are you both deliberately misreading my posts to try and take the piss out of me?

I said "forums", not "this forum", and I said "marginal cost", not "cost".

Freitasm, are you going to now claim that I cost the forum more by posting here with adblock on than I have contributed in my several years of subscription?

Actually, I checked. I was subscribed from 2014 until the price hike. Either 7 or 8 years depending on the cutoffs. I am not even a high traffic user. I will stand by my statements 100%.

I am calling you a dick. I will say something but being a dick won't make you feel anything. I am in a fucking hospital bed, with a fourth IV line being inserted now while I cry because of the pain of getting antibiotics into my body but you are being a dick.

Have I called yoi a dick yet?

eluSiveNZ

188 posts

Master Geek

#3049978 14-Mar-2023 11:54

RIP ripdog

Not going to lie, but having a moderator call a poster a dick for having a differing opinion on a hosted DNS solution and then banning him is pretty poor form.

A gentle guidance to remain on topic without resorting to name calling would have sufficed.

michaelmurfy

meow
13243 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#3050010 14-Mar-2023 12:11

eluSiveNZ: Not going to lie, but having a moderator call a poster a dick for having a differing opinion on a hosted DNS solution and then banning him is pretty poor form.

A gentle guidance to remain on topic without resorting to name calling would have sufficed.

If you read the post it wasn't in relation to that at all. It is totally fine to have a differing opinion.

As per your other point back on topic please.

freitasm

BDFL - Memuneh
79270 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#3050018 14-Mar-2023 12:21

eluSiveNZ:

RIP ripdog

Not going to lie, but having a moderator call a poster a dick for having a differing opinion on a hosted DNS solution and then banning him is pretty poor form.

A gentle guidance to remain on topic without resorting to name calling would have sufficed.

It wasn't for that. Being a dick is a FUG offence.

1 | 2 | 3