Slow death of Adblockers like UBlock Origin / Adblock / Adblock Plus. Need for a better alternative
The traditional ad blocker systems which we have been using over the years are now gradually being killed courtesy by giants Google / Amazon / Apple / Facebook and Microsoft.
https://9to5google.com/2024/01/13/youtube-new-w...
https://www.pcmag.com/news/rip-ublock-origin-go....
https://www.bloomberg.com/news/newsletters/2022...
Before moving to Router Based DNS Ad blocking lets understand the concepts
What is a DNS ?
DNS, or the Domain Name System, translates human readable domain names (for example, www.amaz...om) to machine readable IP addresses (for example, 192.0.2.44). It is basically a directory of contact numbers through which one computer on the internet connects and talks with another computer on the internet. DNS is one of the foundations of the internet and without DNS you will not be able to access the internet as the website name needs to be looked up to find its matching IP address.
Who controls the DNS ?
DNS being an essential for working of the internet is distributed and spread across the world in a large number of servers . All major companies would have either their own hosted private DNS server or a public DNS servers. The major public DNS service providers are Google / Cloudflare / OpenDNS / Quad 9 / NextDNS / Adguard DNS / Control D to name a few. Your Internet Service Provider (ISP) will have their own or third party hosted DNS server which is defaulted, and your computer makes use of the default ISP DNS server.
The most critical aspect of choosing a public DNS server is how fast it can find and send back the IP address (machine readable address). If a public DNS server is slow and unresponsible, it will result in the webpage not loading or taking time to load hindering the viewing experience. To simplify, the DNS server which are as near to your physical location, having faster response times ( i.e. lower latency ) and which can handle loads better ( i.e. quality of server ) will be the faster one. Also the downtime of the public DNS server is again essential factor for consideration as without DNS your internet will not work.
How does Ad-Blocking on DNS server work ?
Ad-blocking using a DNS Server work primary by not sharing the website IP address of ad networks. So basically, whenever your computer requests the DNS server for the IP address of an ad network, the DNS server will share a dummy or empty IP address thereby blocking the connection to the ad network. The existing efforts of Google / Apple / Microsoft to block the traditional ad blockers does not work on DNS server, as it is a foundational aspect of the Internet, and these companies have no control on the DNS server.
What is the pro / cons of DNS based Ad blocking vs existing Ad blockers
Pros for DNS
The biggest pro for DNS based ad blocking is that while the primary focus is on ad blocking it can have a versatile role as it can be used to accessing / blocking any website or domain which is needed. This means you can block malware / data tracking / referral & affiliate / fake news / adult / crypto / gambling or any other website you need to block
The second pro is that the existing ad blocking restrictions cannot be applied to DNS servers and to block DNS based blocking will require a complete fundamental change of how internet works so it will be for a long time
Again it is much more efficient and faster than traditional adblockers as we do not initate any connection with those ad networks
Router based DNS ( read next section )
Cons for DNS
The primary disadvantage of DNS based ad blocking is since it blocks an ip address altogether so in a case where a primary website itself displays ads then these ads cannot be filtered out . For e.g. the youtube ads have the same ip address as the youtube.com and filtering these ads are not possible using DNS based ad blocking. However, the other existent methods like Revanced or IOS app for modified youtube should serve the purpose .
The quality of the ad blocking public DNS server should be good else the internet experience will not be good
Router Based DNS Ad blocking
The DNS Ad blocking at a router level makes it a game changer. With the traditional ad blocking concepts, there are different apps / plugins / extensions which needs to be installed on each and every device. Also for IOT based devices / smart devices there will be no plugin of traditional ad blockers available and it will not be possible to block those websites .
However, if we apply DNS at a router level all the devices which are connected to the same wifi network can be controlled centrally. This means no need to maintain separate plugins you get a universal ad blocking and privacy solution for all your devices
Which DNS Ad Blocking Public Services are available and which one is the best for me ?
As mentioned initially the quality of the public DNS server / location of the server / response times / downtime all are important before zeroing on which ad blocking DNS server is best for you
The most famous public DNS services which allow ad blocking are as below
1. Adguard DNS
2. NextDNS
3. ControlD DNS
To select the best DNS based ad blocking service we need to compare the IP addresses of these ad blocking DNS servers with the rest of the public DNS services and compare which one is the fastest. This is done by a simple tool DNSBench https://www.grc.com/dns/benchmark.htm
. Click Add/Remove and add the IP addresses of Adguard DNS / Next DNS / ControlD DNS ( you can check their website to check their DNS IP addresses ) and run the benchmark . This will give you the comparison which one is the best DNS server for your location
Based on my comparison for India currently, NextDNS is the best Ad blocking DNS service available in India . It has alot of servers available in India with ultralow latency and anycast compatibility it is the most stable service.
How to configure Next DNS Server IP address at a router level ?
Logging into NextDNS will give your specific IPv4 and IPv6 DNS addresses.
