Blogs
Adguard Home vs Pihole

Adguard Home vs Pihole

April 15, 2021

AdGuard Home PiHole

A few years ago I tried PiHole on an old Raspberry Pi 2B that I had lying around and it didn’t take more than a couple of days to realize that I needed this as a permanent part of my home network. I shortly thereafter graduated it to a VM running on my Proxmox server where it has served faithfully and reliably with no real complaints.

But if you have been following the world of network ad and tracking protection the “new hotness” is AdGuard Home. I looked at several comparisons that did little more than reiterate stale and mostly meaningless comparisons that didn’t give me a real sense as to whether one was really better than the other. So, … I installed it and set it up.

I have 2 DNS servers on my network, a primary and a backup. To do a fair comparison I shutdown one of the PiHole instances and replaced it with AdGuard Home to run them side by side. Here is what I learned.

Most of the comparisons that say one will block more or less than the other are mostly irrelevant. The reason is they both allow you to modify which block lists you use and it is simply a matter of adding more block lists if you want to block more stuff. In this regard they are really equivalent. It is just a setup configuration difference and not a real functionality difference. In fact, feature for feature they are more alike than they are different.

One rather significant difference in the way that they block sites is worth mentioning. PiHole blocks every domain that is explicitly in it’s block list and while it can block based upon a Regular Expression syntax it seems that block lists have to explicitly list every domain and subdomain in order to block them. That means that new subdomains are not blocked automatically. AdGuard Home on the other hand uses a rule syntax that can easily block a domain and ALL of it’s subdomains with a single rule. As a result you will see that an equivalent block list for AdGuard Home is much smaller than the PiHole equivalent. This should reduce the memory and CPU requirements of the AdGuard server since it can process the same number of domains with a significantly smaller rules list.

In fact the AdGuard’s rule syntax is rather robust and has many different options to do such things and block for only certain clients, and easily block entire domains with a single rule. There is a very powerful foundation there that makes the future of what could be done with AdGuard rather exciting. While today they may be more alike than they are different, the basic foundation of AdGuard seems to be more advanced and there is the potential for some rather exciting enhancements that could help it leap-frog PiHole. That more than anything is probably why someone would choose AdGuard over PiHole.

Regardless, here are a few things about AdGuard that I like and don’t like when I compare it to my PiHole experience.

On the plus side:

  • The rule syntax is very powerful when compared to PiHole which in turns makes is leaner and meaner and presumably more efficient.
  • AdGuard Home seems to be more future proof. There are a ton of things I would add screen support for that are done with Custom Rules today and this would really differentiate it in the market.
  • Everything is distributed as a single package while PiHole depends on various external packages that can have differences depending on what platform you deploy on.
  • The UI is probably more clean and simpler to use though not as colorful as PiHole.
  • AdGuard has more lists pre-built into the product that are enabled with the click of a checkbox. PiHole will sending you scouring the Internet for various sources to be added.
  • AdGuard makes it easier to clean up old lists that are no longer maintained. PiHole tends to bury the fact that a list is now empty and has been abandoned.
  • Because AdGuard Home configuration is contained in a single YAML file (/opt/AdGuardHome/AdGuardHome.yaml) it is easier to keep 2 DNS servers in sync. By copying this single file from one server to another you can ensure your primary and backup DNS server have the some configuration. PiHole has a teleporter feature but having a single file makes it easier to automatically sync with a simple cron job.

On the minus side:

  • Most of the ‘cool’ stuff is done with ‘Custom Rules’. The problem with this is that you quickly end with a very long list of rather confusing looking rules in the eyes of a novice.
  • There is no wizard or ‘rule builder’ that lets you easily create one of these complex rules with it’s several options. Perhaps one day?
  • Searching the Query Log and Client list needs to be made easier but I am sure it will get there.
  • PiHole lets you just log things that are blocked. AdGuard logs everything and makes the log excessively long.
  • There needs to be screen support for some common features like local DNS lookups. Today these are yet more ‘Custom Rules’ that contribute to the long list which is not as easily maintained as it is in PiHole
  • Local DNS lookups failed when I used mixed-case (upper and lower) in my hostnames. I made them all lower case and they magically started working. This is probably a bug!

I have mixed feeling about AdGuard as a company because it has it’s roots in Russia. Though they have since moved their headquarters to Cypress many developers still reside in Russia. I would be seriously concerned about potential back doors and secretive snooping if AdGuard Home was not open source. In fact, if it was closed source that would have need a non-starter for me. But I draw some comfort knowing that the source is available for all to see.

  • AdGuard let’s you tag clients to put them into groups. Then you can create rules that apply to those tags. While there are some useful tags they are predefined, you cannot create your own tags. Notably missing are tags for:
    • device_iot for the many Internet of Things devices most homes have
    • device_net for networking devices like routers, switches, access points, and DNS servers
    • device_server for VM’s in my home lab and other appliances I run
  • If you run Home Assistant and have 2 DNS servers for redundancy like I do, then Home Assistant can only integrate with a single AdGuard Home instance. This really needs to be fixed and hopefully will be added soon to Home Assistant

At this point I like AdGuard Home a lot but because the ‘best is yet to come’ I will continue to run it with PiHole in my network. Both are very good products and I firmly believe everyone should be running one or the other. If I were to predict the future, I think the foundation is there for AdGuard Home to surpass PiHole when it comes to features and ease of use but there is still some work to be done to add screen support for things that require a Custom Rule.

3 Month Update

I had used PiHole for a wile (at least a couple of years) so it seemed like a good idea to revisit this and say what I think after really using AdGuardHome on a day to day basis. While I still stand by everything above I have learned a few things I will share now:

First, while agree that having everything bundled within AdGuardHome makes it easier to install and more portable to various hardware, that comes with a disadvantage too. And that is stability. PiHole is dependent upon third party software like dnsmasq and others these products are rock solid stable (for the most part). I can’t say that about AdGuardHome. I had issues where once a week the server would simple hang and stop responding to DNS requests. Of course this is rather disruptive since to everyone in the household ‘the Internet is down’. It would hang so hard that the service sometimes could not be restarted and the whole VM (I am running on Proxmox) had to be restarted.

I started with a AdGuardHome 0.105.x release which was mostly stable but the entire series of 0.106 has gotten considerably worse. I kept hoping against hope that these issues would be resolved but after a couple of months of waiting I decided to revert back to PiHole. I never had stability issues with PiHole. Hence, I am going to say that the dependency on well tested third party software is an advantage for PiHole and not a disadvantage. These third party products have been around for years and are used by a LOT more users than just PiHole users. As such, they have more tested and proven and means a much more stable environment over AdGuardHome.

When I did switch one of the DNS servers back over to PiHole it made me aware of some other quirks about AdGuardHome. Namely, it was flooding my network with PTR DNS requests. All in all AdGuardHome is a nice design and has some nice features. But stability has to be a priority for a DNS server since the whole network can’t function without it. As such, I would say AdGuardHome is an interesting product to watch as it matures but for my daily needs I will be using PiHole for the foreseeable future.

Piwigo Automatic Thumbnail CreationMigrating From Pfsense to Opnsense