I’ve just set up my pihole and I’m considering the best way to configure it. Is it a good idea to set the default group to block (almost) all domains and then manually add trusted devices to another group with a “normal” block list? My use case is untrustworthy devices that I don’t want phoning home but which might change their IP address.
I tried that once, pihole blocks stuff coming in and not going out. Many “smart” devices will freak out if they can send things out to the internet but cannot receive things back.
Pihole doesn’t block inbound traffic, it has nothing to do with it (as you mention in your later comment, DNS is about address lookups, not routing IP addresses).
PiHole is a DNS server, all it will do is resolve addresses for clients that use it.
Does it? I don’t know much about networking but I thought for a device to even send something out it still needs to go through DNS first.
No it does not go through a DNS on the way out. A DNS, or domain name server, is like a phonebook so people can put in whatever.whereever and get the IP address back.
Yeah, so to reach out does it not need to use DNS to know where it’s reaching out to?
No it can just send stuff to an IP