These DNS Server IP addresses need to be configured in the IPv4 & IPv6 DNS server settings for your router. You can search on google for your router model login details and change the DNS server settings
Generally 3 IPV4 & IPV6 DNS Servers can be setup in a router. Below is the setup which I use so as to ensure zero downtime. This ensures that even if Next DNS is down it can route to Google DNS and I have not downtime. If your router allows only 2 DNS servers use 1 Next DNS Primary and 1 Google DNS
DNS1 : NextDNS Primary DNS IP
DNS2 : NextDNS SecondaryDNS IP
DNS3 : Public Google DNS Primary IP
To check whether the correct DNS server is being used you can go to https://dnscheck.tools/ and confirm
What all functionality needs to be configured for Next DNS to block ads ?
This is the best guide which mentions all the configs which you need to do Next DNS
https://github.com/yokoffing/NextDNS-Config
Block Lists are the main configuration and many public blocklists are available. However only a few are routinely updated . Below is the recommendation which will not break the functionality to much and serve the purpose
1. Hagezi Multi Pro++ ( Read the other versions here https://github.com/hagezi/dns-blocklists
)
You can add multiple providers as well . The other good ones are
1. OISD ( https://oisd.nl/ )
2. 1Hosts (https://github.com/badmojr/1Hosts0
3. Goodbye Ads (https://github.com/jerryn70/GoodbyeAds)
4. Next DNS default filters
Also check whether the Linked IP address is ticked in case you are using dynamic IP address . DDNS option is also available in case you want auto update of IP
Is the Next DNS Service chargeable ?
NextDNS can be used for free up to 300,000 queries each month, after which all features will be disabled temporarily until next month. This means ad blocking functionalities will be disabled but the DNS will continue working even after 30000 queries
The pricing is as below .
Next DNS Pro Plan : Rs. 159 per month / Rs. 1590 per annum .
I would suggest trying the service for a few days and checking whether it meets your requirement or not. If you are satisfied you can opt for the paid packages as Rs. 150 pm for unlimited devices protection / multiple profiles for work and office also supported is not a bad option .
Feel free to dm me if you need to setup NextDNS with my referral code. The free service means I will not earn anything unless you subscribe for the paid plans .
Long story short, if u r going to stick to free dns, never implement router based ad blocking dns, belive me, internet experience would be taking a dent
I have been using Next DNS last 3 months and when it is down or slow its routes to Google DNS servers . I have been more than happy with Next DNS . The critical point is having more than one DNS resolvers .
Streaming 4k is also no issues . Read the how to select DNS server which was essential to identify which service is the best . Adguard and ControlD have either very slow response times in India so that cripples the internet
go for adguard dns & browser extention
DNS based blocking can't replace uBlock Origin. It can supplement it, but not replace it. uBlock Origin is not an advertisement blocker, but a content blocker. There's a huge technical difference between the way it works vs how a DNS sinkhole works.
the primary use case of both the applications remain the same.Considering how Google Apple have started clamping down on the ad blockers . Manfiest V3 is coming in June 2024 and it has lead me to go for the DNS route and even Ublock Origin will only work in the UBO Lite mode .
https://github.com/uBlockOrigin/uBOL-home/wiki/...
Also a network wide privacy is a bonus which Ublock or any other ad blocker cannot provide as they are platform dependent .
Some browsers are going to retain Manifest V2. Also built-in ad blockers while being less capable and customizable aren't affected by the V3 changes.
One can re-purpose an old Android device to run Pi-hole. It runs fine in even 512MB RAM.
Most of my devices are rooted and AdAway works great. In any case uBlock Origin will continue to work in my browser of choice.
Setting up a router level blocking protects your privacy on your entire home network .
With so many connected devices these days leaking personal data is easier than ever which cannot be prevented by just a simple device specific ad blocker
Just sharing a screenshot Next DNS logs when no one is at home but still one of my Amazon devices ( Kindle / Fire Tablet / Fire Stick ) seems to be trying to push some tracking data to its servers which are blocked
And setting up for each device individually is a pain . Like I mentioned you cannot rely on a single DNS provider . Thats why I configure Next DNS and Google DNS.
You need to run DNSBench and check which provider is the best. On forums people prefer Adguard and ControlD , but ControlD has just a single server in India and Adguard none which means unless they provide high speed servers it will not be possible to match the speed provided by NextDNS
In my test Next DNS was faster than Airtel ISP and only behind Cloudflare and better than Google DNS. There have been instances of slower responses but at those time Google DNS has taken over so I do not have any breakage of internet post the 1st week of setup where I used Next DNS and ControlD
Also Pihole is good for setting up your own DNS server but again it is more configuration . And I would avoid running it on Android as I need to ensure it is on constantly. Better get a PI Zero board
I haven't rooted my primary device and AdAway or Blokada in VPN mode can cause slowdowns. So switched to DNS but the various solutions are no better in this regard. At least now I have recourse to a QS Tile for disabling it on-the-fly or switching between various providers without having to delve deep into Settings anymore.
Raspberry pi/old computer + PiHole
1.is it free?
2.do they block Ads on youtube?
3.do they escape adblock warning?
Any simple videos to understand better... do post some links.
setting up next dns is easy
DNS based blocking can't replace uBlock Origin. It can supplement it, but not replace it. uBlock Origin is not an advertisement blocker, but a content blocker. There's a huge technical difference between the way it works vs how a DNS sinkhole works.